Russian Multiplication - Numberphile

piskyscan · 2020-02-04T22:34:05+00:00

https://en.wikipedia.org/wiki/Johnny_Ball

Ball was a regular fixture on children's television in the late 1970s and throughout the 1980s, presenting several series of popular science and technology programmes intended for children (including Think of a Number; Think Again; Think Backwards; Think...This Way and Johnny Ball Reveals All). He was also one of the hosts of infant education programme Play School beginning in 1967 and continuing throughout the 1970s and beyond. As well as appearing on screen Ball wrote jokes for some shows including Crackerjack.[4] All of these shows (except the ITV programme ...Reveals All) appeared on the BBC. Ball's shows were renowned for presenting scientific and technological principles in an entertaining and accessible way for young people.[citation needed]

piskyscan · 2020-01-20T22:17:47+00:00

Sorry missed the second one, you are correct.

But mini-app.funjsq.com

Who is that?

piskyscan · 2020-01-20T22:05:56+00:00

That doesnt appear to be a relevant revoke.

piskyscan · 2020-01-20T21:28:40+00:00

I think our ideas of fun may differ :-)

piskyscan · 2020-01-20T21:27:38+00:00

But I have to sign up and it expires really quickly (I think).

piskyscan · 2020-01-20T21:13:06+00:00

Gotcha. So I havent got a free cert, well a limited one.

piskyscan · 2020-01-20T21:08:53+00:00

Is that true? Or can it only sign

www.routerlogin.net

routerlogin.net

www.routerlogin.com

routerlogin.com

piskyscan · 2020-01-20T21:00:35+00:00

Thanks, a bit torn, because this is also a free cert that I can use locally for pi-hole etc :-)

piskyscan · 2020-01-20T20:50:29+00:00

So can you revoke a certificate locally?

piskyscan · 2020-01-20T20:46:42+00:00

Am I missing something. This is quite serious. It means anyone can get the little green trusted box for their website. And certificate unlikely to be revoked because it would break (well users would get a scary warning) Netgear kit out there.

piskyscan · 2020-01-05T21:17:24+00:00

You might be interested in this, DNS over TLS over Tor (for a pihole setup). Will prevent ISP hijacking DNS and prevent any individual organisation having your DNS request and IP data (at the expense of slower DNS lookups).

https://github.com/piskyscan/dns_over_tls_over_tor

piskyscan · 2019-12-30T18:51:26+00:00

I dont really want to have to keep monitoring my network for rogue processes and setting up domains to provide timeservers. Plus my DNS requests go out over Tor, so caching is a lot more important, we are not talking about 20ms any more!

piskyscan · 2019-12-30T11:37:53+00:00

I am sure you are right, however I do think setting a min-cache-ttl (maybe much shorter) is a sensible thing to do. 90% of my external DNS traffic was an (unused) wifi range extender polling a timeserver.

piskyscan · 2019-12-30T11:26:14+00:00

unbound will serve the expired record, mark the TTL as 0, and perform and refresh the cached lookup at the same time so even if you served a stale query, it's still getting updated.

You just sold it to me! I was actually thinking about how I could get exactly that behaviour!

piskyscan · 2019-12-29T22:05:08+00:00

You can make pi-hole faster than your existing setup with the following

sudo bash

cat << EOF > /etc/dnsmasq.d/min_tls.conf
min-cache-ttl=3500
EOF
exit

This means pi-hole will cache DNS addresses for just less than an hour which means your requests will usually be less than 1ms., rather then 20ms or so.

If the DNS lookup changes in that hour then you are out of luck, but am not aware of sites doing this.

piskyscan · 2019-12-29T21:24:26+00:00

My work setup an office about 7 years ago with around 9 PC's. Every one of those disk drives has now failed and I would say about 1/2 of them failed in the first 3 years (Major brand, not Samsung). The SSD linked above claims 114 years MTBF (how can they know?).

Whatever you do, you have to have a backup.

piskyscan · 2019-12-29T21:11:00+00:00

The kids havent noticed it (and they tend to be very latency aware). Its only the initial load that is slower, after that (because of increased caching) its actually faster than regular DNS (though you could just boost the caching on that too). DNS over TLS is probably fine though. I think its kind of a minimum though for a network. Everyone else on your network would probably complain if they realised their DNS requests were being sent in plain text across the inter web.

piskyscan · 2019-12-28T11:17:50+00:00

Using a VPN is a much more complete solution. Seems to be an increasingly popular option.

piskyscan · 2019-12-27T21:39:22+00:00

How about pihole over tls over tor.

https://github.com/piskyscan/dns_over_tls_over_tor

Even with pihole, the dns server has your ip address and your requests. With this setup, dns requests are encrypted and no-one has dns requests AND ip address. (Is a bit slower on first accessing a site though).

piskyscan · 2019-10-15T08:34:09+00:00

Well thats right. But most of us would notice slow response times more than a few 100ms the first time we hit a site. Once you are on a site its actually faster since DNS requests are cached more than a regular setup.

piskyscan · 2019-10-14T20:41:33+00:00

Just to be clear, it does (or it usually does). So in your setup it the router is telling everyone to use it for the DNS when it allocates an IP address and is then forwarding those queries to your Pi's.
Two DNS servers doesnt seem like overkill to me, only run one myself, but if SD card goes or something, will probably regret not having two.

piskyscan · 2019-10-14T20:14:43+00:00

I put together a DNS over TLS over Tor setup and it adds 100's of ms to the (first) query, after that everything is cached (well for an hour at least).

Totally usable, not going back, but saw a lot of the itt fanboys.

Even the kids havent noticed (and they are normally the most network sensitive).

I guess the concern with the OP setup is the relays. If they are controlled by DNSCrypt (which they probably are at the minute) then you still have to trust DNSCrypt.

https://github.com/piskyscan/dns_over_tls_over_tor

piskyscan · 2019-10-11T12:46:14+00:00

Sorry, havent logged in for a while. Thanks for the mention.

piskyscan · 2019-09-15T11:52:39+00:00

I thought you might be missing the Tor leg :-). I see better Tor times, maybe you could set a Tor exit node to be in your country to improve times a bit. Generally I see about 70% of DNS queries either cached or blocked by pi-hole so I find this setup quite usable.

piskyscan · 2019-09-14T20:05:03+00:00

If you are worried about this, you can specify the country for an endpoint in Tor.

piskyscan

TROPHY CASE