My neighbor (who hates bees, rabbits, coyotes, and all insects in her yard -- and has replaced their lawn with plastic) has a "Welcome Spring" sign up. 🤔
Yay, mon petit client #DoH qui encode/décode tout seul les requêtes DNS en binaire comprend désormais l'option EDNS 18 (utilisé pour donner le nom de domaine où rapporter les erreurs aka le récent RFC 9567)
Bon, c'est du DoH donc il parle à un résolveur. Résolveur qui bazarde l'option quand elle est reçue d'un serveur faisant autorité, mais ça marche quand même :3
En même temps, elle est bête à manger du foin cette option (le classique doublé d'entiers 16 bits non signés pour le code de l'option et la taille des données et ensuite un nom de domaine pas compressé)
Well, the dnscrypt.ca resolvers are down now. The web site seems to be getting some increased traffic, and I assume that is people waking up to find that their DNS is broken (that's the folks who don't follow the RSS feed). The good news is that I received an offer from someone and we are currently negotiating terms. It looks like dnscrypt.ca will return (and will hopefully have better performance when it does). Superpooch is looking forward to the road ahead. #dnscrypt#DoH#DoT#privacy#DNS
I picked up an old laptop a few weeks ago with a corrupt Windows install on it. I've decided to try Linux again.
#today I downloaded the @linuxmint ISO and ran through the verify process. I went off to burn the DVD, then I remembered my desktop has no DVD burner 🤦♂️
I've just brought a burner from ebay for £5.99. Hopefully getting it by Tuesday.
When you are trying to explain how you know someone, "we are not former lovers" is a bad choice in a noisy bar. He could have said we've known each other since university. #doh
Wondering whether the increased cost of doing a DNS lookup with DNS over TLS or DNS over HTTPS (DoT, DoH) compared to unencrypted DNS means it is safer to host a public recursive resolver.
For example I see #mullvad provide public DoH and DoT servers [1] but no plain DNS, and I've been serving DoT for a while at dns.srcbeat.com too.
I just checked the stats on https://dnscrypt.ca/ and it seems they did almost 30.1M queries yesterday. That's about 355 DNS queries per second. To be honest, I'm feelin' a little proud of that. #dns#dnscrypt#DoH#digitalprivacy
Solltet Ihr irgendwo als Name-Server
8.8.8.8, 8.8.4.4 oder
1.0.0.1, 1.1.1.1 oder
deren IPv6-Äquivalente
eingetragen haben, tut Euch selbst einen (Privacy-)Gefallen und ändert das auf
9.9.9.9, 149.112.112.112 bzw.
2620:fe::fe, 2620:fe::9
Und falls jemand #DoH schreibt, das gibt's da auch ;)
Based on the latest data from the #DepartmentOfHealth (DOH), a total of 158,762 #pneumonia cases were reported from January to October, a 46-percent jump from the 108,982 infections recorded during the same period in 2022. #WalkingPneumonia#Philippines
Last week I did a Mastodon survey asking when was the best weekday for candidates to send an enthusiastic email.
Tuesday, the people voted.
Ok, that makes sense I think.
I compose my enthusiastic email Monday evening, schedule it to be sent Tuesday morning, stress about it all night until 9am of course.
At 9:01am I receive an automatic reply: this person is out of the office for a while.
Failed my job application timing check once again 🙃
The three most popular DNS protocols with transit encryption are DNS-over-HTTPS (DoH), DNS-over-TLS (DoT), and DNS-over-QUIC (DoQ). This should help you choose what to use:
Do you actually need to override OS DNS support? If not, or if you’re unsure, go to 6.
Are you ready to implement DNS protocols correctly, or add a dependency that does so? If you’re not, go to 5.
Does the network filter DNS traffic? If it does, go to 5.
Do you already have QUIC support? If not, use DoT. If you do, use DoQ.
Do you have an HTTPS stack? If you do, use DoH.
Give up and delegate to the OS.
Let your HTTPS stack handle HTTP/1.1 vs. HTTP/2 vs. HTTP/3 support; don’t treat DNS-over-HTTP/3 as a separate protocol. I don’t know enough about DNSCrypt to make an informed recommendation about it, but DoQ and DoH meet my needs well enough.
@danie10 I began using #VPNs a decade ago when our then fascist federal #RWNJ misgovernment in Straya threatened to create a new mandatory data retention law [which they subsequently did indeed do, & no subsequent govt has repealed]. I have no intention of stopping this self-defence response. Ofc it also provides me with a global choice for my nightly entertainment streaming leisure, but my primary incentive was & remains that egregious law.
Subsequently, i've also happily availed myself of #Firefox's #DoH, & most recently, #ECH, which together enhance one's #privacy in conjunction with VPN.
Other protective measures include #uBlockOrigin in #AdvancedMode with thousands of custom dynamic filter rules, canvas fingerprint randomising, other stuff per my curated #userJS, et al.
I make no claims at all that i am now "safe" as i accept these days that's illusory, yet i still derive comfort from a sense that by my proactivity i've at least made it a little harder for the bastards.
Hello la Mastonie, dis tu connaîtrais pas un serveur DNS #DOH qui fasse aussi ECH (encrypted client hello)? C'est pour illustrer mon article de blog avec autre chose que #cloudfare 😇
ping @bortzmeyer@shaft
repouets 😘
If you're implementing DNS-over-HTTP JSON client and wondering what Accept header media type to use… 👀
There's RFC8427, "Representing DNS Messages in JSON"; it defines the JSON structure. You can ignore it. No DoH JSON API provider I tested implements it.
It also defines the application/dns+json media type, registered with IANA. You can ignore it as well. Only CloudFlare cares about the media type — and insists on application/dns-json (yes, with a "-"). 🙄
"On Saturday, the Wall Street Journal reported that relations between President Joe Biden and Attorney General Merrick Garland have reached frostiness of polar proportions."