• 0 Posts
  • 10 Comments
Joined 2 years ago
cake
Cake day: August 5th, 2023

help-circle
  • Naomi Brockwell https://www.nbtv.media/episodes does a good job of blending accessible presentation of privacy issues with technically viable solutions. Recently she’s been more on an advocacy tack, but there are some gems in the back catalogue that explain not just why you should care but the sorts of products/software you can use to address your concerns. She provides suggestions, but you should take those as just an idea and develop your own answers!

    So, in between watching those videos find out all you can about how Debian (for servers) and OpenWRT (for routers) work from their websites, and use $preferred_search_engine to learn about why Proxmox, Unbound, Postfix, Dovecot, XMMS, WireGuard, Nextcloud can help improve your privacy.

    Get that used Optiplex, install a Linux on it and begin experimenting! Don’t worry about the perfect hardware config yet. You can source other parts if you feel you really need them later. Although more RAM is always good, but you knew that already.

    Along the way you will want to learn enough to decide whether you prefer VMs or Containers, or a blend; which filesystem(s) you prefer; which distributions you are going to deploy; which backup system you are going to implement; whether Apache or Nginx; and whether you like systemd or want to simply blast off and nuke it from orbit. You may also want to take a look at Ansible now. And Git. Git has saved my server config bacon more times than I care to remember.

    Not sure quite where to recommend you look for bang up to date introduction to Linux networking stuff these days. The Linux Networking Howto was hopelessly out of date ten years ago. The distribution howtos are pretty good on at least the basics. Wikipedia might be useful on more advanced topics. And then searching for specific problems or needs normally turns up some learned responses on stackexchange or equivalent.

    And as one 90s kid to another, if you haven’t read Permanent Record by Edward Snowden yet, consider getting a copy. He grew up at the same time and does a great job of explaining why this journey matters.




  • yak@lmy.brx.iotoPrivacy@lemmy.mlSome DNS questions
    link
    fedilink
    English
    arrow-up
    1
    ·
    7 months ago

    I’ve used this list generating package for years now with great results: https://github.com/opencoff/unbound-adblock/tree/master

    It is designed to generate blocking lists that can be used with unbound, the DNS resolver. There are even instructions for how to configure unbound so if you are new to it all you can follow along.

    I use the resulting lists in my two local DNS name servers, running unbound.

    The way it works is that if a query for a blocked address comes in to one of thenlocal DNS servers it returns a domain not found result. If the address is not on the block list then it forwards the query on to an internet DNS resolver securely using DoT.

    You can gain further control over your DNS results by choosing those upstream resolvers carefully. Quad9 and Cloudflare etc all offer DoT resolving, along with some further filtering (eg. for malware), or completely unfiltered DNS if that’s what you want.

    Services like cleanbrowsing.org offer more fine grained filtering, useful if you want a family-friendly set of DNS results, based off categorify.org. You can pay for really fine tuned results, or there is a free layer which provides still very useful basic categories.

    Combining the two forms of filtering, local advert and tracking blocking, along with open internet content categorisation, seems to be very effective.

    I get complaints about too many adverts when my kids are on WiFi away from home. I take it as a compliment.


  • If you weren’t at a university it was generally a challenge to get hold of disks. Downloading at home took forever on a 28.8 or even 56k modem (ie. 56 kilobits per second).

    Slackware and Redhat disk sets were the thing, in my experience. But generally that only gave you the compiled code, not the source (although there was an another set of disks with the source packages).

    If you wanted to recompile stuff you had to download the right set of packages, and be prepared to handle version conflicts on your own (with mailing list and usenet support).

    Recompiling the kernel with specific patches for graphics cards, sound cards, modems and other devices (I remember scanners in particular), or specific combinations of hardware was relatively common. “Use the source, Luke!” was a common admonition. Often times specific FAQ pages or howtos would be made available for software packages, including games.

    XFree86 was very powerful on hardware it supported, but was very finnicky. See the other posts about the level of detail that had to be supplied to get combinations of graphics cards and monitors working without the appearance of magic smoke.

    Running Linux was mostly a enthusiast/hobbyist/geek thing, for those who wanted to see what was possible, and those who wanted to tinker with something approaching Unix, and those who wanted to stretch the limits of what their hardware could do.

    Many of those enthusiasts and hobbyists and geeks discovered that Linux could do far more than anyone previously had been prepared to admit or realise. They, and others like them, took it with them into progressively more significant, and valuable projects, and it began to take over the world.





  • Not tried the app version. Been using Fairemail for a while now, since k9 was unmaintained.

    Fairemail is well maintained. Quick. Supports multiple accounts very well. Loads of features (could be a downside for those who like things simple). Designed with security and privacy as top priorities right from the start. Open source development. For a long time its been the best email client on Android IMHO.


  • I cut my teeth on an early version of The Linux Networking Howto, still available at tldp.org. That’s a little bit out of date now :-) but the basic IPv4 networking concepts are still good.

    These days so much is implementation or distribution dependent. There has been so much very rapid development in this field during the internet era that the age of documentation matters significantly.

    A mitigating, but also confusing, factor is that different generations of networking tools have backwards compatibility built in so that it has been possible to build firewalls on kernels running nftables using iptables utilities in userspace.

    I think you could do worse than starting with the Debian wikis and then drilling down into other documentation for the specific distributions or applications you want to use.

    I seem to remember that openwrt.org and shorewall.org (though that product is EOL) also have some good overarching network stuff. I think Hurricane Electric he.com may still do their free basic IPv6 certificate programme?

    Wikipedia is also your friend in this, especially the references.

    I’ve enjoyed onemarcfifty.com’s videos too, but that format isn’t what you are looking for, and the transcripts I have seen are not formatted.