I was going to use this email message as a reference in some
documentation I'm writing, but this email is not in the mail archive,
or at least I can't find it there. The archive seems to contain no
messaged from 8/8/2018 through 8/16/2008.

SteveT

========================================================

Begin forwarded message:

Date: Tue, 7 Aug 2018 13:27:25 -0700
From: Rick Moen <rick@???>
To: dng@???
Subject: Re: [DNG] Mozilla and cloudflare to hijack all your DNS
requests - for your own good of course


Quoting Taiidan@??? (Taiidan@???):

> Cloudflare is such an incredibly obvious intelligence agency ploy to
> gather data but no one talks about this.
>
> https://yro.slashdot.org/story/18/08/05/2353249/security-researchers-express-concerns-over-mozillas-new-dns-resolution-for-firefox

Most highly rated comment:

I run my own local recursive nameservers even on my portable
devices. Totally not interested in using anyone's resolvers but my
own.

Ding!

1. apt-get install unbound
2. sed -i '1s;^;nameserver 127.0.0.1\n;' /etc/resolv.conf
3. chattr +i /etc/resolv.conf

Just kidding about step #3. If using dhclient, place into dhcpd.conf:
option domain-name-servers 127.0.0.1

Oh, and
4: echo 'Admins are reminded that using your own recursive nameserver'
echo 'will prevent captive Wifi portals from hijacking your DNS long
echo 'enough to send you to a signon Web pages, and also some rare
echo 'and deliberately misshapen networks block outbound access to
echo 'user-specified external nameservers, to better control the
user.'

Above is IMO elementary self-protection and ought to be routine. Like,
y'know, offered by the OS installer. ;->

_______________________________________________
Dng mailing list
Dng@???
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng


--
SteveT

Steve Litt
September 2018 featured book: Quit Joblessness: Start Your Own Business
http://www.troubleshooters.com/startbiz