Raw Record Source

{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreichgvjry2qqzo27yhohoer5xgnb4qirjnl3xlxrywdxwnjkunw32a",
    "uri": "at://did:plc:haakkg7y3xdghcdmprxeexso/app.bsky.feed.post/3mkygzehq3kv2"
  },
  "path": "/t/beginning-my-privacy-journey-but-am-i-understanding-my-network/36499#post_3",
  "publishedAt": "2026-05-03T22:46:32.000Z",
  "site": "https://discuss.privacyguides.net",
  "textContent": "My goal is to reduce the possibility of my online or offline activities from being correlated to my real identity. Realistically, the best that can be achieved is “plausible deniability.”\n\nThis is noticeably easier than it sounds because my profession and interests involve consuming and analyzing rather than creating. As such, I am not exposing myself publicly very often, but I live in a regime where even accessing certain information/questioning is dangerous.\n\nMy network is now similar to this:\n\n  * ISP Modem\n  * OpenWRT Router\n  * Managed Ethernet Switch\n  * Linux Server\n  * Eero Mesh Network\n\n\n\nThe OpenWRT router runs Wireguard, connecting to Mullvad VPN’s Switzerland servers which are owned.\n\nDNSMasq handles DHCP.\n\nStubby wraps DNS requests in TLS, and forwards them to the Linux Server which runs Technitium DNS Server in a Proxmox container.\n\nTechnitium handles qname minimization, randomization and validates DNSSEC. If the request isn’t cached, it upstreams to Quad9 through QUIC. (I’d love to use Mullvad’s DNS but they don’t support QUIC.) Technitium can query nameservers directly, keeps a robust cache and features adblocking.\n\nI use all of Hagezi’s recommended lists, along with Ph00ito’s supplemental list.\n\nIn terms of using Eero, an account is required, but I’ve simply used a fake identify, connecting to Amazon is NOT required nor is KYC. The Eero is in bridge mode and solely broadcasts wifi. The reasoning in, not a single piece of hardware is as reliable for me, most access points drop signal repeatedly with my setup. Unsure why.",
  "title": "Beginning my Privacy Journey, but Am I Understanding My Network?"
}