internet

64 Articles

DNS-over-HTTPS Is The Wrong Partial Solution

October 21, 2019 by 51 Comments

Openness has been one of the defining characteristics of the Internet for as long as it has existed, with much of the traffic today still passed without any form of encryption. Most requests for HTML pages and associated content are in plain text, and the responses are returned in the same way, even though HTTPS has been around since 1994.

But sometimes there’s a need for security and/or privacy. While the encryption of internet traffic has become more widespread for online banking, shopping, the privacy-preserving aspect of many internet protocols hasn’t kept pace. In particular, when you look up a website’s IP address by hostname, the DNS request is almost always transmitted in plain text, allowing all the computers and ISPs along the way to determine what website you were browsing, even if you use HTTPS once the connection is made.

The idea of also encrypting DNS requests isn’t exactly new, with the first attempts starting in the early 2000s, in the form of DNSCrypt, DNS over TLS (DoT), and others. Mozilla, Google, and a few other large internet companies are pushing a new method to encrypt DNS requests: DNS over HTTPS (DoH).

DoH not only encrypts the DNS request, but it also serves it to a “normal” web server rather than a DNS server, making the DNS request traffic essentially indistinguishable from normal HTTPS. This is a double-edged sword. While it protects the DNS request itself, just as DNSCrypt or DoT do, it also makes it impossible for the folks in charge of security at large firms to monitor DNS spoofing and it moves the responsibility for a critical networking function from the operating system into an application. It also doesn’t do anything to hide the IP address of the website that you just looked up — you still go to visit it, after all.

And in comparison to DoT, DoH centralizes information about your browsing in a few companies: at the moment Cloudflare, who says they will throw your data away within 24 hours, and Google, who seems intent on retaining and monetizing every detail about everything you’ve ever thought about doing.

DNS and privacy are important topics, so we’re going to dig into the details here. Continue reading “DNS-over-HTTPS Is The Wrong Partial Solution”

Run Your Own Phone To Bring The Dreamcast Back Online

July 31, 2019 by 17 Comments

Playing a video game online is almost second nature now. So much so that almost all multiplayer video games have ditched their split-screen multiplayer modes because they assume you’d rather just be alone at your house than hanging out with your friends. This wasn’t always the case though. In the early days of online multiplayer, systems had to rely on dial-up internet before broadband was readily available (and still had split screen if you didn’t even have that). Almost no one uses dial up anymore though, so if you still like playing your old Dreamcast you’re going to have to do some work to get it online again.

Luckily for all of us there’s a Raspberry Pi image to do almost anything now. This project from [Kazade] uses one to mimic a dial-up connection for a Dreamcast so you can connect with other people still playing Quake 20 years later. It’s essentially a network bridge, but you will need some extra hardware because phone lines use a high voltage line that you’ll have to make (or buy) a solution for. Once all the hardware is set up and working, you’ll need to make a few software configuration changes, but it’s a very straightforward project.

Granted, there have been ways of playing Dreamcast games online before, but this new method really streamlines the process and makes it as simple as possible. The Dreamcast was a great system, and there’s an argument to be made that the only reason it wasn’t more popular was that it was just slightly too far ahead of its time.

Thanks to [Rusty] for the tip!

Connecting New York City To The Backbone: Meet NYC’s Mesh Network

June 30, 2019 by 25 Comments

Access to fast and affordable internet is a big issue in the USA, even in a major metropolis such as New York City. Amidst a cartel of ISPs who simply will not deliver, a group of NYC inhabitants first took it upon themselves to ease this situation by setting up their own mesh-based internet connections way back in 2013. Now they will be installing a new Supernode to take the installation base far beyond the current 300 buildings serviced.

As a community project, NYC Mesh is run as a non-profit organization, with its community members supporting the effort through donations, along with partnerships with businesses. Its router hardware consists out of off-the-shelf equipment (with a focus on the Ubiquiti NanoStation NSM5) that get flashed with custom firmware containing the mesh routing functionality.

As this article by Vice mentions, NYC Mesh is one of 750 community-led broadband projects in the US. Many of those use more traditional fixed wiring with distribution lines, but NYC Mesh focuses fully on wireless (WiFi) links with wireless mesh networking. This has the obvious benefit that given enough bandwidth on the Supernodes that hook into the Internet exchange points (IXP) and an efficient mesh routing protocol, it’s quick and easy to hook up new clients and expand the network.

The obvious downsides of using WiFi and RF in general is that they are not immune to outside influences, such as weather (rain), RF interference (including from other WiFi stations) and of course fairly limited range if there’s no direct line of sight. In a densely populated city such as NYC this is not much of an issue, with short hops between roof tops.

Everything We Know About SpaceX’s Starlink Network

May 20, 2019 by 75 Comments

When it comes to SpaceX, or perhaps more accurately its somewhat eccentric founder and CEO Elon Musk, it can be difficult to separate fact from fiction. For as many incredible successes SpaceX has had, there’s an equal number of projects or ideas which get quietly delayed or shelved entirely once it becomes clear the technical challenges are greater than anticipated. There’s also Elon’s particular brand of humor to contend with; most people assumed his claim that the first Falcon Heavy payload would be his own personal Tesla Roadster was a joke until he Tweeted the first shots of it being installed inside the rocket’s fairing.

So a few years ago when Elon first mentioned Starlink, SpaceX’s plan for providing worldwide high-speed Internet access via a mega-constellation of as many as 12,000 individual satellites, it’s no surprise that many met the claims with a healthy dose of skepticism. The profitability of Starlink was intrinsically linked to SpaceX’s ability to substantially lower the cost of getting to orbit through reusable launch vehicles, a capability the company had yet to successfully demonstrate. It seemed like a classic cart before the horse scenario.

But today, not only has SpaceX begun regularly reusing the latest version of their Falcon 9 rocket, but Starlink satellites will soon be in orbit around the Earth. They’re early prototypes that aren’t as capable as the final production versions, and with only 60 of them on the first launch it’s still a far cry from thousands of satellites which would be required for the system to reach operational status, but there’s no question they’re real.

During a media call on May 15th, Elon Musk let slip more technical information about the Starlink satellites than we’ve ever had before, giving us the first solid details on the satellites themselves, what the company’s goals are, and even a rough idea when the network might become operational.

Continue reading “Everything We Know About SpaceX’s Starlink Network”

It’s The Web, Basically

September 17, 2018 by 43 Comments

If you are of a certain age, you probably learned to program in Basic. Even if you aren’t, a lot of microcontroller hobbyists got started on the Basic Stamp, and there are plenty of other places where to venerable language still hides out. But if you want to write cool browser applications, you have to write JavaScript, right? Google will now let you code your web pages in Basic. Known as WWWBasic, this is — of course — a Javascript hack that you can load remotely into a web page and then have your page use Basic for customization. You can even import the thing into Node.js and use Basic inside your JavaScript, although it is hard to think of why you’d want to.

According to the project’s documentation — which is pretty sparse so far, we’re afraid — the Basic program is compiled into JavaScript on page load. There are a few examples, so you can generally pick up what’s available to use. There are graphics, the ability to read a keyboard key, and a way to handle the mouse.

Continue reading “It’s The Web, Basically”

Spanning The Tree : Dr Radia Perlman & Untangling Networks

May 29, 2018 by 33 Comments

As computer networks get bigger, it becomes increasingly hard to keep track of the flow of data over this network. How do you route data, making sure that the data is spread to all parts of the network? You use an algorithm called the spanning tree protocol — just one of the contributions to computer science of a remarkable engineer, Dr. Radia Perlman. But before she created this fundamental Internet protocol, she also worked on LOGO, the first programming language for children, creating a dialect for toddlers.

Continue reading “Spanning The Tree : Dr Radia Perlman & Untangling Networks”

Becoming Your Own ISP, Just For Fun

November 18, 2017 by 46 Comments

When moving into a new house, it’s important to arrange for the connection of basic utilities. Electricity, water, and gas are simple enough, and then it’s generally fairly easy to set up a connection to an ISP for your internet connection. A router plugs into a phone line, or maybe a fiber connection and lovely packets start flowing out of the wall. But if you’re connected to the internet through an ISP, how is the ISP connected? [Kenneth] answers this in the form of an amusing tale.

It was during the purchase of data centre rack space that [Kenneth]’s challenge was laid down by a friend. Rather then simply rely on the connection provided by the data centre, they would instead rely on forging their own connection to the ‘net, essentially becoming their own Internet Service Provider.

This is known as creating an Autonomous System. To do this involves several challenges, the first of which is understanding just how things work at this level of networking. [Kenneth] explains the vagaries of the Border Gateway Protocol, and why its neccessary to secure your own address space. There’s also an amusing discussion on the routing hardware required for such a feat and why [Kenneth]’s setup may fall over within the next two years or so.

It’s not for the faint hearted, and takes a fair bit of paperwork, but [Kenneth] has provided an excellent guide to the process if you really, really just need to own your own corner of the internet. That said, there are other networking tricks to cut your teeth on if you’d like a simpler challenge, like tunneling IP over ICMP.