dns – Dan Q

Enumerating Domains

I’ve just enumerated my personal domain names. There’s a lot fewer of them than there used to be!¹

Anyway: here’s the list –

danq.me and a variety of aliases (danq.uk, danq.dev, danq.link, danq.blog, scatmania.org); there’s also like a billion subdomains in use of course, like things.danq.me and find.danq.me
freedeedpoll.org.uk, which I really ought to update at some point but which still clearly helps many people
dndle.app, a D&D-inspired Wordle-clone which I still get bug reports and pull requests for so clearly somebody’s using it
geohashing.site, the central hub of Geohashing activity worldwide
egxchange.org, which hosts the most environmentally-friendly cryptocurrency wallet you’ll ever see
abnib.co.uk, a community of friends (also with about a billion subdomains)
q-t-a.uk, my family website, which exists mostly to facilitate addressing for a stack of internal/selfhosted services
rockmonkey.org.uk, which doesn’t do much nowadays
fleeblewidget.co.uk, my partner’s blog, but I look after the domain registration
textplain.blog, my plain-text blog
levellers.blog, the blog of my D&D group
theimprobable.blog, which I look after on behalf of my partner’s brother after using it to GPS-track his adventures

I think that’s all of them, but it’s hard to be sure…

Footnotes

¹ Maybe I’ve finally shaken off my habit of buying a domain name for everything. Or maybe it’s just that I’ve embraced subdomains for more stuff. Probably the latter.

Enable Private DNS with 1.1.1.1 on Android 9 Pie

This is a repost promoting content originally published elsewhere. See more things Dan's reposted.

Recently, Google officially launched Android 9 Pie, which includes a slew of new features around digital well-being, security, and privacy. If you’ve poked around the network settings on your phone while on the beta or after updating, you may have noticed a new Private DNS Mode now supported by Android.

This new feature simplifies the process of configuring a custom secure DNS resolver on Android, meaning parties between your device and the websites you visit won’t be able to snoop on your DNS queries because they’ll be encrypted. The protocol behind this, TLS, is also responsible for the green lock icon you see in your address bar when visiting websites over HTTPS. The same technology is useful for encrypting DNS queries, ensuring they cannot be tampered with and are unintelligible to ISPs, mobile carriers, and any others in the network path between you and your DNS resolver. These new security protocols are called DNS over HTTPS, and DNS over TLS.

…

Stephen Pinkerton (CloudFlare)

Bad: Android Pie makes it harder (than previous versions) to set a custom DNS server on a cellular data connection.

Good: Android Pie supports DNS-over-TLS, so that’s nice.

SiteFinder: Mark Two

[this post was damaged during a server failure on Sunday 11th July 2004, and it has not been possible to recover it]

[further fragments of this post were recovered on 12 October 2018]

If you’ve been reading this blog since September-ish, you’ll remember when I had about a week of ranting about the VeriSign/SiteFinder lark: this was where VeriSign, who (in layman’s terms) are responsible for linking all .com, .net, and .org addresses to their respective servers, in September last year put a ‘catch-all’ clause in. In other words, every possible combination of letters and numbers, followed by a .com, .net, or .org, ‘belonged’ to them. This was a complete abuse of their position of power, and caused a great deal of faults amongst systems throughout the internet. In addition, it could eventually have been used (and evidence suggests that the intention was there) to monopolise the internet’s search engine and advertising services.

Well; they’re at it again, as this article (“SiteFinder vs. Engineers: Our Mistake Is Ignorance”) discusses, so you’re likely to see me ranting at least a little more. If they do decide to do it again, they’ve stated that they will “provide 60 or 90 days warning, in order for the appropriate technological …

Smart Alex

Alex, my incompetent co-worker, came up with the following gem in today’s meeting when talking about a product that would aid employers in securely tracking how long their employees actually spend working:

“It’s not going to have any of that… security… nonsense.”

I shall have to beat him to death later.

P.S. told you that this thing was going to get big, quick. The Register reports “All your Web typos are belong to us”, and I quote: “Already a backlash is building, with Net admins being urged to block Verisign’s catch-all domain. This could get very messy.”