I like the “ransomware scumbag” language but at the same time, it feels like companies only give a shit about security after an incident.
I like the “ransomware scumbag” language but at the same time, it feels like companies only give a shit about security after an incident.
What I hate is I love encrypting my flash drives but every OS prompts you to wipe the drive if it doesn’t recognize the encryption scheme of another. 👎
The problem is I need Unbound to send queries via one network interface (the VPN) while the specific zone needs to be routed through another.
I know what split tunneling is, but I have my routing set up exactly as I’d like.
The issue here is that Unbound seems unable to send queries to one forwarding zone using a specific interface/IP address and sending queries to a second forwarding zone using a completely different interface/IP address.
I’m almost at the point where I want to create a virtual interface that just has rules that say “if going to 192.168.143.1
use /dev/tailscale0
” and then have a default route to /dev/wg0
.
I’m not a professional but my current Tailscale + VPN setup has been extremely nice for the past year.
Personally speaking, I’ve never been a fan of this method because to the hosting web server it was still fetched. That might confirm that an email address exists or (mistakenly) confirm that the user did in fact follow the link (or load the resource).
I have ad and tracking blocked like crazy (using DNS) so I can’t follow most links in emails anyway. External assets aren’t loaded either, but this method basically circumvents that (which I hate).
It was originally released in 480, so those DVD rips are probably the “best” quality-wise (unless they did some work on it before releasing for streaming).
If that’s the case it’s probably easier to rent the discs and rip them. Obviously this is a piracy community but hey, technically it’s still piracy if you’re copying rented discs am I right?
I’m usually using it not to search the codebase but to search for something specific with a file.
I always found the code search more distracting than helpful. Just let me use the browser native Command + F ffs.
Here’s what I do about it:
Plain HTTP means anyone between you and the server can see those credentials and gain access.
It it using HTTP Basic Auth by chance? It would be so easy to put nginx (or some other reverse proxy with TLS) in front and just pass the authentication headers.
Especially with music, if any of this is plain HTTP (or any other plaintext, non-encrypted protocol) and you live in a lawsuit happy jurisdiction you might end up with piracy letters in the mail.
IPv6. Stop engineering IoT junk on single-stack IPv4, you dipshits.
Amen
At a high level it involves a terrible custom parser written in Ruby for several formats of DNS blocklists. It finds the proper domain then outputs a large configuration file for Unbound.
I’ve attempted to Dockerize it but honestly, I think it would be better to use a superior parser written in another language that can be statically compiled.
I was using Fly.io to host it in various regions using an Anycast IP, but since I’ve moved onto using VPN for everything I’ve moved it to a few hosts acting as Tailscale exit nodes. Those exit nodes provide the blocking DNS service along with rewriting incoming Tailscale client traffic to route out of another network interface assigned to a VPN provider.
Had I unlimited free time I’d rewrite the parser in Crystal, but part of me thinks there’s got to be something already written by someone in Go.
It’s a common solution but I do something more involved and manual, but it’s the same concept.
Related: I’m a big fan of Beeper, and they were recently acquired by Wordpress too.
I go hard with DNS-based ad blocking and I’m constantly confirming it works by checking the network tab in developer tools. I’m basically only seeing first party scripts and CDN assets — 99% of websites load all the tracking garbage from third-party domains that can be easily blocked.
I use it and it’s pretty great, though it sometimes does feel like a hack (I mean, that’s essentially what it is).
For a better experience pick a search engine in Safari that you’ve blocked with DNS so that you’ll never see a glimpse of it before xSearch redirects you (as you would on a slower network).
They need to switch to Webauthn. SMS-based 2FA should’ve been big 10+ years ago, not today. I don’t really understand why this old style 2FA has been just now becoming popular lately.