Skip to Main Content

Security

Improving WordPress Part 3 – SoC & The Editor (A suggestion to Core)

If you already know all about the WordPress editor, you can skip directly to the section on separation of concern.

The WordPress editor is a curious beast. It’s oddly tied down into the core codebase, despite being a completely external project (TinyMCE), and it has given rise to a significant number of hacks and workarounds, to try to support the various workflows of different WordPress users. Since 2017 is the year for WordPress core to focus on the editor, I thought I’d put down some thoughts, in the hopes that I might help inform some decisions. read more »

When using an anonymizing VPN, Check your DNS Servers!

Posted on by gschoppe

If you are like most home broadband users, your machine is either connected directly to a broadband modem, or connected to a router that is connected to a broadband modem,  Your machine gets all of its addressing information over DHCP from the modem or router, and all is well. If you’re using a router, chances are that your router is getting its DNS settings over DHCP, from your ISP.  This means that your computer is using DNS servers that are linked to your ISP in your area.

If you start up a VPN session, ideally you receive a new set of DNS servers from the VPN endpoint, however, that is not always the case.  What can end up happening is that your machine sends a DNS query through the encrypted pipe, to your local ISP controlled DNS server.  Why is this bad?  Because, when an ISP gets a DNS request from a known VPN provider, they can simply look for a user sending traffic to that VPN’s IP address, in their local area.  Once they find that, they potentially have a one to one mapping between user and data requested.

So, how do I fix it?  If you’re lucky, your VPN provides you with DNS servers.  Use them for ALL traffic, not just encrypted VPN use.  If you aren’t so lucky, you can mitigate the issue by using a large scale DNS server that doesn’t serve a specific area, such as Google’s DNS servers (8.8.8.8 and 8.8.4.4).  These will log data, but through the VPN, they have no reasonable way of identifying you through the data.

Special Case: Proxy to VPN
If you are using my AnonyBox, or another proxy solution to connect to your VPN, your browser may be sending your DNS queries directly through your connection to your ISP, unencrypted.  This is VERY BAD.

Chrome is the only browser that handles the situation correctly by default.  As long as you are using a SOCKS v5 proxy or HTTP proxy, all DNS queries are made proxy-side.  However, if you are using a SOCKS v4 proxy, you are not safe.

In Firefox, you will need to change a setting.  Type “about:config” into the address bar, and find the line that reads “network.proxy.socks_remote_dns”.  Set it to true and restart Firefox.  For Firefox, you will want to ensure that you are using a SOCKS v5 proxy, and not an HTTP proxy.

As always, stay safe and have fun.