So you're posting here using self managed isp, registered under your own asn, bgp routed via a server under your own basement, connected via sea cables you laid youself? Participating in modern internet do need some trust somewhere. And some people do trust a party more than other party, ie in this case local isp vs the intermediatary google, cloudflare, adguard etc. And its not blind trust, we encrypt.

What a tool.

Just logout not even 1 hour, aiyo...
---
I will say, certain people just protected too well, they even forgot during the era of HTTP, where even password is transfer in plaintext.
Or MD5 hash password without salt.

This kind of people know nothing, but wanna diu people based on their own incomplete knowledge.
----
Still, Malaysia is a small country, you don't know how bad a network can be.

In China, you can get hijack, even today, because there is a local staff implemented a malware on the router.
By doing this, they hijack everything http with a js file that is malware.

As first, it is just an ads showing around any http website.
Slowly, they found bank's online account steal.
Later, iframe and XSS is abused to inject malware.

This, is why HTTPS is used by everyone now, thanks to Let's Encrypt.
Then, secureTAC online.
Lastly, CORS online.

I also skipped the Meltdown and Spectre, as everyone should old enough to know about it.

DoH/DoT was kind of coming late, but yes, it works.

With now the support of ECH(Secure SNI), attacker can't know which website that you are visiting, but so far not so much website supporting it.
https://www.cloudflare.com/ssl/encrypted-sni/#results
https://defo.ie/ech-check.php

What are you doing here then, being a captain obvious is fun?

https://en.wikipedia.org/wiki/Slippery_slope

People talk about security of network, you talk about social engineering, we talk about social engineering, you talk about politics.
Then when we talk about politics, you gonna talk about the whole human race is bad?

Thanks to this event, it is a success that everyone now know how to use DoH/DoT and easy parent control on DNS for network security.
They now also know how to "adblock" those malware and ads via this simple method, not prefect yes, but it is an easy step.


And, you are the one trying to talking about politics or privacy in tech forum's area, when people are learning about security?
Then, I hope you are happy running a custom build smartphone, with custom build of open source kernal, and custom build of AOSP running on top of it.
Hell, 99% of people failed on custom build of kernal, because the GPU bytecode is not open source by MTK and Qualcomm!!!
And you gonna also telling build a open source of RISC chipset is it?

Security is security, privacy is privacy, it is a different stuff, why mixing them up?
And there is never ending solution to security, else why we gonna update Windows on the second Tuesday of month?

I bet you gonna put your own smartphone in a air gap space?
https://en.wikipedia.org/wiki/Air_gap_(networking)

Putting slippery slope into everything?
I hope you just becoming an orang Asli and back to your mountain, thank you.

Just ignore him, this kind of people is fully on the China internet, I bet that because of China killing them, so they come to made politics issues at Malaysia.

Yes, they exist, my friend got Facebook account banned because just browsing on the China related news website, and Facebook tracker tracked it.
Lucky Facebook allow download whole personal data for closed account, so did I, and found last operation is a check record at SG.

Zero post made by this account, but they still ban him and asking for facial and driving license for unblock, interesting test result, is it?

And yes, some people really following ordering of bot, so argue with them is useless, they live in their own world.

The most bad is, you are really, talking to a ChatGPT.
https://www.bilibili.com/video/BV1Yz4y1c7XD/
https://www.bilibili.com/video/BV1xx4y1s7AM/
----
Remember, on the internet.
https://en.wikipedia.org/wiki/On_the_Intern..._you%27re_a_dog

Hope you have a great day.

Totally different thing.

Say internet surfing is you driving a car.

DNS is your Google Map/Waze etc... that tells you where to go, you use it before enter your car, so people may see where you're going by looking at your screen. (Don't ask me why you can't use it after you got in the car, it's just how it is, DNS queries comes before your device starts the connection with the site you wanna go)

HTTP is your car, people can see things inside when you're driving, see who's in it, what's in it.

HTTPS is your car too, but with dark tinted window, people can't see what's the inside of your car.

Now people use HTTPS so when you transport a box of things, say, your password, people won't be able to see what you're carrying, but would still be able to know where you're going because hey saw your phone screen.

DNS over HTTPS or TLS is the same things, tinted glass, but this time it's a privacy screen protector on your phone (in this case could be your ISP, could be someone else), so people other than you don't know where you're going.

Of course there's still ways to see where you're going by seeing where the car go, as the ISP still knows which IP you're connecting to.

However thanks to CDNs, nowadays the same IP can be the home to a lot of websites, it's like you wanted to go to a McDonald's, they will see you go into a specific shop back then, so they know you went to the shop, nowadays with this method they can only know your car went to a shopping mall, inside got a lot of shops, but they don't know what you did or went in the mall after you parked your car, if they try to block this shopping mall, no biggie, there is a lot of same shopping malls with McDonalds, you just go to any other malls to buy your favourite Filet-O-Fish because they have the same shops there too. Sure they can ban all the malls, but that would also come at a cost of blocking all other shops as well, like Cloudflare for example, the government would be banning tens of thousands of websites, even some government owned ones if they wanna ban them.

What MCMC tried to do was say "No you can't use Waze!" and force your phone to open a government developed map (let's say "Keranamu Maps) whenever you try to use Waze, but never tell you, the UI looks the same, but everytime you search McDonalds it will say it is permanently closed and will not give you the route. They didn't let you know this was happening and just asked Samsung/Apple to do so quietly behind your back. After the public found out, they say this is totally not because they want to limit your choices, but because the food is unhealthy and they're worried for your health so they curi curi do it before telling you.

Just try to be as layman as possible, may not be entirely accurate because networks are not cars, but that's the gist of it.

This post has been edited by Killmeplsok: Sep 9 2024, 11:30 AM

we were talking about encrypting dns for security and privacy reasons
and to prevent ISP from hijacking it

you're the one who barged in saying whats the point if big tech tracks you anyways and that it's pointless and "trash"

might as well not lock your house doors because someone could lockpick it

Anyways, ignoring the above, someone did join the event earlier today

https://x.com/khairizulfadhli/status/1832779318897901918

it was... terrible

The religious question was one of the businesses asking or one of the MCMC people responding?

they should reform mcmc totally... seems a lot bs policies from them nowadays.

https://x.com/MCMC_RASMI/status/1833059990808199253

Malaysia, where it doesn't matter that you're a legal adult. You are still a child who doesn't know better.

As long as you aren't 'pihak berkepentingan' you don't get a voice in the issue and should just follow what gov says.

Andddd it got deleted

Reupload from twitter embed

Strange. They trying to keep the discussions hush hush maybe?

It appears that CelcomDigi has turned off their Port 53 hijack

However, U Mobile is still hijacking well known providers

plain or encrypted?

Just plain old DNS

DoH/DoT works fine

Funny my alexa devices like echo dot and show all not functioning. I want my alexa to work.

Are these the works of ISPs?

https://downdetector.com/status/amazon-alexa/
Seem always got issues, for troubleshooting, turn on your WiFi hotspot, use VPN then connect to it as temp router, if same issues, means it is Alexa side.

PS: you can fake with same SSID + password as your router WiFi, then turn off your router, so these will connect to your hotspot.

This post has been edited by BenYeeHua: Sep 10 2024, 07:47 PM

Got the attention of the man himself, Louis Rossmann

https://www.youtube.com/watch?v=itj3Z43QAf8

TIME sent another email to Business Customers

The U Turn

This post has been edited by PRSXFENG: Sep 12 2024, 04:02 PM


Attached thumbnail(s)