Forgive me for not covering 100% of this advanced topic in my 3 paragraphs on Lemmy…

Quite obviously the problem is not that you did not write an 560 page essay, but that you were misleading by basically saying “nah, it’s fine, nothing could leak, everything is ultra secure nowadays”.

If you purposefully steer your car off the road… of course you’re going to crash. If you’re going to expose non-encrypted things onto the internet…

did you just ignore a whole lot of points here? DNS, SNI? smb clients? whatever else? its not like I’m using HTTP. things are largely encrypted, the rest is out of reach!

Encrypted SNI (ESNI) / Encrypted Client Hello (ECH) exists… Cloudflare for example supports ECH, and they transit a LOT of data.

how many sites exactly support that configuration? do you need additional configuration for that in e.g. nginx? if so, most selfhosters probably don’t have it, because it’s talked about almost nowhere.

and is it finally enabled by default in firefox? will firefox just retry without encryption when the connection fails?

But once again… would be outside of the scope of discussion here. Yes… an ISP can make an educated guess of where you’re likely to be going… and maybe even make a reasonable guess of what you could doing… But certainly not the details of it.

it is certainly in scope. the discussion is not about security and your accounts getting hacked by evil EU, but privacy and data mining, for which all of these is a treasure trove.

And this all ignores the fact that a random coffee shop isn’t going to do full packet inspection to get this data to begin with. It’s not worth it for them.

probably not the coffee shop but the networking equipment, where even cheaper models include some form of “smart cloud security”

this is such an oversimplification. maybe it’s hard to distinguish between google services, but if you play some online game, chat over whatsapp or signal, or have a voip call, that’s an entirely different story. these can probably be told apart by DNS requests or active connections, and in the case of communications, messaging and voice calling is obvious to tell apart because of the difference in the volume of data. when having a voip call, through a service that supports peer to peer calls (most do, and it’s default on), an observer may even be able to deduct something about who you are speaking with, like what general area they live at.

then what if you have apps that try to establish connections to services at home. like smb or nfs, https services. your smb/nfs client may leak your credentials, I think even linux does not encrypt smb communication unless you request it in a mount option, and with HTTPS you leak your internal domain names because of TLS SNI.

HTTPS does not protect against everything. there’s many other protocols that apps can use for whatever use case, and even HTTPS traffic leaks lots of information directly or indirectly, like the websites you visit (because of DNS, and TLS SNI)

except when not. HTTPS helps with security, but there’s privacy leaks all around all kinds of network traffic. apps and services you use, websites you visit (DNS, SNI), when do you do something, like arrive or receive a voip call, …

android support is not official, so they won’t drop it. and currently we are using a fork of the formerly popular android app because the original’s maintainer (btw one of the original lemmy devs) got fed up with the google play store’s fuckery.

Apartheidsoft

their servers evaporating sounds like a good deal to me

ok but my point is that if someone posts a protest article link to the honda forum, then, as I understand, the forum will become legally liable for that too. so if the forum guarantee that the link won’t even get publicly visible for a second, that’s when they don’t need to do age verification

same as how it goes on the stock market? they don’t care about the long term, but only the short term. what happens on the long term is somebody else’s problem, you just have to squeeze out everything, and know when to exit.

they are gambling with our lives. but not with theirs. that’s (one of) the problem: they are not fearing their lives.

where did you read that it’s the topic of the forum that matters?

First, that the definition of content that is considered “adult” doesn’t necessarily mean every forum qualifies. Privacyguides.org likely would not. A car forum likely would not. Facebook must comply because links shared can be “harmful” anywhere on the platform. The fractured nature of Web 1.0 is a feature now, not a bug.

if it were so easy. you can post links to the privacyguides forum too. but the bigger problem is that anyone can post anything. if they don’t do age verification, they are liable for any forbidden content that slipped through. that can also be used as a form of blackmailing.

what is RAG?

Why does an email service need a chatbot, even for business?

they are not only an email service, for quite some time now

There are about a bajillion of these, and one could host the same thing inside docker in like 10 minutes.

sure, with a thousand or two dollars worth of equipment and then computer knowledge. Anyone could do it really. but even if not, why don’t they just rawdog deepseek? I don’t get it either

…On the other hand, it has no access to email I think?

that’s right. you can upload files though, or select some from your proton drive, and can do web search.

and by extension possibly secure router firmware like OpenWRT too?

what an utter bullshit! will the manufacturer be also directly held liable if someone uses a phone of their brand to make a picture about me without authorization! of fucking course not!

fuck samsung, and all the manufacturers that follow suit, because this is just not needed.

but also fuck the red directive’s decision makers for their unsatiable creep of wanting ever more power over our devices! this is exactly like saying, that there is this illegal thing, and if you are not doing it, but just have the slightest ability to do it, that is also illegal. what the actual fuck! get off my fucking phone you scumbags!!

so far sounds pretty good!

what do you think about its material and build quality?
do you think having an additional 3 years warranty for 140€ is a good idea?

compared to what? much easier than phone numbers

The metaphorical horse is already out of the barn and removing or disabling these systems will probably never happen now.

Unless lots of people begin dismantling them. but that may turn out to be not too healthy.

I can barely believe senators of the usa are even thinking of such a bill.

that probably only means that its carrier unlocked, so that you are not forced to use a specific carrier that someone decided for you.