Notices by Ben Tasker (ben@mastodon.bentasker.co.uk)

@badnetmask @jwildeboer @homelab

Yep, it'll resolve home.arpa locally.

But, that's no good if you want to do SSL *and* have it work on visitors devices (because issuing with your CA won't help unless you also add your CA cert to their devices - they'd have to **really** trust you for that)

Not sure I agree on the best practice bit though.

Having FF use your local resolver (which ideally uses encrypted upstreams) is (IMO) far better because it reduces centralisation.

@badnetmask @jwildeboer @homelab Oh you know what, I think I misread what you meant and we're on the same page :D

@thasl @jwildeboer @homelab

DoH only really poses an issue if you've got split-horizon DNS (i.e. there's also a public facing record).

Firefox (for example) will attempt to use DoH, but if resolution fails that way it'll fall back to local DNS (FF also has a canary domain you can use to disable DoH).

Chrome's even simpler, it just tries DoH to your system configured resolver (and falls back if DoH can't be done).

Basically, you can just DHCP your DNS as normal and it all sort of works

@thasl @jwildeboer @homelab

Chrome based browsers should "just" work (there'll be an exception somewhere though)

For Firefox based browsers, the simplest way is to use the canary domain (you have to make use-application-dns.net NXDOMAIN).

In case you were thinking of deploying pihole onto your network: it does that automatically (https://docs.pi-hole.net/ftldns/configfile/#mozillacanary), everything does just work after that

@jwildeboer @thasl @homelab Glad I could help!

@TwoClownsEating @babe @TheBreadmonkey @Tattooed_Mummy @jerry @Nickiquote @skeletor

That's an "easier" record to beat, you've only got to do 10

@aral @1password

How weird and frustrating...

The highlighting works fine for me.

Looking at 1password's about, though, I'm running 8.11.16.35 which appears to be 3 releases out of date, so it probably breaks in a newer release.

Browser on another my machines has 8.11.18.36 and highlighting works there.

Which leaves the 8.11.20 and 8.11.22 updates as likely culprits

RE: https://mastodon.social/@verge/115643961192930771

Meanwhile, people who acquire their content from other sources remain able to watch on whatever the hell they want...

Restrictions on cast has always annoyed me - the Channel 4 app in the UK lets you cast on catchup, but not when watching something live.

It's probably driven by a licensing or ads thing, but that shouldn't be made **my** problem

New #blog post: Moving #hosting for bentasker.co.uk from US to #EU providers

Given the recent political upheaval in the US, I decided it was worth looking at how viable it was to move my public facing infrastructure off of US owned providers.

This blog post covers the providers I tried and went with as well as how I got on with them

https://www.bentasker.co.uk/posts/blog/the-internet/migrating-my-services-away-from-us-providers.html

New #blog post: Doing an #OnlineSafetyAct assessment for my #Mastodon server

This post contains my feedback after doing an OSA assessment for my fedi server and also takes a cursory look at whether my photography site might be considered a #pornography service

https://www.bentasker.co.uk/posts/blog/law/doing-an-osa-assessment-for-my-single-user-fedi-server.html

Also, **massive** shout-out to @neil for the excellent resources at https://onlinesafetyact.co.uk/

Without those, the assessment would have taken much, much (much much) longer

@cstross I've finally finished and submitted it.

Days of reading, answering, coming back and re-reading all to answer questions that aren't much better than "why do you think our preferred route is beneficial"

Towards the end, there's a particular delight which moots dropping protection for computer generated works because there's no evidence that that protection has encouraged increased use of AI in the UK.

@cstross I started responding yesterday but got fed up and had to hit Save and come back.

As you might expect, a lot of the questions (at least as far in as I've got) tend to assume that you agree with the proposal.

@thatfatguy_bg @_elena Yup, I've also seen an increasing number of people on things like /r/(?UK)PersonalFinance who have a stay-at-home phone which has most most of their banking apps on.

That way, if they do get mugged, they can only give access to one app which doesn't have any savings etc in.

It's not a bad habit to have, even before all these other changes

@glynmoody ISTR that when this first came up, 10 years ago, they claimed it was "too difficult" to delete the images.

Even at the time, it seemed unlikely, but even if it were true, they should have stopped using the database if it couldn't be used in a _legal_ manner.

Instead, they've just been adding to the corpus ever since....

@VModifiedMind @neil "Life Needs a Big Network*"

* and a tiny MTU

@dalias @samueljohnson For most of mine, it's not so much the switching as the consumption reporting that's useful - is the tumbledryer/dishwasher/whatever using lots or is it idle?

I have some quacking duck key-caps on the way and I'd like to note that this purchase is _entirely_ @neil's fault

Wait.... so they *could* have been doing more and arresting CEO's *does* work?

Whoodathunk it?

https://www.theverge.com/2024/9/5/24237254/telegram-pavel-durov-arrest-private-chats-moderation-policy-change

@morph @_edent_ I might be misremembering, but I thought they had only allowlisted some of the bigger instances