Part 2 of Firefox and DoH.
The trr.bootstrap adress is empty, which means firefox will use your system DNS to initially resolve the URL of the DoH server.
A bad system could use this to make you use their DoH. They could then spy on you, and divert you to fake sites.
So to be safe, set the bootstrap adress.

I just had a look at the Firefox for Windows 69.0.3 and how it configures DoH via the dropdown Menu. You can either pick Cloudfare or enter your URL. Then I looked into about:config.
The trr.mode is set to 2, so it will fall back to using the system DNS if a DoH query fails. So you won't notice if it fails. I set the mode to 3, so DoH either works or I get an error. I do this for safety reasons.

I had to dump Fedilab Lite off of my phone. I set notifications to 30 sec delay, which should save battery, but my battery was drained empty overnight. Then I turned off notifications, but it still was the largest battery consumer with 27%. Tusky only takes a few %, with notifications fully on.
I use Lineageos without gapps, and had the same thing with a messenger a while ago.
I will try it again if some updates come along, but now it is unusable for me.

What I like about Fedilab Lite is that you can rearrange the timeline order. And that you can see filtered views of the notify timeline.

What I also like is that there is no built in censorship (blocking) like in Tusky. I don't use Tusky for that reason. I use Tusky free, even though this fork is older.

What I just notice is that even though I set text size to 140%, composing is still small. I set the text size bigger for a reason! Forcing users to put on glasses to compose is bad.

I just found Fedilab Lite on Fdroid, and I am testing it. I normally use Tusky free.

What is really bad is that I cannot switch the app to english. If I need help, or want to help others with Fedilab, I must know the english naming of menu items. Switching my whole system to english and back creates a mess.

What is bad is that I can't block loading media. If I have a slow connection, I only want text.

Tusky can do both. BTW I set text to 140% and Icons to 100% to make it look morwlike Tusky.

Some one said that Snowden said that anyone who wants to be safe should remove the hard disk. I can't find anything on that. Does anybody have a link or quote?

I can understand that admins don't like DoH, as they simply loose control over who is browsing where.
An admin could set up a trap for the IPs of known DoH servers, redirect them to a small local DoH frontend that handles these requests.
But then, a User can run such a frontend at his home and use Dyndns to reach it.
Such a frontend is a small webserver that handles requests, fetches the result from a trusted server, and wraps up the result in https. A router or Raspberry can can handle this.

Most who criticize DNS over HTTPS don't understand what it is good for.
DoH does not replace VPN andTor. If you need that, use that!
DoH is a low profile way to evade your DNS from being tampered, redirected, or censored. Change Firefox settings, and you are quite safe browsing in public networks. With a VPN, you are signalling that you have something to hide. Using DoH is much less visible.
If you use DoH with Cloudfare, you probably don't need it. I use Securedns and Digitale Gesellschaft.

I have been using DNS over HTTPS for over a year and I want to tell you why.
When I am in public networks like in a coffee shop I can use Firefox without being monitored or diverted to fake/phishing sites by that network. The only privacy leak would be SNI.
I don't need to change my system DNS and I don't need a VPN. This is especially important in Android where you can't use the Netguard if you use a VPN.
With Firefox, you can of course set the DoH server you want to use, I use securedns.eu .

Is there a mastodon instance focusing on computer/internet security? I don't intend to leave this nice place. English or German would be fine.
I know social.tchncs, but that is more political hate than friendly discussion.

Cloudfare wants to get a big user base by offering their free VPN WARP. I will not use it. But what is interesting is that they are using Wirguard as their protokoll. They decided not to use the older protocols after tests. Till now, many folks considered it as still experimental. Now it will be in use large scale. I have already used it for about a year, and it worked. Wireguard uses less CPU/battery than the older protocols.

blog.cloudflare.com/warp-techn

If you want to scare your neighbors, or can't find a parking space all too often, why not buy the Megabots Mech? (15-Ton 2-Story Tall Gasoline Powered Car-Smashing Piloted Giant Battle Robot)

ebay.com/itm/133181448480

Just now I see articles popping up everywhare about Simjacker.
@ndegruchy was the first to adress the simjacker exploit here. I found blog post which those interested might want to read.
adaptivemobile.com/blog/simjac

I use (Free) Tusky. Lately it was changed so that when you refresh the messages tab the local timeline tab is also refreshed in the backround. I used to be able refresh one without the other being touched.
Now I found out that when I refresh the local timeline first, it stays put to where I last read, then I switch to messages.
So if I refresh the messages first, local timeline points to the newest post. Other way, it points to the last read, and I don't loose my "bookmark".

I've been reading lots of strange criticism about DoH lately.

1. There is more than one DoH server. Nobody must use Cloudfare when using DoH. You can choose the one you want.

2. You can switch off DoH.

3. DoH does not replace a VPN.

4. DoH does not replace TOR.

5. Your server will continue to function even if someone uses DoH.

I have been using DNS over HTTPS for about a year and I want to tell you why.
When I am in public networks like in a coffee shop I can use Firefox without being monitored or diverted to fake/phishing sites by that network. The only privacy leak would be SNI.
I don't need to change my system DNS and I don't need a VPN. This is especially important in Android where you can't use the Netguard if you use a VPN.
With Firefox, you can of course set the DoH server you want to use, I use securedns.eu .

The os/distros I sometimes use:
:os/2:
:mvs: (IBM)
:caldera: (SCO linux)
:solaris:
:cpm:
:dr-dos:
:Xenix: (Microsoft)
:Win-CE:
:DCP:
Looks like no icons for old men :(

In case you wonder what the hell DCP (Disk Control Program) is:
en.wikipedia.org/wiki/MS-DOS#DCP

If you ever wondered what happened to Reagans SDI (zapping soviet missiles with lasers), look at this:
photonicsentry.com/

Show more
Fosstodon

Fosstodon is a Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.