Just had a thought. It was wildcard subdomain I couldn't do with namecheap. Things like *.domain.tld
blackstrat
joined 1 year ago
It hasn't even begun! Post IPO there'll be a big push for profitability which will be when it begins.
Maybe its different now, but it didn't used to be possible to do that.
Namecheap because they've lived up to their name. The DNS for my domains is all on Cloudflare though as I can automate my letsencrypt renewal that way that I couldn't on plain old namecheap.
Upgraded my 2 EndeavourOS machines last week. Rebooted and all was fine.
Yay, there's another Tilix user out there! Been a fan for a while and the tiling is great!
It wouldn't matter to them really. Just look at how many people have gmail accounts.
They don't even have to send the whole messages back to base. They could be categorizing your messages in to themes and sending that back to base as small category flags. Use that to build a profile on you and use those for advertising to you.
You mention something on the theme of 'broken boiler' in a message, that gets analyzed on the client in to a category of 'interest in heating / boiler repair', plus some adjacent categories based on your demographic. The categorization gets sent back and the next website you visit has an ad for British Gas boiler repair.
Well you type messages in in plain text and they decrypt it to show you the messages at the other end. So they can do the nefarious processing on the client side and send back results to the mother ship. E2EE is only good when you trust the two ends, but with WhatsApp and Messenger you shouldn't trust the ends.
Exactly that. And it looks just like any other web traffic.
Quite a few things will use their own DNS servers, not the one specified by the system or handed out over DHCP. I know many apps on the fire stick and Roku devices do this. So you have to intercept their traffic and redirect it to control it. If their using DoH then you can't do that and your pihole is useless against them.
Best you can do is maintain a list of well known DoH servers and block them outright. But that's a constantly moving losing battle.
Blame their DoH for killing FF deployment in the enterprise. Companies don't like not being in charge of their DNS traffic. DoT is better from corporate POV as that can all be blocked or redirected based on the port, not so much DoH which uses the same port as normal web traffic.
I've been very happy with Opnsense running as a VM on both ESXi, and now Proxmox. Lots of configuration options and able to setup some complicated firewall rules easily.