Although I didn't enjoy this fiction of "angry man against system" genre, he did touch an important truth about the fax machine, which this story doesn't properly expand on.
A fax is very useful to bureaucracies because it is hard to prove a fax was ever sent or received at all. It might never arrived and wasn't retried, might have been printed as empty pages, maybe someone else picked it up.
This is why it is so useful when someone on the other end wants to delay (the equivalent of closing a bug as can't reproduce). This is why governments like faxes and why this story is so unlikely (no chance anyone will call back in that event)
Yes, breppp is completely incorrect. Faxes are used specifically because they can do transmission verification and document evidence of verified successful transmission.
Online fax services that are used by medical or government offices almost always generate digital logs that track when a document was sent, who sent it, and who received it, for regulatory purposes
I was talking about the receiving end and at least in the context of this story we are talking about a fax machine, not some fancy document server. Point being that a fax has too many failure modes, which is a feature in these places
I think that's entirely dependent on the workload the company is placing on their support staff. If Apple decides the techs should be handling 10 tickets at once, then the techs have a choice:
1. Tell everyone to update their shit, and close tickets if they don't.
2. Waste several hours per day uninstalling and reinstalling 10 versions of the same program.
One of these will allow you to close lots of tickets immediately, and handle the remaining ones as efficiently as possible. Yay! Good job, peon! You get a raise!
The other approach will result in a deep backlog, slow turnaround times, and lower apparent output from management's perspective. Boo! Bad job, peon! You're fired!
APKWS interceptor is about 35K USD and works much better than drone-based interceptors. The problem is to scale the production, training and deployment. Another problem is detection. One needs wast multilayered system that US military missed to build as big stationary radars are very hard to defend.
Air-launched interceptors like this have the problem on relying on a super-expensive manned carrier (fighter or helicopter).
The intercept cost is now not only the cost of the interceptor, but also the cost of the flying hours of the launching platform, and the risk of losing the launching platform.
If you equip even some of your Shaheds with AA missiles (cheap manpads with autonomous IR target acquisition and guidance), like is already happening in Ukraine, the feasibility of APKWS becomes problematic. The technology is developing fast these days.
APKWS launching from air is a stop-gap measure in any case. The detection range for Shahed-type drones is tenths of kilometers, not hundreds, like with fighter jets or big missiles. One cannot have that many fighter jets in the air all the time even without the threat of manpads.
But ground-based platforms work just fine and cheap enough to scale up the deployment to cover the big area.
The big advantage of APKWS over interceptor drones is the rocket engine, they are much faster and can catch Shaheds within much bigger radius or within much smaller timeframe than interceptor drones.
First, if I understand correctly, APKWS is laser guided (one of the reasons it is relatively cheap is cheap simple guidance), it needs the carrier to designate the target.
Second, it is rather short range, and that range is helped significantly by the speed and altitude of the launching platform. Launching from the ground upwards would significantly reduce its range, which is anyway just a few km.
Due to the short range, you will need a densely distributed significant numbers of them, and still be in danger of saturation attack (the attacker can saturate one route, you have to be ready for all possible routes). Having a carrier platform allows the missiles to be quickly brought where they are needed, so overall you need much less of them (still too much, as having enough carriers in air imposes limits as well).
You can have longer-range ground missiles, but then the costs rise. Also, I am not sure how feasible/robust is to laser designate air targets from the ground. I suspect it does not work over longer distances, i.e. you need a more sophisticated and costly guidance system/sensor suite on the missile.
The beauty of an anti-drone drone is that you have a much more robust human-assisted guidance, for cheap (camera and communication link). With advances to AI, even that human and communication link are becoming obsolete...
With rocket propelled missile you have much faster closing speed, and quite limited energy budget - essentially you have to make a correct decision fast and precisely, otherwise the missile is wasted. With a drone, everything is slower and easier to correct.
The latest APKWS is IR guided and works in fire and forget mode that works nicely from the ground. And then drone interceptor struggles with Russians Shaheds with jet engines.
On the other hand the latest development with drone interceptors is rocket booster to quickly bring in within Shahed. So I guess there would be a convergence between APKWS and interceptor drones.
> interception rate yet it's really at the mercy of Iran to not target their most vulnerable sites
And what this site and you don't account for, is Iranian rather low missile accuracy.
If Israel was at the mercy of Iranian attacks, Iran could have simply struck Israeli airbases to the point they cannot be used, and then stop any Israeli attacks on its territory.
It's pretty obvious they don't have the capabilities of doing that
Iran has successfully targeted countless bases around the Middle East, a lot of this news simply isn’t being covered. Most of these strikes are on static assets like radar, depots, and other structures. If you are thinking about the F35s, strikes that hit runways are repaired in a matter of hours. As for the F35s themselves, they are constantly on the move or simply kept in the air. Service and storage is done on remote bases outside of the target zone. This has been standard practice since military aircraft has been introduced.
That's certainly what Iranian propaganda is saying, as if everybody is censoring their great successes. Fact is there is no meaningful reduction in Israeli attacks, while Iranian launching ability had greatly suffered. So these air bases are probably not being hit. Apart from it in the era of OSINT satellite imagery, it is no issue to publicize such damage, I don't know of any such imagery
Regarding the gulf, there the Iranians are having better success as at those ranges intercepting drones is harder and due to the general military ineffectiveness of the gulf nations
I haven't seen imagery of damage to Israeli airbases, but plenty of imagery showing damage to US military bases. e.g. https://www.youtube.com/watch?v=o0cIOMVBSbU . Worth keeping in mind that in the case of Israel, censorship is very effective.
From the Iranian perspective, the overall strategy seems to have been:
1. Deplete intercepter stock and probe US/Israeli defences using large amounts of older less accurate missile stock and waves of drones.
2. Target radar and early warning systems.
3. After 'blinding', make further use of more vulnerable but cheaper and more accurate drones to target specific infrastructure.
Given this approach it makes total sense to see their 'rate of fire' reduced by 90%. This is not necessarily an indication of reduced ability to launch attacks - their attacks are now more effective. They have demonstrated that each time the US and Israel escalate they successfully respond almost immediately. Talk of their capabilities being wiped out is demonstrably nonsense.
Ted Postol makes much the same points. He also claims to be surprised by the accuracy of recent missiles launched by Iran and assumes that his earlier analysis underestimated this because it was done based on the older stock Iran was using.
It seems pretty clear to me that Israel and the US are on the back foot here. Defences are inadequate. Economic pressure is building. Iran still has plenty of options to increase pressure (e.g. Houthi involvement, further infrastructure targeting, additional constrictions on the strait of Hormuz). By comparison US ability to increase pressure now seems limited to threatening major war crimes (wiping out Iran's power grid and putting the country into blackout). Not to say many of Iran's actions haven't also been war crimes.
How much more damage can Iran accept? Nobody is about to be voted out of power there so I would think quite a bit (as unpleasant as that is for the millions of innocent people caught up in this madness). I think the truth of all of this is that the US and Israel have no way to wipe out Iran's missile and drone capabilities. Postol even suggests nukes wouldn't even accomplish that. So now what? Taco or push further for Iranian political unrest or division.
My feeling is that this is going to get a lot worse for everyone involved.
I suspect you're giving the Iranian response too much foresight and credit here. With the decapitation strike, it's unlikely that a coherent plan of "launch all the cheap stuff first" remained intact. The upside of decentralized control is that it's hard to shut down; the downside is that it's hard to do exactly this kind of coordination.
My guess (which seems to be borne out by the numbers, at least as gets reported) is that the bulk of the IRGC's missile capability has been launched already. Certainly not all, but it will continue to diminish over time rather than increase. Still, that doesn't mean the remaining stock isn't incredibly dangerous.
> My feeling is that this is going to get a lot worse for everyone involved.
If Iran was having great success with their attacks, they wouldn't therefore tail off the intensity if they could help it. They would just start scoring more hits with the same, presumably maximum, rate of fire.
I think the obvious answer is the correct one here, that Iran's launch capacity has been degraded. That's not to say it will ever go to zero, so a lot of your other points still have some merit.
> f Iran was having great success with their attacks, they wouldn't therefore tail off the intensity if they could help it.
They would for pragmatical reasons - they do not want to spend more ammunition then necessary. They very clearly do eye for eye thing - when something is attacked inside their territory, they attack similar thing outside.
They are not running the "operation epic fury to prove we are manly men" thing. They are running the "operation regime survives in a long term" thing.
That assumes they want to escalate. So far at least their official statements have been clear about tit-for-tat.
It could also backfire spectacularly. If a bunch of civilians suddenly get killed or other war crimes committed unilaterally by them (such as targeting energy infrastructure) their adversaries could gain political support for the current effort. Whereas gradually forcing all interceptors to be expended is a massively expensive slow bleed and gives the opponent little to nothing to spin in their favor.
The strategy of throwing ballistic missiles at all of their neighbors doesn't seem like one that's overly concerned with political support among their adversaries. And a fast bleed of interceptors works for them too, maybe better since it spends less time in this phase of the conflict. I don't buy it. The Iranians aren't stupid but I don't think they're playing 5d chess either.
I agree that it's probably not 5D chess. But I have to contest that speed is to their advantage given such asymmetric military strength. A slow bleed prolongs the process while the world looks on and energy prices steadily rise. They certainly aren't endearing themselves with their neighbors but at the same time by only striking a minimum amount of infrastructure they avoid mobilizing the sentiment of the broader US or EU populations against them.
My impression is that an overly intense or otherwise disproportionate attack would risk inviting a significant increase in political support. Whereas so far it seems to be a wildly unpopular military campaign.
IMO the US botched this quite badly. I'm almost certain we could have found a way to go about disposing of someone who guns down protesters en masse and funds terrorism without inviting so much negative sentiment or economic volatility.
One of the things Iran figured out fairly quickly about Israel is that reducing their rate of fire is more effective for wearing down the population, and eroding political support for the war.
The longer Iran can keep the air raid sirens blaring in Israel, the better.
> comparison US ability to increase pressure now seems limited to threatening major war crimes (wiping out Iran's power grid and putting the country into blackout). Not to say many of Iran's actions haven't also been war crimes.
US can destroy the entire Iranian economy that rests on oil. The only thing that stopping them right now seems like a fantasy by Trump that post-war Iran will become a Venezuela. Iran could then damage the Gulf oil facilities but does not have the same capabilities to completely destroy the facilities, due to problems getting the ammunitions to the targets
> I think the truth of all of this is that the US and Israel have no way to wipe out Iran's missile and drone capabilities
Everyday Israel is bombing the entire supply chain for drones and ballistic missiles in Iran. That means the companies making the explosives, optics, fins, stabilizers, engines, etc. The amount of destruction will greatly set back the Iranian ability to replenish their stockpiles and should also affect the war in Ukraine.
Iranian ballistic missile capability, at least the long range one is limited by its amount of launchers, and these are also hunted rather effectively.
I wouldn't underestimate complete air superiority, as the ability of the US and Israel to cause damage to Iran is far greater than otherwise, and Iran entire economy is concentrated on a very small number of targets
> Iranian ballistic missile capability, at least the long range one is limited by its amount of launchers, and these are also hunted rather effectively.
The island tunnels holding many of these are problematic, which is why we are deploying troops to go tunnel hunting on the islands in the Straight.
You're making the same argument I am. If Iran had a small increase in accuracy they could hit targets that'd disable a lot of Israel military and civilian infrastructure. A lot of stuff is getting through. To counter that Israel has to achieve a perfect interception record. The balance is throughly on the side of offensive drone/missile warfare.
I don't think we are arguing the same thing. I am arguing that even without any air defense, Iran would have difficulty hitting its targets in Israel with ballistic missiles due to low accuracy. When adding interception rates they have a real problem in attacking strategic facilities, air bases is a good example, which would be much more important than desalination plants.
You can then see that they shifted to completely attacking large cities, usually with cluster bomblets. The reason is when you are bombing a large area, aim is less of an issue, similar to WW2 carpet bombing
Your post alludes to drones, these do not reach Israel (from Iran) at all and are all intercepted
Shahed drones have a maximum range of 25000 km [bbc_1]. The distance from e.g. Isfahan to Tel-Aviv is ~1592 km [google]. Shaheds can reach Israrel from Iran.
As to them all being intercepted, in the 12-day war that seemed to be the plan, i.e. force Israel to waste interceptors on cheap drones [bbc_2]. That seems to have changed in the current conflict.
_______________
[bbc_1] With a maximum range of 2,500km it could fly from Tehran to Athens.
[bbc_2] When Iran attacked Israel with hundreds of drones in 2024, the UK was reported to have used RAF fighter jets to shoot some down with missiles that are estimated to cost around £200,000 each.
> As to them all being intercepted, in the 12-day war that seemed to be the plan
That's doubtful, these are different interceptors than the ballistic missile interceptors (AA missiles). That doesn't make sense as a strategy if they cannot hit any targets
During WW2, the British used Spitfires to shoot down V1s. The V1s, pushed by a simple pulse jet, I presume are much faster than the drones. So some WW2 aircraft could be re-armed and used to shoot them down cheaply.
The British also employed a belt of radar-guided flak guns to shoot them down.
I don't hear any comparisons with the V1s, so my idea must be stupid, but I'm not seeing the flaw in it.
I think a big difference is that asymmetry has grown a lot: The modern drone is much cheaper than any manned aircraft (while V1/V2 needed comparable or greater industrial input compared to fighter planes).
If you want to scramble manned fighters (even WW2-style ones!) every time cheap drones are launched then the pure material cost per intercept might be acceptable (no guarantee here: you need more fuel and your ammunition is potentially more expensive than the drones payload, too), but the pilot wage/training costs alone ruins your entire balance as soon as there is any risk of losing the interceptors (either from human error/crashes or the drone operator being sneaky).
Big problem with stationary AA is probably coverage (need too many sites) and flak artillery is not gonna work out like in the past because the drones can fly much lower and ruin your range that way.
The V2 was so expensive it was rather catastrophic to the German war budget. V1s, on the other hand, were very cheap to make and deploy.
> you need more fuel
Not much of a problem.
> and your ammunition is potentially more expensive than the drones payload
I'd say it's on par. A few rounds into a slow moving target moving in straight line would be easy to hit.
> the pilot wage/training costs alone ruins your entire balance as soon as there is any risk of losing the interceptors (either from human error/crashes or the drone operator being sneaky).
The US somehow managed to train an enormous number of competent pilots in WW2. I doubt there would be any shortage of men eager to fly them and "turkey shoot" the drones down. And there'd be a lot of mechanics falling all over themselves to build those machines!
A lot of people might find the idea fun, but actually sitting around in some remote base, just waiting for the next wave of drones to come? Even if you draft those people "for free", they could be working (or raise a family) instead, so the human cost is always there.
In WW2, the US lost ~15000 airmen just in training accidents to crew the ~300k planes it built. I'm sure we could get that rate down substantially with modern simulators and safety investments (=> also not free), but human lives simply got comparatively more expensive (and competent pilots were not that cheap back then either).
The attacker, meanwhile, is certainly gonna lose less men building and controlling the drones, and he can afford at least 10 attack drones for every interceptor you build.
If you did something like this on a larger scale, a big concern would also be that your manned interceptor aircraft simply become targets themselves, so the "low-risk turkey shooting" could quickly degrade.
I do expect (non-suicide?) interceptor drones as countermeasure at some point (specifically against the "cruise missile with props" style of attack drones, less so in the FPV weight class), and those could be conceptually quite similar to old prop fighters.
The marginal cost of a fighter aircraft to shoot down a drone flying slow in a straight line would be minimal, especially compared with the expense of each guided counter-rocket.
As for being targets themselves, the drones would be in enemy airspace so who/what is going to target the fighters?
I don't see how you realistically get airframe cost below $200k; you need basically a cropduster with a bunch of electronic equipment and weapon systems on top. That's worth 10 attack drones at least (realistically, US military would probably pay several times that).
> As for being targets themselves, the drones would be in enemy airspace so who/what is going to target the fighters?
Something like a sidewinder strapped under some of the attack drones. If you create the incentive (juicy, trained pilots exposed in slow aircraft engaging at low range) your opponent is gonna adapt. Exactly this evolution happened with Ukraine sea drones (already shot down several russian aircraft).
Unlikely but they can be intelligent about their trajectory. That is avoid known areas of resistance, use natural features for protection.
Being slow moving as they are, they are quite vulnerable to countermeasures after they have been detected. I expected a-10s, helicopter gunships guarding critical infra, but have not heard of anything like that in the news.
This assumes that you think people operate on principles. As the years go on, it feels that people in the top seem to mostly operate on money.
The CEO has money and the power to fire that person if the employee is disliked. Maybe that shouldn't be a thing, maybe it should be illegal, but they'll find a way around it. Just because they can means that they will.
I wish it wasn't like that but that's how I see things are happening these days, save for perhaps a few nuances here and there.
Every CEO technically has the power to fire anyone they dislike. I assume they usually don't out of some form of noblesse oblige, and aversion to PR problems. But mostly just because they're too busy to get involved in minor, petty shit like this.
For most normal CEOs criticism from a low-level employee would just not be worth thinking about.
No, it assumes that people should operate on principles. You're falling into the "you're naive, just accept that things are bad" philosophy, which is self-fulfilling over time.
It's ok to be angry at people for behaving in a way that is unsurprising. Otherwise, there's no room for the word "immoral".
I don't know if they are legal or not. But assuming you don't want to leave a company, there is minimal tact of what to say when.
You have a choice not to use said tact, but this entire "employee goes on moral crusade, gets fired, goes on moral crusade about firing", is a feature of a kind of employee that is even for other employees not amazing to be around
There’s enough of a difference, IMO, between campaigning against your organization’s plans and venting to your coworkers about the way in which the CEO delivered said plans.
Surprised? I don’t think anyone is surprised but I, personally, am grossed out by it, it lowers my opinion of Atlassian and makes me less likely to select their products in the future.
Who is surprised by this? Surely you don't imagine a woman who dared to call her boss a rich jerk was surprised when he retaliated! US women are taught very young how powerful men act when their egos are threatened.
As for "the consequences", those are what are at stake now. They are what the courts & to some extent the people of the USA get to decide.
The statement doesn’t claim any fact: it’s a hypotheical not unlike a “based on real events” movie/book/etc that never quotes or attributes specific actions to a subject.
And that’s why Atlassian is very likely to lose over and over as they appeal (but never say never these days in the US).
Was the CEO dialing in from the headquarters of an NBA team they owned? Yes.
Were they calling to aggressively dismiss employee claims (without video I cannot prove "yelling", but that is a way that word is used in common parlance)? Yes.
Does downleveling employees have a significant negative impact on their careers? Yes.
That’s a good point. If that was the only thing she said, it’s hard not to see it as a statement of fact (Although I’m sure lawyers could argue about pummeled):
> “What’s up Outragers, just dialing in from my NBA team’s headquarters to yell at the people whose careers I’ve just pummeled,”
"Why are you surprised" is such a common format of weasel-phrase, which is mysterious because it's so plainly fallacious. Just because something is predictable doesn't mean it's acceptable.
seems redundant given that the c̶o̶u̶r̶t̶ NLRB siding with the employee suggests that even in the US employees are likely protected in this case, but interestingly i feel this one is undecided, because insults are taken quite seriously in some european countries.
from germany i know that whether an insult is grounds for firing someone depends on the regular interaction the two people have, so if you take a company of rednecks (to employ a stereotype), a redneck employee calling their redneck boss some typical redneck insult would be interpreted as acceptable, and make any firing based on that illegal. but if the same insult is used by a lawyer in a law firm from a big city, then suddenly that same insult is a valid reason to get fired.
1.1.1.2 is their malware-blocking DNS, and 1.1.1.3 is their parental-controls DNS. If you want an unfiltered DNS, use 1.1.1.1 - which resolves archive.today just fine, although archive.today itself refuses to work on Cloudlfare DNS.
I'm just curious, given all the other options that respect your privacy and don't put data collection at the center of their business model, why do you use Cloudflare on your pi-hole?
Because "if it ain't broke, don't fix it." i'm not one of those users who want to endlessly tweak their ad blocker. i want to set it up, clicking as few checkboxes as necessary to get it going, and then leave it. However, (now) knowing that Cloudflare filters different only each of their servers, i'm incentivized to go tweak a number in the config (as opposed to researching the pros and cons of every possible provider, a detail i truly have no interest in pursuing).
I use unbound (recursive resolver), and AdGuard Home as well (just forwards to unbound). Unbound could do ad-blocking itself as well, but it's more cumbersome than in AGH. So I use two tools for the time being.
The upside is there's no single entity receiving all your queries. The downside is there's no encryption (IIRC root servers do not support it), so your ISP sees your queries (but they don't receive them).
what is the vector here? dns traffic is practically anonymous, there would have to be some very specific and purposeful trickery going on to link dns traffic to an identity. It sounds like something more hypothetical than a tangible threat model
It isn't anonymous. DNS server resolve, IP addresses by hostnames. It cannot then inspect further traffic but it certainly can log your IP address and all URL's a given IP ever hit.
Since ISP know your identity, and all it takes is to (request and get) the DNS logs and ISP servitude for all sort of questionable information, you as an identity are giving away all sites domains you visit.
> It cannot then inspect further traffic but it certainly can log your IP address and all URL's a given IP ever hit.
Correction: they can log host names/IPs, not URLs. The path of any given URL is part of the HTTP header, invisible to onlookers (assuming HTTP and assuming HTTPS is uncracked).
Considering that the DNS in question is third-party, that is, it's independent from the ISP. Then the DNS and the ISP will not share data with each other on a routine basis, which would make this concern negligible for every day traffic.
So to simplify, the DNS provider has a map of IPs to Domains visited, while the other hand an ISP has a map of IP addresses to identities.
To even cross-reference the data, the ISP and the DNS provider would need to partner, and violate their privacy guarantees.
At the very least it's obvious that using a separate DNS provider than your ISP's provides additional anonimity by decentralizing your traffic. Although this comes with a tradeoff, having 2 providers increases the odds of partial leaks.
This analysis is so overkill for your personal traffic that it borders tinfoil territory, if we are in a professional setting and are discussing the competitive data of a company or that of thousands of users, then this level of scrutiny is merited, but as-is, separating your DNS provider from your ISP is already very marginal and a bit paranoid. Evaluating the DNS providers to such an extent that a huge security company with good legal standing would somehow qualify as unsafe, for the traffic of one user, I stress, is paralyzingly over-engineering the security of an infrastructure that has already been secured such that users don't need to know what a DNS and how to configure it in order to have safe and private internet.
Imagine going to the bank and asking the teller for a withdrawal but not disclosing the amount and coming up with a mechanism to withdraw without anyone from the bank knowing what you withdrew. Sure, it increases your security, but also come on, what are we doing here?
if you think a little creatively about how this information could be used by an organization that was created at the insistence of the United States Department of Homeland Security, then you're on the right track.
This is a silly conspiracy theory: the ray ID references the specific CDN edge server which processed your request.
Even the request ID is not what you’re implying: that’s unique for a single request, but it’s not public and anyone who has your HTTPS payload has equivalent tracking capabilities.
I did some experimenting recently and I'm quite convinced that when I use Comcasts DNS they are selling it to advertisers. I've switched to 1.1.1.1 simply because it annoys me that Comcast is doing this.
that's an observation, I guess... OP set up a pi-hole so it's not a stretch they would do a quick search for "free privacy dns". you make it sound like it takes some kind of reprioritization, why?
I use cloudflare DNS because it’s faster. But should I worry, having read your comment? What is the downside to using it? What would you recommend instead?
Many years ago I used Cloudflare, and more than once I had issues with them blocking websites I wanted to access.
I absolutely despise that. I want my DNS to resolve domain names, nothing else.
For blocking things I have Pi-Hole, which is under my control for that reason. I can blacklist or whitelist addresses to my needs, not to the whims of a corporation that wants to play gatekeeper to what I can browse.
Are you saying now you just had issues with the quality of service? Or do you want to provide more details to substantiate the claim that they were blocking sites?
No, I do not keep any logs from domain name resolution from the DNS service I used from 7+ years ago. If you do, I commend you.
I used the term "blocking" in a loose sense. I have no idea if Cloudflare was failing to resolve certain domains because it is a shitty service, or if it was ordered to block those domain names by its government, or if it was actively not resolving domain names because it thought a good idea to be a sort of arbiter and gatekeeper. I suspect the last option, but it is just speculation.
What I can affirm is that I had issues more than once with domain name resolution when I used 1.1.1.1. After it annoyed me enough I switched to Quad9, and it has been great ever since, which is why I recommend it as a user of their service.
> I have no idea if Cloudflare was failing to resolve certain domains because it is a shitty service, or if it was ordered to block those domain names by its government, or if it was actively not resolving domain names because it thought a good idea to be a sort of arbiter and gatekeeper.
I'm going to go with option D) whatever shitty site you were browsing to had a broken DNS or more likely DNSSEC configuration and Cloudflare was correct to not serve a corrupt response.
99% of the time, tales of "they're blocking my site! you guys are nazis!" always turn out to have a root cause of broken DNS configuration.
> I'm going to go with option D) whatever shitty site you were browsing to had a broken DNS or more likely DNSSEC configuration and Cloudflare was correct to not serve a corrupt response.
And once I switched DNS I could browse it normally.
This does not align quite well with the scenario you propose.
> "they're blocking my site! you guys are nazis!"
I said no such thing. I said it was a shitty DNS because it failed at the thing I was trying to use it for.
It's not based in "guesswork and fear". It is a first-person account of someone that used their service. A user review, if you will.
There's this thing - when you offer a service to the public, the users of your service, can, will, and should review your service.
So, yes, I am free to "trash talk" a service that was, frankly, terrible at its job in providing domain name resolution. That works as any other user review, a data point so other users may switch away from a bad provider to a better one.
I imagine if someone goes to a restaurant and they their hot dish is served cold, if your response to the user review is a silly request for proof that the food was indeed served cold, and whining that their review is "trash talking based on fear and guesswork".
I offered some possibilities of why they did a shitty job in providing naming resolution. I even speculated what was the most likely one (not the one you mentioned).
But it's okay, at this point I have very little optimism regarding your reading ability.
How does that differ from Quad9? You’re subject to Swiss laws, so there’s still a government involved? And you’re now hosted in an area where the US government has far fewer limitations on what they can attempt.
Quad9 is based in Switzerland, but the three founders-sponsors are US-based [0], so I’m not sure if it can be considered 100% safe from US government intervention.
I don't use the public resolvers but here [1] is a script that will show which of those public resolvers is fastest from your location. Add or remove resolvers as you desire. Be sure to scroll down to see a few of the sorting examples. Not my script or repo.
Just as a side note: Something I have done with this in the past as a fun experiment was to set up an Unbound DoT server on assorted VPS nodes in assorted locations around the country, run this script and configure each Unbound to use the 5 to 10 fastest servers on each node and cache results longer. Then I used Tinc (open source VPN) to connect to these VPS nodes from my home's Unbound and distribute the requests among all of them. I save query logs from all of them and use cron to look up all my queries hourly to keep the cache fresh and mess up any analytic patterns for my queries. Just a fun experiment. 99.99% of the time I just query the root DNS servers for what NS servers are authoritative for a given domain or what I call bare-backing the internet.
You sufficiently devolved the conversation by feeling it worth voicing “I don’t know why different people willingly use different things”. What are we supposed to do with that? Next you’re going to chastise us for not using ThinkPads.
Have you stopped and asked yourself why they were criticizing Cloudflare's DNS? I feel like you could write this comment defending Facebook addicts or revenge porn.
The "censored" part of archive.today seems unrelated to the filtering itself. 1.1.1.3 flags Pornhub.com as "EDE(17): Filtered" but archive.today is "EDE(16): Censored".
A fax is very useful to bureaucracies because it is hard to prove a fax was ever sent or received at all. It might never arrived and wasn't retried, might have been printed as empty pages, maybe someone else picked it up.
This is why it is so useful when someone on the other end wants to delay (the equivalent of closing a bug as can't reproduce). This is why governments like faxes and why this story is so unlikely (no chance anyone will call back in that event)
reply