I think if they complied that would also go against their mission, because they cannot make information freely available to everyone anymore.

I hope that big, high profile website recognizes that it’s in such a position

as I understand their build system is automatic. updates are not, but they have an update checker companion thing, and flathub too can manage that if you install from there

given that you know about them. they will also get removed soon according to their description.

lots of users won’t get to know all this, or if they do, they won’t go messing around there because “its complicated”

ublock origin non-lite is the shit to go to

there’s the confusion. nobody needs it. it’s not a necessity. it’s a convenience.

a big hassle, like using the web browser? is that what you mean? oh, not the browser, not again! I need my banks app!

both of you are correct because you are speaking of different things

don’t worry, we easily repeat what we “learned” anyway

this 9 day old account has been stirring shit since the beginning. maybe we should really just distance ourselves from .ml

evil maniac laughter

how do you figure out if it’s a plain data CD or there’s something extra on it too?

no, it does more: it has that more authentic, nostalgic sound when its working

he is doing magic! its a witch!! HERESY!!

Forgive me for not covering 100% of this advanced topic in my 3 paragraphs on Lemmy…

Quite obviously the problem is not that you did not write an 560 page essay, but that you were misleading by basically saying “nah, it’s fine, nothing could leak, everything is ultra secure nowadays”.

If you purposefully steer your car off the road… of course you’re going to crash. If you’re going to expose non-encrypted things onto the internet…

did you just ignore a whole lot of points here? DNS, SNI? smb clients? whatever else? its not like I’m using HTTP. things are largely encrypted, the rest is out of reach!

Encrypted SNI (ESNI) / Encrypted Client Hello (ECH) exists… Cloudflare for example supports ECH, and they transit a LOT of data.

how many sites exactly support that configuration? do you need additional configuration for that in e.g. nginx? if so, most selfhosters probably don’t have it, because it’s talked about almost nowhere.

and is it finally enabled by default in firefox? will firefox just retry without encryption when the connection fails?

But once again… would be outside of the scope of discussion here. Yes… an ISP can make an educated guess of where you’re likely to be going… and maybe even make a reasonable guess of what you could doing… But certainly not the details of it.

it is certainly in scope. the discussion is not about security and your accounts getting hacked by evil EU, but privacy and data mining, for which all of these is a treasure trove.

And this all ignores the fact that a random coffee shop isn’t going to do full packet inspection to get this data to begin with. It’s not worth it for them.

probably not the coffee shop but the networking equipment, where even cheaper models include some form of “smart cloud security”

this is such an oversimplification. maybe it’s hard to distinguish between google services, but if you play some online game, chat over whatsapp or signal, or have a voip call, that’s an entirely different story. these can probably be told apart by DNS requests or active connections, and in the case of communications, messaging and voice calling is obvious to tell apart because of the difference in the volume of data. when having a voip call, through a service that supports peer to peer calls (most do, and it’s default on), an observer may even be able to deduct something about who you are speaking with, like what general area they live at.

then what if you have apps that try to establish connections to services at home. like smb or nfs, https services. your smb/nfs client may leak your credentials, I think even linux does not encrypt smb communication unless you request it in a mount option, and with HTTPS you leak your internal domain names because of TLS SNI.

HTTPS does not protect against everything. there’s many other protocols that apps can use for whatever use case, and even HTTPS traffic leaks lots of information directly or indirectly, like the websites you visit (because of DNS, and TLS SNI)

except when not. HTTPS helps with security, but there’s privacy leaks all around all kinds of network traffic. apps and services you use, websites you visit (DNS, SNI), when do you do something, like arrive or receive a voip call, …

android support is not official, so they won’t drop it. and currently we are using a fork of the formerly popular android app because the original’s maintainer (btw one of the original lemmy devs) got fed up with the google play store’s fuckery.

I’m amazed they set a timeout for the bans.

also, is it just me, or is that bubblybubbles user the latest iteration of the full-time tankie propagandist? 6 days old account. there were at least 2 previous accounts that were nonstop churning news and memes of the tankie worldview, the later one being jackeroni, and this one seems to be milder than both of those.