Merry Christmas 2019!

Luke 2:8-20    New American Standard Bible (NASB)

8 In the same region there were some shepherds staying out in the fields and keeping watch over their flock by night. 9 And an angel of the Lord suddenly stood before them, and the glory of the Lord shone around them; and they were terribly frightened. 10 But the angel said to them, “Do not be afraid; for behold, I bring you good news of great joy which will be for all the people; 11 for today in the city of David there has been born for you a Savior, who is Christ the Lord. 12 This will be a sign for you: you will find a baby wrapped in cloths and lying in a manger.” 13 And suddenly there appeared with the angel a multitude of the heavenly host praising God and saying,

14 “Glory to God in the highest,
And on earth peace among men with whom He is pleased.”

15 When the angels had gone away from them into heaven, the shepherds began saying to one another, “Let us go straight to Bethlehem then, and see this thing that has happened which the Lord has made known to us.”16 So they came in a hurry and found their way to Mary and Joseph, and the baby as He lay in the manger. 17 When they had seen this, they made known the statement which had been told them about this Child. 18 And all who heard it wondered at the things which were told them by the shepherds. 19 But Mary treasured all these things, pondering them in her heart. 20 The shepherds went back, glorifying and praising God for all that they had heard and seen, just as had been told them.


Posted in Biblical Accounts, Christian, Holiday

Should I Use Another DNS Resolver?

Should I switch my current DNS resolver?

If you are just a regular Internet user (not self-hosting anything), and you are currently using your ISP’s DNS resolver, I would switch to a 3rd party DNS service (e.g., Cloudflare).

However if you are self-hosting anything (e.g., email), then I would opt for running my own DNS resolver for reliability.

Here are my opinions on the three typical ways to get DNS.

ISP DNS Resolver:  usually OK performance / no privacy

  • Works out-of-the-box with your Internet service.
  • Since you are using servers they control, always assume your ISP is logging your DNS requests (no privacy).
  • Sometimes an ISP actually has worse DNS resolvers (slower, less secure) than a 3rd party DNS service.
  • I used to make use of my ISP’s DNS resolvers. They would occasionally go down every few months. It made it look like the Internet was down, but it was just their DNS resolvers that were down, which caused software to fail since they could not resolve domains to connect to services.
  • Some ISPs will redirect you to their own online search engine, if the domain you are looking for does not exist. That is real tacky. They should just give the standard DNS error response, instead of – effectively – hijacking your DNS service.

Third-Party DNS Resolver (e.g., Cloudflare, OpenDNS):  good-to-excellent performance / potentially less private

  • 3rd party DNS resolver may be logging your DNS lookups, regardless of what their Privacy Policy says.
  • Can be faster than your ISP’s DNS resolvers. This is due to 3rd party DNS services having a very large network infrastructure. They can handle large amounts of traffic with ease.
  • Cloudflare does support DNS-over-TLS. However this is just encrypting your connection to Cloudflare. When Cloudflare retrieves the DNS records for you – assuming they do not have a cached copy – that connection of theirs is unencrypted. This means the DNS records Cloudflare gets for you can be manipulated by a 3rd party, outside of Cloudflare’s control.
  • Encrypting your DNS does not prevent your ISP from seeing what domains you are going to, if the web-server you are connecting to does not support both the TLS 1.3 protocol and the ESNI extension. This is due to the fact the SNI (Server Name Identification) gets sent from the web-server in plain text. With this information, your ISP can effectively see which domains you are visiting, regardless if your DNS is encrypted via Cloudflare or another 3rd party service.
  • Unless you are using a VPN service, your ISP will still have to route your connection to the website (they can see the web-server’s IP address). This may give away where you are going on the Internet, even if your ISP cannot read your DNS queries.
  • There are some free public DNS resolvers, run by volunteers (read: no large corporations), who claim they do not log your domain lookups. Just like I mentioned before, you must take their word for it.

Self-Hosted DNS Resolver (e.g., Unbound DNS server):  OK-to-good performance / potentially more private

  • Useful if you want to have reliable lookups, since you are cutting out the middle-man handling your DNS requests (you are going directly to the source, instead of having someone else do it for you).
  • If you are self-hosting web services (e.g., web and email), it is recommended to run your own DNS resolver. While not necessary, this will help prevent interruptions to your services.
  • While there is no worry about the DNS resolver keeping logs (you are running it, after all), there still is the possibility of your ISP and/or other entities sniffing your DNS lookups and keeping a log that way. This is because DNS is inherently insecure (not encrypted).
  • Unbound runs on many different operating systems (e.g., FreeBSD, OpenBSD, NetBSD, MacOS, Linux and Microsoft Windows).
  • Unbound does require some knowledge of DNS to be setup properly. Users who have little to no experience with DNS servers may find setting up Unbound to be difficult.
  • Something to keep in mind. When doing your own DNS lookups, usually you are contacting the Root DNS servers, domain TLD nameservers, and of course one of the domain’s nameservers using your public IP address from your ISP. This means all three of those services may log your IP address when doing lookups.
    • For example, if I lookup my domain computerlagoon.com via Unbound, it will first ask a Root DNS server for a nameserver belonging to the .com TLD. From there it will ask one of the TLD’s nameservers for one of my nameservers to get the webserver’s IP address.
    • There is a very good chance the .com TLD nameserver, run by Verisign, is logging domain lookups. This means someone, somewhere is more than likely logging your lookups (associating your lookups with your IP) even if you opt to self-host your own DNS resolver.

Summary Chart

Easiest out-of-the-box solution | best for people who just want things to work ISP DNS resolver
Best performance | good for people who want more performance than what their ISP provides 3rd-party DNS (e.g., Cloudflare, 1.1.1.1)
Best reliability | best for people who self-host web services (e.g., email) self-hosted solution (e.g., Unbound DNS server)

Posted in Computers, Internet and Servers, Operating Systems, Security

Are Web Browser Extensions Safe to Use?

Many people use web browser add-ons (such as Ad-blockers) for their everyday browsing. What most people are unaware of is that many of these add-ons have permissions that allow the add-on to view the content of the web pages the user is viewing.

The problem? If someone has installed a malicious add-on, their web browsing data (e.g., browsing history, password credentials, what they type into a website, etc.) would have been sent to the add-on’s creator. Now I am not implying that every single web browser add-on does this, but there is a very high potential that this can happen.

Would only using open-source browser add-ons be a safe option? Well open-source add-ons would definitely lower the chance that someone would get away with spying on you. However open-source projects do not have a spotless security track record either. There is still some risk.

Even Mozilla themselves warn about this problem with web browser add-ons (also called extensions).

Here is an example of what I am talking about (https://www.zdnet.com/article/mozilla-removes-avast-and-avg-extensions-from-add-on-portal-over-snooping-claims/).


Posted in Android, Computers, General, Internet and Servers, Security, Software

Why are So Many Internet Forums Toxic?

I have noticed, off and on, people on discussion boards (e.g., forums, comment sections) seem to have an abrasive, if not downright toxic (hostile) attitude towards people. I know, this is not surprising. There always have been people that have acted this way on the Internet.

However, why do people act this way? While I do not pretend to be a psychologist, I have some ideas of why people engage in this kind of behavior online (or offline).

(Please take note, everything I say are my own opinions.)

  1. Depression

Some people are clinically depressed. They do not necessarily mean to cause anyone problems, but they just see their life as one big mess. They in turn let their feelings about themselves (and their life) bleed into their online conversations with others.

  1. Life Stress

Stress can be the cause of someone being frequently irritated. For example, some guy on a truck/SUV forum has just lost his job and is in danger of losing his really nice truck. He makes large monthly payments each month. He is also struggling to pay his rent. With these life problems, I would not be surprised if he were to get fussy with others online.

  1. Arrogance

Many times people being hostile online is due to arrogance. They believe their opinion is the only correct one, and that no one else can be right.

If they happen to be right, they become even more smug and arrogant. If they happen to be wrong, they will never admit it and unfortunately, most of the time, never change their ways. Either way, not a pretty sight.

This happens a lot on comment sections of websites. There is always someone that wants to ask “smart” questions to other people.

However when the person they asked the “smart” question to is able to answer their question, they typically either insist on a stupid “comment war” that leads nowhere, or they sneak out like a thief in the night, never bothering to give a reply for courtesy.

  1. Insecurity

Someone being insecure (not being sure/confident of themselves) can drive someone to get frequently defensive (usually without justification). They also show signs of paranoia and maybe even arrogance, since someone telling them they are wrong causes them to become even more insecure.

  1. Pride

This one is similar to arrogance. Someone being prideful online is not hard to spot. Usually it is recognized by the “tone” of someone’s message.

For example, someone who has lots of money (e.g., a rich businessman) writes an online article. He says that he is of the opinion “poor” people either cannot or have a very small chance of becoming rich like himself.

Now most people would read his article that think “Wow! That guy is a jerk.” Well they would be right. A prideful online post, as mentioned before, is not hard to spot.

I believe people who post similar to my example above, are insecure, and need to put other people down to feel better about themselves. In my experience, they will even act as if they are being sincere, when they are not.

Also, their entire post does not have to be putting someone down. Just one or two sentences will give away the author’s true intentions.

  1. Trolling

As everyone knows, there are people out there who cannot rest until they have caused someone trouble. The Bible talks about these kind of people (Proverbs 4:14-16 *). When it comes to online conversations, they will give pointless talk with little to no technical arguments, wasting everyone’s time in the process.

They also semi-frequently say something like “I’m done with you.” and stop responding, as if you were the one being ridiculous. However, they are just projecting their own ridiculousness onto you, in an effort to coverup the fact they are the troll (troublemaker).

Basically trolls are losers who have nothing better to do than act childish to random strangers on an online comments board / forum.

* Proverbs 4:14-16   New American Standard Bible (NASB)

Do not enter the path of the wicked And do not proceed in the way of evil men. Avoid it, do not pass by it; Turn away from it and pass on.

For they cannot sleep unless they do evil; And they are robbed of sleep unless they make someone stumble.


Posted in Christian, Computers, General, Internet and Servers, Society

‹ Older Posts Newer Posts ›