lingo.lol is one of the many independent Mastodon servers you can use to participate in the fediverse.
A place for linguists, philologists, and other lovers of languages.

Server stats:

61
active users

#proxy

0 posts0 participants0 posts today
David August ❌👑<p>Working on my new home (<a href="https://davidaugust.ghost.io/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">davidaugust.ghost.io/</span><span class="invisible"></span></a> on day 2 of my 124 day trial) for my articles and <a href="https://mastodon.online/tags/blogging" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>blogging</span></a>, I am realizing that unlike in the past, it might not make sense to use feedburner anymore. </p><p>My new home will allow me to have the whole thing served from a domain I own and control, including the feed. </p><p>Making a <a href="https://mastodon.online/tags/proxy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>proxy</span></a> for the <a href="https://mastodon.online/tags/feed" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>feed</span></a>, to preserve <a href="https://mastodon.online/tags/subscribers" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>subscribers</span></a> if I were to change <a href="https://mastodon.online/tags/tech" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>tech</span></a> or companies, seem a little superfluous. Am I missing compelling reasons to use <a href="https://mastodon.online/tags/feedburner" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>feedburner</span></a> in 2025?</p>
Felix Palmen :freebsd: :c64:<p>Just released: <a href="https://mastodon.bsd.cafe/tags/swad" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>swad</span></a> 0.11 -- the session-less swad is done!</p><p>Swad is the "Simple Web Authentication Daemon", it adds cookie/form <a href="https://mastodon.bsd.cafe/tags/authentication" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>authentication</span></a> to your reverse <a href="https://mastodon.bsd.cafe/tags/proxy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>proxy</span></a>, designed to work with <a href="https://mastodon.bsd.cafe/tags/nginx" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>nginx</span></a>' "auth_request". Several modules for checking credentials are included, one of which requires solving a crypto challenge like <a href="https://mastodon.bsd.cafe/tags/Anubis" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Anubis</span></a> does, to allow "bot-safe" guest logins. Swad is written in pure <a href="https://mastodon.bsd.cafe/tags/C" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>C</span></a>, compiles to a small (200-300kiB) binary, has minimal dependencies (zlib, OpenSSL/LibreSSL and optionally libpam) and *should* work on many <a href="https://mastodon.bsd.cafe/tags/POSIX" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>POSIX</span></a>-alike systems (<a href="https://mastodon.bsd.cafe/tags/FreeBSD" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FreeBSD</span></a> tested a lot, <a href="https://mastodon.bsd.cafe/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> and <a href="https://mastodon.bsd.cafe/tags/illumos" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>illumos</span></a> also tested)</p><p>This release is the first one not to require a server-side session (which consumes a significant amount of RAM on really busy sites), instead signed Json Web Tokens are now implemented. For now, they are signed using HMAC-SHA256 with a random key generated at startup. A future direction could be support for asymmetric keys (RSA, ED25519), which could open up new possibilities like having your reverse proxy pass the signed token to a backend application, which could then verify it, but still not forge it.</p><p>Read more, grab the latest .tar.xz, build and install it ... here: 😎 </p><p><a href="https://github.com/Zirias/swad" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">github.com/Zirias/swad</span><span class="invisible"></span></a></p>
privacy_guru<p><a href="https://theintercept.com/2025/05/22/intel-agencies-buying-data-portal-privacy/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">theintercept.com/2025/05/22/in</span><span class="invisible">tel-agencies-buying-data-portal-privacy/</span></a> This is a <a href="https://mastodon.social/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privacy</span></a> nightmare that's turned into a total disaster. If this were my <a href="https://mastodon.social/tags/government" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>government</span></a> doing this I'd seek to give as little information to all companies as possible Avoid all social media, and if you don't use only <a href="https://mastodon.social/tags/anonymous" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>anonymous</span></a> accounts with a <a href="https://mastodon.social/tags/proxy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>proxy</span></a>. Use <a href="https://mastodon.social/tags/adblockers" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>adblockers</span></a> on every device. Network wide ad blocking would be ideal. Ditch <a href="https://mastodon.social/tags/Apple" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Apple</span></a> and <a href="https://mastodon.social/tags/Google" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Google</span></a> products and install <a href="https://mastodon.social/tags/Grapheneos" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Grapheneos</span></a> and avoid connecting to cell towers and use only wifi. Proxy all data connections. 1/2</p>
Niels de Winter<p>More cool <a href="https://mastodon.social/tags/proxy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>proxy</span></a> development enabling the use of <a href="https://mastodon.social/tags/limpet" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>limpet</span></a> <a href="https://mastodon.social/tags/shells" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>shells</span></a> as <a href="https://mastodon.social/tags/archives" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>archives</span></a> for <a href="https://mastodon.social/tags/climate" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>climate</span></a>, <a href="https://mastodon.social/tags/environmental" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>environmental</span></a> and human behavioral change on <a href="https://mastodon.social/tags/archaeology" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>archaeology</span></a> timescales</p><p>www.sciencedirect.com/science/article/pii/S0031018225003086</p>
Felix Palmen :freebsd: :c64:<p>Just released: <a href="https://mastodon.bsd.cafe/tags/swad" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>swad</span></a> v0.3!</p><p><a href="https://github.com/Zirias/swad/releases/tag/v0.3" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/Zirias/swad/release</span><span class="invisible">s/tag/v0.3</span></a></p><p>swad is the "Simple Web Authentication Daemon", your tiny, efficient and (almost) dependency-free solution to add <a href="https://mastodon.bsd.cafe/tags/cookie" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cookie</span></a> + login <a href="https://mastodon.bsd.cafe/tags/form" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>form</span></a> <a href="https://mastodon.bsd.cafe/tags/authentication" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>authentication</span></a> to whatever your <a href="https://mastodon.bsd.cafe/tags/reverse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>reverse</span></a> <a href="https://mastodon.bsd.cafe/tags/proxy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>proxy</span></a> offers. It's written in pure <a href="https://mastodon.bsd.cafe/tags/C" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>C</span></a>, portable across <a href="https://mastodon.bsd.cafe/tags/POSIX" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>POSIX</span></a> platforms. It's designed with <a href="https://mastodon.bsd.cafe/tags/nginx" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>nginx</span></a>' 'auth_request' in mind, example configurations are included.</p><p>This release brings a file-based credential checker in addition to the already existing one using <a href="https://mastodon.bsd.cafe/tags/PAM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PAM</span></a>. Also lots of improvements, see details in the release notes.</p><p>I finally added complete build instructions to the README.md:</p><p><a href="https://github.com/Zirias/swad" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">github.com/Zirias/swad</span><span class="invisible"></span></a></p><p>And there's more documentation available: manpages as well as a fully commented example configuration file.</p>
Felix Palmen :freebsd: :c64:<p>Just released: <a href="https://mastodon.bsd.cafe/tags/swad" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>swad</span></a> v0.2</p><p>SWAD is the "Simple Web Authentication Daemon", meant to add <a href="https://mastodon.bsd.cafe/tags/cookie" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cookie</span></a> <a href="https://mastodon.bsd.cafe/tags/authentication" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>authentication</span></a> with a simple <a href="https://mastodon.bsd.cafe/tags/login" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>login</span></a> form and configurable credential checker modules to a reverse <a href="https://mastodon.bsd.cafe/tags/proxy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>proxy</span></a> supporting to delegate authentication to a backend service, like e.g. <a href="https://mastodon.bsd.cafe/tags/nginx" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>nginx</span></a>' "auth_request". It's a very small piece of software written in pure <a href="https://mastodon.bsd.cafe/tags/C" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>C</span></a> with as little external dependencies as possible. It requires some <a href="https://mastodon.bsd.cafe/tags/POSIX" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>POSIX</span></a> (or "almost POSIX", like <a href="https://mastodon.bsd.cafe/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a>, <a href="https://mastodon.bsd.cafe/tags/FreeBSD" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FreeBSD</span></a>, ...) environment, OpenSSL (or LibreSSL) for TLS and zlib for response compression.</p><p>Currently, the only credential checker module available offers <a href="https://mastodon.bsd.cafe/tags/PAM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PAM</span></a> authentication, more modules will come in later releases.</p><p>swad 0.2 brings a few bugfixes and improvements, especially helping with security by rate-limiting the creation of new sessions as well as failed login attempts. Read details and grab it here:</p><p><a href="https://github.com/Zirias/swad/releases/tag/v0.2" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/Zirias/swad/release</span><span class="invisible">s/tag/v0.2</span></a></p>
📡 RightToPrivacy & Tech Tips<p>TRUST NO ONE: <br>Combining Tor + VPN Risks / Danger</p><p><a href="https://fosstodon.org/tags/cyber" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cyber</span></a> <a href="https://fosstodon.org/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://fosstodon.org/tags/tech" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>tech</span></a> <a href="https://fosstodon.org/tags/anonymous" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>anonymous</span></a> <a href="https://fosstodon.org/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privacy</span></a> <a href="https://fosstodon.org/tags/VPN" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>VPN</span></a> <a href="https://fosstodon.org/tags/Tor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tor</span></a> <a href="https://fosstodon.org/tags/proxy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>proxy</span></a> <a href="https://fosstodon.org/tags/encryption" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>encryption</span></a> <a href="https://fosstodon.org/tags/e2ee" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>e2ee</span></a> <a href="https://fosstodon.org/tags/peertube" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>peertube</span></a> </p><p><a href="https://tube.tchncs.de/w/76KXS7y99k3ergefhtYtxQ" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">tube.tchncs.de/w/76KXS7y99k3er</span><span class="invisible">gefhtYtxQ</span></a></p>
Stuart Longland (VK4MSL)<p>This afternoon, I got close to what I wanted to achieve in terms of load-balancing between the two <a href="https://mastodon.longlandclan.id.au/tags/AI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AI</span></a> <a href="https://mastodon.longlandclan.id.au/tags/sabots" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>sabots</span></a> I have running.</p><p>I had originally planned to use <a href="https://mastodon.longlandclan.id.au/tags/OpenBSD" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenBSD</span></a>'s <a href="https://mastodon.longlandclan.id.au/tags/OpenHTTPD" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenHTTPD</span></a> or <a href="https://mastodon.longlandclan.id.au/tags/RelayD" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RelayD</span></a> to do the job, but <a href="https://mastodon.longlandclan.id.au/tags/HAProxy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HAProxy</span></a> <a href="https://mastodon.longlandclan.id.au/tags/PROXY" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PROXY</span></a> protocol was the limiting factor… so I went <a href="https://mastodon.longlandclan.id.au/tags/nginx" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>nginx</span></a> instead.</p><p>One thing I haven't worked out yet, is how to pass the client IP by PROXY protocol to a HTTP back-end. Seems I can do it for a generic TCP stream, but not HTTP.</p><p>The alternative is to set X-Forwarded-For, and have the back-ends trust it, like they trust PROXY for the gateway's IPv4 address for <a href="https://mastodon.longlandclan.id.au/tags/sniproxy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>sniproxy</span></a>.</p><p>But… it works, you can hit <a href="https://sabot.vk4msl.com/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">sabot.vk4msl.com/</span><span class="invisible"></span></a> and you'll either get sabot01 (which uses nepenthes) or sabot02 (which uses iocaine). Since neither cares about the URI, I can bounce the client between them.</p><p>This did get me thinking though, if enough of us did it, we could have a <a href="https://mastodon.longlandclan.id.au/tags/AISabotAsAService" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AISabotAsAService</span></a> for websites to redirect/link to when they think they're being scraped by an AI bot.</p><p>We could provide a pool of servers that would provide the link maze. Front-end proxies would just bounce you between all the pool members, feeding your bot nonsense.</p>
Alexey Skobkin<p>Принял волевое решение перевернуть схему работы правил в расширении SwitchyOmega.</p><p>Теперь по дефолту браузер идёт в ShadowSocks, а уже для избранных ресурсов - напрямую.</p><p>После наглухо отбитой блокировки зарубежных датацентров пачками поддерживать список стало слишком тяжело. Тем более он и так уже давно не влезал в лимит, который расширение может синхронизировать.</p><p><a href="https://lor.sh/tags/log" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>log</span></a> <a href="https://lor.sh/tags/Russia" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Russia</span></a> <a href="https://lor.sh/tags/censorship" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>censorship</span></a> <a href="https://lor.sh/tags/proxy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>proxy</span></a> <a href="https://lor.sh/tags/log" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>log</span></a> <a href="https://lor.sh/tags/thoughts" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>thoughts</span></a> <a href="https://lor.sh/tags/shit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>shit</span></a></p>
bjoern<p>yeah, <a href="https://mastodon.social/tags/deltachat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>deltachat</span></a> cares for <a href="https://mastodon.social/tags/encryption" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>encryption</span></a> <a href="https://mastodon.social/tags/circumvention" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>circumvention</span></a> <a href="https://mastodon.social/tags/proxy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>proxy</span></a> <a href="https://mastodon.social/tags/pfs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pfs</span></a> <a href="https://mastodon.social/tags/securityaudits" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>securityaudits</span></a> <a href="https://mastodon.social/tags/pgp" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pgp</span></a> <a href="https://mastodon.social/tags/zerotrust" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>zerotrust</span></a> <a href="https://mastodon.social/tags/securemessaging" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>securemessaging</span></a> and the like ... but did you know next <a href="https://mastodon.social/tags/iOS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>iOS</span></a> version will have ADAPTIVE ICONS!!!11!!ONE1!</p>
George E. 🇺🇸♥🇺🇦🇵🇸🏳️‍🌈🏳️‍⚧️<p>For the love of god if you're trying to convince your employer or an organization to "come over" to the <a href="https://bofh.social/tags/Fediverse" rel="nofollow noopener" target="_blank">#Fediverse</a>, do NOT under any circumstances suggest that they set up a <a href="https://bofh.social/tags/Mastodon" rel="nofollow noopener" target="_blank">#Mastodon</a> <a href="https://bofh.social/tags/instance" rel="nofollow noopener" target="_blank">#instance</a><span>!<br><br>Mastodon is the ONLY Fediverse platform that ... </span><i>by default</i> ... forces <a href="https://bofh.social/tags/server" rel="nofollow noopener" target="_blank">#server</a> <a href="https://bofh.social/tags/admins" rel="nofollow noopener" target="_blank">#admins</a> to <a href="https://bofh.social/tags/cache" rel="nofollow noopener" target="_blank">#cache</a>, <a href="https://bofh.social/tags/copy" rel="nofollow noopener" target="_blank">#copy</a>, and <a href="https://bofh.social/tags/proxy" rel="nofollow noopener" target="_blank">#proxy</a> <b>all <a href="https://bofh.social/tags/media" rel="nofollow noopener" target="_blank">#media</a></b> that passes through its server. This means that not only are server admins paying to host the media their users <a href="https://bofh.social/tags/upload" rel="nofollow noopener" target="_blank">#upload</a>, but they have to pay to host the media <b>everyone else on the fucking fediverse uploads as well.</b><span><br><br>Other platforms offer this feature, but </span><b>Mastodon is the only one that has this turned on by default.</b><span><br><br>This results in Mastodon server admins having to shell out thousands of dollars each month in </span><a href="https://bofh.social/tags/S3" rel="nofollow noopener" target="_blank">#S3</a><span> hosting costs for no reason whatsoever.<br><br>There are much better alternative instance platforms than Mastodon.</span></p>
Thomas Bourgenot<p>Si tu veux les coulisses de la sortie de notre rapport sur la publicité automobile, y a <span class="h-card" translate="no"><a href="https://framapiaf.org/@kgaiji" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>kgaiji</span></a></span> qui va en parler dans le <a href="https://mastodon.social/tags/Proxy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Proxy</span></a> de <span class="h-card" translate="no"><a href="https://mamot.fr/@lorisguemart" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>lorisguemart</span></a></span> pour <span class="h-card" translate="no"><a href="https://mamot.fr/@arretsurimages" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>arretsurimages</span></a></span> </p><p>Ça commence à 17h30, par là -&gt; <a href="https://www.twitch.tv/arretsurimages" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">twitch.tv/arretsurimages</span><span class="invisible"></span></a></p>
Tal<p>-8-</p><p>Why are you still using my server for your internet access - Thomas Boejstrup Johansen</p><p>Ah, WPAD — now that's a name I haven't heard in a long time.</p><p>Short for "Web Proxy Auto-Discovery", WPAD is a protocol for machines on local networks to get their proxy configuration. Invented by Netscape in 1996, this protocol has been deprecated for a LONG time — in 1999, today marking its 25th anniversary.</p><p>WPAD is pretty simple — it uses the network name of the user's machine to search for a <code>wpad.dat</code> file, going from more specific to broad. For example, if the network name is <code>pc.team.dep.org.com</code>, a WPAD implementation will try to fetch <code>wpad.team.dep.org.com/wpad.dat</code>, <code>wpad.dep.org.com/wpad.dat</code> and <code>wpad.org.com/wpad.dat</code> in order as long as the last one wasn't found.</p><p><code>wpad.dat</code> is a Proxy Auto-Config (PAC) file - a JavaScript file running in a limited environment. It implements a function that takes a URL and decides on the proxy server for the request (or DIRECT, for no proxy).</p><p>So why is this interesting? It happens that many implementations do an additional step, stripping the domain all the way to <code>wpad.com/wpad.dat</code>. </p><p>This is on the public internet! Thus this implementation takes a PAC file from a stranger and uses it as the device's proxy configuration.</p><p>Luckily, notable WPAD TLDs — <code>com</code>, <code>org</code>, and <code>net</code> — are protected and cannot be registered. However, others are fair game!</p><p>In his excellent talk, Thomas reveals that he was able to register <code>wpad.dk</code> (the TLD for Denmark) alongside a few more.</p><p>He set up a simple PAC file directing all traffic back to <code>p.wpad.dk</code>, with interesting information like the domain, private and public IP addresses of the client. The proxy always responds with an error message, while Thomas was able to record details about the access.</p><p>Here's the stats: 90K requests a day, totaling a whopping 1.1 billion (!!) requests in a year. They span the entire world but mostly from Europe.</p><p>The HTTP GET requests were made to many file extensions, like thousands of credentials and over half a million executables. About 200k URLs also included credentials in parameters! Interestingly, the server has received POST requests too, with their entire body!</p><p>The clients' User-Agents show how the WPAD issue is not solely a Microsoft problem but spans almost every possible client in existence — Linux, Apple, and many distinct applications are affected.</p><p>During his research, Thomas also looked at <code>wpad.dat</code> files on other TLDs, finding some suspiciously malicious — one redirecting unencrypted requests through their proxy, and another one stealing ad requests, possibly for revenue theft!</p><p>The talk is great, containing hilarious tidbits about the research and the feedback form on the proxy. These vulnerabilities display both the ingenuity of researchers and the difficulty of fully deprecating a problematic service once it's deeply ingrained in systems.</p><p><a href="https://infosec.exchange/tags/DEFCON" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DEFCON</span></a> <a href="https://infosec.exchange/tags/wpad" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>wpad</span></a> <a href="https://infosec.exchange/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerability</span></a> <a href="https://infosec.exchange/tags/proxy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>proxy</span></a></p><p><a href="https://www.youtube.com/watch?v=uwsykPWa5Lc" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">youtube.com/watch?v=uwsykPWa5L</span><span class="invisible">c</span></a></p>
Ben Royce 🇺🇦<p>1950:</p><p>"The <a href="https://mastodon.social/tags/Koreanwar" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Koreanwar</span></a> is a <a href="https://mastodon.social/tags/proxy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>proxy</span></a> war between the <a href="https://mastodon.social/tags/West" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>West</span></a> and <a href="https://mastodon.social/tags/Russia" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Russia</span></a> in <a href="https://mastodon.social/tags/Asia" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Asia</span></a>"</p><p>2024:</p><p>"The <a href="https://mastodon.social/tags/Ukrainewar" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Ukrainewar</span></a> is a proxy war between <a href="https://mastodon.social/tags/NorthKorea" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NorthKorea</span></a> and <a href="https://mastodon.social/tags/SouthKorea" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SouthKorea</span></a> in <a href="https://mastodon.social/tags/Europe" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Europe</span></a>"</p><p><a href="https://euromaidanpress.com/2024/10/22/south-korea-considers-sending-personnel-to-ukraine-as-north-deploys-troops-to-russia/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">euromaidanpress.com/2024/10/22</span><span class="invisible">/south-korea-considers-sending-personnel-to-ukraine-as-north-deploys-troops-to-russia/</span></a></p>
Ricardo Martín :bsdhead:<p>Freenginx mail proxy server features</p><p><a href="https://freenginx.org/en/#mail_proxy_server_features" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">freenginx.org/en/#mail_proxy_s</span><span class="invisible">erver_features</span></a><br><a href="https://www.freshports.org/www/freenginx/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">freshports.org/www/freenginx/</span><span class="invisible"></span></a></p><p><a href="https://mastodon.bsd.cafe/tags/nginx" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>nginx</span></a> <a href="https://mastodon.bsd.cafe/tags/freenginx" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>freenginx</span></a> <a href="https://mastodon.bsd.cafe/tags/proxy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>proxy</span></a> <a href="https://mastodon.bsd.cafe/tags/mail" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>mail</span></a> <a href="https://mastodon.bsd.cafe/tags/selfhosting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>selfhosting</span></a></p>
MakerTube<p>I'm looking for a reliable (paid) <a href="https://mastodon.social/tags/proxy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>proxy</span></a> service. Upcoming <a href="https://mastodon.social/tags/Peertube" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Peertube</span></a> version has separate proxy support for Youtube downloads and this might bring back channel synchronization. Any suggestions?</p>
aCiReP<p>What would you recommend to be simple traffic proxy on FreeBSD from jails host to multiple jails that serve various web apps?</p><p>Nginx or relayd? Or something else?</p><p><a href="https://mastodon.bsd.cafe/tags/freebsd" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>freebsd</span></a> <a href="https://mastodon.bsd.cafe/tags/proxy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>proxy</span></a></p>
As The World Turns<p><span class="h-card"><a href="https://mastodon.social/users/simplex" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>simplex</span></a></span></p><p>Can the <a href="https://libranet.de/search?tag=private" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>private</span></a> <a href="https://libranet.de/search?tag=secure" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>secure</span></a> <a href="https://libranet.de/search?tag=simplex" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>simplex</span></a> <a href="https://libranet.de/search?tag=chat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>chat</span></a> msgr be blocked by countries like how Signal <a href="https://libranet.de/search?tag=Msgr" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Msgr</span></a> was recently blocked by <a href="https://libranet.de/search?tag=Russia" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Russia</span></a>?</p><p>If so, does <a href="https://libranet.de/search?tag=simpleXchat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>simpleXchat</span></a> have a workaround to allow <a href="https://libranet.de/search?tag=sxc" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>sxc</span></a> users to still communicate with each other? Signal <a href="https://libranet.de/search?tag=IM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IM</span></a> has a global <a href="https://libranet.de/search?tag=self-hosted" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>self-hosted</span></a> <a href="https://libranet.de/search?tag=proxy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>proxy</span></a> programme for the broader global community for volunteers who can spin up a proxy to keep the <a href="https://libranet.de/search?tag=Signal" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Signal</span></a> chatter flowing in those affected regions.</p><p>simplex.chat</p><p><a href="https://libranet.de/search?tag=fediverse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fediverse</span></a></p><p><a href="https://simplex.chat" rel="nofollow noopener" target="_blank">simplex.chat</a></p>
BastaBerlin<p><a href="https://kolektiva.social/tags/Signal" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Signal</span></a> got blocked in <a href="https://kolektiva.social/tags/Russia" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Russia</span></a> <a href="https://kolektiva.social/tags/%D1%80%D0%BE%D1%81%D1%81%D0%B8%D1%8F" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>россия</span></a> (and perhaps in <a href="https://kolektiva.social/tags/Venezuela" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Venezuela</span></a> soon).</p><p>So for people who want to reconnect: We run a signal <a href="https://kolektiva.social/tags/proxy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>proxy</span></a> and you are welcome to use, just leave us a DM, to get the connection details. <a href="https://kolektiva.social/tags/SignalProxy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SignalProxy</span></a> </p><p><a href="https://signal.org/blog/proxy-please/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">signal.org/blog/proxy-please/</span><span class="invisible"></span></a></p>
Aral Balkan<p>…but in case any of you want to do something similar, here’s me mocking a WritableStream using a Proxy to provide mock stdout and stderr streams to Console instances to capture the output and save them in my database:</p><p><a href="https://codeberg.org/kitten/app/src/branch/logs/src/Logs.js#L47" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">codeberg.org/kitten/app/src/br</span><span class="invisible">anch/logs/src/Logs.js#L47</span></a></p><p>And here’s the actual monkeypatching code:</p><p><a href="https://codeberg.org/kitten/app/src/branch/logs/src/Logs.js#L140" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">codeberg.org/kitten/app/src/br</span><span class="invisible">anch/logs/src/Logs.js#L140</span></a></p><p><a href="https://mastodon.ar.al/tags/monkeyPatching" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>monkeyPatching</span></a> <a href="https://mastodon.ar.al/tags/JavaScript" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>JavaScript</span></a> <a href="https://mastodon.ar.al/tags/console" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>console</span></a> <a href="https://mastodon.ar.al/tags/NodeJS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NodeJS</span></a> <a href="https://mastodon.ar.al/tags/web" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>web</span></a> <a href="https://mastodon.ar.al/tags/dev" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dev</span></a> <a href="https://mastodon.ar.al/tags/Proxy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Proxy</span></a> <a href="https://mastodon.ar.al/tags/Streams" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Streams</span></a> <a href="https://mastodon.ar.al/tags/mocking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>mocking</span></a></p>