Interesting. The diff appears to be (a) they changed the headline from "Facebook Knows It Encourages Division. Top Executives Nixed Solutions." to "Facebook Executives Shut Down Efforts to Make the Site Less Divisive", and (b) they inserted a video most of the way down the article, captioned "In a speech at Georgetown University, Mark Zuckerberg discussed the ways Facebook has tightened controls on who can run political ads while still preserving his commitment to freedom of speech."
Wow, Cloudflare's 1.1.1.1 DNS server sets up a man-in-the-middle (broken cert gives it away) and serves a 403 Forbidden page when clicking on this link. Verified that 8.8.8.8 works fine.
I don't want to derail the discussion too much either, but anyone curious about the reasoning can see this comment from CloudFlare [0]
>We don’t block archive.is or any other domain via 1.1.1.1. Doing so, we believe, would violate the integrity of DNS and the privacy and security promises we made to our users when we launched the service.
>Archive.is’s authoritative DNS servers return bad results to 1.1.1.1 when we query them. I’ve proposed we just fix it on our end but our team, quite rightly, said that too would violate the integrity of DNS and the privacy and security promises we made to our users when we launched the service.
>The archive.is owner has explained that he returns bad results to us because we don’t pass along the EDNS subnet information. This information leaks information about a requester’s IP and, in turn, sacrifices the privacy of users. This is especially problematic as we work to encrypt more DNS traffic since the request from Resolver to Authoritative DNS is typically unencrypted. We’re aware of real world examples where nationstate actors have monitored EDNS subnet information to track individuals, which was part of the motivation for the privacy and security policies of 1.1.1.1.
I'm not sure if it's a separate issue, but I've noticed 1.1.1.1 sometimes can't resolve my bank. Adding 8.8.8.8 as an alternate DNS service resolves the issue for me. I don't know if it's just balancing the requests or only using 8.8.8.8 if the primary fails. I'd like to know the answer to that.
I will make a parenthetical point that the WSJ, while expensive to subscribe, is a very high quality news source and worth paying for if it's in your budget. There are discounts to be found on various sites. And god knows their newsroom needs all the subscribers it can get (just like NYT, etc) to stay independent of their opinion-page-leaning business model that tends to be not so objective (the two are highly separated). Luckily they have a lot of business subscribers who keep them afloat, but I decided to subscribe years ago and never regretted it.
