That is an unusual use of the term "trusted network". If it's trusted, then why bother with https at all, we can just tunnel everything to them and call the problem solved. TLS is only necessary over untrusted networks, right?
-
-
Let's not hyperbolize; I've been working for years to move everything to HTTPS/TLS. It is the most important thing we can do to protect traffic, and I never claimed that it wasn't. But TLS will never obscure the destination or quantity of your traffic, or its traffic patterns.
1 reply 1 retweet 7 likes -
Concur 100%. But an apparent conflict emerges when collection is shifted from one org to another, for money. And like the Firefox DoH move, it centralizes visibility - and exploitability and profit motive - for the data. There's no Let's Encrypt of VPNs (unless you count Tor).
1 reply 0 retweets 0 likes -
There is no free-as-in-beer VPN like Let's Encrypt is for certificates, but there are lots of good ways for people to roll their own for free. One great option is Algo VPN, which should work on just about any cloud provider (or home network) in the world. :)
1 reply 0 retweets 1 like -
Agreed, but it's beyond most people's capability. Perhaps close tothe same order of magnitude as the people who can truly judge the threat model.
1 reply 0 retweets 0 likes -
There's a difference between those two things, this is just proxying your traffic through a bandwidth reseller. It's dangerous to conflate these, one is just cynically shuffling bits from one untrusted network to another to extract revenue, the other actually has value.
1 reply 0 retweets 2 likes -
Replying to @taviso @TychoTithonus and
Different to the extent Mozilla has extracted privacy guarantees via business contracts with the bandwidth providers. Secure proxy: https://www.cloudflare.com/mozilla/firefox-private-network-privacy-notice/ … VPN:https://mullvad.net/en/help/no-logging-data-policy/ …
2 replies 0 retweets 2 likes -
-
2 replies 0 retweets 0 likes -
Do I trust Cloudflare more than coffeeshop wifi? Yes. Do I trust Google not to use my IP to target things at me when I'm otherwise taking measures to limit tracking? No. Do I think a single-hop VPN is going to give me a ton of privacy? No. Do we all want HTTPS everywhere? Yes.
2 replies 0 retweets 5 likes
You're being disingenuous. This isn't about trusting the VPN provider. Once you send them your packets they just dump them back on the public internet, you're in the same position you were before.
-
-
The reason that this exchange is so frustrating is that I know you're wicked smart, and explaining the fallacy in that reasoning isn't going to make you smarter, because you already know that the situations is far more nuanced than that.
1 reply 0 retweets 1 like -
Beyond that, I'm sad to see you bust out the flamethrower on people trying to move security/privacy forward, especially in a market where you're employed by the dominant vendor who also employs a bunch of people working hard to improve the state of privacy on the web.
0 replies 0 retweets 1 like
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.