ring
Pi-hole
ring | Pi-hole | |
---|---|---|
28 | 2,357 | |
3,567 | 46,888 | |
- | 0.7% | |
9.8 | 7.8 | |
2 days ago | 5 days ago | |
Assembly | Shell | |
GNU General Public License v3.0 or later | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
ring
-
AWS Libcrypto for Rust
Again, this is just a temporary situation, and a matter of burning down a list of small tasks. Not that the OpenSSL license issue is a big deal for most anyway. Feel free to help; see this issue filed by Josh Triplett: https://github.com/briansmith/ring/issues/1318#issuecomment-...
- Boletín AWS Open Source, Christmas Edition
- Libsodium: A modern, portable, easy to use crypto library
-
A brief guide to choosing TLS crates
Note also that rustls depends on ring, which has architecture-dependent code in it that is not as widely compatible as eg. OpenSSL/GnuTLS/Mbed-TLS. For example, MIPS is not supported by ring.
- Data-driven performance optimization with Rust and Miri
-
Releasing Rust Binaries with GitHub Actions - Part 2
The AWS Rust library we were using as a dependency depended on a cryptography library called ring. This library leverages C and assembly code to implement its cryptographic primitives. Unfortunately, cross compiling when C is involved can add complexity to the build process. While it might've been possible to overcome these issues I decided that it wasn't worth digging into more.
-
Urgent Upcoming OpenSSL release patches critical vulnerability
That'd be great. Thanks Brian. Re: making ring portable to all platforms: IBM have been graciously maintaining a up to date patchset for Ring for years now and there's an outstanding PR here you may not have seen since they filed it in 2020... https://github.com/briansmith/ring/pull/1057
-
OpenSSL Security Advisory [5 July 2022]
Beyond the simple matter of Rust being much newer than OpenSSL, one concern for some cryptographic primitives is the timing side-channel.
https://en.wikipedia.org/wiki/Timing_attack
In high level languages like Rust, the compiler does not prioritise trying to emit machine code which executes in constant time for all inputs. OpenSSL has implementations for some primitives which are known to be constant time, which can be important.
One option if you're working with Rust anyway would be use something like Ring:
https://github.com/briansmith/ring
Ring's primitives are just taken from BoringSSL which is Google's fork of OpenSSL, they're a mix of C and assembly language, it's possible (though fraught) to write some constant time algorithms in C if you know which compiler will be used, and of course it's possible (if you read the performance manuals carefully) to write constant time assembly in many cases.
In the C / assembly language code of course you do not have any safety benefits.
It can certainly make sense to do this very tricky primitive stuff in dangerous C or assembly, but then write all the higher level stuff in Rust, and that's the sort of thing Ring is intended for. BoringSSL for example includes code to do X.509 parsing and signature validation in C, but those things aren't sensitive, a timing attack on my X.509 parsing tells you nothing of value, and it's complicated to do correctly so Rust could make sense.
-
Rust's Option and Result. In Python.
machine learning, neural networks, image processing, cryptography (though it is getting better), font shaping/rendering (though it is getting better), CPU/software rendering (though it is getting better)
- Mega: Malleable Encryption Goes Awry
Pi-hole
-
Usando NextDNS CLI en tu red.
Si te preguntas, ¿por qué no usar Adguard o Pihole? 🤔
-
Radicle: Open-Source, Peer-to-Peer, GitHub Alternative
This is an overreaction, almost to the point of absurdity.
Risks inherent to pipe installers are well understood by many. Using your logic, we should abandon Homebrew [1] (>38k stars on GitHub), PiHole [2] (>46k stars on GitHub), Chef [3], RVM [4], and countless other open source projects that use one-step automated installers (by piping to bash).
A more reasonable response would be to coordinate with the developers to update the docs to provide alternative installation methods, rather than throwing the baby out with the bathwater.
[1] https://brew.sh/
[2] https://github.com/pi-hole/pi-hole
[3] https://docs.chef.io/chef_install_script/#run-the-install-sc...
[4] https://rvm.io/rvm/install
-
Ask HN: For what purposes do you use a Raspberry Pi?
Pi-hole to block ads and tracking for my less technically savvy relatives
https://pi-hole.net/
-
Runs on your OpenWrt box: AdGuard Home is network-wide blocking ads and tracking
I ran a competing project[0] on my home network for a few years before I discovered NextDNS[1]. What I lost in performance (requests don't leave my house) I gained in portability: ALL my devices can take advantage – at home and away – and time-saved. PiHole works 90% of the time, but when it did stop working, I'd have to spend a bit of time fixing it. At $20/year, I simply couldn't compete with NextDNS.
Note: This isn't a shill for NextDNS; I love these kinds of projects and think they absolutely should exist, but NextDNS just happens to be one of those dead-simple SaaS tools that is an insanely good value.
0 - https://pi-hole.net/
1 - https://nextdns.io
-
Higher fees, more ads: streaming cashes in by using the old tactics of cable TV
It definitely IS an option, but at the network level.
https://pi-hole.net/
It runs on damn near everything, and is a DNS level adblocker for the whole network.
-
In 2024, please switch to Firefox
I recently switched to Wipr [0]. It’s dead simple to use, and will auto update its filter lists in the background.
Adguard [1] is a decent free option.
I also use a Pi-hole [2] on my network.
[0] https://kaylees.site/wipr.html
[1] https://adguard.com/en/adguard-safari/overview.html
[2] https://pi-hole.net/
-
Overwhelmed by a project
Are you trying to build a DNS proxy (similar to Pi-hole) that intercepts DNS requests and checks for the ones that look harmful? If so, I would suggest trying to separately build a DNS client and a DNS server, before trying to integrate them together. Start with Beej's Guide to Network Programming if you need to learn the basics of sockets, and then take a look at the documents that define the DNS protocol itself (RFC1034 and RFC1035).
-
Great Forgotten Sci-Fi Movies of the 1980s
Setup a pi-hole.
- The Internet will win the war against anti ad-block software. YT is very foolish and basically legitimizes piracy with their "business model"
-
Is there an Android app that blocks the ads on games?
It's definitely not as simple as installing an app on your phone, but I run a Pi-hole on my home network, and it does block ads in many games.
What are some alternatives?
rust-crypto - A (mostly) pure-Rust implementation of various cryptographic algorithms.
Technitium DNS Server - Technitium DNS Server
ed25519-dalek - Fast and efficient ed25519 signing and verification in Rust.
blocky - Fast and lightweight DNS proxy as ad-blocker for local network with many features
rust-openssl - OpenSSL bindings for Rust
AdGuardHome - Network-wide ads & trackers blocking DNS server
orion - Usable, easy and safe pure-Rust crypto [Moved to: https://github.com/orion-rs/orion]
PowerDNS-Admin - A PowerDNS web interface with advanced features
rustls - A modern TLS library in Rust
bypass-paywalls-chrome - Bypass Paywalls web browser extension for Chrome and Firefox.
sodiumoxide - [DEPRECATED] Sodium Oxide: Fast cryptographic library for Rust (bindings to libsodium)
pihole-regex - Custom regex filter list for use with Pi-hole.