Spent today implementing DNS leak prevention for OpenVPN connections on .

Pleased that I was able to import standard .ovpn files into NetworkManager Wireless Settings by just dropping a tiny script into /etc/network/If-up.d/

In researching this, I was amazed how much misinformation and dirty hacks are circulating on the Internet to address this problem.

By gaining an understanding of the problem the solution was determined to be amazingly simple.

TL;DR: Set Domain on the VPN to ~.

I get a lot of email from "hackers" who have apparently hacked my computer and recorded me doing various things. Ignoring the fact that, uh, no you didn't, I'm not at all intimidated by the fact you have "Mike.mp4". How incriminating could this video possibly be? Really?

So now Mozilla will be enabling Hyperlink Auditing in Firefox soon. What is it with browser vendors wanting to erode the privacy of their users? Is there financial gain in it for them?

I've recently switched to Brave on my Android phone. It looks like it could be an option for my laptop and desktop PCs too.

Part two of hardening my computing infrastructure. I want to use this gadget to hold my OpenPGP secret keys used for signing/encrypting e-mail and SSH access to remote systems.

I'm seeing the presence of secret keys on a laptop as a potential vulnerability in the case of hardware theft.

Yes, I could encrypt /home but that doesn't seem to have the same sense of security as being able to physically lock away those secret keys.

Great to see C++ making a comeback. As a hardware engineer I've always been drawn to compiled languages producing native executables.

I have nothing against interpreted and JIT compiled code. It's purely a personal preference, probably a result of starting out with programming in Assembly language and Fortran IV.

A recently-authored UK Government white paper on managing extremist, and other offensive, content on social media includes the recommendation that blocking of social media content should be permitted. If this is worded generally enough we have online censorship on the way. This makes you question whether all the recent attention directed towards social media accountability was just a prelude to this.

Are we, in the UK, now a state-controlled populous and no longer a democracy?

My personal opinion is that is the case.

For those interested, and to whom it's relevant, Nigel Farage's Brexit Party is open for supporters.

Given the amount of effort he's put in over the last 25 years, to assure we've received decent treatment from the EU, he represents a good choice to take us forward.

Going to attempt building my website. I've chosen to use Processwire for the CMF and the Bulma CSS framework for styling.

Processwire uses a PHP API to implement templating functionality and Bulma is a pure CSS solution (also provided as SASS sources).

Will I still need a Javascript library to complement these two technologies? I'm thinking that there's a lot of inherent power embodied in both and in the event that Javascript is required it would require a simple library.

Opinions welcomed.

Here's a question for you?

Will Article 11 mean that platforms like Mastodon prevent the posting of hyperlinks to avoid the consequences of the link tax?

I actually think this could lead to an increase in Podcasts and VLOGs where the creator holds original copyright.

Then we will see what other lengths the EU is prepared to go to to silence free speech.

I feel that having put the for-Brexit British public on the floor with a blow akin to a severe kick in the genitals, our politicians are now following-through with a kicking to the head.

The distain shown, for the outcome of the 2016 Brexit referendum, by them is unprecedented and it honestly makes me sick to the stomach to call myself a British citizen right now. What they are doing goes against everything that our nation stood for.

My, now standard, response to unsolicited money-chaser calls to my phone is "Thank you for calling, I'll just add your number to my blocklist!".

I'm much harsher with e-mail but there's very little useful technology to deal with Spam directed to mobiles.

Anyone tinkering with STM32 bare-metal development?

I've just started on my journey and I'm setting-up the GCC/OpenOCD toolchain but haven't decided on any particular technology to make life easier but libopencm3 looks interesting.

At the moment I'm planning on using a STMF103 development board with JTAG header and I have an ARM-USB-OCD-H adaptor for debugging and programming.

Just looking for like-minded people to share ideas and experiences with.

Anyone else noticed that your most recent toot is hidden in the Home timeline of . You need to swipe down in order to see it.

Edit: This seems to happen with more than one toot if nobody else has tooted in between.

Follow-up: So despite the use of technical measures to assure delivery of e-mail, it appears that Yahoo put more emphasis on a user tagging e-mail as "Not Spam" to permit future deliveries.

I had been banging my head against a brick wall in not finding anything wrong with my implementation because there wasn't anything wrong with it.

How many non-savvy users don't tag legitimate mail caught as Spam with the "Not Spam" button leading to much legitimate e-mail being rejected forever?

I am so darned annoyed today. I've spent considerable effort implementing DKIM/SPF/DMARC and my e-mails to Yahoo-hosted mail systems still get rejected.

So today I fire-up my, little-used, Yahoo.com e-mail account and send an e-mail to it from my own domain. It does straight to the Spam folder.

I look at the raw mail and see DKIM/SPF/DMARC checks all pass so I tag the e-mail as "Not Spam".

I send another e-mail and it goes straight to the Inbox and now I can deliver to Yahoo-hosted services.

Had a little free time today so I thought I'd take a look at .

I've looked casually in the past but always found myself stuck in the middle of a dense forest.

I thought I'd guess a seed number and chose "42" with Mapgen v7 and I wasn't disappointed.

You get wide-open plains, hills, gorges and caves, beaches, a river, green areas with flowers and forest areas too.

As complete guess it's quite a good environment to start your Minetest journey in.

The positive of adding DMARC to my existing DKIM and SPF checks on received e-mail?

Previously, received e-mail could be rejected or quarantined on the basis of individually failing DKIM or SPF checks.

Now the DKIM and SPF checks are advisory and DMARC adds more with alignment checks i.e. the HELO/EHLO domain is checked for agreement with the permitted sender in SPF checks.

The end result is a more balanced view of the e-mail origin and there's much less chance of rejecting legitimate e-mail.

It's interesting to observe that there are many businesses that manage DMARC operation for others. My reports sent to those organisations often contain DKIM and SPF alignment errors. You have to ask the question - Are they doing a good job for their customers?

My contribution to Screenshot Sunday. Toshiba Satellite laptop.

Show more

Fosstodon is a Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.