León Castillejos @L1Cafe@social.privacytools.io

@doublesnark that is super cool... where can I learn more? Do you speak Spanish?

@eleix I used to run PfSense on an old computer but due to... reasons, I’m not able to have that setup anymore. My goal is to do it again, and have a switch/WiFi AP connected to the “protected” NIC, while the other NIC acts as the WAN one. But yeah, the PiHole is easier to manage and install...

@eleix I just block whatever tracking or ad services I want at the OS firewall level, but yeah, on mobile devices and such it’s not that easy...

@eleix I should really get a PiHole, so many people recommend it 🤔

@eleix OpenNIC does some non standard stuff, isn’t it?

@eleix Not sure if I understand the situation correctly. Non DNSSEC queries work fine? I suppose I would first try using something that’s not OpenNIC. Maybe that’s the problem?

@eleix It wouldn’t be the first time I’d fix a configuration mistake just by doing a simple Wireshark capture.

Last time I helped a coworker fix their TFTP configuration through a packet capture. It helped because his TFTP client didn’t exactly give out particularly informative error messages.

I don’t know much about PiHole but I’ll try to help if you’re still not sure 🤗

@mgiagante Pros:
- Well, without your password, your disk is useless, that’s pretty straightforward.
- You can ensure dual booting into another OS cannot read the encrypted disk (unless you give it the password), so no malware would be able to peek in.
- Relatively difficult to break with technical means. Definitely outside the scope of a regular burglar.
Cons:
- What’s your threat model, really? A state-sponsored adversary could just torture you until you give up the password.

@eleix 🤔 does it break all DNSSEC resolutions? Did you check your traffic between PiHole and NS and between client PC and PiHole with something like Wireshark?

@boxjon @rodti well, you can’t post or participate in polls, which is a shame. But again, I don’t think that will be missing for much longer.

@rodti @boxjon I do very much enjoy Toot! The developer seems to take Cocoa Touch seriously (not even Twitter gets it right, which is pathetic), and it is feature packed.

The only thing I miss are polls, but I’m sure the developer won’t take long to implement them seeing his track record.

I have 5 different Mastodon accounts and it is such a bliss changing between them on this client. 100% recommended.

@sheogorath yeah maybe I should tune my SpamAssassin scores to place more negative bias onto gmail addresses... I wanted to migrate to rspamd this summer though, but I’m not looking forward to it 😩 migrations are painful especially with downtime involved... maybe I could spin it up on a fresh server and just switch ports on the VLAN when everything is ready 🤔

@sheogorath well, I think the same about IMAP and SMTP for Tutanota. But I believe I know their motivation for removing such access, as IMAP is very outdated and honestly doesn’t work well in modern devices (lacks push among other things, ever heard of JMAP?), and there is also no simple way to enforce mailbox encryption and 2FA for IMAP users (Gmail has a shitty solution for 2FA which are app-specific passwords but that’s just a very bad temporary patch).

@pro hmmmm... we are on the same boat.