Web lists-archives.com

Re: Self-censorship 101 (was: Problems with https://manpages.debian.org/)




On Thu 28 Jun 2018 at 09:38:21 (+0300), Reco wrote:
> 	Hi.
> 
> On Wed, Jun 27, 2018 at 10:25:34PM -0500, David Wright wrote:
> > > > But do I want to set up a DNS proxy
> > > > on each host, with any wheezy, jessie and stretch differences to sort
> > > > out?
> > > 
> > > Why would you? You set up a single DNS (or HTTP proxy) and point all
> > > your devices there.
> > 
> > I can't guarantee that any particular machine at home is always
> > running as a proxy whenever I browse using an arbitrary machine
> > for browsing. My home isn't a business running a server 24/7,
> > and my consumer-grade router runs only DHCP, not DNS.
> 
> A router seems a natural place to host DNS (to me at least). If it's
> impossible for whatever reason - then things are tough, but are not
> hopeless. Any cheap/free VPS will solve it.
> 
> 
> > > Setting up a local DNS resolver is justifiable for a laptop, of course,
> > > provided you carry one with you into different networks.
> > 
> > I'm not sure what you mean. The only resolver at home is /etc/hosts,
> > which is very easy to maintain. I have a master list of local hosts
> > (PC/router/phone/printer/TV/roku devices) and the hitlist, and a
> > one-liner to install it (concatenate, and mangle the host's own
> > IP address).
> > 
> > > > Then I have to maintain my list of domains to send to localhost.
> > > > Where do I start with that?
> > > 
> > > My DNS of choice for small LAN segments is dnsmasq.
> > 
> > Sure. But who's going to generate the list of domains¹?
> 
> The same person who it for your /etc/hosts, of course. Who else?

I have no relationship with this person.

> > As I said,
> > my edited list has 6765 items, but is unsuitable for use as is:
> > it might be sensible to block ads.youtube.com, but not youtube.com.
> 
> Any DNS can contain a custom A/AAAA record ('host block') or a custom
> NS/SOA record ('domain block'). DNS adds you options, it does not take them.

That wasn't my point. If I'm to use this list as a starting point,
I would have to examine each address to determine whether to block
the entire domain (eg expedia.com, youtube.com) or just the hosts
(eg ads.expedia.com, ads.youtube.com). That's a lot of work.

> > > > > 3) Why cripple system-wide resolver for a single program (in this
> > > > > case - a browser). A suitable browser plugin should suffice here.
> > > > 
> > > > How long does it take to read ½MB into memory (once) and then check
> > > > it? Obviously not very long as it works well.
> > > 
> > > You misunderstood me, it seems. You make a change to the file that's
> > > respected by each and every program that utilizes gethostbyname(3) and
> > > gethostbyaddr(3).
> > > The only positive thing that achieves is better browsing experience, and
> > > the reason you do this is the brokenness of Modern Web™.
> > > At the same time you get numerous side effects for every other program
> > > in your system(s), which may or may not be problematic.
> > 
> > I'm not aware of any other program that's 1% as promiscuous as a
> > browser. (Perhaps you could suggest some.)
> 
> Let's see. Any torrent client.

I don't have any, so I can't judge whether the hitlist would be useful
for reducing the number of adverts, or be harmful to its functionality.
Trying to serve other people's clients with a PC that has problems
coping with ads/counters/etc itself would be rather futile, I'd think.
And where would I store all these fragments of data for others to
download?

> Any MTA.

We've discussed this here before. A "home user" is likely to submit
mail through a smarthost and receive it via a POP/IMAP server (or
use webmail) rather than running an MTA. It strikes me that you're
probably posting as a "non-home user" who's hardly likely to be
running a browser on such out-dated hardware, or lack a 24/7 server
for handling incoming email.

> SSH client.

Why should a SSH client be promiscuous?

> Tor/I2P/Freenet instance.

Similar argument to torrent. BTW I do recall that using services such
as these were forbidden when I was a "non-home" user.

> A Modern Desktop Environment™.

No idea why a DE should be promiscuous, but it sounds like a good
reason to avoid using one. (Or is it related to the ™.)

Look at the list of hosts in the list. 2000 contain 'ads', 350 contain
'count', 450 contain 'click', and hundreds of the domainnames are not
really suitable for pre-watershed viewing. As you said, "one should
not argue about tastes". :)

> As I wrote earlier, it may, or may not be a problem. I take it that it
> for you it is not.

Yes, and I suspect that many others may share my opinion. I'm not
sure why this was described as "So you aggressively flaunt
conventional wisdom with this practice", having received no follow-
ups from that quarter.

Cheers,
David.