• 10 Posts
  • 25 Comments
Joined 4 months ago
Cake day: March 19th, 2024
  • AmbiguousProps@lemmy.todaytoTechnology@lemmy.worldSenate passes TikTok ban bill, sending it to Biden, who has already committed to signing itEnglish
    0·
    2 months ago

    I posted this in the other thread, but…

    Now congress can tell any company to get fucked and sell to the highest bidder (edit: via bills crafted to target them specifically)? So much for free market republicans.

    China will just find another company to buy our data from, because as it turns out, the problem isn’t just TikTok, it’s the fact the it’s legal for companies (foreign and domestic) to sell and exchange our data in the first place. TikTok will still collect the same data, and instead of it going straight to China, it’ll go to a rich white fuck first and they’ll be the ones to sell it to China instead.

    And if the problem is the fact that it’s addictive, well, we have plenty of our own home grown addictions for people to sink their time into. You don’t see congress telling those companies to get sold to a new owner.

  • AmbiguousProps@lemmy.todaytoPrivacy@lemmy.mlQuad9 censoring DNS requests?English
    61·
    3 months ago

    but then once you’ve thousands of servers running the same piece of software across the globe deploying updates and features becomes way slower and way harder. You’ve to consider tests, regressions, a way to properly store and sincronize the blocklists across nodes etc…

    This is what we’re trying to explain to you, this is how DNS works. Those thousands of servers? Recusrive DNS resolvers, ran by Cloudflare. All watching and caching the records from Cloudflare’s authoritative nameservers in near real time, because that’s how it was designed. You don’t need to test for regressions, figure out how to properly store and synchronize the “blocklist” (it’s not a blocklist, it’s changing a domain record or simply using a CNAME to point to the registrar) or whatever else, because DNS is continuous, and it was designed to do what you’re describing, in the 90’s.

    Yes, if you’re updating your infrastructure, you’d want to test. But this isn’t that.

    Ever ran into an expired domain and thought about how the registrar can just park an expired domain and make it an ad for themselves? That’s just them adding a CNAME in their authoritative nameservers, which gets distributed globally. The prior delinquent owner can still be hosting, but because they don’t have the authoritative nameserver they can’t use the domain anymore.

  • AmbiguousProps@lemmy.todaytoPrivacy@lemmy.mlQuad9 censoring DNS requests?English
    31·
    3 months ago

    What you said here is not really on topic, but it is literally part of DNS. I already explained it in my other comment, but here:

    DNS, by design, uses authoritative nameservers, which is what cloudflare and quad9 host. These authoritative hosts distribute their records to caches (usually just recursive DNS resolvers) to ease and distribute the load. It’s literally in all of their documentation, and explained in pretty plain english on their pages.

    https://www.cloudflare.com/learning/dns/what-is-dns/

    https://www.quad9.net/about/

    Much of the Quad9 platform is hosted on infrastructure that supports authoritative DNS for approximately one-fifth of the world’s top-level domains, two root nameservers, and which sees billions of requests per day.

    When a record is updated in your domain (or cloud) provider, it is distributed via an authoritative nameserver hosted by that company. These get distributed to the root name servers, which then distribute the records to other authoritative nameservers.

  • AmbiguousProps@lemmy.todaytoPrivacy@lemmy.mlQuad9 censoring DNS requests?English
    4·
    3 months ago

    That is not what they do, though. Just because a non standard configuration is possible doesn’t mean that’s the best thing to use. DNS, by design, uses authoritative nameservers, which is what cloudflare and quad9 host. These authoritative hosts distribute their records to caches (usually just recursive DNS resolvers) to ease and distribute the load. It’s literally in all of their documentation, and explained in pretty plain english on their pages.

    https://www.cloudflare.com/learning/dns/what-is-dns/ https://www.quad9.net/about/

    Much of the Quad9 platform is hosted on infrastructure that supports authoritative DNS for approximately one-fifth of the world’s top-level domains, two root nameservers, and which sees billions of requests per day.

    When a record is updated in your domain (or cloud) provider, it is distributed via an authoritative nameserver hosted by that company. These get distributed to the root name servers, which then distribute the records to other authoritative nameservers.

    I don’t know why you’re arguing over this, when it’s one of the first things you learn in information systems and networking. Sure, there’s a lot of stuff for the infrastructure. But the way DNS works on these hosts is still the same, and blocking a single record is not difficult and does not take extra engineering effort. The authoratative hosts simply change their records and it’s done. DNS takes care of the rest.

    There’s an entire wikipedia page on this: https://en.wikipedia.org/wiki/DNS_blocking