Category: trivial musing

encrypting DNS with dnsmasq and stubby

In my last post I explained that in order to better protect my privacy I wanted to move all my DNS requests from the existing system of clear text requests to one of encrypted requests. My existing system forwarded DNS requests from my internal dnsmasq caching servers to one of my (four) unbound resolvers and …

Continue reading

Permanent link to this article: https://baldric.net/2020/05/25/encrypting-dns-with-dnsmasq-and-stubby/

encrypting DNS

Any casual reader of trivia will be aware that I care about my privacy and that I go to some lengths to maintain that privacy in the face of concerted attempts by ISPs, corporations, government agencies and others to subvert it. In particular I use personally managed OpenVPN servers at various locations to tunnel my …

Continue reading

Permanent link to this article: https://baldric.net/2020/05/06/encrypting-dns/

zooming in on china

Since my previous post below, I have been reading up on Zoom as a company, its staffing and its worrying security (or rather lack of) track record. When I wrote the initial post I said that “Zoom is a US company funded almost entirely by venture capital. Its servers are US based.”. It appears that …

Continue reading

Permanent link to this article: https://baldric.net/2020/04/10/zooming-in-on-china/

zooming in on cabinet

On Tuesday of this week, Boris Johnson tweeted a picture of what he called the UK’s “first ever digital Cabinet”. That picture (copy below) shows that the Cabinet meeting was held using Zoom – the sort of video conferencing software which is currently popular with business users forced to work at home during the Covid19 …

Continue reading

Permanent link to this article: https://baldric.net/2020/04/03/zooming-in-on-cabinet/

beware the zombie apocalypse

Tom Scott is a young educational entertainer who publishes fairly regularly on youtube. Back in mid 2004, whilst still a linguistics student at York, he managed to upset both the Home Office and the Cabinet Office by publishing a Department of Vague Paranoia website spoofing the rather po faced official “Preparing for Emergencies” site. Tom’s …

Continue reading

Permanent link to this article: https://baldric.net/2020/03/11/beware-the-zombie-apocalypse/

have I been pwned?

Well, I don’t think so. But for a while I was not entirely sure. Following the move last November of trivia from a VM on UK2’s datacentre in London to our new home on a faster VM on ITLDC’s network I have been making a variety of minor changes and doing some essential housework. One …

Continue reading

Permanent link to this article: https://baldric.net/2020/02/27/have-i-been-pwned/

TLS certificate checks

immuniweb result

My move of trivia to a new VM last December prompted me to look again at my server configuration. In particular I wanted to ensure that I was properly redirecting all HTTP requests to HTTPS and that the ciphers and protocols I support are as up to date and strong as possible. Mozilla offers a …

Continue reading

Permanent link to this article: https://baldric.net/2020/01/22/tls-certificate-checks/

do not ask me for guest posts or links

For the past four years or so I have been receiving increasingly frequent requests for either guest posts, or links to external sites (or sometimes both). The requests have increased in number ever since I started posting about my use of OpenVPN. Many of these requests want me to point to their commercial VPN site. …

Continue reading

Permanent link to this article: https://baldric.net/2020/01/14/do-not-ask-me-for-guest-posts-or-links/

retiring the slugs

I first started using Linksys NSLU2s (aka “slugs”) in early 2008. Back then I considered them quite useful and I even ran webservers and local apt-caches on them. But realistically they are (and even then, were) a tad underpowered. Worse, since Debian on the XScale-IXP42x hasn’t been updated for several years, the slugs are probably …

Continue reading

Permanent link to this article: https://baldric.net/2020/01/14/retiring-the-slugs/

welcome to prague

As of today we are now fully functional in our new home in a datacentre in Prague. We also have a new letsencypt certificate. If you see any problems, let me know at the usual email address. Enjoy

Permanent link to this article: https://baldric.net/2019/12/05/welcome-to-prague/

a bargain VPS

I have been using services from ITLDC for about three years now. I initially picked one of their cheap VMs based in the Netherlands whilst I was expanding my VPN usage, and frankly, I was not expecting much in the way of customer service or assistance for the very low price I paid. After all …

Continue reading

Permanent link to this article: https://baldric.net/2019/11/28/a-bargain-vps/

fsckd

God help us all.

Permanent link to this article: https://baldric.net/2019/07/23/fsckd/

more password stupidity

password generator

A recent exchange of email with an old friend gave me cause to revisit on-line password/passphrase generators. I cannot for the life of me imagine why anyone would actually use such a thing, but there are a surprisingly large number out there. On the upside, most of these now seem to use TLS encrypted connections …

Continue reading

Permanent link to this article: https://baldric.net/2019/07/15/more-password-stupidity/

add my name to the list

At the tail end of last year, Crispin Robinson and Ian Levy of GCHQ published a co-authored essay on “suggested” ways around the “going dark problem” that strong encryption in messaging poses Agencies such as GCHQ and its (foreign) National equivalents. In that essay, the authors were at pains to state that they were not …

Continue reading

Permanent link to this article: https://baldric.net/2019/07/10/add-my-name-to-the-list/

openvpn clients on pfsense

In my 2017 article on using OpenVPN on a SOHO router I said: “In testing, I’ve found that using a standard OpenVPN setup (using UDP as the transport) has only a negligible impact on my network usage – certainly much less than using Tor.” That was true back then but is unfortunately not so true …

Continue reading

Permanent link to this article: https://baldric.net/2019/07/07/openvpn-clients-on-pfsense/

one unbound and you are free

I have written about my use of OpenVPN in several posts in the past, most latterly in May 2017 in my note about the Investigatory Powers (IP) Bill. In that post I noted that all the major ISPs would be expected to log all their customers’ internet connectivity and to retain such logs for so …

Continue reading

Permanent link to this article: https://baldric.net/2019/06/26/one-unbound-and-you-are-free/