Yeah. I think people can become obsessive over it. I also think there is a large group of users who gamify privacy and act as if its an mmo quest where they just need to collect the best tools to win instead of being responsible and understanding threat modelling.
There is a point of diminishing returns. Like most things, you have to evaluate what you are willing to live with and let go.
I know someone who only browses incognito because they don’t want cookies tracking them. They log into everything every day. Which, imo, is worse because those cookies are still tracking you but you now have to log in everyday.
But for them they like the control.
I’ve moved most of my incidental link on my phone clicking to Firefox Focus (thanks to URL Checker) which has upped my privacy. I wouldn’t have made that change without the prompt that URL Checker provides though.
I use a VPN outside of my house and I use pihole at home. I am tempted to switch my DNS to unbound but the juice doesn’t seem to be worth the squeeze. We’ll see the next time I need to rebuild my pi.
I used to run unbound on my laptop just so I could configure stuff like forwarding zones with more precision than what a stub resolver normally gives you.
It can also be your validating DNSSEC resolver, which also satisfied that sort of morbid curiosity in me.
In the age of DoT and DoH, with endpoints hardcoded in browser binaries, that sort of thing has a lot less punch than it used to. Even back then Go binaries would start ignoring your nsswitch.conf…
DNSSEC always causes errors on my pihole set up and end up disabling it. The upstream is DoH though (via dnscrypt) so it’s technically DNSSEC but without the clients seeing the authentication. That’s enough for me.
At some point, I fully expect apps and websites to begin resolving DNS directly instead of relying on the OS to provide resolution services. At that point our options will be to wholesale block IP addresses at the router.
Yeah. I think people can become obsessive over it. I also think there is a large group of users who gamify privacy and act as if its an mmo quest where they just need to collect the best tools to win instead of being responsible and understanding threat modelling.
There is a point of diminishing returns. Like most things, you have to evaluate what you are willing to live with and let go.
I know someone who only browses incognito because they don’t want cookies tracking them. They log into everything every day. Which, imo, is worse because those cookies are still tracking you but you now have to log in everyday.
But for them they like the control.
I’ve moved most of my incidental link on my phone clicking to Firefox Focus (thanks to URL Checker) which has upped my privacy. I wouldn’t have made that change without the prompt that URL Checker provides though.
I use a VPN outside of my house and I use pihole at home. I am tempted to switch my DNS to unbound but the juice doesn’t seem to be worth the squeeze. We’ll see the next time I need to rebuild my pi.
I used to run unbound on my laptop just so I could configure stuff like forwarding zones with more precision than what a stub resolver normally gives you.
It can also be your validating DNSSEC resolver, which also satisfied that sort of morbid curiosity in me.
In the age of DoT and DoH, with endpoints hardcoded in browser binaries, that sort of thing has a lot less punch than it used to. Even back then Go binaries would start ignoring your
nsswitch.conf…DNSSEC always causes errors on my pihole set up and end up disabling it. The upstream is DoH though (via dnscrypt) so it’s technically DNSSEC but without the clients seeing the authentication. That’s enough for me.
At some point, I fully expect apps and websites to begin resolving DNS directly instead of relying on the OS to provide resolution services. At that point our options will be to wholesale block IP addresses at the router.