eastdakota on May 4, 2019 on: Tell HN: Archive.is inaccessible via Cloudflare DNS...
[Via https://news.ycombinator.com/item?id=19828702]
We don’t block archive.is or any other domain via 1.1.1.1. Doing so, we believe, would violate the integrity of DNS and the privacy and security promises we made to our users when we launched the service.
Archive.is’s authoritative DNS servers return bad results to 1.1.1.1 when we query them. I’ve proposed we just fix it on our end but our team, quite rightly, said that too would violate the integrity of DNS and the privacy and security promises we made to our users when we launched the service.
The archive.is owner has explained that he returns bad results to us because we don’t pass along the EDNS subnet information. This information leaks information about a requester’s IP and, in turn, sacrifices the privacy of users. This is especially problematic as we work to encrypt more DNS traffic since the request from Resolver to Authoritative DNS is typically unencrypted. We’re aware of real world examples where nationstate actors have monitored EDNS subnet information to track individuals, which was part of the motivation for the privacy and security policies of 1.1.1.1.
EDNS IP subsets can be used to better geolocate responses for services that use DNS-based load balancing. However, 1.1.1.1 is delivered across Cloudflare’s entire network that today spans 180 cities. We publish the geolocation information of the IPs that we query from. That allows any network with less density than we have to properly return DNS-targeted results. For a relatively small operator like archive.is, there would be no loss in geo load balancing fidelity relying on the location of the Cloudflare PoP in lieu of EDNS IP subnets.
We are working with the small number of networks with a higher network/ISP density than Cloudflare (e.g., Netflix, Facebook, Google/YouTube) to come up with an EDNS IP Subnet alternative that gets them the information they need for geolocation targeting without risking user privacy and security. Those conversations have been productive and are ongoing. If archive.is has suggestions along these lines, we’d be happy to consider them.
The 1.1.1.1 referred to in the above is Cloudflare's main resolver, 1.1.1.2 & 1.1.1.3 are for those intentionally looking for malware and content blocking.
I like the occasional feature of appending a question mark to your query to get a nice summarizer to comb through the internet so I don't, but I only use it a few times a month.
A few years ago, someone on Twitter had a really cool proposal for how to revamp the entire format of the Oscars, even taking the importance of commercials into account, but I can't for the life of me find it anymore.
You do actually need to run it on a Mac, if (and only if!) you require integration with Mac-only software. But the main factor is probably just "all the cool kids are doing it" ;)
I didn't know that, Sorry about that, but is there no way to make CDP debugger less detectable. Seems doable to me but maybe there's a catch if its not already done by somebody maybe?
iMessage is the only explanation I can find. Minis aren’t powerful enough for agentic models unless you’re getting a rather expensive version (I could see the MX Pro w/ 64GB working). At which point they don’t have the price appeal of the base model anymore.
Also came across this today about how Meta is allotting 5% of ad spend on AI testing for Gen AI. Which leads to unintentional Gen AI promotions across Instagram and Facebook - mind you for companies who paid for the promotion.
What I'm curious about is whether this payment information is from spending money or from YouTube's requirement of doing a symbolic credit card payment to authenticate that you're an adult - and other potential checks for YouTube partners.
Basically YouTube's form of age verification that takes place such as when they can't figure out whether to serve you mature videos or not.
Speaking of hosting, Discord used to be one of the biggest (inadvertent) image hosts, so they might have set up the system to reduce legal exposure than to monitor conversations per se.[1]
A lot of the internet broke the day they flipped that switch off.
Weren't external Tumblr hotlinks also a thing back in the day?
The number of times I've read articles about the upcoming "Silicon Valley in Europe" warrants an article running through the last twenty years of the EU getting its act together "any day now".
reply