Interesting. Using my default DNS settings, this doesn't work for me. I have systemd-resolved running, and the upstream DNS server is my OpenWRT router (which until I changed it a few minutes ago, was configured to use the default DNS servers provided by my ISP as its upstream).
In that configuration, trying to ping ai. yields:
$ ping ai.
ping: ai.: Temporary failure in name resolution
But if I edit /etc/resolv.conf and change the nameserver to 8.8.8.8 like this:
# nameserver 127.0.0.53
nameserver 8.8.8.8
it works fine.
$ ping ai.
PING ai (209.59.119.34) 56(84) bytes of data.
64 bytes from offshore.ai (209.59.119.34): icmp_seq=1 ttl=49 time=71.3 ms
Hmm... I wonder if that's a systemd-resolved issue, or an OpenWRT issue, or "other"?
OpenWrt by default enables the --domain-needed option of dnsmasq, which blocks forwarding of queries with one component. You can turn it off at Network → DHCP and DNS → General Settings → Domain required.
However, systemd-resolved may refuse to resolve such queries anyway: https://github.com/systemd/systemd/issues/8967. There’s apparently a ResolveUnicastSingleLabel option to allow them.
AI AI http https 209.59.119.34
ARAB ARAB http https 127.0.53.53
BH BH http https 10.10.10.10,88.201.27.211
CM CM http https 195.24.205.60
CPA CPA http https 127.0.53.53
MUSIC MUSIC http https 127.0.53.53
PN PN http https 139.162.17.173
TK TK http https 217.119.57.22
UZ UZ http https 91.212.89.8
WS WS http https 64.70.19.33
Nice place to vacation. One of the quieter Carribean islands. Great food at the tourist restaurants, though expensive. Kind of jarring when you realize beyond the beaches and resorts, it's a third world country with people who are very poor and want to leave the island. I talked to one guy who worked construction and he desperately wanted to move to the US or the UK, mostly because it was so boring on the tiny island.
Possible (half-serious) counter-point: people who understand cryptography know when it is and isn't necessary and don't need to default it on for everything like the rest of us mortals?
Serious counter-counter-point for anybody interested: HTTPS protects people from ISP-based MITM attacks. This by itself is more than enough reason to always use HTTPS if your website can be accessed by other people, even if it is just a small little innocent static blob of HTML.
I was just kidding around folks: obviously TLS is the right default.
Incidentally you can bet your ass that someone at YC has a model of their amortized differential deal flow per page view and that they work harder at keeping it up-to-date than the RustHN discord channel where they call in the Team.
So troll-ass threads like this are pure free-ride.
There is an old (IIRC non-standard) convention from the classful IP times which allows you to write not only X.Y.Z.W but also X.Y.ZW, X.YZW, and occasionally even XYZW with ZW = 256 × Z + W (decimal) etc., all referring to the same host. So 1.0.1, 1.1, and 16777217 are all funny ways to write 1.0.0.1, which is indeed an alternative address for Cloudflare’s 1.1.1.1—also written 1.1.257, 1.65793, and 16843009.
It claims the SSL cert is invalid on Firefox but it appears to be a valid one (just assigned to a high level domain). Looks like a potential DNS parsing issue in FF?
Readit News
In that configuration, trying to ping ai. yields:
But if I edit /etc/resolv.conf and change the nameserver to 8.8.8.8 like this: it works fine. Hmm... I wonder if that's a systemd-resolved issue, or an OpenWRT issue, or "other"?However, systemd-resolved may refuse to resolve such queries anyway: https://github.com/systemd/systemd/issues/8967. There’s apparently a ResolveUnicastSingleLabel option to allow them.
Note that there are a number of reasons you might want these queries to remain blocked: https://www.iab.org/documents/correspondence-reports-documen...
> Direct IP access not allowed
> What happened?
> You've requested an IP address that is part of the Cloudflare network. A valid
> Host header must be supplied to reach the desired website.
But http://www.ai/ works.
Deleted Comment
Deleted Comment
Comment of note:
n@ai is also a valid email address. Owned by a guy named Ian.
(https://news.ycombinator.com/item?id=31689569)
s/model/email validation code
Incidentally you can bet your ass that someone at YC has a model of their amortized differential deal flow per page view and that they work harder at keeping it up-to-date than the RustHN discord channel where they call in the Team.
So troll-ass threads like this are pure free-ride.
https://1.1
goes to cloudflare. how did they register this?
1 is the network address. .0.0.1 is the host address. 1.256 would be 1.0.1.0, etc.