• 0 Posts
  • 59 Comments
Joined 6 months ago
cake
Cake day: May 31st, 2024

help-circle

  • It seems like your whole threat model is avoiding DNS poisoning, which is fine, but I fail to see how you can compare using DoH/DoT to a VPN.

    so no one can even read which website you want to visit.

    Except for the DNS provider (in your example, Google, so… yikes), the operator of the network you’re on (since the destination IP can be rDNS’d or WHOIS’d, or simply grabbed from the Host header if your browser still tries HTTP first). Any traffic that is not encrypted will be snoopable. Traffic volume and connection times to each destination can be analyzed.

    By contrast, a VPN will also use secure (if you trust the provider ofc) DNS servers for your requests, plus making all of the traffic completely opaque except for “going to this server”.

    no app, no account, no money required

    You can also make your own, free VPN service with a little technical knowledge.




  • There seems to be a gross misunderstanding of how everything works here. Any platform will need to provide data to authorities when “asked properly” - as in, receives an actual order from some enforcing body that has authority on the subject in question. No commercial company will fight the CIA in court to protect your data. The best you can hope for is that they minimize what kind of data they collect about you in the first place - in the case of E2EE, they will only have access to IPs and other metadata such as connection timestamps and nothing else. But all of the services you listed will collect at least IPs and most will do phone numbers as well. The only difference with Telegram is that they’re transparent about it. You can either avoid using commercial platforms altogether, or use them in a way such that data retrieved from them will be useless. But believing that “Signal will never give my IP to law enforcement” is delusional.



  • Welcome to my point: there’s no such thing. You always have to go through national courts, and if you hold copyright in several countries, you can pretty much pick and choose the legislature that is most advantageous to your case. Take this recent one: an Icelandic company sued an Icelandic artist for slander… In UK court. The “legal” basis was that the website was hosted on a .co.uk domain, but I’m sure that the strict UK slander laws and astronomical costs of its courts had nothing to do with it. Not a copyright case, I know, but I think it’s a good example of how laws and jurisdictions get fundamentally twisted when applied to the Internet. I think anyone can agree that it should’ve been settled in an Icelandic court.





  • It’s not about breaking the law, what I’m saying is that copyright laws (but actually, any law) just plain doesn’t make sense when you try to apply it to the Internet, because the internet is not a national entity, and the nature of its interactions are fundamentally different from anything else that came before it. Because which country’s laws should apply when interacting across continents? If I am in country A, and I’m interacting with you, a resident of country B, on a platform that is owned by a company registered in country C, hosting their servers in country D, who should have authority to regulate this interaction? Simply put, I don’t give a fuck (pardon my french) about what the US Copyright Office has to say about anything, since I’m not a US citizen nor resident.