A DNS based blocker wouldn’t block this, because the subscribe prompt is almost definitely being done by a script from the main NYT domain. The DNS blocker only blocks things that come from domains only used for things that should be blocked, and can’t differentiate between what type of content is being loaded (script vs image vs raw HTML) and definitely not between different things in the same class (paywall script vs the script that makes the buttons work).

Unless you are verifying DNSSEC, they could intercept any outgoing DNS queries and replace the response with whatever they want, if you are using DNSSEC they won’t be able to modify the responses since they can’t create the signatures, but they could still send queries to their own server instead of your chosen server. With either of these options they can still see what you query. DNS over TLS or HTTPS is a way to prevent all of these things, since with those you know the endpoint of your HTTPS connection is the actual server with the signed certificate and the connection is encrypted.

Edit to add: it shouldn’t matter what DNS you use to look up the IP of the DoH/DoT server, because only the real servers should have the correct private key.

It makes sense to have some kind of limit to prevent abuse, otherwise Reddit (or other sites) may be forced to ban the SimpleLogin domain if it becomes a source of spam. It would be similar from an email provider preventing you from sending spam from their domain.

If you have root you could just update the kernel to one that lets you do whatever you want on the system, so there’s no way to stop the attacker from viewing the passwords if the app is capable of displaying them.

I don’t think apps can read keystrokes for other apps on Wayland.

Yes, exactly. I haven’t really had any issues with any website taking the email, some people do actually have subdomains in an email for work, I know some of my teachers in school had an email like person@k12.county.state.gov.

It also has the advantage of letting you have multiple users on your server, a couple of my family members also have their own subdomain catch-all that redirects to their own base domain address.

I use a subdomain for aliases, while my real address is at the base domain, which I suppose negates this issue.

Part of the reason I prefer having a catch-all on my own domain is that I can change providers without changing any email addresses. For example at the moment I run my own server, but in the future if that becomes too time consuming I can easily start paying for a service.

ETA: also I’ve never gotten any spam to a email I haven’t given out, people don’t really send emails to random names at a domain as far as I can tell

I doubt it’s the price that’s mandated, they probably mean the state mandated minimum coverage.

It’s posted to a privacy community and everyone is aware of the privacy concerns with anything Facebook. It’s pretty obvious that they’re saying that for some privacy-conscious people the answer to using Facebook Marketplace is no, but they want to know if anyone has advice for using it.