Encrypt all the things!

@jdsnape thanks for that, sorry forgot to reply but took onboard the advice at the time cheers

Finally got around to testing Tailscale.

Neat. Can RDP onto my desktop from my laptop via its allocated IP.

^ unless it's sleeping. :)

Can I do some kind of Wake-On-LAN shit for my PC? Is that a BIOS setting? Or do I just need to leave my PC on when I'm away?

Might also need explicit support from your router, or some other device on the LAN which does stay on and can send the magic packet.

Asked on the raspberry pi thread but figure this might be the place to ask. I've set up a raspberry pi with dietpi, something like a lightweight os and have sonarr, deluge etc installed, NAS folders mounted and openVPN my installed. Downloaded config files from surfshark which consists of a zip of loads of .ovpn files. Now I assume I just replace the config file on the pi with the relevant one of those for the server I want to use?

Dietpi instructions just say this:

DietPi will generate the client config file and place it here:
/boot/DietPi_OpenVPN_Client.ovpn.
Simply power off and plug the SD card into your target system to obtain the file from the FAT partition.
DietPi will also create a copy of the file in
/mnt/dietpi_userdata/DietPi_OpenVPN_Client.ovpn.
Use one of DietPi’s file servers to access this file.

Also I want to maintain local access for SSH and accessing the software, will that be possible if traffic is forced to the VPN server at some remote location? Just want to hide what's coming and going to to pi for.... reasons.

ok, openVPN configured. Now how to I tell if it's working?

It should show a different external ip address.

I use Chrome for google stuff and Firefox for other stuff. I'm not logged in to my google account on Firefox (so far as I'm aware).

When I search for places on Firefox and go on google maps it also shows my location. It's not fully accurate but it's normally within a few hundred metres. Question is where has it got this location from?

I'm assuming it isn't my phone as I'm not signed in and I don't think it should be the browser as, so far as I can tell, that doesn't have any sites with location granted. Any bright ideas, am I missing some other setting on Firefox or something? Am I actually logged in somehow?

1 Attachment

It's not fully accurate but it's normally within a few hundred metres. Question is where has it got this location from?

IP address.

It knows from the Google account the precision of where the IP address is. But it will locate roughly based on it when not signed in on the Google account.

Use a VPN to prove it.

Google will also make inferences about your location from your search history.

And from joining web activity /location data between browsers / apps / devices used by you / others on your network.

Got a question please, is NextDNS still a good option for making my phone and laptop more secure? Or would I be better of with a VPN? Thanks.

NextDNS is more effective than a VPN at more secure and ad free.

The only thing it can't do is hide your IP.

If you're going to do one and aren't doing illegal stuff, do NextDNS.

Thanks @Velocio, as always I really appreciate your advice on this thread.
One more for you please. On my phone I can turn next DNS on and off with the app. On the laptop there doesn't appear to be such a straightforward way to do this other than stay logged on on the webpage?

On the phone, an Android, I use the Private DNS function and just leave it permanently on.

On my browsers, Firefox, I configure the DNS over HTTPS function to use the NextDNS endpoint.

On my fixed home network I use the IPs for NextDNS as the DNS on my router.

On my laptops, I configure https://github.com/getdnsapi/stubby on Mac, Windows and Linux... but TBH, 99% of my traffic comes from browsers so mostly I care about those.

I'm not using the NextDNS app at all... I dunno, I don't see the point in running processes I don't need and DNS is a very lightweight thing so why run an app. You can if you want, I just don't see the point.

What do people recommend for location shifting for stuff (video watching mainly) where the providers are actively looking for it and block them?

I've got NordVPN but using their various locations still generally ends up with messages that I am out of the permitted territory.

Is there anything out there or is it the case that anything that works soon gets popular enough to be blocked?

Avoid by being a pirate?

It's mainly live stuff I want to watch.

Thanks @Velocio, you have given me some homework to do cheers

I’ve been using IPVanish for a couple of years, it did the job with Netflix, and iPlayer when abroad. But I was in Spain in May and it kept getting blocked, so no longer fit for purpose.

I switched to Surfshark recently and so far so good, I’m back out to Spain next week so that will be the real test.

I used to run NordVPN on a Mac and Unlocator smartDNS on the router. That way if Nord was getting blocked I could switch to the Apple TV or another computer to try through the smart DNS. one would normally work for most things including most live stuff. Only thing I’d turn it all off for was Ramsplayer as that actually needed to see me in HK to stream live games for cheap monies.

Any reason not to set Tailscale to Run Unattended?

I've not got around to working out how to configure Wake On LAN so figured I'd just leave the box running full time and hope it stays up.

No issues at all.

Thanks.

Cheers, I've seen some mention of surfshark elsewhere so will look at that.

@Ramsaye Unlocator smartDNS does look like the kind of thing I need. One of the main things is for ClaretsPlus which I suspect may be similar technology to Ramsplayer. It claims to work with Optus though which is one of the ones I was looking at.

Does anyone know anything about Okta 2FA?

A client wants me to use it to access cloud files but I don't particularly want to install stuff on my mobile. Any idea if it can be substituted with Google Authenticator or Aegis or something?