I use Apple devices for end-user activities but Linux for my routers and servers. I grew up with Windows at home and Macs at school; as a teen I used Linux full time on used PCs but always loved the “it just works” design of Apple gear.

I actually prefer FreeBSD, but Docker and containerization have brought me much closer to Linux.

Specifically, I love using Alpine Linux due to its flexibility. Its packages are very up to date and I can install an actually working Node or Ruby with a simple apk add versus installing nvm or rbenv. It’s awesome for lightweight, no nonsense stuff like Tailscale, VPNs, etc.

Yeah, that’s pretty annoying.

What is the most private phone? Take a visit to a Google property and curb stomp your privacy to find out!

Feeling attacked with Leggable and Fleable. I’ve been known to write a concern or two in Ruby on Rails but what can I say? I like my code DRY.

looks at community I hope so?

Well I MITM myself quite often to confirm it. I’m also smashing together hundreds of blocklists, and I always check the network tab of my browser’s developer tools and very rarely see anything coming from third-party domains.

Sure, sometimes assets are on the actual domain I’m visiting (or its CDN) but most of the time, even tracking scripts there are broken because they still call the blocked scripts.

By the way, it’s hilarious that everyone wants to fight so hard about this yet when someone says “use an adblocker” nobody says anything as if it’s the end-all solution.

I didn’t say “I have a bulletproof, surefire way to fix this.” I said “use network-based blocking.” However effective that is is up to the person implementing it; you have no idea how effective my setup is because you don’t have access to its configuration.

They’re not hard to circumvent, sure but then why am I so effectively blocking almost everything not tied to the “real” first-party domains?

Proxy? Is it that hard to figure out how to bundle and serve assets from the same domain? 😂

I’m a broken record: block Google (or whomever) with network-based blocking (IP and/or DNS), these guys have third-party tracking in virtually every website and app.

This is the correct answer. Facebook has third-party scripts all over the internet. I wish people would understand this — just because you’re not a Facebook user doesn’t mean Facebook (or anyone else) doesn’t track you.

I’m not sure about Facebook but tons of trackers are in apps too so the typical “use an adblocker” grumble isn’t even accurate either.

they’re perennially jealous of the shit Apple can get away with.

😒

I’d almost go through the trouble of getting the content out of Wordpress. The nice thing about static site generators is you can completely switch out the framework, runtime, base Docker image and/or OS at any time.

Your router probably does have one, but your end devices should too. If your router is some piece of trash ISP-supplied one, it might not even have a firewall for IPv6 (if it even supports IPv6 at all).

I really wanted it to work on Fly.io but I couldn’t get it to. I’d also like to get the Tailscale software Dockerized but running multiple nodes on the same host with custom DNS was a complete shitshow.

I really love Tailscale, but the daemon and CLI seem to be absolute garbage.

I mean, it’s still good to know if you’re vulnerable right (for sake of discussion)?

I would add from an end-user privacy perspective, they might want HTTPS. If I hit a website not using HTTPS, I pretty much immediately back out. Bad actors like hostile governments and hackers can use seemingly meaningless data against you.

I can’t remember exactly what happened but I remember back when WebMD was fighting against rolling out TLS hackers were able to find medical weaknesses against people.

Honestly, just Unbound for DNS filtering + Tailscale + commercial VPN solves 99% of my problems with privacy online.

Yes I have a DNS service listening on both UDP and TCP to respond to DNS queries from clients using the standard DNS port; crazy me. 🤪

DNS

You can’t have UDP and TCP on the same port? I don’t think that makes sense, I have DNS listening on UDP and TCP both on port 53.