Problem downloading Security Now episodes

  • SpinRite v6.1 is Released!
    Guest:
    That's right. SpinRite v6.1 is finished and released. For the full story, please see this page in the "Pre-Release Announcements & Feedback" forum.
    /Steve.
  • Be sure to checkout “Tips & Tricks”
    Dear Guest Visitor → Once you register and log-in:

    This forum does not automatically send notices of new content. So if, for example, you would like to be notified by mail when Steve posts an update to his blog (or of any other specific activity anywhere else), you need to tell the system what to “Watch” for you. Please checkout the “Tips & Tricks” page for details about that... and other tips!

    /Steve.
  • Announcing “BootAble” – GRC's New Boot-Testing Freeware
    Please see the BootAble page at GRC for the whole story.
  • BootAble – FreeDOS boot testing freeware

    To obtain direct, low-level access to a system's mass storage drives, SpinRite runs under a GRC-customized version of FreeDOS which has been modified to add compatibility with all file systems. In order to run SpinRite it must first be possible to boot FreeDOS.

    GRC's “BootAble” freeware allows anyone to easily create BIOS-bootable media in order to workout and confirm the details of getting a machine to boot FreeDOS through a BIOS. Once the means of doing that has been determined, the media created by SpinRite can be booted and run in the same way.

    The participants here, who have taken the time to share their knowledge and experience, their successes and some frustrations with booting their computers into FreeDOS, have created a valuable knowledgebase which will benefit everyone who follows.

    You may click on the image to the right to obtain your own copy of BootAble. Then use the knowledge and experience documented here to boot your computer(s) into FreeDOS. And please do not hesitate to ask questions – nowhere else can better answers be found.

    (You may permanently close this reminder with the 'X' in the upper right.)


MichaelRSorg

Well-known member
Nov 1, 2020
107
17
routersecurity.org
I have been using the same Android podcast playing app for years and used it download many episodes of Security Now. However, the last episode (on FLOC) would not download. I tried it multiple times over the course of a few days and fail, fail, fail.

At first I thought there must have been a typo in the RSS feed so I checked
https://feeds.twit.tv/podcasts/sn.xml
and compared the Enclosure field from the last two episodes which links to the mp3 files. No typo.

Then, it occurred to me to try another episode and it too would not download. I have a number of defenses on my devices and guessed that NextDNS, which is running system-wide on the Android device, might be the problem. It was.

With NextDNS disabled, I could download the episode.

Then the question was what specifically caused the problem. The RSS feed MP3 URL starts with
https://pdst.fm/e/chtbl.com/track/.....
but when I put this into my browser, I end up at a different domain.
https://twit.cachefly.net/audio/sn/....

So, my guess was that pdst.fm redirects to something NextDNS thinks is bad, before we end up at twit.cachefly.net. NextDNS has a log, which I then checked.

Right after the DNS lookup for pdst.fm, there was a DNS lookup for chtbl.com which was blocked. My guess is that's the problem. However, around this time, NextDNS also blocked DNS lookups for
reports.crashlytics.com
e.crashlytics.com
app-measurement.com
Maybe those were the problem?

Leo is a big fan of NextDNS (as am I), so I might not be the only person with this problem.
 
I had this same behaviour with several podcasts (IIRC, including some of the BBC and CBC podcasts). I had to allowlist chtbl.com before downloads would occur.

Things like crashlytics.com and app-measurement.com are added by your podcatcher to monitor crashes - or abnormal behaviours - and usage.
 
  • Like
Reactions: MichaelRSorg
With NextDNS disabled, I could download the episode.
Yes, TWiT is being forced to do additional tracking of downloads, and they have started using ad inserts by Megaphone. Both of these services are on varying blocklists that you may indirectly subscribe to (either in a pi-hole fashion or in NextDNS or other similar extensions or services.) There is plenty of info on this on the twit.community site, as others have encountered it. You're going to have to do some whitelisting, or join the new TWiT Club (which eliminates tracking and ads for US$7/mo.)

Here's one recent post on the matter with Leo's advice: https://www.twit.community/t/problems-downloading-podcasts/9889/4
 
  • Like
Reactions: MichaelRSorg