Friendly reminder that if you can resolve archive.is then your DNS does not value privacy

>Cloudflare good

Attached: 1528596509348.png (1566x694, 112K)

Why don't we just make an archiving website that archives the archives on archive.is?

> spoonfeeding cocksniffs who are too retarded to google, or even just fucking open a URL.

You are the cancer killing Jow Forums.

> shilling cloudflare this hard
are you even trying? lmao.
> continues to bump a cancerous thread
genius level

how the fuck does a website block a specific dns server? that's not how dns works.

>shilling this hard for EDNS at the expense of user privacy
wew

>are you even trying? lmao.

Attached: Capture.png (540x542, 171K)

Did you even read the article?

> coping intensifies
yes, well done, nsa. cope harder.

> they don't use dnscrypt
the utter fucking state of this board.

What DNS do you use? Does it resolve archive.is?

> being blocked by archive.is means your dns isn't private
the coping is strong

Why are you avoiding the question? Do you know how EDNS works?

20$ that OP is not know what DNS service is actually dose

Oh so that why I could never open it on my smartphone, I'm using adguard DoT

Carlos pls

"20$ that OP is not know what DNS service is actually dose"

Attached: mexicant.jpg (474x266, 22K)

>mind telling me how cloudflare is making money off their DNS operations?

>hey switch to 1.1.1.1
>what's 1.1.1.1?
>it's cloudflares DNS servers
>who?
advertising, ho!

just put
46.45.185.30 archive.is
into your hosts file

because it's actually true you poor fucking retard

go read about it here
developers.google.com/speed/public-dns/docs/ecs

>Lots of pasta but no sauce
Yikes, it's a hodgepodge of truth, conspiracy, and opinion.
Here I'll make a claim without proof as well. Whoever wrote that is retarded.

Average normie has no idea what DNS is and they have no use for cloudflare's other services. Basically anyone that knows what a DNS is already knows what cloudflare is seeing as they've man in the middle'd half the internet already.

I don't get it. How is this protecting my geographical location? Sure, the DNS server does not provide this information, but if my system is making a DNS query, it's probably doing so because it intends to connect. If it connects, the server listening on the other end gets my public IP and as such can approximate my geographical location anyway.

So what exactly is Cloudflare protecting by not giving away EDNS? I mean if they resolve a particular domain and my system connects, the owner of that domain will see my IP anyway.

>she doesn't use archivecaslytosk.onion

Attached: 000.jpg (440x292, 80K)

Friendly reminder that your DoH provider shows its ugly face to IPS via SNI, and thus could be easily blocked.
>but m-muh esni
Not part of any standart, TLS1.3 pretty mich mandates having SNI, so it's easy to terminate connection without valid SNI
>i-it's not gonna happen!
If you don't live in a shithole that doesn't respect your privacy, you don't need this.
If you do, you're fucked anyway.
Fight me.

What is actually involved in building an archiver? There are pretty much no alternatives to archive.is. I might do it for my final year project. Would there be any additionaleasures I could implement that verifies that the original source material hasn't been tampered with?

Damn, I'm using their DoH and it's actually blocked for me.
My ISP pushes Google's DNS server though, so I didn't think that would be much of an improvement.

>use 1.1.1.1
>open this thread
>read through and close the tab
>internet takes a dump for 15min
They fucking know

Attached: 1450374598354.png (468x345, 226K)

your dns is not the internet

Attached: ei_kiinnosta.gif (142x142, 10K)

So which dns should i use?

your cool source literally confirms the security risk

Attached: 1434050937487.gif (640x360, 439K)

I know, but it's weirdly coincidental.

Attached: 1489176799029.jpg (356x275, 11K)

1.1.1.1

I'm using IBM's 9.9.9.9. Are they okay?
I don't know who else to trust these days. Not Google, cisco or cloudflare.

cloudflare literally just proved their integrity by not manually fucking with queries regarding specific websites, even though they risk upsetting millions of brainlets

So which fucking DNS should I use

quad9.net/faq/

>quad9 collects more identifiable data than cloudflare
Why do people say this is better?

Attached: Screenshot.jpg (921x775, 257K)

name one relevant website that actually uses this besides the cloudflare dns test page

Attached: file.png (253x350, 10K)

Literally any site fronted by cloudflare

What is hosts file?

en.wikipedia.org/wiki/Hosts_file

On top of that:
>EDNS is essential for the implementation of DNS Security Extensions (DNSSEC).[6] EDNS is also used for sending general information from resolvers to name servers about clients' geographic location in the form of the EDNS Client Subnet (ECS) option.
Is cloudflare also skipping DNSSEC?

came here to shill for nextdns for free but you beat me to it!
based and redpilled
to all the retards, nextdns is your pihone but in da clouds
it fucking works

DNSSEC works here with cloudflare

what are you talking about
did you mean to reply to me?

Yes
that dns address you posted belongs to nextdns.io and it's fucking great
not sure where you got it from if you don't know. lol

just used the first dns lookup site i found
thinking about it, i could have just used dig on my vps, but whatever

Attached: 2019-08-04-043458_626x677_scrot.png (626x677, 41K)

>actually using, defending and shilling CIAflare
shiggy diggy

>having the insane amount of stupidity to actually fucking use the DNS of GODDAMN CLOUDFLARE
CDNs are tracking/spying on you and should be illegal.

:^)

Attached: pfsense.png (1096x638, 68K)

Fun facts: google loses money off of both Youtube and its Search engine.
Amazon looses money off of its shipping department.

Companies' purposes are to make money. Products' purposes are not necessarily that. This has been well understood ever since razor blade companies started giving away razors for free.

One of the online archive websites that does not allow governments and companies to alter the historical information on it. Unlike say wikipedia or waybackmachine which both allow the older versions to be altered to show something they didn't show before or be deleted entirely if you donate (pay) enough.

Ok you guys lemme ask a question:
What the actual fuck is stopping me or anyone from just querying everyone's DNS server and using the cached responses to run my own local DNS? Boom no more worries about censorpoisoning.

What censoring? Archive.is is using a shitty method that Cloudflare won't support because it gives identifiable info. Archive.is could easily fix this on there end.

>ctrl + f OpenNIC
I'm disappointed, you're all retards
opennic.org/
use this + DNScrypt and that DNS caching thing, can't remember what it's called

Can you resolve archive.is?

y not both?

Attached: Screenshot from 2019-08-03 11-57-38.png (586x352, 33K)

yes

Then you already failed

why aren't you using pfblockerng?

retard

more like archive.is is relying on edns for load balancing
>Cloudflare won't support because it gives identifiable info
reverse dns is now 'identifiable info', if you connect to the IP address you asked cloudflare about then you deliver it yourself

cbf

>The archive.is owner has explained that he returns bad results to us because we don’t pass along the EDNS subnet information. This information leaks information about a requester’s IP and, in turn, sacrifices the privacy of users. This is especially problematic as we work to encrypt more DNS traffic since the request from Resolver to Authoritative DNS is typically unencrypted. We’re aware of real world examples where nationstate actors have monitored EDNS subnet information to track individuals, which was part of the motivation for the privacy and security policies of 1.1.1.1.

>EDNS IP subsets can be used to better geolocate responses for services that use DNS-based load balancing. However, 1.1.1.1 is delivered across Cloudflare’s entire network that today spans 180 cities. We publish the geolocation information of the IPs that we query from. That allows any network with less density than we have to properly return DNS-targeted results. For a relatively small operator like archive.is, there would be no loss in geo load balancing fidelity relying on the location of the Cloudflare PoP in lieu of EDNS IP subnets.

>We are working with the small number of networks with a higher network/ISP density than Cloudflare (e.g., Netflix, Facebook, Google/YouTube) to come up with an EDNS IP Subnet alternative that gets them the information they need for geolocation targeting without risking user privacy and security. Those conversations have been productive and are ongoing. If archive.is has suggestions along these lines, we’d be happy to consider them.
news.ycombinator.com/item?id=19828702

Why? pfblockerng is one of pfsenses best features.

archive site that requires your geolocation in order to request it's IP address

I've tried it, the problem is that I got too lazy whitelisting things I needed to access (like Google Analytics -gasp- for work, etc.) and then going through the process of waiting for pfblockerng to update and then clearing my DNS cache.

So yeah, just got cbf for now even tho it would be nice to have.

Cloudflare is making a subversive play against their competitor CDNs. Client subnet of a DNS request is used for initial rough mapping by Cloudflare competitors such as Akamai (definitely) and I believe Fastly (and probably others). Stripping it easily adds at least a few milliseconds to the time to first byte and most likely results a request re-routing on the second or third request.
After all, no other CDN is operating a well used public resolver.

What? Why are you using lists that break sites? What lists were you using? I've never had problems and I use quite a bit. And it's actually easy to whitelist if you need.

Attached: pfblockerng.png (1920x1581, 725K)

they're not wrong about the centralizing the internet. cloudflare goes down so does the social media platforms of zoomers. tinder? gone. snapchat? gone and best of all discord? gone.

This is what I have.

Yeah I knew how to whitelist, the problem was me being impatient for DNS to update lol

Attached: pfblockerng_lists.png (2316x676, 111K)

You can force update

Attached: pfsense.png (2316x1252, 158K)

Yeah but then I have to wait for it to download or at least parse the lists again

Mine only takes a few seconds

So this literally who with his literally what website throws a shitfit because Cloudflare doesn't share geo location data with him?
What fucking timeline is this?

The answer to cloudflare isn't to tell people to stop using it... you've never stopped doing something just because someone told you that you shouldn't.

The answer is to develop a viable alternative. Cloudflare's business model relies on the idea that a centralized internet (run by centralized organizations, operating centralized infrastructures, CDNs, etc.) is vulnerable to DDoS, because a DDoS is essentially "the entire internet" attacking "one person".

When you create viable decentralized alternatives, business models like Cloudflare start to make less and less sense, because DDoS attacks start to make less and less sense. What are you going to do when you want to censor someone's opinion, DDoS the entire internet?

I'll mess with it again someday, wtb more time

a decentralized ddos protection? are you high, how tf would that be at all possible?

try thinking beyond the first immediate thought, you massive namefag. critical thinking helps you in life.
You don't decentralize cloudflare, you moron. That makes no sense.
You make it impossible for technology like cloudflare to have a business case.

You can do that by decentralizing YOUR service.

I don't need a wall of text to know how cancer Cuckflare is
>enter random page
>oh no, just one more step, we promise, please cuck yourself into filling this (((captcha))), because you did not give us your IP, sorry, we meant, because you might be a suspicious bot :^)

please don't use the d-word, or your messages get filtered

>using filters

It would be pretty hard to shut something down using a DDoS if it were hosted on something like IPFS for instance. Obviously comes with its own set of problems though.

This. What happens if archive.org (& derivatives) goes down? The entire internet gets fucked. It's too centralized in the first place.

>temper tantrum
I bet archive.is has a fine reason for it.

Many answers here but the actual way is you are the product. Facebook does it by convincing websites to stick their like buttons everywhere. Google does it by convincing websites to stick their analytics scripts everywhere and offering 8.8.8.8 as DNS that remembers websites you visit. Cloudflare does it by convincing websites to use them as CDN and now by offering 1.1.1.1 as DNS that remembers websites you visit. If you don't pay for a product then you are the product.

load balancing
but it's not a good reason
see

I use own resolvers that query the root servers directly

>tor users who disable javascript
Have you considered not being a pedophile?