Ben Tasker's Blog

An argument in favour of application level name resolution

Recently I published some documentation detailing how to build and run your own DNS-over-HTTPS (DoH) server.

As I mentioned at the beginning of that documentation, there's been a certain amount of controversy about DoH vs DNS over TLS (DoT).

One thread of that argument is along the lines that name resolution should be handled at the OS level (so that all applications get the same result for a given name - improving troubleshooting - as well as giving some caching benefit, versus applications resolving names themselves).

Generally I've found that argument fairly persuasive, but also taken the view that DoH being implemented at the application level is the result of a general lack of availability/uptake of DoT at the OS level.

In other words, whilst it's not ideal for applications to be resolving names themselves, it makes an (arguable flawed) privacy-enhancing solution available now, rather than continuing to wait for an (arguably) better solution to actually get adopted (and ignoring whatever reasons led to that lack of adoption).

But, I've begun to change my mind on whether applications doing resolution themselves really is a problem, or whether it's actually more beneficial when considered alongside some of the aims of DoH

Read more ...

Solution to my April 2016 Puzzle

It's been three years now, and although I've had many people complain about it giving them a headache, to my knowledge no-one has solved the puzzle I posted in April 2016. My other puzzles and crypto trails have all fallen in significantly less time, but I've watched people really struggle with this one, so I think it's fair to say that I made it just a little too hard.

It only seems fair, therefore, to explain the solution (while I can still remember it).

This post will do just that (there's a video of solving it below for those who don't want to read)

Read more ...

Optimised Routing and Opportunistic Tor Enabled

In the past few days, I've enabled some new functionality on my delivery network, affecting (almost) every domain being served by it.

Those using a browser which supports these changes should see improved delivery performance, and enhanced privacy.

This post details the changes that have been made, and what they mean to you

Read more ...

Beware USB Quick Charge Ports

In order to power a couple of thermistor controlled cooling fans, I use a pair of USB to 3 pin Molex adapters.

I noticed the other day that one of the fans wasn't working, so I detached it from it's mounting plate and brought it and the adaptor out to check.

Access is a bit... tricky... so I couldn't really test the adaptor against the other fan (and didn't want to risk breaking it if something odd had gone wrong). The fans I use are about £5 each, and it's always worth having spares, so I ordered some replacements, which arrived today.

I plugged one of the new fans into the adaptor and tried to power it on. Nothing. So, I dealt with the access issues in order to plug the new fan into the other adaptor to check the fan worked - it did.

The last remaining check then, was to verify that the issue didn't lie with the USB port the adaptor was plugged into.

Read more ...

Why I won't have an Amazon Echo

I was recently asked to explain in a bit more depth why I'm not willing to have an Amazon Echo (or, more specifically - Alexa), so I thought I'd write an answer down too.

Although the question was specifically about Alexa (being the best-known), the answer applies to alternatives like Google Home and Sonos One.

Read more ...