A PiHole functions has a full DNS server. You can configure it to serve any arbitrary records you like - which is basically how it overrides ad domains to prevent them from loading.
So, if you know the IP address that a particular domain is supposed to route to, you configure the PiHole to respond with that IP address for that domain. So, it doesn’t matter that the major DNS servers return junk because your PiHole never asks them.
In this theoretical system, ideally it’s illegal for anyone other than the person who’s supposed to have the private key to have it - excepting some subset of legal reasons (e.g. parents for their children). So, the only business that would be asking for people’s private keys are the kind that are already operating outside of the law.
This is no longer the case. Any SSN issued after 2011 is fully randomized
Additionally, the following SSNs are always invalid:
That’s kinda backwards, isn’t it? If I want to verify my identity to a company, they would send me something that only I could decrypt. Some government agency provides all the public keys of all citizens, the company takes my public key, encrypts some secret with it, sends it to me, and asks me to decrypt and return it. If I’m able to do so, I must be who I say I am otherwise I would not be able to decrypt the secret.
In an ideal world, the company (or, even better, the employee) would have a similar certificate that I could use to encrypt my response with.
This is, effectively, how oral flee/tick medications work in animals. It basically turns the animal’s blood into a mild poison. The poison is mild enough that it doesn’t affect the animal but it’s enough to kill small insects like flees, ticks, or mosquitoes.