DNS based blocking only works for regular DNS requests.
At this point, any app that wanted to bypass that could use DoH/DoT+ECH to completely bypass your DNS and thus the blocking it provides. With these tools, all you’d see is an outgoing TLS connection to a remote IP; all other data is encrypted.
But what’s not encrypted by either is the Server Name Indicator or SNI, ie: the initial request to a webserver stating which host you’re trying to reach at that IP, before establishing the TLS connection, contains the domain you’d requested via DoH/DoT, in plaintext.
It will prevent the ISP from snooping on, or tampering with, the DNS request. However when you go to use the IP you’ve retrieved via DoH/DoT; your first request establishing a TLS connection to that IP will contain an unencrypted SNI which states the domain you are trying to use. This can be snooped on by your ISP.
It seems many more browsers support it than last I’d looked. I’m curious to see how much of the general web has adopted support for it onnthe server side. I’ll have to look into that more, and see what it’ll take to setup for self-hosting.
The Constitutional Sheriffs and Peace Officers Association is urging lawmen to form posses, seize voting machines and investigate baseless claims of voter fraud....
North America, particularly 1990-2010, fridges with a water dispenser and ice maker built in were/are pretty common. 3 of the 5 houses I lived in as a kid had one.
Filtered, colder-than-tap water, and effectively unlimited ice without having to screw around with ice cube trays. Some also provide heated water that’s far cleaner than what comes out of a typical hot water tank, but that feature is rare in my experience.
They have a filter in the water inlet, and should be cleaned inside/out roughly every 6 months (that part is neglected more often than not).
Most of North America, the tap water is perfectly drinkable; but it can still be improved with extra filtration.
These also provide water colder than a tap can.
To be clear, very much a luxury item, not a necessity in any way. They’ve just become quite common over here.
The filters are also particulate filters; they won’t do much if your water is actually considered unhealthy due to bacterial contamination/you’re on a boil water notice.
There’s a few ways to do it; but if they block based on username it can lockout legitimate users too.
This is what fail2ban is for. Too many failed auths from an IP and that whole IP is blacklisted for a day or two. This can still catchout vpn users, but it’s still less disruptive.
US space agency Nasa confirmed that an object that crashed into a home in Florida earlier this month was part of the International Space Station (ISS)....
I love the simplicity of just dropping a heavy object from really high up to absolutely demolish your target. Aim is a bit of a challenge, but ¯(‘-’)/¯ drop more I guess…
Manor Lords - Launch Trailer | Medieval City Builder/RTS (www.youtube.com)
🎵*What do you get, when you never diet?* 🎵 (lemmy.world)
18+ Dark tan in the Sin city (lemmy.ml)
Hi Brain (lemmy.world)
Meta spent $4.3 billion on its VR division in three months, and made *checks figures* $440 million in return (www.pcgamer.com)
If Start menu ads in Windows 11 aren't bad enough, something worse might be on the horizon (www.xda-developers.com)
Biden trolls Trump on injecting bleach anniversary (www.thehill.com)
*Cough Cough...* Chrome... *Chough*... (slrpnk.net)
A simpler time (lemmy.world)
4/20/2024 (lemmy.ca)
To be honest, it is quite complicated now as well with all of the proprietary software (sh.itjust.works)
A sheriff, a felon and a conspiracy theorist walk into a hotel. They’re there for the same conference. (www.nbcnews.com)
The Constitutional Sheriffs and Peace Officers Association is urging lawmen to form posses, seize voting machines and investigate baseless claims of voter fraud....
Skelly Boi Wants You To Remember (i.imgur.com)
Attackers are pummeling networks around the world with millions of login attempts (arstechnica.com)
Nasa says part of International Space Station crashed into Florida home (www.bbc.com)
US space agency Nasa confirmed that an object that crashed into a home in Florida earlier this month was part of the International Space Station (ISS)....