nitrohorse Ⓐ @andreas@nitro.horse
- 📍
- Occupied Duwamish territory
Admin
anarchist, privacy advocate, & software developer • he/they • Black Lives Matter • ACAB • #nobot
Single-user instance on https://masto.host. 👋🏼
Joined Aug 2018
nice, I can now get RSS feeds for these email-only newsletters using https://github.com/leafac/kill-the-newsletter.com.
- This Week in Security: this.weekinsecurity.com
- The Wiretap: https://www.forbes.com/newsletter/thewiretap
Quad9 is moving to Switzerland:
“The Swiss government produced findings of law that Quad9 is exempt from both law enforcement and intelligence data-collection and retention requirements, as well as KYC.”
- https://quad9.net/news/blog/quad9-public-domain-name-service-moves-to-switzerland-for-maximum-internet-privacy-protection
- Discussion: https://teddit.net/r/privacytoolsIO/comments/llqd7h/quad9_move_to_switzerland
Help users in Iran reconnect to Signal
“We’ve added support in Signal for a simple TLS proxy that is easy to set up, can be used to bypass the network block, and will securely route traffic to the Signal service.”
Interesting new open-source iOS app, ZudVPN. Deploy a personal IKEv2 VPN with Pi-hole to a VPS *from* the app.
Added to encrypted-dns.party for Apple devices:
- Faelix Privacy DoH: https://faelix.net/ref/dns/#privacy-dns
- Free Radio Munich DoH: https://ffmuc.net/wiki/doku.php?id=knb:dohdot
And now looks like there are signed profiles directly from https://dnsforge.de and https://get.yepdns.com.
FYI Mozilla / Firefox shares user data with Google, Leanplum, and Adjust [1] by default except on Klar [2] [3]. Learn how to opt-out here [4]. Also doesn't hurt to search for "telemetry" in `about:config` (not available on Firefox iOS) and toggle the entries to `false`.
[1] https://support.mozilla.org/en-US/products/privacy-and-security/no-surprises
[2] https://support.mozilla.org/en-US/kb/send-usage-data-firefox-mobile-browsers#w_why-do-you-enable-data-collection-by-default
[3] https://en.wikipedia.org/wiki/Firefox_Focus#Firefox_Klar
[4] https://support.mozilla.org/en-US/kb/send-usage-data-firefox-mobile-browsers#w_how-do-i-turn-off-data-collection-and-reporting
Helpful filterlist for uBlock Origin, "Fuck Fuckadblock," a successor to reek's "Anti-Adblock Killer list."
Watching this video [1] comparing the malware blocking effectiveness of 3rd party DNS resolvers got me thinking...
For some security focused use cases wouldn't it be valuable if there were a way to leverage multiple DNS resolvers with a strategy where DNS requests are sent to multiple resolvers in parallel and responses are returned only once it's determined that no resolver blocked the request? 🤔
Looks like the dev also made an app for AdGuard Home 😯
https://apps.apple.com/us/app/adguard-home-remote/id1543143740
Playing with Pi-hole [1] and PiVPN [2] on a VPS and learned about the Pi-hole Remote iOS app [3] on the subreddit [4]. Wow, it’s really nice! 😍
[1] https://pi-hole.net
[2] https://pivpn.io
[3] https://apps.apple.com/us/app/pi-hole-remote/id1515445551
[4] https://teddit.net/r/pihole
TIL reading CitizenLab's "Great iPwn" report from last month [1] that Turkey’s Government-run Computer Emergency Response Team (USOM) [2] maintains a public filterlist of malicious hosts they observe.
Hosts: https://www.usom.gov.tr/url-list.txt (~90k domains, ~2 MB)
[1] https://citizenlab.ca/2020/12/the-great-ipwn-journalists-hacked-with-suspected-nso-group-imessage-zero-click-exploit/
[2] https://en.wikipedia.org/wiki/TR-CERT
Nice, @ooni’s Probe app recently added a test to validate connectivity to @riseup’s VPN.
“Signal Is A Good Start, But Beware”
https://www.efa.org.au/2021/01/22/signal-is-a-good-start-but-beware/
Good to see: Mullvad had Cure53 audit the security of their infrastructure.
“The security awareness and overall security posture should be regarded as rather good, as expected Cure53 were not able to discover any Personally-Identifiable-Information attached to Mullvad's end-users.”
https://mullvad.net/en/blog/2021/1/20/no-pii-or-privacy-leaks-found-cure53s-infrastructure-audit/
Interesting.. The search engine selection preconfigured in Ghostery's upcoming browser (based on Firefox) includes a new one called Tailcat, "The open, unbiased search engine." No privacy policy or about page yet that I can find - just that it's based in Munich, Barcelona 🤔
Splendid, looks like Ekoru (https://www.ekoru.org, a search engine similar to Ecosia) modified their privacy policy several times in Nov 2020 and now appears to log IP addresses at least...Thanks Wayback Machine!
Proton's blog posts [1] [2] don't state details on the filter lists being used, only that it's a "massive database of sites known to host malware, spyware, or any other malicious software."
But it looks like they mentioned on Reddit [3], "We have both public and proprietary lists that we maintain." 😕
[1] https://protonvpn.com/blog/netshield-ad-blocker/
[2] https://protonvpn.com/support/netshield/
[3] https://teddit.net/r/ProtonVPN/comments/kwb7pf/what_is_the_sources_of_dns_filtering_for/gj7ocwo/#c
Added several more interesting encrypted DNS providers I recently learned about to https://encrypted-dns.party for Apple devices:
- https://doh.tiar.app
- https://ahadns.com (previously pi-dns)
- https://dns.lavate.ch
- https://www.moulticast.net
- https://digitalcourage.de/support/zensurfreier-dns-server
- https://dismail.de/info.html#dns
Signal team needs to address this.
“Signal should warn users who are likely using insecure IME apps”
- 📍
- Occupied Duwamish territory
Admin
anarchist, privacy advocate, & software developer • he/they • Black Lives Matter • ACAB • #nobot
Single-user instance on https://masto.host. 👋🏼
Joined Aug 2018
nitrohorse Ⓐ's choices:
