Why the fuck does archive.is not work? Is there a decent DNS that isn't botnet and works with everything?

Catfight between archive.is and 1.1.1.1. Explained in comments here.
news.ycombinator.com/item?id=19828317
It doesn't seem like either side will change soon.

Attached: 1428770769575.gif (500x281, 1.25M)

Your DNS shouldn't block shit unless you want it to. Just use 208.67.222.222 or create your own.

1.1.1.1 is not blocking archive.is. 1.1.1.1 does not send geographic information along with DNS requests, unlike most servers. When archive.is gets DNS requests without geographic information, it does not return results. So in a way, archive.is is blocking 1.1.1.1, not the other way around.

Fucking sucks cause I use archive.is enough that I can't use 1.1.1.1 but otherwise 1.1.1.1 seems perfect.

If you just need it on a few computers you can manually put archive.is in your hosts file.

Google DNS works fine with archive sites.

how do I do this? what is the ip of archive?
>Google

now this is a big brain post

because they (archive.is) block 1.1.1.1 for some technical reason

In windows, start notepad as admin, then open
C:\Windows\System32\drivers\etc\hosts. The file has no extension so you'll have to switch off the default .txt filter in the browser if you want to click on it.

Add this line:

134.119.220.26 archive.is

I looked up the address using kloth.net/services/nslookup.php. It might change in the future, but probably rarely.

9.9.9.9

If I go to that IP address without updating the file shouldn't it take me to archive.is? Because when I copy paste that into my browser it doesn't work. I just get "Problem loading page" in firefox.

Not necessarily, because web servers can filter requests on host headers.

>If I go to that IP address without updating the file shouldn't it take me to archive.is?
No

Come home, gentooman.

opennic.org/

Attached: OpenNIC_Logo.png (300x125, 21K)

Use 8.8.8.8 (Google) or 9.9.9.9 (IBM)

OpenNIC

Why not just get a vpn and be done with this bullshit private DNS bullshit? I'd doubt that the people behind this are doing it out of the purity of their hearts. They must be getting something out of it.

Attached: 81d2361eabcbe476a7603f942428e648f3eedf68763fe14a2446e98d09e7279e.jpg (255x255, 22K)

archive.is works with the host file edit. Just took a bit of time to update. Thanks all

websites don't get geographic information wtf are you talking about
a DNS stores the IP and name of a server
you ask the DNS what the fuck IP to go to to reach a name
it tells you
you then go to it
DNS shouldn't interact with the site at all.
explain to me what buttfuckery archive.is does

no, because virtual servers exist

iepg.org/2013-07-ietf87/5- streibelt-edns-client-ip.pdf
archive.is blocks dns requests that do not include EDNS subnet information. 1.1.1.1 does not include this information while most other servers do.

I have my pihole set up to use a different dns (9.9.9.9) just for archive.is and its mirrors

How do you do this?

Add a new config file in dnsmasq.d with the following:
server=/archive.is/9.9.9.9
server=/archive.fo/9.9.9.9
server=/archive.li/9.9.9.9
server=/archive.today/9.9.9.9

hey, thanks!

sounds like a good thing desu

>The archive.is owner has explained that he returns bad results to us because we don’t pass along the EDNS subnet information. This information leaks information about a requester’s IP and, in turn, sacrifices the privacy of users.

I don't see why archive.is needs that information.

>websites don't get geographic information
archive.is runs its own authoritative nameserver, and it returns garbage results when queried by something that doesn't pass it geographic information (like cloudflare, which purges geographic information for privacy reasons)

Just run Unbound on your Pi-hole. Takes a minute or two

docs.pi-hole.net/guides/unbound/

Interesting. Is it noticeably slower?

Thanks, might give it a go.

see now that makes actual sense.
cloudflare should just manually put the ip in the fucking thing

No, cloudflare shouldn't manually muck with DNS results to give special treatment to a site that is purposely breaking their own DNS. They should remain neutral, and sites should continue being able to do whatever stupid shit they want to with their own nameservers.

>I don't see why archive.is needs that information
If a nameserver has the geographic information of the requester, it can return the IP of the server physically closest to them to minimize latencies.

fuck you & them

or just let BGP and EIGRP do what they're made for...

Basically, the only thing archive.is is used for is exposing "Look at this dumb shit that this person put on social media then deleted later". It's a part of outrage culture. When's the last time you saw something actually useful on archive.is? I can go without.

Neither of those can change a request to a specific IP to be routed to a closer server with a different IP

Now you're leaking more metadata for the glowies

Plenty of times, it's easier to get shit archived using archive.is than the wayback machine, and archive.is it's way less respecting of faggot robot.txt files

Just use 8.8.8.8 (Google) or 9.9.9.9 (some consortium with IBM in it).

I think 9.9.9.9 is the most trustworthy because IBM and a bunch of network organizations are not in the business of exploiting people's privacy.

Whereas Cloudflare (1.1.1.1) and Google (8.8.8.8) are least trustworthy. Google in particular is hypocritical with their stance on privacy and encryption. They claim to be pro-privacy, pro-encryption etc. but it only means that everything should be encrypted between your browser (Chrome) and Google's servers, so Google has an exclusive access to your stuff.

In the case of 1.1.1.1 there are similar shenanigans. Basically 1.1.1.1 is removing some information from requests that could lead to identifying the location of clients making requests (which is why archive.is is blocking them). Are they doing this because they care about privacy? No, it's because they sell a CDN (in fact they're the leader in that market), so they want to keep this information to themselves, to create an incentive for people to use their service.

seconded I use quad 9 for most shit I can't use my dnscrypt on

adguard.com/en/adguard-dns/overview.html

tl;dr:
176.103.130.130
176.103.130.131

>The archive.is owner has explained that he returns bad results to us because we don’t pass along the EDNS subnet information. This information leaks information about a requester’s IP and, in turn, sacrifices the privacy of users. This is especially problematic as we work to encrypt more DNS traffic since the request from Resolver to Authoritative DNS is typically unencrypted. We’re aware of real world examples where nationstate actors have monitored EDNS subnet information to track individuals, which was part of the motivation for the privacy and security policies of 1.1.1.1.

dnscrypt is deprecated though. Use DNS over TLS on port 853, it's just simpler to setup (I use unwind and unbound on OpenBSD and it's supported out of the box).

no

This is hypocritical bullshit.
Reminder that this is the company who decided to blacklist one of their paying customer (the Daily Stormer) just because the CEO had a fit.
They don't give a shit about political censorship, they just want a monopoly, like Google, which is why they don't want to pass out this information that would allow other people to compete with them on the geoloc CDN market.

Fucking wankers. Just use IBM's Quad9 (9.9.9.9). IBM's business model is to sell overpriced systems to lazy and clueless boomers who make purchasing decisions in public service.

t. IBM employee

Sometimes I like to laugh at what idiots posted online and archive is necessary for if they delete it.

wait lol cloudflare won't let you go to archive.is?

More the other way around. archive.is won't let Cloudflare DNS users use their site.

The archive.is guy does not have a rule explicitly blocking cloudflare, he has a rule blocking queries that dont have infos about the client making the query (which is why archive.is works with every other DNS).
Clearly he is an autist trying to make a point, but he is right.

When will they fiax .chan tld registration?

Recent discussion on Hacker News
>Archive.is inaccessible via Cloudflare DNS (1.1.1.1)

news.ycombinator.com/item?id=19828317

Attached: 1_CVOGx9ckrpWyTvtQgauYpw.jpg (300x225, 19K)

mmm 8.8.8.8?

Attached: CEO & co-founder of CloudFlare.png (1052x296, 41K)

Yeah so its basically cloudflare doing anticompetitive bullshit to block competitive CDNs

make your own DNS with Unbound

>Is there a decent DNS that isn't botnet and works with everything?
1. run your own dns server
2. choose 2-3 servers from opennic

>but nononomus opennic servers seem to be "slow", they react in 20ms rather than the 2ms of 1.1.1.1 claims to be
Not an issue since your OS and programs cache DNS requests.

enjoy your London Police botnet
news.cityoflondon.police.uk/r/945/ibm__packet_clearing_house_and_global_cyber_allia

no, it's very fast