At this rate, everyone will be using v2ray in a couple of years.

Most Malaysians don’t care about privacy or security. With the Google Pixel 9 being announced for Malaysia, I visited all the Pixel related threads in the Mobile Phone and Kopitiam sections on this forum and entered “GrapheneOS” in the search box. Not a single hit.

Question; visiting https://www.ssllabs.com/ssltest/index.html and inputting dns.adguard-dns.com as an example, which one of the two SHA256 lines I’ve pointed at with the red arrow in this screenshot would be the equivalent of the SPKI fingerprint needed in order to do certificate pinning?

This post has been edited by dev/numb: Aug 15 2024, 06:05 PM

Any newer (AX or later) Asus router that is supported by Merlin should be able to run AdGuard Home. You can do a web search for “AdGuard Home Asus Merlin” to find relevant projects/instructions on Github and discussions on SmallNetBuilder forums. Not really needed though since Asus Merlin has amtm which lets you use Diversion and Skynet, which do an equally good job but are much lighter on resources.

A couple of GL.iNet routers (Flint and Flint2) come installed with AdGuard Home, but buying them in MY is a bit of a hassle. I don’t know of any local resellers in MY. Shopee and Lazada stores will ship them from Hong Kong or Taiwan, so your delivery might be held by customs due to the Sirim requirements and whatnot.

Probably any OpenWRT compatible router with sufficient RAM can also install AdGuard Home via opkg and LuCi quite easily. The hard part would be getting OpenWRT installed on that router in the first place.

Mikrotik routers probably compatible also, likely via containers (I have zero experience with this brand so just an assumption here, please don’t quote me on this).

This post has been edited by dev/numb: Sep 1 2024, 07:57 PM

I see no signs of this, so far at least.

Grabbed an older router with no encrypted DNS setting, set bareback legacy DNS (Cloudflare IPv4, didn’t bother with IPv6) and tested to ensure it was being redirected to TM’s std infested endpoints. Removed DoT condom on Android phone. Installed Warp from Play store. Enabled Warp+. Tested. Works.

Removed DoH profile from MacOS. Visited NordVPN website. Not blocked by TM’s roadside hooker DNS. Successfully downloaded pkg file. Spun up a Ubuntu VM. Successfully ran the Nord Linux install.sh script. No Windows system in my home, so cannot test that. Also didn’t actually try to launch NordVPN (because I don’t use shithole VPNs) so cannot confirm if their VPN endpoints are blocked, but I doubt it.

This post has been edited by dev/numb: Sep 6 2024, 11:53 PM

If not mistaken, Android’s automatic setting in Private DNS a kind of opportunistic implementation (meaning not strict) and will fallback to legacy DNS whenever. Only the custom option where you input your preferred provider is strict. Very strict in fact. So strict that it will override your VPN’s DNS also, but thankfully the queries happen within the encrypted tunnel.

This post has been edited by dev/numb: Sep 7 2024, 12:06 AM

Fwiw, I actually performed this test last night when I saw that Windows “unable to resolve” error screenshot, not just now after TM realized they screwed up by blocking that art website and unblocked everything.

“global threat”