• Linux

    Which DNS server to use?

    DNS is a crucial part of the Internet. However DNS traffic is usually not encrypted and can leak lots of interesting information and originally DNS also did not provide date integrity, making it vulnerable to DNS spoofing. These days, improvements are being made to fix these problems. Data integrity is proved by DNSSEC and the privacy part is being tackled by the DNS Privacy project, proposing solutions like DNS-over-TLS (all data between resolver and client is encrypted) and QNAME minimisation (not sending the FQDN but only the relevant part to each DNS server when doing recursive resolving). More information about the DNS Privacy project can be found in this Fosdem…

  • Linux

    Secure and private DNS with Knot Resolver

    Knot Resolver is a modern, feature-rich recursive DNS server. It is used by Cloudflare for its 1.1.1.1 public DNS service. In this article I will show how to install and configure Knot Resolver on Debian and how you can set it up to forward requests over TLS (for example to Quad9 or Cloudflare) and use an RPZ file to filter malicious domains.

  • Linux,  Uncategorized

    Living in a surveillance state

    Because of time constraints it has been a long time since I wrote something here. However, this is something I want to share with as many people as possible now: Mikko Hypponen’s talk titled “Living in a surveillance state”, last week at TEDxBrussels . If you think that you don’t have to fear the spying by the NSA, GCHQ and other state services because you have nothing to hide, or you are wondering what we can do against it, then you should definitely watch this. “Open source” is the key answer to the latter question by the way. These are 20 very well spent minutes of your time.

  • Uncategorized

    Replacing Google

    The last few weeks, Google is getting some very negative attention. Google’s privacy policy, its total domination and its lack of collaboration with the Open Source community are raising some questions: Google’s privacy issues started getting attention after an interview on CNBC with Google’s CEO Eric Schmidt. He said that “if you have something that you do not want anyone to know, maybe you should not be doing it in the first place”. The Electronic Frontier Foundation (EFF) explained why this statement is extremely scary. In reaction to Schmidt, Mozilla’s Community Manager Asa Dotzler recommended people to switch to Microsoft’s Bing, which has a better privacy policy according to him.…