Re: re: Pi_hole
Wouldn't it be cheaper/easier to actually use a real one?
I haven't read the paper, but it might well have been methodologically unsound. For example, an application might exfiltrate more sensitive information iff an initial contact is successful.
Simulating blocking is easy, and can be done after collecting data, by filtering data for connections that Pi-hole blocks. Then you have both the original no-blocking dataset and a simulation of the putative dataset that would have been collected had blocking been in place. Since blocking was not the object of the study, collecting data without blocking is the correct approach.
By the same token, the GP post's complaint about "the academics" not configuring Pi-hole to block additional domains is irrelevant. That wasn't the point of the study.