Vexz
@Vexz@kbin.social
- Comment on Switching to more privacy friendly alternatives 11 months ago:
Not even gonna name the source where you got that from? :P
- Comment on Switching to more privacy friendly alternatives 11 months ago:
Either they're okay with a switch and it's easy or they are not open for that and it's impossible to change their mind.
Pretty much nobody I know wants to switch to Signal or any other messaging app. So it's SMS communication with them because I definitely won't install WhatsApp.
- Comment on Google Resuming the transition to Manifest V3 - Chrome for Developers 11 months ago:
Why would they want to stop? This is their fight against adblockers and on Chromium based browsers it's an effective way so of course they keep pushing. ;)
- Comment on [deleted] 1 year ago:
tl;dr: Cut out Cloudfare’s recursive resolver (or anyone else’s) and run your own via PiHole and Unbound.
Tell me you didn't read the article without telling me you didn't read the article. Let me point out the relevant part for you:
"A recursive resolver (also known as a DNS recursor) is the first stop in a DNS query. The recursive resolver acts as a middleman between a client and a DNS nameserver. After receiving a DNS query from a web client, a recursive resolver will either respond with cached data, or send a request to a root nameserver, [...]"See that last part with "or send a request to a root nameserver"? That is the DNS server on the internet your Unbound DNS server will ask if it doesn't have the answer cached for you already.
Umm, Unbound is on your machine. So you’re saying you are your own middle man lol…
Exactly! Since the Unbound DNS server is your server you created your middle man server yourself. "middle man" has a very negative taste but in this case it really isn't bad at all.
It asks the authoritative nameservers, which is who external DNS servers ask. By using Unbound, you are cutting out those external DNS servers, because you/Unbound is the DNS server. You are asking the authoritative name server directly instead of inserting someone else to ask on your behalf.
Okay, so you get it but you don't get it fully. Again: Your Unbound DNS server can't magically know which IPs are behind a domain name. So what does it do? It asks a DNS server on the internet because they know the answer. When you Unbound DNS server got the answer it then tells your computer.
Unbound (your machine) is asking the DNS nameserver.
YES! And where do you think is the DNS server Unbound asks if it doesn't know the answer because it's not cached yet? It's some server on the internet.
You’re saying you are your own middleman lol.
I said you create your own middle man. Unbound is your middle man in this case because you make it look up the IPs behind the domains and it tells your computer these IPs then.
Instead of:
<Client> --> asks --> <DNS server on the internet> --> answers --> <Client>
You do:
<Client> --> asks --> <Unbound DNS (the middle man)> --> asks --> <DNS server on the internet> --> answers --> <Unbound DNS (the middle man)> --> answers --> <Client>
Let me say it again: Your Unbound DNS server being the middle man isn't a bad thing so please don't think "middle man" is always a negative term.I’m saying cut out Cloudfare’s recursive resolver and run your own via PiHole and Unbound.
I just linked Cloudflare's article about it because they explain it well. Doesn't mean one must use Cloudflare's DNS servers.
Did you read the article I linked?
Yes, I did. But I knew what a recursive resolver is before I checked the link because I'm a professional IT administrator and I know how DNS works. It's part of my job.
- Comment on [deleted] 1 year ago:
You don't cut the middle man, you create the middle man with Unbound. And Unbound needs to ask other DNS servers on the internet to resolve DNS queries. Your local DNS server can't just magically know which IP is behind a domain like for example google.com. It needs to ask other DNS servers that know the answer. So unless you're not using hyperlocal you will always need a DNS server on the internet to browse the web.
- Comment on [deleted] 1 year ago:
The question still remains because what upstream DNS server in Pi-hole will you use? You'll always need to use a DNS server on the internet unless you use hyperlocal.
- Comment on Where to store OTP tokens 1 year ago:
Depends on what is secure enough to you. For me that is secure enough but I know a ton of people out there who would say it's not secure enough for them. So in the end it's up to you. Think about the risks and make a decision.
- Comment on What do you use for cloud storage and why? 1 year ago:
I use a Synology NAS which I can access from everywhere as long as I have internet connection.
- Comment on German court declares “Do Not Track” to be legally binding 1 year ago:
The title is misleading. The article only talks about LinkedIn.
- Comment on Addressing Changes to pfSense Plus Home+Lab 1 year ago:
Good choice. I've switched from pfSense to OPNsense over a year ago and I never looked back. Now that the news are out there's one more reason for me to not look back.
- Comment on Looking for a website like tracker control app 1 year ago:
Haha, you're welcome. :D
- Comment on Looking for a website like tracker control app 1 year ago:
Ooh, gotcha! Maybe this one then? I think they recently changed their design.
- Comment on Looking for a website like tracker control app 1 year ago:
RethinkDNS maybe?
- Comment on Recommended DNS provider for use in Australia? 1 year ago:
Yes. Your DNS queries will be sent to a group of DNS servers instead of just one and they all can respond. This helps lowering the latency and improves the reliability since not just one DNS server can respond to your DNS queries. The installation page of NextDNS uses the anycast IP addressess.
- Comment on Recommended DNS provider for use in Australia? 1 year ago:
I doubt you'll notice a difference with a different DNS provider. There are 5 of NextDNS's DNS servers in Australia. As long as you use anycast you should always have good speeds and reliability.
- Comment on What is your favorite cybersecurity tool and why? 1 year ago:
Sadly Plex collects some data about its users. I remember opting out of some telemetry stuff but I can't remember where that was. If you want a self-hosted streaming service like Plex that completely respects your privacy, Jellyfin is what you're looking for. I tried it and it's okay but not as good as Plex imo. But if your main focus is privacy then you should definitely check it out. It's FOSS.
- Comment on DNS-based tracker blocking vs local app-based tracker blocking, 1 year ago:
Sounds like it's pretty much the same as NextDNS this way. Did you ever use NextDNS? If the answer is yes: What made you go with RethinkDNS over NextDNS?
- Comment on NextDNS vs Control D vs Adguard DNS, which one is the best? 1 year ago:
I used Pi-hole and AdGuard Home but they of course only work in your home LAN. So I switched to NextDNS and I'm happy (but not very happy) with it. Their DNS servers are fast and I can choose the blocklists to use myself. It also has a white- and blacklist. And the best part is that I don't need an app on my phone to use it.
The only thing that bugs me are (feature) updates. I've been using it for about a year now and I think nothing has changed this entire time. Also they still offer the Energized blocklists which are dead for over a year now. It feels like the devs don't care much about their product as long as it keeps running and people pay for it which is sad. - Comment on My ISP has taken total control of my network 1 year ago:
Depending on where you live you might just let your ISP give you a modem and you can choose the router yourself. ISPs use the TR-069 protocol which allows them to manage and administrate the router they gave you. This is probably what they did when they made the changes you mentioned. It even allows them to analyze your whole home network. Thanks to this they can spy on you if they want to. So my advice is to just get a modem from them and choose your own router because then they can't spy on you. My advice is to use OPNsense, it's open source.
- Comment on Guard Your Privacy Fortress - Discover the Ultimate List of Privacy Alternatives & Tools! 1 year ago:
Also according to the arkenfox Wiki you shouldn't bother with Decentraleyes.
- Comment on Guard Your Privacy Fortress - Discover the Ultimate List of Privacy Alternatives & Tools! 1 year ago:
The only things I can imagine here are because they had a data breach where the attackers could see the traffic of users and aggressive advertising, which is tbh just annoying. That of course doesn't mean they're bad in terms of their user's privacy.
Mullvad has been visited by the police but Mullvad couldn't deliver them what they wanted because they don't keep data of their users. This is proof that they truly don't keep logs. This incident alone makes me personally prefer Mullvad over NordVPN. - Comment on Google's trying to DRM the internet, and we have to make sure they fail 1 year ago:
I switched back and forth between Firefox and Chromium based browsers like Brave and Vivaldi. To be fair Firefox felt slow in comparison for a long time but that changed in the last few months. I think since about Firefox v114 I don't feel a difference anymore and that's why I'm using Firefox now. Best is to tell those people to try Firefox again because it recently became faster (in my experience).
- Comment on How safe is Bitwarden? 1 year ago:
It's safe. I have a self-hosted Vaultwarden instance on my NAS for years now. I absolutely love Bitwarden.
- Comment on What's your opinion of Anytype? 1 year ago:
It's pretty complicated to use or maybe I'm just too dumb. Also it looks like I can't put images in table cells which makes it unrelevant to me anyway.