a writeup, of some “problems”, when you want to block your access to certain online platforms (eg Youtube)… but fully understand your computer system… and fully control it
-
so there are apps, that can block certain domains, apps, and so on… but you can always just uninstall those apps … and get access back
- I am a person, that values “Software that allows you to do all things the Hardware is theoretically able to do” … that also includes removing any kind of software
- I also know very well how software works … and always have great ideas on how to circumvent things (Hacking…)
-
so I made a quick shell script + systemd service: https://github.com/c2vi/nixos/blob/9bcfd62f4970a53edd26bf4b9c340471e1781fdc/hosts/main.nix#L140
- here i could write 90 min to /etc/hosts-yt-block … and it would then run every minute (for those 90 min) and set youtube.com to localhost in /etc/hosts
- this obviously has flaws… like you can just write “8888888” into the file ans watch yt forever
- also it doesn’t really work… you can continue streaming a vid, even after youtube.com is blocked… (streaming comes from diferent ip)
- and firefox heavily caches DNS = Domain Name System
- also you can just enable DNS over https in firefox…
-
so once i sat down and made this into a proper python script… that would also write blocking firewall rules with iptables…
- we encrypt the data stored, so that it takes more effort to edit it… (i could figure out the password, but that would take effort… I am like n times hashing smth)
- https://github.com/c2vi/nixos/commit/4485209a15950fb82336c411ddeacc28f6a4e14d
- after multiple bugfix commits following, it actually worked … until i realized, that you can just
systemctl stop yt-block… 🤦♂️
-
https://unix.stackexchange.com/a/227552
- hohohohohoho… xD
- context: I found code of a kernel module for Linux which can make a process “unkillable”. by setting a flag on the processes kernel data struct which is usually set only for the init (linux) process (killing that would result in a kernel panic… so the kernel prevents that). In order to now kill the block-process I would have to reboot my OS without the module loaded or somehow modify the correct bit (said flag) in the kernel-memory… which both require effort.
-
commit of working yt-block with kernel-module: https://github.com/c2vi/nixos/commit/84c973d392d17a813363b05eb5eba5ae29abb7fc
-
now in order to circumvent this, i either have to reboot my system with a config, that does not have the yt-block servce, or make a kernel module, that allows me to make this process killable…
- both of those require a little bit of effort … which is what is needed…
-
fck your web apps, that you are programming… this is soo much cooler
-
it’s nice, when smth in the kernel just works…
-
PS: the only way to really do this… is with attestation (telling a third party every minute, that yt is actively blocked…) and social preasure… like building a pile of gold in mc (rel: PCMC = People Corner Minecraft Cluster) for every blocked day…
-
just blocking the ips of the dns youtube.com is not enough…
- when the website is already loade, the actual video data is streamed via Quick from ips that are not youtube.com
- a list of those ips:
- 188.21.9.34
- 173.194.187.234
- 188.21.9.31
- maybe: 188.21.9.20
- maybe: 142.251.208.142
-
and so here is the continuation
- first…
- when you block the domain youtube.com, the browser still caches it for a long time… so requesting 1m will get you 1h watch time…
- that’s why i block all ips of the domain youtube.com with iptables
- but then… if you have a video loaded, it will continue to stream even with those ips blocked… the actual video data comes from somewhere else
- sidenote… how stupid is it, that a connection to youtube.com is actually needed… the video data is all you need anyway
- MiZe (priv) will be better there…
- sidenote… how stupid is it, that a connection to youtube.com is actually needed… the video data is all you need anyway
- so i look up the ips, that stream a lot of data, via Quic … and add those to the block list
- but yt seems to have sooooo many ips, that the client code can choose from
- and then seccond…
- just run
nix run nixpkgs#microsocks -p 8888on eg fusu … and set the proxy settings in firefox - yup… all was for nothing again :facepalm:
- the only real thing is the social pressure…
- just run
- first…
-
spotify geht jetz nimma… aparently needs one of googles apis to work
-
UPDATE 2025-04-24 … turns out… the solution is watching youtube while playing on PCMC = People Corner Minecraft Cluster eg digging on biggus diggus (pcmc)…
- doing that is actual fun… so the Monkey Brain prefers it to just watching yt…
- but also you are kinda “out in public” so it can happen that others msg you abt stuff… which motivates you to do smth else
- also I think more during that… and Motivation to go and do smth actually comes up