draagon

joined 1 year ago
[–] draagon@infosec.pub 1 points 1 year ago

Needing to turn off Mulvad for Netflix and other services was the deal breaker for me. Otherwise loved it.

[–] draagon@infosec.pub 5 points 1 year ago

Some projects try to make this easy. Check out this list / tag: https://github.com/topics/good-first-issue

People who know the code can quickly determine if an issue will be easy. Some things that may seem easy will be difficult, so as an outsider it's hard to guess. Working on issues tagged good-first-issue is the safest bet that the issue won't be overly complex to solve and that the maintainers are willing to work with new contributors.

[–] draagon@infosec.pub 5 points 1 year ago (2 children)

What sort of job listings or openings

You shouldn't start freelancing if you dont have a client lined up or a network of potential clients. Job boards aren't great as they typically are low rate contracts of companies looking to get a discount. If you do good work your clients will spread your name for you.

without whatever employer benefits

Either price it in to the contract or get coverage through a spouse. (Depending on country) you need to cover your own health insurance, vacations, unemployment, additional self employment taxes, business expenses, and risks that you have gaps between contracts.

If you make $100k as an employee you may need another $30k in expenses, targeting 70% billable hours. $185/hour × 50 weeks × 40 hours × 70% = $130k. Numbers are examples only.

[–] draagon@infosec.pub 2 points 1 year ago

PiHole can be bypassed with DNS over HTTPS, although there's ways to prevent that.

[–] draagon@infosec.pub 10 points 1 year ago (5 children)

For anyone looking for alternatives, I think this list is the most up to date: https://free-for.life/#/?id=domains

 

The certificate authority (CA) system does an incredible job of solving an impossible challenge. Think about it. The CAs measure control of a domain name and then issue TLS certificates that pair cryptographic keys to those names. They do this on a global scale, often automatically. It's impossible to do this perfectly, and unfortunately, they occasionally fail.

In this post I describe the challenges the CAs face, describe a history of failures, and explain the process we use to maintain confidence in the system in spite of it all.

[–] draagon@infosec.pub 31 points 1 year ago (3 children)