nice, I can now get RSS feeds for these email-only newsletters using https://github.com/leafac/kill-the-newsletter.com.
- This Week in Security: this.weekinsecurity.com
- The Wiretap: https://www.forbes.com/newsletter/thewiretap
Quad9 is moving to Switzerland:
“The Swiss government produced findings of law that Quad9 is exempt from both law enforcement and intelligence data-collection and retention requirements, as well as KYC.”
- https://quad9.net/news/blog/quad9-public-domain-name-service-moves-to-switzerland-for-maximum-internet-privacy-protection
- Discussion: https://teddit.net/r/privacytoolsIO/comments/llqd7h/quad9_move_to_switzerland
Blocklist for ScamClub domains:
Help users in Iran reconnect to Signal
“We’ve added support in Signal for a simple TLS proxy that is easy to set up, can be used to bypass the network block, and will securely route traffic to the Signal service.”
@polymerwitch this fragile script I wrote may interest you (and hopefully still works)—will generate a .ovpn file for connecting to riseup which you could do so using 3rd party OpenVPN apps. Although their API options are limited to TCP/443, I think UDP/1194 is supported and you can select the server, just need to modify the file 🙂
Interesting new open-source iOS app, ZudVPN. Deploy a personal IKEv2 VPN with Pi-hole to a VPS *from* the app.
Added to encrypted-dns.party for Apple devices:
- Faelix Privacy DoH: https://faelix.net/ref/dns/#privacy-dns
- Free Radio Munich DoH: https://ffmuc.net/wiki/doku.php?id=knb:dohdot
And now looks like there are signed profiles directly from https://dnsforge.de and https://get.yepdns.com.
a compelling spam email I received
from 1a45b1090000e3bc@comsoft.co.in:
Congratulations,
Because of the coronavirus pandemic, the United Nations decided to reward so many people around the world with EUR 5,000,000.
Your email address was one of the lucky winners. To receive the award, contact us at unitednation.donation26@gmail.com with your full name, country and phone number, occupation and monthly income.
United Nations
@silmathoron good to know! You’re right, looks like sharing is disabled by default.
@andreas
Fennec, the open-source version of FF on F-droid does not track anything
mozilla conflict of interest
Nice, the filter list has been added to NextDNS.
https://github.com/nextdns/metadata/commit/983fa4d5c4bb6ee4a38ad33f0b320d9ea9532241
FYI Mozilla / Firefox shares user data with Google, Leanplum, and Adjust [1] by default except on Klar [2] [3]. Learn how to opt-out here [4]. Also doesn't hurt to search for "telemetry" in `about:config` (not available on Firefox iOS) and toggle the entries to `false`.
[1] https://support.mozilla.org/en-US/products/privacy-and-security/no-surprises
[2] https://support.mozilla.org/en-US/kb/send-usage-data-firefox-mobile-browsers#w_why-do-you-enable-data-collection-by-default
[3] https://en.wikipedia.org/wiki/Firefox_Focus#Firefox_Klar
[4] https://support.mozilla.org/en-US/kb/send-usage-data-firefox-mobile-browsers#w_how-do-i-turn-off-data-collection-and-reporting
Added to SSL Server Test 🙂
https://addons.mozilla.org/en-US/firefox/addon/qualys-ssl-server-test/
Some helpful guides I've found on GitHub for a WireGuard/Pi-hole/encrypted DNS setup:
- https://github.com/mgrimace/PiHole-with-PiVPN-and-Unbound-on-VPS-
- https://github.com/IAmStoxe/wirehole
- https://github.com/chadgeary/cloudblock
Helpful filterlist for uBlock Origin, "Fuck Fuckadblock," a successor to reek's "Anti-Adblock Killer list."
Found a blog post related to that comparison video w/ a more fleshed out script to test DNS blocking effectiveness.
https://www.andryou.com/2020/05/31/comparing-malware-blocking-dns-resolvers-redux/
Source: https://pastebin.com/raw/qNxYF6bp
Some fitler list ideas: https://firebog.net
Pros: increased security due to leveraging threat intelligence feeds across multiple providers.
Cons: latency is coupled to the slowest resolver, and decreased privacy due to sending DNS requests to multiple 3rd party resolvers (rather than one or even none w/ something like Unbound).
I wonder if this idea has been implemented anywhere...
Watching this video [1] comparing the malware blocking effectiveness of 3rd party DNS resolvers got me thinking...
For some security focused use cases wouldn't it be valuable if there were a way to leverage multiple DNS resolvers with a strategy where DNS requests are sent to multiple resolvers in parallel and responses are returned only once it's determined that no resolver blocked the request? 🤔
Oh this is helpful, an easy way to check which filter lists contain a given domain.
anarchist, privacy advocate, & software developer • he/they • Black Lives Matter • ACAB • #nobot
Single-user instance on https://masto.host. 👋🏼