Stories with Tag blocking

• Turning my ESP32 into a DNS sinkhole to fight doomscrolling

  permalink

  Posted: 2025-02-28 10:39:01

  Verbose tl;dr

  The author describes creating a DNS sinkhole using an ESP32 microcontroller to combat doomscrolling. By intercepting DNS requests on their local network and redirecting specific domains (like social media sites) to a local web server, they effectively block access to these sites. The ESP32 runs a custom DNS server that returns a pre-defined IP address for targeted domains, leading devices to a blank webpage hosted on the ESP32 itself. This allows the author to curtail time spent on distracting websites without relying on browser extensions or more complex network configurations.

  The blog post "Turning my ESP32 into a DNS sinkhole to fight doomscrolling" details the author's journey to curtail their unproductive habit of excessive social media consumption using a low-power, WiFi-enabled microcontroller, the ESP32. The author posits that by intercepting and redirecting DNS requests for specific social media domains, they can effectively block access to these platforms on their local network, thus reducing the temptation to doomscroll.

  The implementation hinges on the ESP32's ability to function as a captive portal, a technique commonly employed by public Wi-Fi hotspots to require users to log in. The ESP32 mimics a legitimate DNS server, intercepting requests from devices on the network. When a device attempts to resolve the domain name of a targeted social media site, the ESP32 responds with a pre-configured IP address, effectively redirecting the device to a different location. Instead of connecting to the intended social media platform, the device is redirected to a locally hosted "block page" served by the ESP32 itself. This block page informs the user that the site is blocked and serves as a gentle reminder to avoid doomscrolling.

  The author outlines the technical steps involved in setting up the ESP32 for this purpose, including installing the necessary software libraries, configuring the captive portal functionality, and defining the list of targeted domains to be blocked. The author chose to leverage the Arduino IDE for programming the ESP32 and provides snippets of the code used for the project, including how to configure the DNS server, handle DNS requests, and set up the captive portal. They specifically used the DNSServer library to simplify DNS manipulation.

  The author further explains the limitations of this approach, acknowledging that a determined user could circumvent the block by manually changing their DNS settings. However, the author argues that the inherent friction introduced by this process is sufficient to deter casual doomscrolling. The goal isn't foolproof blocking, but rather to introduce a pause, a moment of reflection, that disrupts the automatic habit of reaching for social media.

  Finally, the author highlights the benefits of using an ESP32 for this task, emphasizing its low power consumption and relatively straightforward programming environment. They also touch upon the project's potential for customization, allowing users to tailor the blocked domains and the content of the block page to their specific needs and preferences. This DIY approach offers a personalized and adaptable solution for managing online habits, specifically targeted at reducing the negative impact of excessive social media consumption.

  • ESP32
  • dns
  • Sinkhole
  • doomscrolling
  • productivity
  • focus
  • time management
  • self-control
  • internet addiction
  • blocking
  • filtering
  • Network Management
  • DIY
  • Microcontroller
  • Embedded Systems
  • IoT

  Summary of Comments ( 9 )
  https://news.ycombinator.com/item?id=43204091

  Verbose tl;dr

  Hacker News users generally praised the project's simplicity and effectiveness for blocking distracting websites. Several commenters suggested improvements, such as using a pre-built DNS sinkhole list or implementing a local DNS server for better performance. Some discussed the ethics and potential downsides of blocking websites, particularly for families or in situations where access is necessary. Others offered alternative solutions, like using Pi-hole or modifying the hosts file. A few pointed out potential issues with the ESP32's limited resources and the importance of using a reliable power supply. The overall sentiment was positive, viewing the project as a clever, albeit somewhat limited, solution to a common problem.

  The Hacker News post "Turning my ESP32 into a DNS sinkhole to fight doomscrolling" generated a moderate number of comments, mostly focusing on the practicality and efficacy of the approach, as well as alternative solutions.

  Several commenters questioned the effectiveness of using an ESP32 for this purpose, citing its limited resources and potential performance bottlenecks. One commenter pointed out that DNS queries are generally small and infrequent, suggesting the ESP32 might be sufficient for a home network. Another countered this by highlighting the ESP32's relatively slow processing speed and limited RAM, which could become problematic with more devices or complex DNS configurations. The potential for latency issues and single point of failure were also raised as concerns.

  A prominent thread discussed alternative methods for achieving the same goal, such as using a Pi-hole, modifying the hosts file, or utilizing features built into existing routers. Pi-hole was frequently mentioned as a more robust and feature-rich solution, already designed for network-wide ad blocking and DNS sinkholing. Modifying the hosts file was suggested as a simpler, though potentially less manageable, alternative for individual devices. Some commenters highlighted the built-in DNS filtering options available in certain routers, offering a convenient solution without requiring additional hardware.

  Some users discussed the broader implications of DNS sinkholing, including the ethical considerations of blocking content and the potential for inadvertently breaking legitimate websites. One commenter argued that while the author's intentions were understandable, blocking entire domains might be overly aggressive, suggesting a more targeted approach to filtering specific unwanted content.

  While generally receptive to the author's ingenuity, the overall sentiment in the comments leans towards exploring alternative, more established solutions for DNS sinkholing and content filtering. The ESP32 approach is acknowledged as a functional proof-of-concept, but its limitations and potential drawbacks are highlighted, leading to recommendations for more robust and scalable alternatives. The discussion also extends to the ethical considerations surrounding content blocking and the importance of carefully considering the implications of such practices.

• Tell HN: Cloudflare is blocking Pale Moon and other non-mainstream browsers

  permalink

  Posted: 2025-02-05 19:08:12

  Verbose tl;dr

  Cloudflare is reportedly blocking access to certain websites for users of Pale Moon and other less common browsers like Basilisk and Otter Browser. The issue seems to stem from Cloudflare's bot detection system incorrectly identifying these browsers as bots due to their unusual User-Agent strings. This leads to users being presented with a CAPTCHA challenge, which, in some cases, is unpassable, effectively denying access. The author of the post, a Pale Moon user, expresses frustration with this situation, especially since Cloudflare offers no apparent mechanism to report or resolve the issue for affected users of niche browsers.

  A Hacker News user has reported that Cloudflare is seemingly blocking access to websites protected by its services when using the Pale Moon web browser, and potentially other less common browsers. The user describes encountering Cloudflare's "Checking your browser before accessing..." page, which typically precedes legitimate access but in this case never progresses, effectively denying access. This issue specifically arises with Pale Moon 29.4.1 (x64) on Windows 10. The user emphasizes that they have disabled all extensions and add-ons within Pale Moon, eliminating them as a potential cause of the blockage. They also note that clearing cookies and site data did not resolve the issue. The affected websites are served through Cloudflare, but the exact trigger for the block remains unclear. The user hypothesizes that Cloudflare might be targeting Pale Moon's User-Agent string, a piece of information browsers send to websites identifying themselves, speculating that Cloudflare may have a list of acceptable User-Agent strings and is blocking access from browsers with unrecognized identifiers. This suggests a potential incompatibility between Cloudflare's security measures and Pale Moon's browser identification. The user highlights the inconvenience this poses, particularly for users who rely on or prefer less mainstream browsers. The post implies a concern regarding the control Cloudflare exerts over web access and the potential for exclusion of legitimate users based on browser choice.

  • Cloudflare
  • pale moon
  • Web Browser
  • blocking
  • browser compatibility
  • anti-fraud
  • bot detection
  • User Agent
  • ua string
  • internet censorship
  • Web Standards
  • accessibility

  Summary of Comments ( 370 )
  https://news.ycombinator.com/item?id=42953508

  Verbose tl;dr

  Hacker News users discussed Cloudflare's blocking of Pale Moon and other less common browsers, primarily focusing on the reasons behind the block and its implications. Some speculated that the block stemmed from Pale Moon's outdated TLS/SSL protocols creating security risks or excessive load on Cloudflare's servers. Others criticized Cloudflare for what they perceived as anti-competitive behavior, harming browser diversity and unfairly impacting users of niche browsers. The lack of clear communication from Cloudflare about the block drew negative attention, with users expressing frustration over the lack of transparency and the difficulty in troubleshooting the issue. A few commenters offered potential workarounds, including using a VPN or adjusting browser settings, but there wasn't a universally effective solution. The overall sentiment reflected concern about the increasing centralization of internet infrastructure and the potential for large companies like Cloudflare to exert undue influence over web access.

  The Hacker News post "Tell HN: Cloudflare is blocking Pale Moon and other non-mainstream browsers" generated a robust discussion with several commenters offering perspectives on Cloudflare's decision and its implications.

  Several commenters questioned the original poster's (OP) assertion that Cloudflare was intentionally blocking Pale Moon and other niche browsers. They suggested the issue stemmed from Pale Moon's outdated user agent string, which websites and security services (like Cloudflare) use to identify browsers. These outdated strings can trigger security measures designed to block older, potentially vulnerable browser versions. This perspective was supported by anecdotes of users modifying Pale Moon's user agent string to mimic a supported browser, successfully bypassing the block. Some users even suggested this was a Pale Moon developer's responsibility to update.

  Others discussed the broader implications for browser diversity and the potential for dominant players to inadvertently (or intentionally) marginalize smaller browsers. They expressed concern about the internet consolidating around a few supported browser engines, potentially stifling innovation and user choice.

  Several commenters delved into the technical details of User-Agent strings and Cloudflare's likely methods for detecting and blocking outdated browsers. They speculated on the specific heuristics used, including potential reliance on lists of known vulnerable user agents. This technical discussion highlighted the complexity of balancing security and compatibility on the web.

  Some users expressed sympathy for the OP's frustration but ultimately sided with Cloudflare, arguing that maintaining support for every niche browser is an unreasonable burden, especially given the security risks associated with outdated software. They framed Cloudflare's actions as a necessary step to protect the broader internet ecosystem.

  A few commenters suggested alternative solutions, such as using a more modern browser or exploring privacy-focused browsers like Firefox with hardening configurations. They questioned the practicality and security implications of clinging to older browser technologies.

  Finally, a smaller thread within the comments focused on Pale Moon specifically, discussing its development history, its relationship to Firefox, and the decisions made by its developers that might contribute to compatibility issues.

  Overall, the comments section reveals a nuanced discussion around the balance between security, browser diversity, and the practicalities of web development. While some sympathize with users of niche browsers, the general consensus leaned towards understanding Cloudflare's decision as a necessary, though unfortunate, consequence of maintaining web security. The discussion highlights the ongoing tension between supporting a diverse internet landscape and protecting users from the risks associated with outdated software.