undefined

IPv6. Stop engineering IoT junk on single-stack IPv4, you dipshits.

Amen

How do you know?

At a high level it involves a terrible custom parser written in Ruby for several formats of DNS blocklists. It finds the proper domain then outputs a large configuration file for Unbound.

I’ve attempted to Dockerize it but honestly, I think it would be better to use a superior parser written in another language that can be statically compiled.

I was using Fly.io to host it in various regions using an Anycast IP, but since I’ve moved onto using VPN for everything I’ve moved it to a few hosts acting as Tailscale exit nodes. Those exit nodes provide the blocking DNS service along with rewriting incoming Tailscale client traffic to route out of another network interface assigned to a VPN provider.

Had I unlimited free time I’d rewrite the parser in Crystal, but part of me thinks there’s got to be something already written by someone in Go.

It’s a common solution but I do something more involved and manual, but it’s the same concept.

Related: I’m a big fan of Beeper, and they were recently acquired by Wordpress too.

The term state at the international level usually refers to a nation-state. Nations generally have different terms like state, territory, province, etc for their internal divisions, hence state can refer to both meanings.

I go hard with DNS-based ad blocking and I’m constantly confirming it works by checking the network tab in developer tools. I’m basically only seeing first party scripts and CDN assets — 99% of websites load all the tracking garbage from third-party domains that can be easily blocked.

Maybe this means no time? I don’t really know anything

https://web.archive.org/web/20240827152513/https://www.washingtonpost.com/technology/2024/08/27/chinese-government-hackers-penetrate-us-internet-providers-spy/

Oh I know. I was just exploring why someone might call it “insane.” I installed it long ago but quickly uninstalled it when I realized how insecure it is.

I use it and it’s pretty great, though it sometimes does feel like a hack (I mean, that’s essentially what it is).

For a better experience pick a search engine in Safari that you’ve blocked with DNS so that you’ll never see a glimpse of it before xSearch redirects you (as you would on a slower network).

I totally sympathize with that. As a privacy-conscious person I block the majority of social media domains since they’re used for tracking.

It’s now annoying seeing news articles that embed tweets that I can no longer see, but I shrug it off as part of the cost of privacy. It would be convenient to see the content without necessarily being tracked.