What are you using for your firewall in your home lab, hardware and OS?
What are you using for your firewall at home?
What are you using for your firewall at home?
Got this phishing SMSmessage today. I spun up a VM and investigated the domain provided in the message. Found the provider and reported it to them.
The phishing page is a replica Coinbase login page.
Firefox recently introduced DNS over HTTPS (DoH) and Trusted Recursive Resolver (TRR) in nightly builds for Firefox 62.
DoH and TRR are intended to help mitigate these potential privacy and security concerns:
DNS over HTTPs (DoH) encrypts DNS requests and responses, protecting against on-path eavesdropping, tracking, and response tampering.
Trusted Recursive Resolver (TRR) allows Firefox to use a DNS resolver that's different from your machines network settings. You can use any recursive resolver that is compatible with DoH, but it should be a trusted resolver (one that won't sell users’ data or trick users with spoofed DNS). Mozilla is partnering with Cloudflare (but not using the 1.1.1.1 address) as the initial default TRR, however it's possible to use another 3rd party TRR or run your own.
Cloudflare is providing a recursive resolution service with a pro-user privacy policy. They have committed to throwing away all personally identifiable data after 24 hours, and to never pass that data along to third-parties. And there will be regular audits to ensure that data is being cleared as expected.
Additionally, Cloudflare will be doing QNAME minimization where the DNS resolver no longer sends the full original QNAME (foo.bar.baz.example.com) to the upstream name server. Instead it will only include the label for the zone it's trying to resolve.
For example, let's assume the DNS resolver is trying to find foo.bar.baz.example.com, and already knows that ns1.nic.example.com is authoritative for .example.com, but does not know a more specific authoritative name server.
Collectively DNS over HTTPs (DoH), Trusted Recursive Resolver (TRR), and QNAME Minimization are a step in the right direction, this does not fix DNS related data leaks entirely:
After you do the DNS lookup to find the IP address, you still need to connect to the web server at that address. To do this, you send an initial request. This request includes a server name indication, which says which site on the server you want to connect to. And this request is unencrypted.
That means that your ISP can still figure out which sites you’re visiting, because it’s right there in the server name indication. Plus, the routers that pass that initial request from your browser to the web server can see that info too.
So How do I enable it?
DoH and TRR can be enabled in Firefox 62 or newer by going to about:config:
Links:
A cartoon intro to DNS over HTTPS
Improving DNS Privacy in Firefox
DNS Query Name Minimization to Improve Privacy
TRR Preferences
I'm not affiliated with Mozilla or Firefox, I just thought ~ would find this interesting.
Hey guys -- I wrote a blog that I'd love some feedback on. I'm an identity product manager and have been trying to train my users to use passphrases. Do these read friendly enough? I want it to be readable by all users, but my target audience is other people in product and software.
https://medium.com/@toritxtornado/training-your-users-to-use-passphrases-2a42fd69e141