I recently moved to a new place with a new ISP, and my Mullvad VPN isn't playing nicely with Firefox like it used to. Can any of you networking gurus please help me troubleshoot?

When the VPN is enabled, most requests from the browser fail immediately. If I pull up the dev tools Network tab, I can see that these requests fail with an NS_ERROR_FAILURE message before any data is transferred.

I have Firefox configured to use "strict" Enhanced Tracking Protection. When I reduce it to "standard" my requests go through.

I'm also trying to use DNS over HTTPS with a custom provider (Mullvad, via https://dns.mullvad.net/dns-query). I'm configuring this in Firefox, using the "Increased Protection" DoH setting. When I do that, Firefox reports the DoH status as "Status: Not active (NS_ERROR_FAILURE)". This happens even when Enhanced Tracking Protection is set to "standard" — in other words, that reduced setting fixed the NS_ERROR_FAILURE for HTTP requests, but not for DoH.

So how do I fix this so Strict Enhanced Tracking Protection, DNS over HTTPS, and Mullvad all work together? I never had this problem with my old ISP, so I suspect something's being blocked at the WAN level that I need to circumvent.

• OS: macOS Sonoma 14.5
• VPN protocol: WireGuard
• ISP: AT&T Fiber

I'm just using the official Mullvad client app with mostly default settings. The fiber gateway modem/router came with some default packet filtering firewall rules but I disabled everything in the admin panel. Weirdly, rebooting my machine fixed this temporarily, but the next time I disconnected/reconnected the VPN it broke again. Other browsers (with default settings and no DoH) are working fine when the VPN is connected.

Edit: Solved! Solution here.

I will shortly be travelling for work. I do not have the capacity to bring anything other than my work machine. In addition to working every day I would like to: legally stream movies in the evening, work on writing, email friends etc. At home of course I use a separate laptop for this but in this case I won't have that option. Any thoughts on how best to achieve a separation of concerns while travelling? How do people on Tildes manage this case?

p.s I know in a best case scenario it's not ideal, hence my behaviour at home, I just need a working method for this particular case.

Back in the day I remember setting up squirrelmail + qmail to host my own email as well as for others. And then I got that coveted gmail invite and never really looked back.

I've started to get into the mindset of erasing my digital trail, at least for my personal activities, and email seems to be the main one that I need to figure out.

The idea of setting up my own email solution came up again because I wonder how transparent / private services like protonmail and mailbox.org really are.

Any suggestions or insight would be appreciated. Squirrelmail seems to be now defunct, and I am pretty sure the world has changed enough that residential ISPs don't allow running of servers at home anymore. I guess I could setup something on AWS if I had to.

I struggled to word this question.

Let's say that I wish to work on a project to benefit Tildes (I don't currently have an idea, but just for example). Anything I did, I would like to keep opensource and would encourage other users to contribute. But I would like to keep everything linked to my pseudonym as not to dox myself.

However, I would like to have a copy of everything on my personal GitHub as well, because I am a professional programmer and that is effectively my CV.

Is there a good way to mirror a repo in a way that any git history contributed by me, "John Smith", is changed to "bugsmith" on the mirrored repo? (or vice versa).

I finally got around to upgrading my mom’s computer (an Asus laptop from 2015) from Windows 8.1 to Windows 10. I’ve already deleted a few apps she won’t use (e.g., Xbox) and disabled/stopped some unneeded services. What else can I do to keep her computer fast? Particularly interesting in more services I can disable and the best browser/ad blocker combo. Thanks y’all!

So, I'm a privacy advocate (or paranoiac, depending on your perspective). I run both uMatrix and NoScript plug-ins (among others) in my Firefox browser, so I can see when and where websites send calls out to other locations, and block the ones I want ... google analytics, google fonts, google-apis, google tag manager, and gstatic are all ubiquitous out there, probably 99% of websites use at least one of them (PS: Tildes is in the 1%; yeay, Deimos).

And note ... there may well be nothing at all wrong with any of those sites/services ... but Google has a global all-encompassing Terms and Conditions policy that says, you use anything of Theirs, and They are allowed to harvest your personal data and make money off of it.

And I do not accept those terms.

Okay, that's the prologue. The deal is, I have a small piece of documentation, just basic "how to use this" info, for a WordPress plug-in. It is in .html format, with bundled bootstrap and jquery and a few other assets.

Nothing, anywhere in the entire folder, references gstatic. And yet when I open this local, on-my-computer-only html file ... my browser tells me that it is trying to connect to gstatic.com.

Anyone happen to know why/how that is happening?

Someone posted this on the privacy subreddit. I also ended up finding this and this after doing a bit of searching. As someone who isn’t in the CS/IT spheres (chemical engineering is my background), Firefox has been my go-to browser for awhile, although I’m being made aware of the flaws of Firefox (most of which go over my head) and behavior of Mozilla. What can be done to fix this, especially considering that Firefox is the only FOSS browser with a significant user base?

I'm trying to decide what option I prefer here in terms of privacy. I'm curious of other's opinions on the issue, and if anyone has a better solution to offer more privacy.

Option 1: Hosting a local recursive DNS

I currently have a device running Pi-hole on my local network. I recently set it up as a recursive DNS server using unbound. This allows me to no longer rely on a public DNS such as GoogleDNS, OpenDNS, Cloudflare, etc. for my queries, and just point straight to the root servers.

Pro: I removed a "pair of eyes" (Public DNS) out of the equation

Con: All my queries are not encrypted so my ISP (and potentially others) can still see my DNS queries

Option 2: Using DNS over HTTPS (DoH) using Cloudflare's client

With this option I would use Cloudflare's cloudflared daemon they provide on their website. This would allow all my queries to be encrypted when sending them to Cloudflare.

Pro: Encrypted DNS queries from my local network -> Cloudflare's servers. My ISP can no longer see my DNS queries

Security Pro: Helps prevent MitM attacks

Con: I now have a Public DNS back in the equation, which I have to put some trust into. Also, my queries are most likely only encrypted from my local network -> Cloudflare's network. When Cloudflare has to do the recursion, those queries may be not encrypted (my assumption is they will most likely be not encrypted)

Possible Con: Does Server Name Indication (SNI) "leaking" apply to DNS queries at all? If so, then my query is revealed anyways right?

As a note, I am nowhere near an expert on the specifics of DNS, so some of my assumptions on how things work may be super wrong!