Written June 5, 2022Occurred Spring 2020Arthur OsipyanHaving finally rid myself of all G****e products after the shuttering of GPlus, I sincerely thought I was in the clear and had nothing to worry about in terms of being tracked or hounded by the big G. I even added the 'G****e-Free At Last" to all my email footers and social media headings. It felt great. I did what that DuckDuckGo founder Gabriel Weinberg said he couldn't. But I was in for a rude awakening, as it became apparent that they relied on the same tactics used by Facebook to track users outside of their services on an equally expansive scale. These tracking technologies can be embedded in forms (including Captcha), or as invisible pixels embedded in emails or web sites, or even as innocuous as preferred defaults set when you started using the service. Even though I let go of the big G, there are others who clearly could not, and that was affecting me in obvious ways. So I decided to do something about it. If I could not convince companies, or shame them out of using their services, I would take two approaches - sanction them by cutting business ties, or make changes to my internet experience that caused these trackers to permanently fail. I started looking at whitepapers on networking in addition to doing some extra CIS 240 related classwork and bonus assignments to get a better grip of what I should do, and my research led me to the OSI Model. If I am recalling my work correctly, the application layer is where the most user-noticeable activity takes place. It's also where trackers get implemented in real time after being called from storage. If I was going to thwart tracking, I needed to intervene higher up in the model. With Adblocker, you get intervention between layer 5 and 4, but some adblock-block scripts can use CNAME redirects to thwart that kind of blocking, and present banners to convince users to abandon it. I then did some digging of my own, both on the surface web and the dark web, and I came across a solution that seemed rock solid, but required me to learn something beyond the scope of my classwork. So once I graduated, and got a job, I used my spare time to purchase all the tools and handbooks needed to put it all together. On December 10, 2020, I implemented my findings, and wireguard.krowverse.services came to life. I have since documented these findings into a Wireguard and Bind9 tutorial that you can implement yourself. This had the effect of shifting the blocking from Layer 5 of the model to Layer 3, which meant I could locally thwart CNAME redirects now that I had my own resolver in house. In eight months, the amount of spam that I got just melted away or became very mistargeted. I even noticed reduced data usage on my smartphone, which is a godsend for those with limited data plans. Prepare for damaged, dysfunctional, and unusable sites or protocols as you implement this latest step. IT IS NOT FOR THE FAINT OF HEART! YOU WILL BREAK SO MUCH OF THE WEB EXPERIENCE YOU KNOW, so please divest yourself a bit before taking this plunge. In IT circles, this tutorial is an instruction booklet on how to poison your DNS, so understand the risk before you do it! If you need to revert, it is as simple as taking down your Wireguard connection. DO NOT do this to an authoritative DNS server! Do NOT do this to novice users! Because the block is at Layer 3, it will affect everything that blocked domain hosts, every protocol, every packet coming from it. Good luck.