A list of Digital Service Providers outside the jurisdiction of the United States of America.

https://codeberg.org/Linux-Is-Best/Outside_Us_Jurisdiction

This is a group project, so feel free to reach out if you have any suggestions, or learn any new information.

#Vpn #Email #Dns #Domain #Messenger #WebHosting #PasswordManager #WebSearch #SearchEngine #OperatingSystem #PaymentProcessing #UsJurisdiction #Project2025 #UnitedStates #Privacy #Security

We are looking for a Senior Technical Support Engineer to join the Quad9 team - specifically in UTC -3 to UTC -5.

You can get all the details here: https://docs.quad9.net/jobs/Senior_Technical_Support_Engineer_%28Remote%29/

We recently sat down with our Director of #ThreatIntel to talk about her role at Quad9 and what she enjoys about her work.

https://www.quad9.net/news/blog/staff-highlight-emilia-cebrat-maslowski

Online gambling operators are sponsoring charities?? If only :(

We've identified a malicious gambling affiliate whose specialty is to buy expired domain names which used to belong to charities or reputable organisations.

Once they own a domain, they host a website impersonating its previous owner, where they claim to "deeply appreciate the support from [their] sponsors", which surprise surprise, all turn out to be dubious online gambling companies.

Because the domain they are taking over is often abandoned or managed by non-technical people, its previous owner often doesn't notify anyone that they've lost control of their website, so it continues being referenced in genuine content, and it continues getting traffic from old links scattered throughout the internet.

teampiersma[.]org (screenshots below)
americankayak[.]org
getelevateapp[.]com
hotshotsarena[.]com
nehilp[.]org
questionner-le-numerique[.]org
sip-events[.]co[.]uk
studentlendinganalytics[.]com
thegallatincountynews[.]com

Comparison content:
2018: https://web.archive.org/web/20180119043432/https://teampiersma.org/
2025: https://web.archive.org/web/20250401092253/https://teampiersma.org/

It's been a long time in the works, but now you can try out Fast Reload in our recursive #DNS resolver Unbound 1.23rc1. This feature allows the server to read the new config in a thread, and when done only briefly pause the server to update the settings.
https://lists.nlnetlabs.nl/pipermail/unbound-users/2025-April/008518.html

Friendly reminder that you should be blocking all newly registered domains for your end users. Free lists like the NRD (https://github.com/xRuffKez/NRD) exist. Microsoft Defender for Endpoint also has a built in list you can enable via policy.

IMO everyone should do 365 days but even 30 or 90 will save you so much headache.
#DNS #ThreatIntel #FastFlux

Any #DNS folks know if Authenticated DNS over TLS to Authoritative Servers (ADoT) is going anywhere? Doesn’t look like recent activity on the drafts since 2022

https://www.ietf.org/archive/id/draft-dickson-dprive-adot-auth-06.html

https://datatracker.ietf.org/doc/html/draft-hal-adot-operational-considerations-00.html

In a world where things can feel topsy-turvy...we've decided to turn everything on its head today. Join the movement!

Upgraded all four of my pihole instances to v6. They’re working perfectly!

I love how a bunch of the “advanced” settings are now available from the UI. It makes initial set up so much easier.

Our Quad9 documentation is now also available in #Romanian (https://docs.quad9.net/ro/) thanks to the help of our friend, Toma Minea (https://www.linkedin.com/in/toma-minea-86900582/).

blog! “How to prevent Payment Pointer fraud”

There's a new Web Standard in town! Meet WebMonetization - it aims to be a low effort way to help users passively pay website owners.

The pitch is simple. A website owner places a single new line in their HTML's <head> - something like this:

<link rel="monetization"…

Read more: https://shkspr.mobi/blog/2025/03/how-to-prevent-payment-pointer-fraud/
⸻
#CyberSecurity #dns #HTML #standards #WebMonitization

Great blog from our friends at #MaxMind about how we use their #GeoIP data to identify regions that are in the most need of our services! All while maintaining our strict privacy standards.

https://blog.maxmind.com/2025/03/how-open-dns-recursive-service-quad9-uses-maxmind-data-to-understand-usage-patterns-and-secure-funding/

I’ve been asked a few times over the course of the same amount of days, what would happen if the powers that be began deleting top-level domains (TLDs) from the DNS system, and whether there is something we (e.g. Asians, Africans, Europeans, Canadians, South Americans, Australians, etc.) could do about it.

A very theoretical scenario, DNS edition

https://jpmens.net/2025/03/27/theoretical-scenario-dns-edition/

Another round of “hey, your server is down!” drama from the "we need moar kubernetes!" crowd.

“I can’t reach your server, it must be down.”

I connect. Everything’s fine.

A few emails later, I ask to access the container. The dev says he can’t - doesn’t know how. He’s a nice guy, though, so he gives me the credentials.

I log in and find the issue: someone pushed a workload to production (cue Kubernetes! Moooaaarrr powaaaarrr! We have the cloud! Who needs sysadmins anymore?!) with DNS set to 192.168.1.1.

Of course, it fell to me to investigate, because the dev couldn’t even get a shell inside his container. And it's ok, as he's a dev - and just wants to be a dev.

Once I pointed it out, they rebuilt the container with the correct config and - TADA! - everything worked again.

Then he went to check other workloads (for other clients, not managed by me) that had been having issues for weeks... Same problem.

It was DNS.
But it wasn't DNS.

In case USA provides even more surprises, can Europe run our own root name servers as an alternative to root-servers.net, since .net zone is operated by VeriSign, and .org (hosting root hints) by Public Internet Registry, which are both US entities?

Correction: root hints are on .net domain too, IANA only links to actual file.

The latest from the Quad9 blog => The Public Risk of Governments Controlling #DNS Providers
https://www.quad9.net/news/blog/the-public-risk-of-governments-controlling-dns-providers
We'd love to hear your thoughts!

TIL:

`sudo resolvectl show-cache`

dumps cached DNS resolution queries from your machine, so you can see the domains that the apps and sites you are running are themselves making requests to.

DNS hackathon 2025 in Stockholm

On 15 and 16 march 2025, I was at the #DNS #hackathon 2025 in Stockholm, organised by RIPE NCC, DNS-OARC and Netnod. I worked on a mechanism to synchronize the caches of DNS resolvers.

https://www.bortzmeyer.org/hackathon-dns-2025.html

@becha @dnsoarc @ripencc