blog

Unnamed repository; edit this file 'description' to name the repository.
Log | Files | Refs
commit f5ab0e7b1ee3dfba0ba7f0bad85f92ea5cef5e01
parent cd4d6b158d358c2d827597b277a76f1a55f89739
Author: Andrew Laack <andrew@laack.co>
Date:   Fri, 17 Apr 2026 17:08:47 -0500

Added wip

Diffstat:

Aposts/wip/ai-and-meta-work.md | 5+++++


Aposts/wip/the-best-privacy-browser.md | 90+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Aposts/wip/what-makes-good-software.md | 3+++


3 files changed, 98 insertions(+), 0 deletions(-)

diff --git a/posts/wip/ai-and-meta-work.md b/posts/wip/ai-and-meta-work.md
@@ -0,0 +1,5 @@
+# AI and Meta-Work
+
+https://news.ycombinator.com/item?id=47517539
+
+> The last 10 years in the software industry in particular seems full of meta-work. New frameworks, new tools, new virtualization layers, new distributed systems, new dev tooling, new org charts. Ultimately so we can build... what exactly? Are these necessary to build what we actually need? Or are they necessary to prop up an unsustainable industry by inventing new jobs?
diff --git a/posts/wip/the-best-privacy-browser.md b/posts/wip/the-best-privacy-browser.md
@@ -0,0 +1,90 @@
+# The Best Privacy Browser
+
+The best privacy browser is Tor, but that doesn't help anyone. The question then becomes this: "What is the most privacy respecting browser that is usable?"
+
+Usable is doing a lot of heavy lifting. In general, there are two levels of usability requirements. My requirement is most websites work. For me, this means Lynx isn't usable for day to day use, but a browser like librewolf is. This divide is two fold:
+
+1. It must support JS
+2. It mustn't route traffic through a network that is frequently blocked by sites
+    - this excludes tor for general use
+
+---
+
+The three browsers worth using, ordered by privacy descending:
+
+1. Tor Browser
+2. Mullvad Browser
+3. Brave Browser
+
+I no longer recommend firefox or any of the normal derivatives (like librewolf / arkenfox).
+
+
+---
+
+No longer librewolf.
+
+Start WireShark. Open LibreWolf. That is unacceptable. This is arguably worse than Brave. Brave contacts their updating servers for extensions, variations server, and seemingly their standard updating server. I dislike this, but it's not as bad as the default librewolf.
+
+Brave doesn't allow users to disable this.
+
+---
+
+Maybe librewolf?
+
+default startup dns resolutions:
+
+> 5	2.306344381	192.168.1.9	192.168.1.1	DNS	95	Standard query 0x38d6 A content-signature-2.cdn.mozilla.net
+> 6	2.306350938	192.168.1.9	192.168.1.1	DNS	95	Standard query 0xc9d0 AAAA content-signature-2.cdn.mozilla.net
+> 7	2.307211964	192.168.1.1	192.168.1.9	DNS	111	Standard query response 0x38d6 A content-signature-2.cdn.mozilla.net A 34.160.144.191
+> 8	2.307699875	192.168.1.1	192.168.1.9	DNS	123	Standard query response 0xc9d0 AAAA content-signature-2.cdn.mozilla.net AAAA 2600:1901:0:92a9::
+> 38	2.394069350	192.168.1.9	192.168.1.1	DNS	97	Standard query 0xc18c A firefox.settings.services.mozilla.com
+> 39	2.394075315	192.168.1.9	192.168.1.1	DNS	97	Standard query 0x978f AAAA firefox.settings.services.mozilla.com
+> 40	2.398144317	192.168.1.1	192.168.1.9	DNS	149	Standard query response 0xc18c A firefox.settings.services.mozilla.com CNAME mozilla.map.fastly.net A 146.75.81.91
+> 41	2.398665207	192.168.1.1	192.168.1.9	DNS	161	Standard query response 0x978f AAAA firefox.settings.services.mozilla.com CNAME mozilla.map.fastly.net AAAA 2a04:4e42:84::347
+> 103	3.020292741	192.168.1.9	192.168.1.1	DNS	85	Standard query 0x45e4 PTR 91.81.75.146.in-addr.arpa
+> 104	3.020358823	192.168.1.9	192.168.1.1	DNS	87	Standard query 0x2e19 PTR 191.144.160.34.in-addr.arpa
+> 105	3.021571021	192.168.1.1	192.168.1.9	DNS	85	Standard query response 0x45e4 No such name PTR 91.81.75.146.in-addr.arpa
+> 106	3.022490501	192.168.1.1	192.168.1.9	DNS	140	Standard query response 0x2e19 PTR 191.144.160.34.in-addr.arpa PTR 191.144.160.34.bc.googleusercontent.com
+
+That's not acceptable.. 
+
+
+Moreover opening a new session creates this connection:
+
+> 191.144.160.34.bc.googleusercontent.com.:443
+
+This is known to be associated with ...
+
+This is not fine. This can be disabled with disabling push notifications, but that sucks.
+
+https://www.reddit.com/r/LibreWolf/comments/15hs76o/outgoing_connection_bc_googleusercontent_com/
+
+This can be disabled with ublock / your dns server, but the best way is probably to set the following to fals:
+
+dom.webnotifications.enabled
+
+dom.webnotifications.serviceworker.enabled
+
+dom.push.connection.enabled
+
+dom.push.enabled 
+
+---
+
+mullvad:
+
+- no dns resolutions on startup
+- no connections started prior to searching anything
+- no connections when typing into search bar
+    - link for why this is good
+- usable
+    - in general, I haven't found sites to becoming broken
+
+---
+
+- fingerprinting?
+    - does it warrant not blocking outbound connections?
+
+---
+
+Mullvad win:
diff --git a/posts/wip/what-makes-good-software.md b/posts/wip/what-makes-good-software.md
@@ -0,0 +1,3 @@
+Good software is made by people who are motivated to solve a problem.
+
+Money isn't the problem, it's extrinsic motivation which often creeps in when there is money, but not always, but large corporations often excacerbate these issues too. Gitea makes money, but they don't appear to be immoral soo.....