So denying people control over DNS and whisking off queries to a jurisdiction with weaker privacy legislation is beneficial if their network is untrustworthy? I see.
-
-
Replying to @Alzimon @Cron2Gert and
Yes, if your network is untrustworthy "whisking off" the queries to a trustworthy network seems like a good idea to me. Nobody is denying anyone control, what are you basing that on?
1 reply 0 retweets 1 like -
Replying to @taviso @Cron2Gert and
For one thing, as I understand it, centralised DoH will let browsers and appliances circumvent my own (and any state-mandated) DNS-based blocklists. Furthermore, what I consider trustworthy is for me to decide. Information Ssecurity is about control.
1 reply 0 retweets 0 likes -
Replying to @Alzimon @Cron2Gert and
Absolutely not, this is just about choosing safe defaults. Nobody is suggesting you shouldn't be allowed to choose who is trustworthy. If you're lucky enough to only ever use trustworthy networks, great! Many people are not that lucky, and we should help them, right?
2 replies 0 retweets 0 likes -
As long as you define yourself as trustworthy, this is fine advice. Or in the words of a wise former coworker of yours: “I trust me; why shouldn’t everyone else trust me too?”
2 replies 0 retweets 1 like -
Replying to @PowerDNS_Bert @taviso and
It's fascinating to me how much the European (my overgeneralisation) perspective differs from others. In my experience our legal privacy framework is much stronger and enforcement towards ISP's is effective. I trust my ISP more than most companies outside the EU.
2 replies 0 retweets 3 likes -
Replying to @floorter @PowerDNS_Bert and
Sure, but we shouldn't abandon the people who aren't as lucky as you. I don't think it's unreasonable to pick a good default if it protects millions of less fortunate people.
1 reply 0 retweets 0 likes -
Replying to @taviso @PowerDNS_Bert and
I could argue that for about half a bilion people it's not a good default. However I am sympathetic for the argument that enabling DoH by default will increase adoption of the protocol, which I see as a good thing.
2 replies 0 retweets 1 like -
I do believe that
@Cloudflare could remove some of the worries by clarifying some of the ambiguities that seem to leave open some room for processing that a lot of data subjects might object to.2 replies 0 retweets 0 likes -
What would you like clarified? Happy to.
3 replies 0 retweets 2 likes
I have a question; It seems like a fair point that EU people may lose strong regulatory protection because Cloudflare is a US entity. IANAL, is that true even if you anycast to EU vip, and if so, could you operate a legal entity in EU to silence that criticism?
-
-
Replying to @taviso @eastdakota and
As far as I can determine the processing by Cloudflare falls under Privacy Shield. Legally that's considered good enough from a European perspective for now. Possible transfer of personal data to APNIC might be problematic.
2 replies 0 retweets 1 like -
That’s correct. We have presence in London (EU for a bit longer) and Lisbon and comply with Privacy Shield and GDPR. Counter intuitively, we have *much* stronger protections against US gov’t requests as a US-based global company. But understand that’s not the general perception.
1 reply 1 retweet 3 likes - 4 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.