Re: Self-censorship 101 (was: Problems with https://manpages.debian.org/)
On Wed 27 Jun 2018 at 10:17:11 (+0300), Reco wrote:
> Hi.
>
> On Tue, Jun 26, 2018 at 05:51:27PM -0500, David Wright wrote:
> > > 2) Why bother with /etc/hosts at all, if one can use DNS or HTTP proxy
> > > for the same purpose with much simplier configuration (hint - you cannot
> > > block all sites in a domain via /etc/hosts unless you list all of them
> > > there).
> >
> > That's probably why it's so long.
>
> That's the only reason it's that long.
On further checking, the current hitlist of sites has 13531 hostnames.
A global edit in emacs and a sort -u yields a list of two-component
domains, and this edited list has 6765 items.
> > But do I want to set up a DNS proxy
> > on each host, with any wheezy, jessie and stretch differences to sort
> > out?
>
> Why would you? You set up a single DNS (or HTTP proxy) and point all
> your devices there.
I can't guarantee that any particular machine at home is always
running as a proxy whenever I browse using an arbitrary machine
for browsing. My home isn't a business running a server 24/7,
and my consumer-grade router runs only DHCP, not DNS.
> Setting up a local DNS resolver is justifiable for a laptop, of course,
> provided you carry one with you into different networks.
I'm not sure what you mean. The only resolver at home is /etc/hosts,
which is very easy to maintain. I have a master list of local hosts
(PC/router/phone/printer/TV/roku devices) and the hitlist, and a
one-liner to install it (concatenate, and mangle the host's own
IP address).
> > Then I have to maintain my list of domains to send to localhost.
> > Where do I start with that?
>
> My DNS of choice for small LAN segments is dnsmasq.
Sure. But who's going to generate the list of domains¹? As I said,
my edited list has 6765 items, but is unsuitable for use as is:
it might be sensible to block ads.youtube.com, but not youtube.com.
> > > 3) Why cripple system-wide resolver for a single program (in this
> > > case - a browser). A suitable browser plugin should suffice here.
> >
> > How long does it take to read ½MB into memory (once) and then check
> > it? Obviously not very long as it works well.
>
> You misunderstood me, it seems. You make a change to the file that's
> respected by each and every program that utilizes gethostbyname(3) and
> gethostbyaddr(3).
> The only positive thing that achieves is better browsing experience, and
> the reason you do this is the brokenness of Modern Web™.
> At the same time you get numerous side effects for every other program
> in your system(s), which may or may not be problematic.
I'm not aware of any other program that's 1% as promiscuous as a
browser. (Perhaps you could suggest some.) OTOH there are legitimate
sites that block my traffic on occasion, eg Cox (my ISP) and Debian
blocking my "spam" on the basis of blacklistings.
> > A plugin means yet more maintenance for me to do.
>
> They say that one should not argue about tastes. So I won't.
I'm not sure who's arguing. You asked three questions and I'm trying
to answer them in a way that reveals my motives. So if I install a
suitable plugin, how do I choose it and where do I obtain the list
of domains² to block?
Cheers,
David.
¹-² I've posted the source of my hostname hitlist; perhaps someone
will post the source of a similar kind of domain hitlist.
Reply to: