What is an Online Comment War?

First off, what exactly is an online “comment war”?

An online “comment war” is when a bunch of people are commenting to each other – usually several times a day – in an effort to “win” an argument. This usually is done by using bad arguments, insults, and faulty logic. “Comment wars” are pretty much useless and go nowhere fast.

I will give my latest experience of a “comment war” I ran across a couple of days ago. Please keep in mind that I was not involved in the “war”. I was just a watcher.

I have changed the names of the main people involved for privacy reasons. I am also just giving a brief explanation of what happened. Too much detail will remove anonymity as well as take too long to write (this post will already be long enough 🙂).

I also will try to keep the paraphrase in context. Sometimes paraphrasing causes the context to get warped.

The last two days I have been watching – off and on – an online “comment war” on a semi-popular news website.

To start, an online user named Betty posted a comment about a controversial video circulating around the web. In her comment, she attacked a whole group of people, which included an accusation that could not be proven just by watching the video. Basically she made a – more or less – useless comment.

Now another user named Greg responded to her and asked her if she was being genuine and why she was being prejudice. Two days later, she never responded to him. This is a sign that Greg was right in his assessment and Betty did not know what to say in reply.

Betty then proceeded to comment to another user making an even more ridiculous claim.

Someone else – named Reed – responded to Betty. He strongly disagreed with her short but inaccurate comment. While he did not do the best job in replying, he did ask her some questions that challenged her claims.

Here is where the “war” begins. Both Betty and Reed start commenting to each other. Now to be fair, Betty did say 2 or 3 things that were logical and most people would agree with. However the rest of her commenting was illogical, insulting, “smart-aleck”, and dishonest.

Basically Reed kept re-asking his (valid) questions to Betty while she continued to ignore them for basically no reason that I could tell.

Around 1 1/2 days later, Betty starts to agree with Reed and act like what he is saying is “exactly” what she was saying.

I suspect that Betty knew she lost the argument (Reed did make valid points), and did not want to admit she was wrong. So instead she decides to try and make it look like she and Reed are saying the same thing.

Another person – we will call her Lucy – responds to Betty and makes a very valid point. Betty, now being calmer and less emotional, responds to Lucy.

Betty’s response to Lucy sounded good, but there is a major problem with what she said. Betty is now claiming to have been arguing for something completely different than what she stated to begin with. In other words, Betty was contradicting herself.

There are two explanations that make sense in this situation. Either Betty did a real bad job in explaining what she originally meant, or Betty was losing the argument and started to lie to hide that fact.

My personal opinion is that she was lying. This is because:

  • Betty ignored Greg’s comment asking about her genuineness and her prejudice. Several people up-voted Greg’s comment, since he made good points.
  • Betty totally ignored Reed’s repeated questioning about the illogical stuff she previously said.
  • After multiple people called on her illogical posting, she suddenly has a totally different argument than what she originally posted.

As you can see, an online “comment war” does not really accomplish anything.

When Betty encountered arguments that made sense and even refuted some of what she said, she quickly “moved the goal posts” – changed her context / main point – to make it look like she did not lose the argument.

These “wars” would not happen if people would just be respectful and admit when they made incorrect assumptions, wrote in a disrespectful tone, etc.

Instead people’s pride gets hurt and they want to “fight it out” instead of being logical and acting like a mature adult. Worse these people end up being dishonest and changing their arguments to prevent embarrassment from losing an argument.


Posted in General, Internet and Servers, Society

What Incognito Mode Can and Cannot Protect

A couple weeks ago, someone online posted a comment saying you can stay “safe and secure” online due to using the web browser’s incognito mode.

Is this true. Does incognito mode really prevent someone from ever tracking you online?

Short answer: no

Long answer:

People believe the myth that the incognito mode – on your web browser – will keep you safe and private. However this is not the case.

Incognito mode only does the following:

  • prevents web history from being logged locally
  • prevents download history from being logged locally
  • prevents cookies & cache data from being stored locally

In other words, incognito mode will prevent someone from spying on you, just by opening the web browser and viewing the web history and downloads.

Now what does incognito mode not protect against?

  • Malware on the system — Any malware on the system will be totally unaffected by your use of incognito mode.
  • IT department — Your IT department will still be able to track your Internet usage on their network. This is especially true if you use their local DNS resolvers. They will know what websites you visit, regardless of your use of incognito mode.
  • Internet Service Provider — Unless you make use of a VPN service, your ISP will definitely know where you go online, regardless of your use of incognito mode.
  • Government surveillance — Of course, incognito mode will be of no use to you here. Also, even using a VPN will not help much if you are being targeted by a government.

In addition, if you have your web browser logged into a service (e.g., Google Chrome logged into Google), they can track your browsing habits regardless of being in incognito mode or not.

The link below helps prove that any browser being in “private” or “incognito” mode (whatever you want to call it) does nothing to prevent 3rd parties from spying on you.

https://www.reuters.com/article/us-alphabet-google-privacy-lawsuit-idUSKBN23933H


Posted in Computers, Internet and Servers, Security, Software, VPN

Should I Use Another DNS Resolver?

Should I switch my current DNS resolver?

If you are just a regular Internet user (not self-hosting anything), and you are currently using your ISP’s DNS resolver, I would switch to a 3rd party DNS service (e.g., Cloudflare).

However if you are self-hosting anything (e.g., email), then I would opt for running my own DNS resolver for reliability.

Here are my opinions on the three typical ways to get DNS.

ISP DNS Resolver:  usually OK performance / no privacy

  • Works out-of-the-box with your Internet service.
  • Since you are using servers they control, always assume your ISP is logging your DNS requests (no privacy).
  • Sometimes an ISP actually has worse DNS resolvers (slower, less secure) than a 3rd party DNS service.
  • I used to make use of my ISP’s DNS resolvers. They would occasionally go down every few months. It made it look like the Internet was down, but it was just their DNS resolvers that were down, which caused software to fail since they could not resolve domains to connect to services.
  • Some ISPs will redirect you to their own online search engine, if the domain you are looking for does not exist. That is real tacky. They should just give the standard DNS error response, instead of – effectively – hijacking your DNS service.

Third-Party DNS Resolver (e.g., Cloudflare, OpenDNS):  good-to-excellent performance / potentially less private

  • 3rd party DNS resolver may be logging your DNS lookups, regardless of what their Privacy Policy says.
  • Can be faster than your ISP’s DNS resolvers. This is due to 3rd party DNS services having a very large network infrastructure. They can handle large amounts of traffic with ease.
  • Cloudflare does support DNS-over-TLS. However this is just encrypting your connection to Cloudflare. When Cloudflare retrieves the DNS records for you – assuming they do not have a cached copy – that connection of theirs is unencrypted. This means the DNS records Cloudflare gets for you can be manipulated by a 3rd party, outside of Cloudflare’s control.
  • Encrypting your DNS does not prevent your ISP from seeing what domains you are going to, if the website you are connecting to does not support both TLS 1.3 and Encrypted Client Hello (ECH). This is due to the fact the SNI (Server Name Identification) gets sent from the web-server in plain text. With this information, your ISP can effectively see which domains you are visiting, regardless if your DNS is encrypted via Cloudflare or another 3rd party service.
  • Unless you are using a VPN service, your ISP will still have to route your connection to the website (they can see the web-server’s IP address). This may give away where you are going on the Internet, even if your ISP cannot read your DNS queries.
  • There are some free public DNS resolvers, run by volunteers (read: no large corporations), who claim they do not log your domain lookups. Just like I mentioned before, you must take their word for it.

Self-Hosted DNS Resolver (e.g., Unbound DNS server):  OK-to-good performance / potentially more private

  • Useful if you want to have reliable lookups, since you are cutting out the middle-man handling your DNS requests (you are going directly to the source, instead of having someone else do it for you).
  • If you are self-hosting web services (e.g., web and email), it is recommended to run your own DNS resolver. While not necessary, this will help prevent interruptions to your services.
  • While there is no worry about the DNS resolver keeping logs (you are running it, after all), there still is the possibility of your ISP and/or other entities sniffing your DNS lookups and keeping a log that way. This is because DNS is inherently insecure (not encrypted).
  • Unbound runs on many different operating systems (e.g., FreeBSD, OpenBSD, NetBSD, MacOS, Linux and Microsoft Windows).
  • Unbound does require some knowledge of DNS to be setup properly. Users who have little to no experience with DNS servers may find setting up Unbound to be difficult.
  • Something to keep in mind. When doing your own DNS lookups, usually you are contacting the Root DNS servers, domain TLD nameservers, and of course one of the domain’s nameservers using your public IP address from your ISP. This means all three of those services may log your IP address when doing lookups.
    • For example, if I lookup my domain computerlagoon.com via Unbound, it will first ask a Root DNS server for a nameserver belonging to the .com TLD. From there it will ask one of the TLD’s nameservers for one of my nameservers to get the webserver’s IP address.
    • There is a very good chance the .com TLD nameserver, run by Verisign, is logging domain lookups. This means someone, somewhere is more than likely logging your lookups (associating your lookups with your IP) even if you opt to self-host your own DNS resolver.
  • Another thing to keep in mind. When you’re away from your home network and not connected to Wi-Fi, your mobile device uses your mobile network provider’s DNS resolvers. However, using a self-hosted VPN can override this, forcing your device to use your home DNS resolver instead.

Summary Chart

Easiest out-of-the-box solution | best for people who just want things to work ISP DNS resolver
Best performance | good for people who want more performance than what their ISP provides 3rd-party DNS (e.g., Cloudflare, 1.1.1.1)
Best reliability | best for people who self-host web services (e.g., email) self-hosted solution (e.g., Unbound DNS server)

Posted in Computers, Internet and Servers, Operating Systems, Security

Are Web Browser Extensions Safe to Use?

Many people use web browser add-ons (such as Ad-blockers) for their everyday browsing. What most people are unaware of is that many of these add-ons have permissions that allow the add-on to view the content of the web pages the user is viewing.

The problem? If someone has installed a malicious add-on, their web browsing data (e.g., browsing history, password credentials, what they type into a website, etc.) would have been sent to the add-on’s creator. Now I am not implying that every single web browser add-on does this, but there is a very high potential that this can happen.

Would only using open-source browser add-ons be a safe option? Well open-source add-ons would definitely lower the chance that someone would get away with spying on you. However open-source projects do not have a spotless security track record either. There is still some risk.

Even Mozilla themselves warn about this problem with web browser add-ons (also called extensions).

Here is an example of what I am talking about (https://www.zdnet.com/article/mozilla-removes-avast-and-avg-extensions-from-add-on-portal-over-snooping-claims/).


Posted in Android, Computers, General, Internet and Servers, Security, Software

‹ Older Posts Newer Posts ›