I've seen it in the other direction (DNS->pi-hole,pi-hole->DoH)
but i am sure there's someone who has made or is working on a pi-hole mod to respond to DoH
Posts by EnviableOne
2001 publicly visible posts • joined 28 Jan 2016
Page:
Mozilla Firefox to begin slow rollout of DNS-over-HTTPS by default at the end of the month
Wednesday 11th September 2019 09:08 GMT
Encryption and Authentication and trust
ok so theres a lot of people confusing the protocols:
encryption - making ure only the other end sees your request - DoT (DNS Over TLS - port 853) and DoH(DNS over HTTP over TLS)
authentication - making sure the other end is who they say they are - DNSSEC
Personally i prefer DoT to DoH as it does just what you want it to encrypt the content of the DNS request, and still allows the service to be managed independantly.
I trust CLoudflare a lot more than i trust any ISP, as they have most of the data anyway as a cdn and they have a good policy on privacy etc. plus they have chops funding privacy protection research like K-Annonymity
For real this time, get your butt off Python 2: No updates, no nothing after 1 January 2020
Not so easy to make a quick getaway when it takes 3 hours to juice up your motor, eh Brits?
Wednesday 11th September 2019 10:24 GMT
Thermal solar works great at my place in the north of scotland. Heats my hot water to 42 degrees + all last week and thats cloud covered and rain.
pumped storage is ineffecient Ffestiniog Power Station has an average efficiency of 72–73% .
battery storage is great 90%+ efficiency (but making the batteries is not) and dont need to take up much space, the biggest one (Hornsdale South Australia) only takes up about a hectare and can supply upto 129MWh at 100MW but usually only needs to surve up at about 30MW.
Trump attacks and appeals 'fundamentally misconceived' Twitter block decision
Electric cars can't cut UK carbon emissions while only the wealthy can afford to own one
Tuesday 27th August 2019 14:11 GMT
Lithium Ion Is not the answer
the sunk cost of CO2 used in manufacture of Li ion batteries exceed the emmisions of a modern diesel ICE over 9 years
The majority of Lithium extraction is not from Australia, but from South America where the Lithium Triangle is believed to contain over 75% of existing known lithium reserves, between chile Bolivia and Argentina and is causing serious polution of rivers and fish stocks. There is also a considerable amount comming from china, where all of Australia's is processed
The secret ingredient of Li ion batteries is the Cobalt in the Cathode, is only available in central affrica, mainly the not so Democratic Republic of Congo, which has many human rights issues involved in its mining, along with shipping costs.
Your average ICE will easily last 10 yrs, a diesel probably twice that, a Li Battery 8 if your lucky, and then its basically shot, and the majority of the raw materials have been consumed.
Can't bear to part with that well-worn copy of Windows 7? Microsoft might let you keep it updated an extra year
Tuesday 27th August 2019 13:38 GMT
Re: THey don't get it, do they?
a) depends on whether you can get an Enterprise agreement
b) yopu can disable/defer updates and do them as and when, even w7 updates are rollups now....
c)rules always change, even within an OS tree, atleast MS only change them every 5 yrs or so, CISCO have done a flip flop 3 years in a row once.
d) if you work with the customisation, you can get it all working usefully and looking close to win7 (oh and its deployable and lock downable that way too)
e) see c
f) most of it is killable with group policy, you can turn cortana off (mostly) and sinkhole the telemetry (if the higher ups dont buy in to the shuiny dashboards)
g) Store can be disabled by group policy
h) MS login is not required, but its not an easy job to work without one.
I) adapt or die, the entire world is using it, so be interoperable or be irrelevant
j) search is indexing, power is configurable, and telemetry is restrictable, also its probably sharing updates, which you can turn off.
/advocatusdiaboli
Yes, TfL asked people to write down their Oyster passwords – but don't worry, they didn't inhale
End of an era for ULA as the last Delta IV Medium rocket leaves launch pad
Electric vehicles won't help UK meet emissions targets: Time to get out and walk, warn MPs
Friday 23rd August 2019 12:04 GMT
"Any move to electric vehicles must have an associated environmental impact assessment"
this 10000x this.
the sunk emmisions in producing a Lithium Ion Battery. despite the vehichle not outputting any CO2 it still takes nine years for a modern Diesel to produce more, and good luck finding an EV with a battery that will last that long most are only warenteed for a maximum of 8 years. So effectivley an EV with a Li-ion battery produces more CO2 than a diesel
on top of this there are the envionmental and socio-economic impacts of extracting the rare key ingredients for batteries, the Lithium, the Cobalt and the Nickel. Cobalt is found in huge quantities right across the Democratic Republic of Congo and central Africa, and hardly anywhere else
Lithium extraction, polutes watter supplies and uses large ammounts of water, usuually in areas that actually need the water.
Climate change is a problem Lithium ion Batteries are not the solution
Friday 23rd August 2019 11:48 GMT
emmisions per passenger mile for high speed rail are 1/3rd of air travel, and journeys are generally quicker for short haul-distance (if you compare the time getting to an airport and check-in/security vs the town centre train station and limited faf) and along with this trains tend to have very high load factors too.
if HMG wasnt so inneficient, they could have a national HSR network up and running by now, which could replace all internal flights.
Apple is a filthy AWS, Azure, Google reseller, gripe punters: iPhone giant accused of hiding iCloud's real backend
Pentagon says ethics complaint against JEDI mega-cloud is a non-issue. Its Time Lords say: That is not logical
Off somewhere nice on holibobs? Not if you're flying British Airways: IT 'systems issue' smacks UK airports once again
Talk about unintended consequences: GDPR is an identity thief's dream ticket to Europeans' data
Monday 12th August 2019 09:58 GMT
Re: The issue isn't that he got his fiancee's info
As a Non-EU citizen, you are not automaticaly protected by GDPR
If a company choses to treat your information in line with GDPR then that is their choice.
However said company is not required to respond to any provisions of the act for anyone who is not an EU-Citizen or operating with the EU.
if the company is properly verifying the person making a SAR then there is no issue, and if they are not its a breach of GDPR.
But to be fair most US companies data security is so lax, that this info is pretty much publically available, and even if it is exposed they get a slap on the wrist from the SEC ot FTC and have to sign-up to some extra audits for the next few years, and you have no redress.
How to avoid getting burned at Black Hat, destroyed at DEF CON or blindsided by Bsides
Googlers hate it! This one weird trick lets websites dodge Chrome 76's defenses, detect you're in Incognito mode
Tuesday 6th August 2019 13:12 GMT
Re: Don't use paywalled sites.
IMHO the pay walls are generally on the more trustworthy sources of news, as people are more prepared to pay for properly researched and thought out content, and the people that generate it, are morelikley to wna to be recompensed for their work.
Wheras the trash rags and extremists on both sides want people to read their message, and expand their brand, without forcing people to pay for them. (they usually end up begging a lot like the Guardian does)
Jeff Bezos feels a tap on the shoulder. Ahem, Mr Amazon, care to explain how Capital One's AWS S3 buckets got hacked?
Tuesday 6th August 2019 12:48 GMT
Props to Wyden (Again...)
Now i wish some of the idiots in whithall had his grasp of the technology, we might get an end to this whole safe backdoors thing
The Honourable member from Oregon may be a lot of things, but a luddite is not one of them, and he has been behind some of the best legislation sitting on Mitch McConnell's desk and even a few pieces that made it onto the floor
We've, um, changed our password policy, says CafePress amid reports of 23m pwned accounts
Tuesday 6th August 2019 12:38 GMT
PayPal
they are a law unto themselves, there only easily accessable 2FA is SMS based, and they dont see an issue there either, or with the alternative method of Security questions too...
If you search the web you can create an TOTP token that you can use but this requires an element of trust in a third party and doesnt turn off the security questions option either
Now if PayPal offered their own TOTP second factor set-up it would be a start
Amazon Web Services doubled its footprint in the UK and will only get bigger, reckon analysts
Tuesday 6th August 2019 12:14 GMT
Usually this Contractor has been from Crapita or Carrilion or DXC
and Peter Principal has changed the goalposts twenty times since the origonal quote, because he never knew what he was contracting.
At least now it looks like most of the Tech heavy Gov Departments (DWP, HMRC, etc.) have some tech people running their cloud projects
PIN the blame on us, says Monzo in mondo security blunder: Bank card codes stored in log files as plain text
Get ready for a literal waiting list for European IPv4 addresses. And no jumping the line
Monday 5th August 2019 15:48 GMT
Re: Seriously, whats wrong with IPV6 ?
there are enough v6 addresses to assign 7 to every atom of every person on earth.
lusers can handle giving you a max 12 digit dotted decimal address for troubleshooting
try getting them to give you just the 16 Hex of the host part and there'll be all kinds of bother.
plus the amount of overhead the blooming addresses take up in the headers
MACs are globallly unique (well they're sposed to be) and only 48bit and we have only just started to run out of v4s even though it does stupid things like assign a whole /8 for loopback.
so with NAT in place an say the whole v4 space as Private addresses, do we need v6?
Omni(box)shambles? Google takes aim at worldwide web yet again
Thursday 1st August 2019 14:21 GMT 
Not Fscking Uniform any more
URL = Uniform Resource Locator
the whole point is its one form wherever its used, so that systems are interoperable
Somemone should print out RFC 1738 and all those that reference it, neatly tie it in a bundleand drop it on whoever had this mad idea from a great hight
Outsourcing giant Capita handed £145m for UK.gov's Personal Independence Payment extension
Thursday 1st August 2019 13:46 GMT
come under fire for making inaccurate and incomplete assessments
understatement of the century
the appeals tribunals are so backed up it takes 9 months to get a date and 3 months for that to turn up, by which time you have to be assessed again.
the assessment is a joke, and the "standards" to meet are even worse, if you can drag yourself (aided or unaided) 50 meters you dont have a mobility problem?
aided includes being in an electric chair (which is funded by the motability scheme)
Watch as 10 cops with guns and military camo storm suspected Capital One hacker's house…
Wednesday 31st July 2019 12:47 GMT
Missing the Point?
Ok so she didnt work for CapOne, she worked for AWS, i thought Cloud providers didnt get access to your services run on their infrastructure?
Seriously, this is a wake-up call for anyone using IaaS, PaaS
As i have been saying for years, its not cloud, its Other People's Tin, and you have to trust they'll protect it, glad my employer hasn't gone with a cloud first strategy .....
Cloud wars: Big Four providers increase dominance, Alibaba grows fastest – Gartner
Brit infosec firms urge PM Boris to reform the Computer Misuse Act
Cyberlaw wonks squint at NotPetya insurance smackdown: Should 'war exclusion' clauses apply to network hacks?
Monday 29th July 2019 11:13 GMT
Mondelez are claiming for the devices Borked by Nyetia, not anything to do with the data so ICO/other data protection agencies are not involved
The issue is wether Zurich can prove beyond a reasonable doubt (very hard with cyber attribution) that the Act was by a "government or sovereign power; the military, naval, or air force; or agent or authority"
I can see Zurich being sent home with their tales between their legs
Backdoors won't weaken your encryption, wails FBI boss. And he's right. They won't – they'll fscking torpedo it
Friday 26th July 2019 13:50 GMT
Here we Go Again
Universal Declaration of Human Rights, to which the USA is a signatory as are all other members of the UN (General Assembly resolution 217 A)
Article 11.
(1) Everyone charged with a penal offence has the right to be presumed innocent until proved guilty according to law in a public trial at which he has had all the guarantees necessary for his defence.
(2) No one shall be held guilty of any penal offence on account of any act or omission which did not constitute a penal offence, under national or international law, at the time when it was committed. Nor shall a heavier penalty be imposed than the one that was applicable at the time the penal offence was committed.
Article 12.
No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honour and reputation. Everyone has the right to the protection of the law against such interference or attacks.
If at first you don't succeed, Fold? Nope. Samsung redesigns bendy screen for fresh launch in September
FTC fines Facebook $5bn for making users believe they actually had control over their data
Boeing's 737 Max woes trigger BEEELLIONS in losses – and that's just for the latest quarter
Thursday 25th July 2019 12:11 GMT
Re: Will the 737 MAX ever be safe?
Airbus have further efficiencies in cockpit cominality, so if they have any Airbus in the fleet it will be a quick retrain for type certification on the A320neo and a lot of the parts are common, providing you stick with the same engine OEM, ground crews are generally employed by the airport and trianed to handle both.
the issue is the Airbus line has had a massive re design, the 737NG to MAX is just a warm over and is not as good an upgrade.
Boeing were hoping it would stopgap them 10-15 years until they get their Yellowstone 1 new design to replace the 737 (basically a smaller single aisle 787,) but it looks like they might have to bring that forward a bit and skip the NMA (757/767 replacement)
You don't need a PhD to phish a Brit university: Nonprofit claims 100% hit rate is easy peasy
Lancaster Uni data breach hits at least 12,500 wannabe students
Silly money: Before you chuck your chequebook away, triple-check that super-handy digital coin
Tuesday 23rd July 2019 11:05 GMT
Re: I like proper cash
conversley, I know several pubs that dont take cash.
The costs of cash handling and having change available are starting to become excessive and some smaller businesses have started to work on electronic cash only.
G-Pay/Android-Pay, ApplePay and SamsungPay are leading the way with mobile payments, with challenger banks like monzo and Starling comming on in leaps and bounds. In several places Cash just isnt needed, and mostly causes more issues than its worth.
Microsoft has had its own currency for ages, Microsoft Points are purchaseable in any currency and used for purchasing from their online platforms.
How does UK.gov fsck up IT projects? Let us count the ways
God DRAM you! Prices to slide more than 40% in 2019 because chip makers can't forecast
Tuesday 23rd July 2019 10:07 GMT 
DRAM prices are cyclical
always have been, you have the big boys who vary production to try to controll prices,
but there are the oportunist shops that produce what ever is expensive at the time
so once demand increases due to supply shortegaes, increasing prices more fabs come online, then there is a glut of supply so prices fall and the fabs move on to something else so supply falls again and prices rise
Biting the hand that feeds IT
