Post AFdcjxpvrXWbEwInJI by reynir@mcd.dk
(DIR) More posts by reynir@mcd.dk
(DIR) Post #AFdNuDWQttGRTGc208 by rune@mcd.dk
2022-01-19T23:28:04Z
0 likes, 0 repeats
lol, "DNS4EU" more like "pls let us decide what you can do on the web"It would have been a thousand times better if they just wrote some legislation on how DNS must be run / how DNS customer data can be used.
(DIR) Post #AFdNuE0Z5rMoyii5y4 by reynir@mcd.dk
2022-01-20T11:11:32Z
0 likes, 0 repeats
@rune what is DNS4EU?
(DIR) Post #AFdNuESvOQ3IOfykAi by rune@mcd.dk
2022-01-20T11:17:14Z
0 likes, 0 repeats
@reynir A planned government hosted alternative to 8.8.8.8 / 1.1.1.1 with focus on avoiding American centralization, GDPR/privacy aspects, and support for encryption.But it just has heavy undertones of DNS censorship already and they haven't even built anything yet.https://torrentfreak.com/the-eu-wants-its-own-dns-resolver-that-can-block-unlawful-traffic-220119/
(DIR) Post #AFdNuEuDkvt1lKkXia by reynir@mcd.dk
2022-01-20T11:27:13Z
0 likes, 0 repeats
@rune it's like they don't understand how DNS works 🥳
(DIR) Post #AFdNuFME4oHvABquMy by rune@mcd.dk
2022-01-20T11:34:41Z
0 likes, 0 repeats
@reynir It's strange on multiple levels:- easy to avoid any blocks- It doesn't actually prevent customer info from leaking over DNS since DNS4EU is just a resolver still using the same root servers- It just moves the centralization from US to EU but doesn't actually deal with centralization
(DIR) Post #AFdNuFnsQ0PEXwmzT6 by reynir@mcd.dk
2022-01-20T12:09:21Z
0 likes, 0 repeats
@rune it also seems to ignore the fact that pretty much all ISPs in Europe run their own resolvers?
(DIR) Post #AFdNuGGahFNHz0DvE0 by rune@mcd.dk
2022-01-20T12:12:25Z
0 likes, 0 repeats
@reynir and that many of those resolvers do in fact respect DNS censorship rules as declared by law. (E.g. piratebay being DNS blocked by many EU ISP resolvers)
(DIR) Post #AFdNuGht3lD1Lezils by reynir@mcd.dk
2022-01-20T14:22:59Z
0 likes, 1 repeats
@rune Gonna plug https://uncensoreddns.org/ while we're talking about DNS
(DIR) Post #AFdVh7lBoMtNT9mZiS by PCOWandre@jauntygoat.net
2022-01-20T15:53:01Z
0 likes, 0 repeats
@rune @reynir Hosting local caching recursive nameservers used to just be a standard thing. When did we all start trusting outside nameservers?
(DIR) Post #AFdWXf9EvANm4v5Gt6 by rune@mcd.dk
2022-01-20T16:02:35Z
0 likes, 0 repeats
@PCOWandre @reynir I don't know anyone who does anymore :blobawkward:Nontechnical people obviously just use whatever the router comes with, which seems to be ISP servers, but even technical people often don't care about DNS beyond changing from ISP to Google/Cloudflare because it sucks less.
(DIR) Post #AFdX7sfo6zNCS2aTpo by PCOWandre@jauntygoat.net
2022-01-20T16:09:10Z
0 likes, 0 repeats
@rune @reynir I think pihole at least changed that up a little bit, but probably not by that much.I can't remember NOT running a local resolver. Even back in dial-up days.
(DIR) Post #AFdXPgG70UnTA33Y3c by rune@mcd.dk
2022-01-20T16:12:22Z
0 likes, 0 repeats
@PCOWandre @reynir huh, did not know pihole had recursive capabilities. When I used it all it did was query an external DNS server.
(DIR) Post #AFdXdZiE8xsSuZpeuu by PCOWandre@jauntygoat.net
2022-01-20T16:14:53Z
0 likes, 0 repeats
@rune @reynir Well, that sucks then. I just assumed that it ran an actual nameserver. Never used it, I just run a couple of bind instances with a big list of domains to kill off.It IS amusing to use DNS fuckery and having local root CA certs imported to set up a web server that logs all the fun-times requests that ad CDNs try to push out.
(DIR) Post #AFdcjxpvrXWbEwInJI by reynir@mcd.dk
2022-01-20T17:12:01Z
0 likes, 0 repeats
@PCOWandre @rune I briefly ran a recursive resolver at home. Now I run a stub resolver that uses DoT to talk to uncensored DNS. I do that for privacy reasons (my ISP can't snoop, and the authoritative servers can't see where I'm coming from either)