this post was submitted on 20 Oct 2023
110 points (100.0% liked)

Privacy Guides

16906 readers
3 users here now

In the digital age, protecting your personal information might seem like an impossible task. We’re here to help.

This is a community for sharing news about privacy, posting information about cool privacy tools and services, and getting advice about your privacy journey.


You can subscribe to this community from any Kbin or Lemmy instance:

Learn more...


Check out our website at privacyguides.org before asking your questions here. We've tried answering the common questions and recommendations there!

Want to get involved? The website is open-source on GitHub, and your help would be appreciated!


This community is the "official" Privacy Guides community on Lemmy, which can be verified here. Other "Privacy Guides" communities on other Lemmy servers are not moderated by this team or associated with the website.


Moderation Rules:

  1. We prefer posting about open-source software whenever possible.
  2. This is not the place for self-promotion if you are not listed on privacyguides.org. If you want to be listed, make a suggestion on our forum first.
  3. No soliciting engagement: Don't ask for upvotes, follows, etc.
  4. Surveys, Fundraising, and Petitions must be pre-approved by the mod team.
  5. Be civil, no violence, hate speech. Assume people here are posting in good faith.
  6. Don't repost topics which have already been covered here.
  7. News posts must be related to privacy and security, and your post title must match the article headline exactly. Do not editorialize titles, you can post your opinions in the post body or a comment.
  8. Memes/images/video posts that could be summarized as text explanations should not be posted. Infographics and conference talks from reputable sources are acceptable.
  9. No help vampires: This is not a tech support subreddit, don't abuse our community's willingness to help. Questions related to privacy, security or privacy/security related software and their configurations are acceptable.
  10. No misinformation: Extraordinary claims must be matched with evidence.
  11. Do not post about VPNs or cryptocurrencies which are not listed on privacyguides.org. See Rule 2 for info on adding new recommendations to the website.
  12. General guides or software lists are not permitted. Original sources and research about specific topics are allowed as long as they are high quality and factual. We are not providing a platform for poorly-vetted, out-of-date or conflicting recommendations.

Additional Resources:

founded 2 years ago
MODERATORS
 

Likely under the command of law enforcement and without informing any clients.

all 16 comments
sorted by: hot top controversial new old
[–] taaz@biglemmowski.win 21 points 1 year ago (5 children)

The linked research: http://notes.valdikss.org.ru/jabber.ru-mitm/

I have two dedis from Hetzner and I was somewhat satisfied with it. Oh my, it migh be that time of the year where I go shopping for a NUC.

[–] empireOfLove@lemmy.one 10 points 1 year ago

Ahhh. Going after Russian services of course.

Knowing the German government I'm not terribly surprised Hetzner was forced to comply quietly. But still, if they'll do it for one user, they'll do it for everyone. Really sucks.

[–] ezchili@iusearchlinux.fyi 4 points 1 year ago

Just buy a raspi to check the certificates periodically :>

[–] justJanne@startrek.website 4 points 1 year ago* (last edited 1 year ago)

There's no provider that's going to be more safe than Hetzner, tbh.

If a provider doesn't comply, you'll just get special services raiding their DCs instead.

And if you switch to a VPS provider, you're even more exposed.

Set up CAA with proper restrictions, enforce CT for your clients and use proper full disk encryption to prevent them from placing implants on your server itself.

[–] TonyToniToneOfficial@lemmy.ml 2 points 1 year ago

Alwyzon is nice. Good ping times.

[–] KingThrillgore@lemmy.ml 1 points 1 year ago (1 children)

Had a friend that got a cheapo Gigabyte NUC and he needed to use a dummy HDMI for it to even boot. As it, it wouldn't boot w/o a monitor. Take heed.

[–] KairuByte@lemmy.dbzer0.com 1 points 1 year ago

That’s a pretty meh problem though. It’s the whole reason dummy HDMI’s exist.

[–] ericjmorey@programming.dev 9 points 1 year ago
[–] iso@lemy.lol 8 points 1 year ago (2 children)

Interesting 🤷‍♂️ I’ll check news on this. I won’t use Hetzner if its true.

[–] empireOfLove@lemmy.one 18 points 1 year ago* (last edited 1 year ago) (1 children)

Please do. An unsubstantiated reddit thread does not a story make- but the more people we get to look into it, the more likely someone will corroborate it (or not)

[–] QuazarOmega@lemy.lol 23 points 1 year ago

An unsubstantiated reddit thread does not a story make

Awoken I am

[–] geekworking@lemmy.world 16 points 1 year ago (1 children)

If want something that is immune from law enforcement wiretap warrants, you should avoid basically all hosting and internet service providers.

Read the TOS on virtually every service. There's some language to say that they will comply with legal requests. The company is not going to fight the government for your $5 account.

Microsoft, Google, Amazon, Facebook, etc all have wiretap and legal discovery tools built into their platforms and have a dedicated team to process wiretaps.

[–] iso@lemy.lol 8 points 1 year ago* (last edited 1 year ago) (1 children)

Stop the service and inspect the machine for law violations. I'm ok to that. But proxying the network without a notice is literally spying.

Reverse the case, if a Chinese/Russian provider did this, would you still be OK? It's funny US and west countries blaming easterns for spying while doing far far more.

[–] geekworking@lemmy.world 3 points 1 year ago (1 children)

The entire term wiretap comes from spying on phone conversations upstream without the target's knowledge. This is no different.

China and Russia are 1000% doing this and more to anything hosted anywhere under their jurisdiction. The CCP brags about the Great Firewall.

I don't necessarily agree with any of it, but I am pointing out that changing providers to one who wasn't in the news is not a way to get around government data collection.

It’s is also affecting auction servers?