mastodon.xyz is one of the many independent Mastodon servers you can use to participate in the fediverse.
A Mastodon instance, open to everyone, but mainly English and French speaking.

Administered by:

Server stats:

739
active users

#dnsoverhttps

0 posts0 participants0 posts today
Simon Zerafa<p>Currently doing some DNS testing via my ISP (Ogi) here in Wales at it seems that at the moment <span class="h-card" translate="no"><a href="https://social.aa.net.uk/@aaisp" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>aaisp</span></a></span> has the second fastest DNS over HTTPS resolvers available!</p><p>'DNS over HTTPS | Min | Avg | Max |Std.Dev| Median|<br> ----------------+-------+-------+-------+-------+-------+</p><ul><li>Average Delay | 0.012 | 0.014 | 0.015 | 0.001 | 0.013 |</li><li>Cached Name | 0.012 | 0.012 | 0.012 | 0.000 | 0.012 |</li><li>Uncached Name | 0.013 | 0.014 | 0.014 | 0.001 | 0.013 |</li><li>DotCom Lookup | 0.015 | 0.015 | 0.015 | 0.000 | 0.015 |---&lt;--------&gt;---+-------+-------+-------+-------+-------+ <a href="https://dns.aa.net.uk/dns-query" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">dns.aa.net.uk/dns-query</span><span class="invisible"></span></a> ANDREWS ARNOLD LTD'</li></ul><p>Being a smidgen faster that Quad9 and NextDNS. Not too shabby! 😉🖖</p><p><a href="https://infosec.exchange/tags/DNS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DNS</span></a> <a href="https://infosec.exchange/tags/UK" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>UK</span></a> <a href="https://infosec.exchange/tags/DNSoverHTTPS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DNSoverHTTPS</span></a> <a href="https://infosec.exchange/tags/Internet" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Internet</span></a> <a href="https://infosec.exchange/tags/Performance" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Performance</span></a> <a href="https://infosec.exchange/tags/AAISP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AAISP</span></a></p>
Burkhard :mastodon: :windows:<p><span class="h-card" translate="no"><a href="https://social.tchncs.de/@tarnkappeinfo" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>tarnkappeinfo</span></a></span> <br>Hallo,<br>schöner Artikel - ich habe jedoch ein paar Nachfragen dazu:</p><p>* Warum hat Ihr in Eurem Artikel den neuen europäischen DNS-Resolver DNS4EU nicht erwähnt? Gib es bei dem irgendwelche Gründe, die gegen eine Nutzung sprechen?</p><p>* Ihr habt hier die Verwendung von DNS over HTTPS beschrieben - gibt es einen Grund DNS over TLS (DoT) _nicht_ zu verwenden?</p><p>* Ihr beschreibt nur die Einstellungen für einen Windows 11-Rechner? Keine Beschreibung für das Smart-Phone - egal ob Android oder IOS - für den Betrieb außerhalb des Heimnetzes ... Spricht etwas gegen die Eintragung auf dem Home-Router (z.B. FRITZ!Box) für alle Geräte im Heimnetz?</p><p><a href="https://social.tchncs.de/tags/DNSoverHTTPS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DNSoverHTTPS</span></a> <a href="https://social.tchncs.de/tags/DNSoverTransportLayerSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DNSoverTransportLayerSecurity</span></a> <br><a href="https://social.tchncs.de/tags/Fritzbox" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Fritzbox</span></a><br><a href="https://social.tchncs.de/tags/Android" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Android</span></a> <a href="https://social.tchncs.de/tags/IOS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>IOS</span></a></p>
Tarnkappe.info<p>📬 DNS over HTTPS Windows: So geht’s ganz einfach<br><a href="https://social.tchncs.de/tags/Anleitungen" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Anleitungen</span></a> <a href="https://social.tchncs.de/tags/Datenschutz" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Datenschutz</span></a> <a href="https://social.tchncs.de/tags/DNSoverHTTPS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DNSoverHTTPS</span></a> <a href="https://social.tchncs.de/tags/DNSAbfragen" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DNSAbfragen</span></a> <a href="https://social.tchncs.de/tags/DoHaktivieren" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DoHaktivieren</span></a> <a href="https://social.tchncs.de/tags/ITSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ITSecurity</span></a> <a href="https://social.tchncs.de/tags/Verschl%C3%BCsselung" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Verschlüsselung</span></a> <a href="https://social.tchncs.de/tags/Windows11" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Windows11</span></a> <a href="https://sc.tarnkappe.info/e9f23a" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">sc.tarnkappe.info/e9f23a</span><span class="invisible"></span></a></p>
🚀 Несерьёзный Выдумщик 👨‍🔬<p>Кого из провайдеров DNS-over-HTTPS выбрать и где найти перечень доступных? Есть вот такой <a href="https://github.com/crypt0rr/public-doh-servers/blob/main/dns.list" rel="nofollow noopener noreferrer" target="_blank">список</a><span><br>Для использования добавлять суффикс </span><code>/dns-query</code> указывая DoH-провайдера в настройках браузера. Должно получаться нечто вроде: <code>https://dns1.nextdns.io/dns-query</code><span><br><br>На скриншоте пример с Firefox, а в том же </span><a href="https://shitpost.poridge.club/tags/Vivaldi" rel="nofollow noopener noreferrer" target="_blank">#Vivaldi</a> ещё нет настроек DoH и вот только-только <a href="https://vivaldi.com/blog/desktop/dns-over-https-vivaldi-browser-snapshot-3731-3/" rel="nofollow noopener noreferrer" target="_blank">появляется</a><span>.<br><br></span><i><i>Это лишь о настройке веб-браузеров, т.к. заворачивания в системе всего DNS-трафика в DoH является отдельной темой. Каким образом программы выполняют работу с DNS хорошо расписано в публикациях сродни <a href="https://www.pvsm.ru/linux/422897" rel="nofollow noopener noreferrer" target="_blank">«Как работает DNS в Linux. Часть 1»</a> — почему и каким образом могут идти в обход настроек в системе. Та же проблема, что и при работе софта через прокси — запросы к DNS могут «утекать» мимо, хотя трафик при этом и будет гнаться через проксю.</i></i><span><br><br></span><a href="https://shitpost.poridge.club/tags/DNS" rel="nofollow noopener noreferrer" target="_blank">#DNS</a> <a href="https://shitpost.poridge.club/tags/privacy" rel="nofollow noopener noreferrer" target="_blank">#privacy</a> <a href="https://shitpost.poridge.club/tags/security" rel="nofollow noopener noreferrer" target="_blank">#security</a> <a href="https://shitpost.poridge.club/tags/DoH" rel="nofollow noopener noreferrer" target="_blank">#DoH</a> <a href="https://shitpost.poridge.club/tags/DNS-over-HTTPS" rel="nofollow noopener noreferrer" target="_blank">#DNS-over-HTTPS</a> <a href="https://mastodon.social/@russian_mastodon" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@russian_mastodon@mastodon.social</a> <a href="https://3zi.ru/@Russia" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@Russia@3zi.ru</a></p>
MOVED to: https://mastodon.au/@Linux<p><span>Dynamic between DNS-over-HTTPS, DNS-over-TLS, DNS-over-QUIC, with DNS-over-IP Fallback.<br><br>Why pick one, when you can have them all?<br><br></span><a href="https://discourse.nixos.org/t/dynamic-between-dns-over-https-dns-over-tls-dns-over-quic-with-dns-over-ip-fallback/64968" rel="nofollow noopener noreferrer" target="_blank">https://discourse.nixos.org/t/dynamic-between-dns-over-https-dns-over-tls-dns-over-quic-with-dns-over-ip-fallback/64968</a><span><br><br></span><a href="https://mk.absturztau.be/tags/DNS" rel="nofollow noopener noreferrer" target="_blank">#DNS</a> <a href="https://mk.absturztau.be/tags/Linux" rel="nofollow noopener noreferrer" target="_blank">#Linux</a> <a href="https://mk.absturztau.be/tags/NixOS" rel="nofollow noopener noreferrer" target="_blank">#NixOS</a> <a href="https://mk.absturztau.be/tags/Nix" rel="nofollow noopener noreferrer" target="_blank">#Nix</a> <a href="https://mk.absturztau.be/tags/DnsOverHttps" rel="nofollow noopener noreferrer" target="_blank">#DnsOverHttps</a> <a href="https://mk.absturztau.be/tags/DnsOverTls" rel="nofollow noopener noreferrer" target="_blank">#DnsOverTls</a> <a href="https://mk.absturztau.be/tags/DnsOverIp" rel="nofollow noopener noreferrer" target="_blank">#DnsOverIp</a> <a href="https://mk.absturztau.be/tags/DnsOverQuic" rel="nofollow noopener noreferrer" target="_blank">#DnsOverQuic</a></p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://hachyderm.io/@laird" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>laird</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.bsd.cafe/@nuintari" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>nuintari</span></a></span> <span class="h-card" translate="no"><a href="https://infosec.exchange/@todb" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>todb</span></a></span> <span class="h-card" translate="no"><a href="https://infosec.exchange/@malwaretech" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>malwaretech</span></a></span> <span class="h-card" translate="no"><a href="https://infosec.exchange/@iagox86" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>iagox86</span></a></span> <span class="h-card" translate="no"><a href="https://infosec.exchange/@charlvdwalt" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>charlvdwalt</span></a></span> <span class="h-card" translate="no"><a href="https://mamot.fr/@pluralistic" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>pluralistic</span></a></span> I guess the only workaround is to use <span class="h-card" translate="no"><a href="https://mastodon.social/@torproject" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>torproject</span></a></span> / <a href="https://infosec.space/tags/TorBrowser" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TorBrowser</span></a> and/or use <a href="https://infosec.space/tags/DNSoverTLS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DNSoverTLS</span></a> / <a href="https://infosec.space/tags/DNSoverHTTPS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DNSoverHTTPS</span></a> to verify said <a href="https://infosec.space/tags/DNS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DNS</span></a> results.</p><p>I have <a href="https://github.com/greyhat-academy/lists.d/blob/main/dns.servers.list.tsv" rel="nofollow noopener noreferrer" target="_blank">a list of Servers ready</a> for the latter. I do recommend <a href="https://infosec.space/tags/OpenNIC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenNIC</span></a> personally... </p><ul><li>Feedback &amp; Contributions welcome...</li></ul>
Daniël Franke :panheart:<p>So, on a lark, I got the cheapest EU cloud instance I could find, and I set up <a href="https://social.ainmosni.eu/tags/adguard" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AdGuard</span></a> and enabled <a href="https://social.ainmosni.eu/tags/dnsoverhttps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DNSoverHTTPS</span></a>.<br><br>Then I loaded the <a href="https://social.ainmosni.eu/tags/doh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DoH</span></a> profile into my mobile devices and now I have ad blocking, encrypted DNS no matter where I am.<br><br>This is a huge quality of life improvement, one fewer vector for <a href="https://social.ainmosni.eu/tags/ads" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ads</span></a> to attack my mental health.</p>
Dariusz Więckiewicz :verified:<p>🇬🇧 𝗦𝗲𝗰𝘂𝗿𝗶𝗻𝗴 𝗗𝗡𝗦 𝗧𝗿𝗮𝗳𝗳𝗶𝗰 𝗼𝗻 𝗪𝗶𝗻𝗱𝗼𝘄𝘀 𝟭𝟭 𝘄𝗶𝘁𝗵 𝗖𝗹𝗼𝘂𝗱𝗳𝗹𝗮𝗿𝗲 𝗳𝗼𝗿 𝗙𝗮𝗺𝗶𝗹𝗶𝗲𝘀</p><p>𝖫𝖾𝖺𝗋𝗇 𝗁𝗈𝗐 𝗍𝗈 𝗌𝖾𝖼𝗎𝗋𝖾 𝖣𝖭𝖲 𝗍𝗋𝖺𝖿𝖿𝗂𝖼 𝗈𝗇 𝖶𝗂𝗇𝖽𝗈𝗐𝗌 𝟣𝟣 𝗎𝗌𝗂𝗇𝗀 𝖢𝗅𝗈𝗎𝖽𝖿𝗅𝖺𝗋𝖾 𝖿𝗈𝗋 𝖥𝖺𝗆𝗂𝗅𝗂𝖾𝗌. 𝖥𝗈𝗅𝗅𝗈𝗐 𝗌𝗍𝖾𝗉-𝖻𝗒-𝗌𝗍𝖾𝗉 𝗂𝗇𝗌𝗍𝗋𝗎𝖼𝗍𝗂𝗈𝗇𝗌 𝗍𝗈 𝖾𝗇𝖺𝖻𝗅𝖾 𝖾𝗇𝖼𝗋𝗒𝗉𝗍𝖾𝖽 𝖣𝖭𝖲 𝖺𝗇𝖽 𝖻𝗅𝗈𝖼𝗄 𝗆𝖺𝗅𝗐𝖺𝗋𝖾 𝗈𝗋 𝖺𝖽𝗎𝗅𝗍 𝖼𝗈𝗇𝗍𝖾𝗇𝗍. 𝖨𝗆𝗉𝗋𝗈𝗏𝖾 𝗇𝖾𝗍𝗐𝗈𝗋𝗄 𝗌𝖾𝖼𝗎𝗋𝗂𝗍𝗒 𝗐𝗂𝗍𝗁𝗈𝗎𝗍 𝗂𝗇𝗌𝗍𝖺𝗅𝗅𝗂𝗇𝗀 𝖾𝗑𝗍𝗋𝖺 𝗌𝗈𝖿𝗍𝗐𝖺𝗋𝖾. 𝖯𝖾𝗋𝖿𝖾𝖼𝗍 𝖿𝗈𝗋 𝗁𝗈𝗆𝖾 𝗈𝗋 𝗐𝗈𝗋𝗄𝗉𝗅𝖺𝖼𝖾 𝗌𝖾𝗍𝗎𝗉𝗌!</p><p><a href="https://dariusz.wieckiewicz.org/en/securing-dns-traffic-on-windows-11-with-cloudflare-for-families/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">dariusz.wieckiewicz.org/en/sec</span><span class="invisible">uring-dns-traffic-on-windows-11-with-cloudflare-for-families/</span></a></p><p><a href="https://seocommunity.social/tags/Windows11" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Windows11</span></a><br><a href="https://seocommunity.social/tags/DNSoverHTTPS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DNSoverHTTPS</span></a><br><a href="https://seocommunity.social/tags/Cloudflare" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cloudflare</span></a></p>
Mika<p>Bruh I'm still so confused about this - can any <a href="https://sakurajima.social/tags/networking" rel="nofollow noopener noreferrer" target="_blank">#networking</a> people or anyone with <a href="https://sakurajima.social/tags/PiHole" rel="nofollow noopener noreferrer" target="_blank">#PiHole</a>/<a href="https://sakurajima.social/tags/Pi-hole" rel="nofollow noopener noreferrer" target="_blank">#Pi-hole</a><span> experience chime in and tell if my goal is privacy, and if I were to prioritise one, it'd be better privacy against my ISP, what should I use on my Pi-hole DNS server?<br><br>- </span><a href="https://sakurajima.social/tags/Unbound" rel="nofollow noopener noreferrer" target="_blank">#Unbound</a><span> as a recursive DNS server<br>- Enable </span><a href="https://sakurajima.social/tags/DNS-Over-TLS" rel="nofollow noopener noreferrer" target="_blank">#DNS-Over-TLS</a> (<a href="https://sakurajima.social/tags/DoT" rel="nofollow noopener noreferrer" target="_blank">#DoT</a>) using Unbound and upstream DNS provider set to something like <a href="https://sakurajima.social/tags/Cloudflare" rel="nofollow noopener noreferrer" target="_blank">#Cloudflare</a><span><br>- or Enable </span><a href="https://sakurajima.social/tags/DNS-Over-HTTPS" rel="nofollow noopener noreferrer" target="_blank">#DNS-Over-HTTPS</a> (<a href="https://sakurajima.social/tags/DoH" rel="nofollow noopener noreferrer" target="_blank">#DoH</a>) using <a href="https://sakurajima.social/tags/Cloudflared" rel="nofollow noopener noreferrer" target="_blank">#Cloudflared</a><span><br><br>I initially thought you could have Pi-hole be all three but I don't think so, no?</span></p>
:mima_rule: Mima-sama<p>Man, if <a href="https://makai.chaotic.ninja/tags/DNSoverHTTPS" rel="nofollow noopener noreferrer" target="_blank">#DNSoverHTTPS</a> is just this simple... ​:sagume_think:​<span><br><br></span><a href="http://mima.localghost.org/dns/chaotic.ninja/AAAA" rel="nofollow noopener noreferrer" target="_blank">http://mima.localghost.org/dns/chaotic.ninja/AAAA</a><span><br></span></p><pre><code>#!/bin/sh if [ $REQUEST_METHOD == "GET" ] then DNS_DOMAIN=$(echo "$QUERY_STRING" | sed -n 's/^.*domain=\([^&amp;]*\).*$/\1/p' | sed "s/%20/ /g") DNS_TYPE=$(echo "$QUERY_STRING" | sed -n 's/^.*type=\([^&amp;]*\).*$/\1/p' | sed "s/%20/ /g") [ -z $DNS_TYPE ] &amp;&amp; DNS_TYPE=A if [ -d "$DNS_DOMAIN" ] then DNS_STATUS="NOERROR" LOCAL_REC="$DNS_DOMAIN/$DNS_TYPE" [ -e "$LOCAL_REC" ] &amp;&amp; DNS_REC=$(cat "$LOCAL_REC") else DIG_RESPONSE=$(dig +noall +answer +comments "$DNS_DOMAIN" "$DNS_TYPE") DNS_STATUS=$(echo "$DIG_RESPONSE" | grep status | cut -d ':' -f 3 | cut -w -f 2 | cut -d ',' -f 1) if [ $DNS_STATUS == "NOERROR" ] then DNS_ANSWER=$(echo "$DIG_RESPONSE" | grep IN) DNS_REC=$(echo "$DNS_ANSWER" | cut -w -f 5-) DNS_TTL=$(echo "$DNS_ANSWER" | cut -w -f 2) fi fi fi httpstatus() { case $1 in 200) httpsemantic="OK";; 404) httpsemantic="Not Found";; esac printf "HTTP/1.0 $1 $httpsemantic\r\n" echo "Status: $1 $httpsemantic" } case $DNS_STATUS in "NOERROR") if [ ! -z "$DNS_REC" ] then httpstatus 200 echo "Cache-Control: private, max-age=$DNS_TTL" ANSWER="$DNS_REC" else httpstatus 404 ANSWER="NOERROR, but no $DNS_TYPE record" fi ;; "NXDOMAIN") httpstatus 404 ANSWER="$DNS_STATUS" ;; esac echo "Content-Type: text/plain" echo echo "$ANSWER"</code></pre><span><br>With the following </span><a href="https://makai.chaotic.ninja/tags/nginx" rel="nofollow noopener noreferrer" target="_blank">#nginx</a> directives too assuming you got a <a href="https://makai.chaotic.ninja/tags/fastcgi" rel="nofollow noopener noreferrer" target="_blank">#fastcgi</a><span> set up already:<br></span><pre><code>upstream dohexperiment { server 127.0.0.1:80; } [...] location ~ /dns/(.*)/(.*)$ { proxy_pass http://dohexperiment/dns/index.cgi?domain=$1&amp;type=$2; } location ~ /dns/(.*[^\/])$ { proxy_pass http://dohexperiment/dns/index.cgi?domain=$1; }</code></pre><span><br></span><a href="https://makai.chaotic.ninja/tags/DNS" rel="nofollow noopener noreferrer" target="_blank">#DNS</a> <a href="https://makai.chaotic.ninja/tags/HTTP" rel="nofollow noopener noreferrer" target="_blank">#HTTP</a> <a href="https://makai.chaotic.ninja/tags/REST" rel="nofollow noopener noreferrer" target="_blank">#REST</a><span><br><br>RE: </span><a href="https://makai.chaotic.ninja/notes/9vyxx3nwty" rel="nofollow noopener noreferrer" target="_blank">https://makai.chaotic.ninja/notes/9vyxx3nwty</a><p></p>
Mauricio Teixeira 🇺🇸🇧🇷<p>I wrote a very basic <a href="https://hachyderm.io/tags/Ansible" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Ansible</span></a> playbook to help people set up <a href="https://hachyderm.io/tags/PiHole" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PiHole</span></a> with <a href="https://hachyderm.io/tags/DNSOverHTTPS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DNSOverHTTPS</span></a> (<a href="https://hachyderm.io/tags/DoH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DoH</span></a>) directly installed on a Debian-based host (Raspberry Pi or small VM). It's available on my GitHub repo. I hope you find it useful! <a href="https://hachyderm.io/tags/HomeLab" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>HomeLab</span></a> <a href="https://hachyderm.io/tags/SelfHosted" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SelfHosted</span></a><br><a href="https://github.com/badnetmask/miscelaneous/tree/main/ansible/pihole-doh" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/badnetmask/miscelan</span><span class="invisible">eous/tree/main/ansible/pihole-doh</span></a></p>
Ciourte Piaille<p>There should be a way to fill in a secondary server for DNS over HTTPS providers in Firefox.<br><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1563404" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">bugzilla.mozilla.org/show_bug.</span><span class="invisible">cgi?id=1563404</span></a></p><p><a href="https://piaille.fr/tags/Firefox" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Firefox</span></a> <a href="https://piaille.fr/tags/DoH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DoH</span></a> <a href="https://piaille.fr/tags/DNSoverHTTPS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DNSoverHTTPS</span></a> <a href="https://piaille.fr/tags/missingFeature" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>missingFeature</span></a></p>
Tarnkappe.info<p>📬 Proxy-Trojaner für macOS verbirgt sich in gecrackter Software<br><a href="https://social.tchncs.de/tags/Cyberangriffe" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cyberangriffe</span></a> <a href="https://social.tchncs.de/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Malware</span></a> <a href="https://social.tchncs.de/tags/Szene" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Szene</span></a> <a href="https://social.tchncs.de/tags/CommandandControlServer" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CommandandControlServer</span></a> <a href="https://social.tchncs.de/tags/DNSoverHTTPS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DNSoverHTTPS</span></a> <a href="https://social.tchncs.de/tags/KasperskyLab" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>KasperskyLab</span></a> <a href="https://social.tchncs.de/tags/PKGInstallationsprogramm" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PKGInstallationsprogramm</span></a> <a href="https://social.tchncs.de/tags/proxytrojaner" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>proxytrojaner</span></a> <a href="https://social.tchncs.de/tags/proxyserver" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>proxyserver</span></a> <a href="https://social.tchncs.de/tags/SergeyPuzan" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SergeyPuzan</span></a> <a href="https://social.tchncs.de/tags/WebSocket" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WebSocket</span></a> <a href="https://tarnkappe.info/artikel/it-sicherheit/malware/proxy-trojaner-fuer-macos-verbirgt-sich-in-gecrackter-software-284338.html" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">tarnkappe.info/artikel/it-sich</span><span class="invisible">erheit/malware/proxy-trojaner-fuer-macos-verbirgt-sich-in-gecrackter-software-284338.html</span></a></p>
Matthew Gall<p>Just open sourced my new (experimental) DNS-over-HTTPs proxy, that distributes queries to upstream resolvers so that no provider has enough query data to attribute to a person.</p><p><a href="https://matthewgall.codes/matthew/doh-proxy" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">matthewgall.codes/matthew/doh-</span><span class="invisible">proxy</span></a></p><p>Or try it now by setting your browser to use <a href="https://freedom.mydns.network/dns-query" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">freedom.mydns.network/dns-quer</span><span class="invisible">y</span></a> (no logs, no filters) or for more paranoia, <a href="https://paranoia.mydns.network/dns-query" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">paranoia.mydns.network/dns-que</span><span class="invisible">ry</span></a> (no logs, no filters, no use of Google or Cloudflare upstreams)</p><p><a href="https://social.gall.family/tags/doh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>doh</span></a> <a href="https://social.gall.family/tags/oss" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>oss</span></a> <a href="https://social.gall.family/tags/opensource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>opensource</span></a> <a href="https://social.gall.family/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosec</span></a> <a href="https://social.gall.family/tags/opsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>opsec</span></a> <a href="https://social.gall.family/tags/dnsoverhttps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>dnsoverhttps</span></a> <a href="https://social.gall.family/tags/dns" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>dns</span></a></p>
ocdtrekkie<p>Days since DNS-over-HTTPS (DoH) silently screwed with me and caused me irritation: 0</p><p>(Obviously, days since it was DNS is also now also 0.)</p><p>My Windows machines all disable DoH in Firefox by policy, but apparently my Linux machine started to silently start using it and broke my stuff.</p><p><a href="https://mastodon.social/tags/doh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>doh</span></a> <a href="https://mastodon.social/tags/dnsoverhttps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>dnsoverhttps</span></a></p>
Tobia Alberti<p>I have updated the <a href="https://hachyderm.io/tags/SecureDNS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SecureDNS</span></a> chapter of my Good Privacy Practices guide today: <a href="https://preciselyprivate.wordpress.com/good-privacy-practices/#secure-dns" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">preciselyprivate.wordpress.com</span><span class="invisible">/good-privacy-practices/#secure-dns</span></a></p><p>Feedback is welcome 🙂</p><p><a href="https://hachyderm.io/tags/PreciselyPrivate" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PreciselyPrivate</span></a> <a href="https://hachyderm.io/tags/DNS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DNS</span></a> <a href="https://hachyderm.io/tags/DNSOverHTTPS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DNSOverHTTPS</span></a> <a href="https://hachyderm.io/tags/DoH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DoH</span></a></p>
John Shaft<p>Bref, Mozilla a activé <a href="https://piaille.fr/tags/EncryptedClientHello" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>EncryptedClientHello</span></a> dans <a href="https://piaille.fr/tags/Firefox" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Firefox</span></a> 118 , mais uniquement s'il est configuré pour utiliser <a href="https://piaille.fr/tags/DNSoverHTTPS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DNSoverHTTPS</span></a>.</p><p>Y en dans Chrome aussi, a priori avec les mêmes conditions pour en profiter (ça semblerait logique)</p><p><a href="https://www.nextinpact.com/article/72598/mozilla-deploie-encrypted-client-hello-pour-chiffrer-adresses-sites-visites" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">nextinpact.com/article/72598/m</span><span class="invisible">ozilla-deploie-encrypted-client-hello-pour-chiffrer-adresses-sites-visites</span></a></p>
MattPounsett<p>When <a href="https://fosstodon.org/tags/DoH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DoH</span></a> was being standardized, many of us warned the browser vendors pushing the technology that they were trading a minor improvement in users’ privacy (over technologies like <a href="https://fosstodon.org/tags/DoT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DoT</span></a>) for a major decrease in user security. And, well… here we are…</p><p><a href="https://www.bleepingcomputer.com/news/security/chinese-hackers-use-dns-over-https-for-linux-malware-communication/" rel="nofollow noopener noreferrer" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bleepingcomputer.com/news/secu</span><span class="invisible">rity/chinese-hackers-use-dns-over-https-for-linux-malware-communication/</span></a></p><p><a href="https://fosstodon.org/tags/DNS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DNS</span></a> <a href="https://fosstodon.org/tags/DNSoverHTTPS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DNSoverHTTPS</span></a> <a href="https://fosstodon.org/tags/DNSoverTLS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DNSoverTLS</span></a> <a href="https://fosstodon.org/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a></p>
Kevin Karhan :verified:<p><span class="h-card"><a href="https://catgirl.is/@me" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>me</span></a></span> <span class="h-card"><a href="https://infosec.exchange/@BleepingComputer" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>BleepingComputer</span></a></span> that is a very serious and valid question that <span class="h-card"><a href="https://mozilla.social/@mozilla" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>mozilla</span></a></span> <span class="h-card"><a href="https://mastodon.social/@torproject" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>torproject</span></a></span> need to answer.</p><p>Espechally since <a href="https://mstdn.social/tags/DNSoverHTTPS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DNSoverHTTPS</span></a> can be abused to <a href="https://mstdn.social/tags/leak" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>leak</span></a> shit if misconfigured.</p><p>I disabled <a href="https://mstdn.social/tags/DNSoverHTTPS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DNSoverHTTPS</span></a> since I have my stuff in my network secured...</p>
John Shaft<p>J'ai testé 5 minutes Windows 11 dans une VM VirtualBox pour essayer de voir comment y configurer <a href="https://piaille.fr/tags/DNSoverHTTPS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DNSoverHTTPS</span></a> à l'échelle du système :<br>- Ça rame comme pas permis<br>- Impossible de d'améliorer ça (je pense que c'est la transparence qui fait ramer, mais faut une licence pour désactiver)<br>- Impossible de monter la résolution à plus de 1280×960 (licence toussa)<br>- Système en français, clavier en QWERTY, parce que<br>- Trouvé les paramètres DoH : marche pas, prend pas en compte les modifs</p><p>VM effacée</p>