Kyle Rankin @kyle@librem.one

@n0btc@mastodon.radio Sounds like it would be possible if you set up a DNS server in the pihole server and pointed it to localhost.

@fribbledom I'll give you a (hopefully) safe example: the Oxford comma debate. As a pro writer of both books and mag articles I can tell you that there is no one "style" but instead a few high-level ones (AP/Chicago/MLA) + a "house" style a pub bases on one of those. I know each major + house style for my pubs and apply Oxford comma when it's house style and I don't when it's not. It's like MMA for grammar.

@abbluiz Funny you should say that... :)

@fribbledom Simplifying a dispute into only two sides allows those in power on each side to silence any critique and shut down attempts to bridge differences: "You are with us or else you are with our enemy."

I'm reading through many of my old (some a decade old) Linux Journal articles right now and I'm uncovering all of these really interesting and still-useful articles I had forgotten about.

Someone just referred to warrant canaries as a dead man's switch, so my brain went immediately to this. Apologies to Oingo Boingo:

I was struck by lightnin'
Walkin' down the street
I was served with warrants that I had to meet
It's a dead man's switch
Who could ask for more
Government is coming, leave canary at the door
Leave warrant canary at the door

Don't run away, it's canary
Don't be afraid of what you can't see
Don't run away, it's canary
Don't be afraid of what you can't see

@thibaultamartin @infosechandbook@mastodon.at Some of the experts on our team are investigating that. Hope to report our findings soon.

@tga yup there's certainly plenty of dehumanizing and extreme rhetoric there too. It all leads to justifying more extreme behavior in the minds of those who buy in.

@tga @jlcrawf Straw man. One diff between a govt. and a private group targeting minorities is that the govt. has more power and resources to bear. Of course companies are starting to wield quasi-govt power so if a private group can get help from them then they also start to have a similar level of power.

But the original point was to highlight the ethical risks involved in dehumanizing and extreme rhetoric, regardless of the target. If one has greater power, it just increases scope of abuse.

@irl The goal is to have control over the DNS logs instead of giving them to Google or other big data firms. If you do not trust your ISP and think they sniff and capture all DNS traffic that goes over their wires, then the solution is to use a trusted VPN as they would probably also sniff all initial SNI requests too.

@jlcrawf I'm not espousing any personal views about the far right, the far left, or Islam. I was only pointing out the similarities in some of the sentiments and rhetoric I see in social media today to those I saw in the aughts for the War on Terror and those I wasn't alive for but read about in the 1950s for the Cold War. All in the context of how similar thinking was used to justify the abuses documented in that book.

Look what arrived! Excited to read this book. While today fascism and the far right is the existential threat that justifies any means to eradicate, it wasn't always this way. 18 yrs ago today it was radical (and non-radical) Islam and in the 1950s it was communism and the far left. This book documents CIA studies into mind control to counter the communist threat that resulted in torture of US citizens, death, and countless other atrocities.

@jeremiahlee Cloudflare says they don't sell it for ads, but to answer your question in general, the value is the association of a series of websites with an individual, even if you don't know *who* the individual is.

Advertisers find a lot of value in "someone who likes X also likes Y but doesn't like Z" so that when they do have a target in mind that likes X, they know to market Y to them but not Z. This is why social graphs are valuable--friends/colleagues often share preferences.

@zeh This is why Purism incorporated as a Social Purpose Corporation, specifically so we could put our social purpose ahead of profits.

@jeremiahlee it's your entire browsing history. Every site you visit. Very valuable data and their privacy policy is vague about which data they keep indefinitely, so you focus on the "24hrs" part.

Why is it that the best minds in our industry seem unable to improve security without creating products that coincidentally give their employer more control over people and their data? Vendor lock-in is preventing real innovation in infosec.

Ask yourself why all these companies are fighting each other to be your default DNS provider. Why do their "privacy" solutions always give them your data instead? It's valuable data and it's easy to control it yourself. #privacy https://www.linuxjournal.com/content/own-your-dns-data

Disappointed that Firefox is giving Cloudflare user DNS resolution data by default via DoH. I trust my ISP but if I didn't, I'd use a trusted VPN to protect *all* my traffic. DoH is just a DNS-only VPN. What's worse, if you do use a VPN for #privacy FF will still leak your DNS data to Cloudflare by default. https://blog.mozilla.org/futurereleases/2019/09/06/whats-next-in-making-dns-over-https-the-default/

"The researchers have named their attack NetCAT, short for Network Cache ATtack"

Seriously, netcat? I guess what they say about the two hardest problems in computer science is true... #infosec https://arstechnica.com/information-technology/2019/09/weakness-in-intel-chips-lets-researchers-steal-encrypted-ssh-keystrokes/

Marshmallow technique is important. Crisp, toasted (not burnt) outside, melted inside. #camping #smorn