After our first visit by law enforcement due to our Tor exit infrastructure, we finally took the time to write and publish our first transparency report: applied-privacy.net/posts/firs

Our DNS privacy service's resolver hosts do not send ICMP packets in response to closed UDP ports (net.inet.udp.blackhole=1).

This disrupts the SAD DNS cache poisoning attack.
saddns.net/

We updated and simplified the privacy policy for our encrypted DNS resolver service (DNS-over-HTTPS and DNS-over-TLS).
applied-privacy.net/privacy-po

Thanks to deSEC.io our reverse DNS zone 100.70.109.in-addr.arpa is now also DNSSEC signed (in addition to our forward zones).

All our public DNS resolvers have been patched to address the NXNSAttack DNS vulnerability.

For DoH.applied-privacy.net, if you did not hardcode our IP in your config then no changes are required and you should not notice the migration, if you did hardcode our IPs, here are the new IPs valid from 2020-02-15:

93.177.65.183
2a03:4000:38:53c::2

(same IPs for DoT)

Our DoH and DoT DNS privacy services will migrate to a new hoster, OS and IP address on 2020-02-15.
The current IPs will continue to work until 2020-02-19.

This will bring you the latest unbound version with less bugs and crashes (that you probably didn't notice anyway).

We are happy to have a new sponsor onboard: mailbox.org
they provide us with email services.
Why we choose them:
- access to mailboxes via onion v3 services
- DANE
- DKIM
- transparency reports
and they even run a Tor exit relay

You can find their onion addresses on this page:
kb.mailbox.org/display/MBOKB/D

Our general assembly takes place next week, come by and say hi, we have some great news to share!

when: 2019-09-06 6:00PM
where: Floragasse 7 (5. floor) 1040 Vienna

Please drop us an email if you plan to attend so we can do proper crowd control ( contact at appliedprivacy net )

@hexmasteen
thanks for the mention :)

one minor correction:
automatic does not send your DNS traffic to google but it attempts to use DoT with your current DNS resolver IP address (with no authentication)

that is the opportunistic profile

see slide 41+42 from our easterhegg talk slides:
appliedprivacy.net/files/DoH-D

Today we doubled the compute capacity that is available to our Tor exit server by installing a second CPU.

Thanks for this hardware donation!

We are happy to announce our second privacy enhancing service:

Today we are launching our DNS Privacy services supporting DNS-over-TLS and DNS-over-HTTPS

Encrypt all the things, DNS included!

appliedprivacy.net/posts/dns-p

We are celebrating the new year with some new tor exit relays :)

A happy new year!

thanks to the person who sent us a 3 digit donation last week! 🤩
if you would like some stickers let us know.

At the end of this month we will publish our first donation stats.

Show older
Mastodon

Server run by the main developers of the project 🐘 It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!