Skip Navigation

InitialsDiceBearhttps://github.com/dicebear/dicebearhttps://creativecommons.org/publicdomain/zero/1.0/„Initials” (https://github.com/dicebear/dicebear) by „DiceBear”, licensed under „CC0 1.0” (https://creativecommons.org/publicdomain/zero/1.0/)C

chaospatterns

@ chaospatterns @lemmy.world

帖子
28
评论
188
加入于
2 yr. ago

  • Latency with pi-hole + wireguard

    跳过

  • There's two main ways of doing geo-based load balancing:

    1. IP Any-casting - In this case, an IP address is "homed" in multiple spots and through the magic of IP routing, it arrives at the nearest location. This is exactly how 1.1.1.1 and 8.8.8.8 work. It works fine for stateless packets like DNS, however it has some risks for stateful traffic like HTTP.
    2. DNS based load balancing. A server receives a request for "google.com", looks at the IP of the DNS server and/or the EDNS Client IP in the DNS query packet and returns an IP that's near. The problem is that when you're doing Wireguard, it goes phone -> pi-hole (source IP is some internal IP) -> the next hop (e.g. 1.1.1.1 or 8.8.8.8), which sees the packet is coming from your home/pi-hole's public IP. Thus it gets confused and thinks you're in a different location than you really are. Neither of these hops really knows your true location of your phone/mobile device.

    Of course, this doesn't matter for companies that only have one data center.

  • Latency with pi-hole + wireguard

    跳过

  • Sorry, what do you mean route it directly? Maybe I didn't clarify well enough.

    My DNS is routed over the VPN but Internet traffic is routed directly. The problem is the load balancing is done based on where the DNS server is so say Google even though the traffic egresses directly to the internet bypassing the VPN it still goes to a Google DC near my home. Not all websites do this so its not always an issue.

  • Latency with pi-hole + wireguard

    跳过

  • Yes, but if you hit a company doing DNS based load balancing, DNS is going to return an IP that's near to your DNS server which may not be near your device. That's going to add to the latency.

  • Latency with pi-hole + wireguard

    跳过

  • I have Wireguard and I forward DNS and my internal traffic from my phone over the VPN to my pi-hole at home. All other traffic goes directly over the Internet, not the VPN. So that means only DNS encounters higher latency.

    However, because a lot of companies do DNS based geo load balancing that means even if I'm on the east coast all my traffic gets sent to the West Coast because my DNS server is located there. That right there has the biggest impact on latency.

    It's tolerable on the same continent, but once I start getting into other continents then it gets a bit slow.

  • 已删除

    CrowdStrike shareholders sue over global outage, say company concealed info - National | Globalnews.ca

    跳过

  • Homeland Security Testing Signal-Jamming Robot Dogs

    跳过

  • Or just used wired connections. This is targeting wifi cameras and doorbells.

  • Air New Zealand becomes first major carrier to drop climate goal

    跳过

  • Right, it's a lot better to give somebody a better alternative first if you want the public on board. Build up public transit, build up regional and high speed rail and leave planes for long distances that are unfortunately suited for trains and cars (e.g. international, cross-continental, etc.)

  • We finally know what caused the global tech outage - and how much it cost

    跳过

  • They could and clearly they should have done that but hindsight is 20/20. Software is complex and there's a lot of places that invalid data could come in.

  • LNXLink - Link your Linux computer into Home Assistant

    跳过

  • If you're using it, Home Assistant natively supports Wake On Lan. This would only be able to handle the shutdown/sleep side of things.

  • Container Addons

    跳过

  • You can sign into multiple accounts into the same website in different tabs. I use this to be able to sign into many different AWS accounts for work where AWS doesn't natively support this.

  • Firefox enables user tracking

    跳过

  • I think this a problem with applications with a privacy focused user basis. It becomes very black and white where any type of information being sent somewhere is bad. I respect that some people have that opinion and more power to them, but being pragmatic about this is important. I personally disabled this flag, and I recognize how this is edging into a risky area, but I also recognize that the Mozilla CTO is somewhat correct and if we have the option between a browser that blocks everything and one that is privacy-preserving (where users can still opt for the former), businesses are more likely to adopt the privacy-preserving standards and that benefits the vast majority of users.

    Privacy is a scale. I'm all onboard with Firefox, I block tons of trackers and ads, I'm even somebody who uses NoScript and suffers the ramifications to due to ideology reasons, but I also enable telemetry in Firefox because I trust that usage metrics will benefit the product.

  • 已删除

    Privacy-Preserving" Attribution: Mozilla Disappoints Us Yet Again

    跳过

  • Why is telemetry useful or why is it needed to use pi-hole to block telemetry?

    Telemetry is useful to know what features your customers use. While it's great in theory to have product managers who dogfood and can act on everyone's behalf, the reality is telemetry ensures your favorite feature keeps being maintained. It helps ensure the bugs you see get triaged and root caused.

    Unfortunately telemetry has grown to mean too many things for different people. Telemetry can refer to feature usage, bug tracking, advertising, behavior tracking.

    Is there evidence that even when you disable telemetry in Firefox it still reports telemetry? That seems like a strong claim for Firefox.

  • What are some things that absolutely should NOT be recycled?

    跳过

  • Things that can be composted are usually food waste or food spoiled papers not treated with chemicals. Paper is hard to recycle because it can only recycled into lower quality paper, frequently gets contaminated, and it's hard to seperate out from everything else.

    Thus if something is compostable I believe it's better to compost than to recycle that same material.

  • Home routing and encryption technologies are making lawful interception harder, Europol warns

    跳过

  • For those who aren't aware. This is talking about when cell phones roam into other networks, they now encrypt the traffic back to the home provider which means law enforcement struggle to tap it (legally or illegally).

    PET is privacy enhancing technologies

  • Google Maps tests new pop-up ads that give you an unnecessary detour

    跳过

  • Totally. I used to contribute to Google maps quite a bit and got higher up in the Local Guides levels, but now I find myself contributing a lot to OSM. I feel a lot better about contributing to an open platform vs letting a company close up my changes.

    I just haven't made the switch to use it as a mobile client yet

  • HA Voice Chapter 7 - Supercharged wake words and timers

    跳过

  • I've been eagerly looking forward to the time when I can replay my Echo Dots with a self-hosted solution, but so far I haven't found hardware that I really liked the look and style of.

  • A supermarket trip may soon look different, thanks to electronic shelf labels

    跳过

  • That would be illegal. I worked on the software deployment of these devices in a store. If we increased the price, we'd automatically give the customer the lowest price in the last several hours.

    The other problem was they were extremely low powered and low bandwidth and it would have killed the battery to update more than a few times a day.

  • Quck enable/disable WebGL on FF

    跳过

  • NoScript enables you to enable or disable WebGL per site. If you don't want to deal with the hassle of websites being broken, you can set the default to enable JS but disable WebGL then set applications to be trusted with WebGL.

  • Do I Need to Harden SSH over Tor?

    跳过

  • Accidentally typo your password and get blocked. And if you're tunneling over tor, you've blocked 127.0.0.1 which means now nobody can login.