Configuring DNS-over-TLS on macOS

Note: this post has been updated to fix a mistake in the knot-resolver configuration. The earlier version would not have provided the privacy it purported to. I regret the error.

Until yesterday I hadn’t thought too much about DNS metadata leakage. Here’s how it works: your computer sends out a request to resolve a DNS hostname, let’s say “topsecretwebsite.example,” and your DNS server responds back with its IP address in a way that’s easy to eavesdrop on. It’s wild that the Internet works like this by default.

What happened yesterday is a company called CloudFlare (a popular and free content delivery network) announced a new DNS service at the IP address 1.1.1.1. (Yes it launched on April 1, no it’s not a joke.) The service supports a couple of interesting privacy protecting options: DNS-over-HTTPS and DNS-over-TLS. Those technologies don’t guarantee your DNS lookups are accurate (check out DNSSEC for that), or that the DNS provider won’t someday betray you, they just make it’s harder to collect metadata by listening in on DNS’s cleartext port 53.

Read more →

Without Net Neutrality, Is It Time To Build Your Own Internet?

I was happy to provide comments for an article by Eileen Guo about Net Neutrality and mesh networking. It was was helpful in formulating my thoughts on the FCC’s recent decision to rescind Net Neutrality rules (see also: my last email newsletter).

Read more →

Pancakes recipe

This recipe makes 15 pancakes

I made pancakes this morning, based on an Oatmeal Buttermilk Blueberry Pancakes recipe Ellie suggested from the NYTimes. It uses yogurt instead of buttermilk, since that’s what we had around. At some point I should resolve this with my Dad’s pancakes recipe.

  • ½ cup rolled oats
  • 1 cup regular milk
  • 1 cup plain yogurt
  • 1 cup whole wheat flour
  • ½ cup unbleached all-purpose flour
  • 2 teaspoons baking powder
  • 1 teaspoon baking soda
  • 1 tablespoon sugar
  • ¼ teaspoon salt
  • 2 large eggs
  • 1 teaspoon vanilla extract
  • 3 tablespoons peanut oil
  • 1 cup fruit and walnuts (I used a pear, next time I’ll chop it into larger chunks)

Combine the milk, yogurt, and rolled oats in a bowl, and set aside.

Combine the flours, baking powder, baking soda, sugar and salt in another bowl.

In a third larger bowl, whisk the eggs. Then whisk in the vanilla extract and the oil.

Mix everything into the larger bowl and quickly whisk together. Do not overbeat; a few lumps are okay.

We ate them with butter, maple syrup, whipped cream, and some homemade cranberry sauce leftover from Thanksgiving.

Escape from distractionland

I recently added some scripts to my work laptop designed to help me break out of my reflexive “cmd-T, T, enter” keyboard habit. That keyboard sequence loads up my Twitter timeline in a new tab before I’ve even realized what’s happening. I’m untraining myself out of habitual social media grazing by enforcing a rigid schedule.

Based on Mike Rugnetta’s excellent write-up, I basically hijack my Mac laptop’s /etc/hosts file on a daily interval from 10am to 6pm, with a one hour lunch break at noon.

Read more →

I'm as mad as hell, and I'm not going to take this anymore!

On September 5, 2016 I won the Listserve lottery. In case you haven’t heard of it, the Listserve is a one-message-per-day email newsletter. Each day a single person from the 21,000+ subscriber list gets to send a message out to the entire list.

Read more →

Email to a former student

Last night I got an email from a former student, and figured I’d publish my reply. Maybe it could be helpful to you!

Hey Professor Phiffer,

I hope all is well with you. Its A— from CCNY. I took a JS course with you a few years ago. I hope that this is not a bad time to reach out to you. I’m reaching out to you in regards to programming and becoming a fully fledged software engineer. I see that now JS is one of the most important languages that are being used today, and I would love to master it and programming concepts in general.

However, I’m realizing that there are a lot of flaws to the way that I approach programming, such as how to solve a simple problem. I realized it during a technical interview that I’ve had a few months back.

I know that this is out of the blue, but I’m wondering if there is any way to accurately learn how to properly program? I believe that all of these years I’ve been doing something wrong despite building out lots of websites. I was heavy on declarative languages such as HTML and CSS but never fully understood imperative programming languages such as JS and other real programming languages. Would you have any advice as to how to properly go about this?

I also truly don’t know what I’m missing as a programmer because I would love to get a frontend engineering job. Thank you for listening, and I look forward to your response Professor.

Sincerely,
A—

Hey A—,

I can totally relate to this! I think landing your first junior developer gig is among the hardest things to pull off working in tech. I crashed and burned in 3 or 4 of my first interviews, just completely red-faced and speechless, unable answer some “basic” tech question (especially the trivia kind).

The thing to realize is that you probably don’t want those jobs anyway! I bet they’re awful places to be a junior dev, they’d work you raw and not give you professional development or space to grow. So don’t get too discouraged if it doesn’t work out at first.

If you want it to happen, it will happen with time, the job market is in your favor here. It’s just a matter of finding your way to the right people. This is a largely a networking thing, and that’s probably one of the reasons grad school is still a good investment despite the crushing debt that’s often involved.

And by all means learn JavaScript, it is a super relevant tool, but it is just one tool in the toolbox. HTML and CSS are 100% real programming languages, don’t let anyone tell you otherwise. I find that mastery of CSS and the DOM is way more valuable than being a hotshot with a flavor-of-the-month JS framework.

Taking programming seriously is helpful for improving your software, but it’s also a great way to gain the confidence to interview well. Some of that just comes from doing it repeatedly, and learning from other people’s code (read the jQuery source, read the annotated underscore.js). There are also a lot of soft skills that have helped me along the way: send emails to people (you are already doing this!), buy the O’Reilly books, subscribe to blogs, listen to podcasts, get familiar with the “lore” (see: The Rise of Worse Is Better, The Jargon File, Macintosh Folklore).

Realize that some of all that (and my advice) will be somewhat outdated. You are going to have to invent a lot of the shit yourself that doesn’t exist yet, because our profession is still in the dark ages. Architecture and urban planning are decades more advanced than where we are, you are by no means arriving too late to the party.

Write your own blog posts, embrace the beginner’s mind, start going to BrooklynJS (or ManhattanJS, JerseyScript etc.) meetups—apply to be a speaker, don’t be intimidated that your talk ideas might be too basic.

And hopefully all of that doesn’t sound too overwhelming!

Dan

We will fight you and you will lose

Here are my responses to Donald Trump’s media accountability survey, which I’ve taken at face value. Yes, the questions are extremely one-sided, but they do allow for “other” responses.

Just to be clear, I certainly don’t advocate for participating in the survey. The research methodology here is dubious, to say the least. I hope I haven’t contributed to legitimizing it as anything but the propaganda that it is.

Read more →

Solidarity from NYC

Yesterday's protests at JFK airport were loud and angry and make me hopeful. Photo by Ellie Irons.

Decided to publish this message I just sent to a friend in Atlanta who emailed asking about how to find out when and where the protests are happening.

Thanks for the link, I’ll give that a read. It’s interesting how these dynamics of oppression seem to fit so neatly into historical precedent. How is it that us Americans think of ourselves as somehow immune to all of this?

We were out at JFK yesterday and it was a really great experience. Loud and angry, with overwhelming turnout. But honestly the smaller protests in lower-profile places in the world continue to be the ones that give me the most inspiration. It takes a lot more guts to show up for a tiny demonstration where you’re easily picked out of a crowd, or where small town dynamics make anonymous protest impossible.

BTW, I saw that Rep. John Lewis was out at ATL, just hanging out in the terminal until he got some answers. So awesome.

I feel like getting information about a protest is an ongoing challenge, especially at events that aren’t officially permitted by local government. There’s a kind of fine line to walk—organizers want to get the word out, for news of an event to spread. But if it’s technically an illegal gathering, it may be difficult to find “official” or consistent sources of good info. And this is where social media is helpful.

It’s a good time to get into Twitter I think, but the trick is in knowing who to follow and how to avoid feeling overwhelmed. My advice would be to find out people you know who went to protests in Atlanta, and just ask them to ping you next time they hear about something. For my part, I first heard about the JFK demonstration via Facebook Messenger (which I hate, but shit like this keeps me on it) from a friend who lives in LA, and then a couple hours later I got a mass email from an immigrant rights org. So maybe sign up for some email lists for local advocacy groups.

Anyway, good to know you’re thinking about this stuff! I am hopeful that we’ll continue to exercise our right to free assembly before things get even worse and it becomes too dangerous to protest (from police violence or stiffer court penalties). So in the interim, let’s go and put our various privileges to productive use while we can.

Solidarity from NYC,
Dan

Addendum

Good point from Paul, basically Facebook is still where things are happening.

Also, if you want to get out and protest today in New York City, go to Battery Park at 2pm.

Multi-factor authentication for busy people

Multi-factor authentication (aka “two-factor,” or “two-step,” or 2FA) is a really great way to protect yourself (and anyone you’ve ever emailed). There are excellent and detailed guides out there, but the sheer amount of information about how to do things properly can be daunting for someone who has other important things to get done. I’m not saying don’t read all the nuanced details about security, just don’t put off setting it up right now if it seems too complicated.

If you do nothing else to protect your privacy, do this. (If you do two things, start using a password manager.)

Read more →

Surveillance and inaction

NYPD skywatch tower
Photo: Life under occupation by Barry Hoggard

I am awash in thoughts and feelings this week. Donald J. Trump will very likely be our next President. This fact has already emboldened hate groups, leaving us to contemplate what the next four years could mean—especially for friends who will likely become targets of bigotry.

Should we go outside and protest? Should we turn inward and lean on our support networks? Do we start thinking about the 2018 midterms? Yes. Yes to all of it. If you need time away from this divisive election, you’ll be welcome to join us when you’re ready. I completely understand, especially if you worked on a 2016 political campaign.

For my part, I am regrouping, considering how I can do more, do better. Some friends have asked me about strategies for resisting surveillance. Digital privacy will become even more important in the coming years, and we should all collectively get better at protecting ourselves.

A very short answer is: switch your texting over to Signal, use a password manager. Start today.

Read more →