Since Wireguard uses UDP and peers only reply to a received packet if it’s expected and valid, it won’t show up in port scans and barely increases your attack surface. Tailscale and Zerotier are quite nice, but personally I dislike NAT-punching protocols.
- 0 Posts
- 58 Comments
Joined 5 months ago
Cake day: May 31st, 2024
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
4·1 month agoSigh. This will most likely come up in every legalization discussion in the future
10·1 month agoThere seems to be a gross misunderstanding of how everything works here. Any platform will need to provide data to authorities when “asked properly” - as in, receives an actual order from some enforcing body that has authority on the subject in question. No commercial company will fight the CIA in court to protect your data. The best you can hope for is that they minimize what kind of data they collect about you in the first place - in the case of E2EE, they will only have access to IPs and other metadata such as connection timestamps and nothing else. But all of the services you listed will collect at least IPs and most will do phone numbers as well. The only difference with Telegram is that they’re transparent about it. You can either avoid using commercial platforms altogether, or use them in a way such that data retrieved from them will be useless. But believing that “Signal will never give my IP to law enforcement” is delusional.
62·1 month agoBeing thankful for the US “subsidizing” military defense and foreign bases? Sure, you definitely build bases in other sovereign countries out of the goodness of your hearts and not for your own tactical and espionage interests. No European would shed a tear if every US troop fucked off tomorrow
Indeed… IPv6 needs to be actively disabled, not enabled, by default.
Can’t you hide bot accounts from your settings?
Unless your ISP provides IPv6 connectivity, which gives every endpoint a globally-routable address. Firewalling at the router only works because of NAT.
2·1 month agoPoint being…?
It is absolutely not, but I understand it’s easy to lose sense of scale when you go into billions territory.
12·1 month agoUhh… what? Not saying that those things aren’t real today, but are you sure they were the cause of the fall of Rome? lmao
41·1 month agoYou’re always breathing in molecules that were just inside other people when you’re in public, even if they’re not in a visible cloud.
Which, you know, is fine. Maybe if people had an idea of how much power is required to run them, they would think twice before using a gigawatt to output a poem about farts, and perhaps even wonder how OpenAI can offer that for free. Btw, a 7b model should run ok on any PC with at least 16GB of RAM and a modern processor/GPU.
You might be interested in CyclOSM to plan your routes
181·2 months agoHe’s barely coherent because he’s Trump, not because he’s 78.
How so? Even if it’s a no-profit, PBS is still a business. Even though they are operated like one in the US, political parties are not supposed to be businesses.
There is no need for official political merch anyway, it’s not a band or a sports team. I don’t mind if people or associations make and wear them, bit why does a political party need to sell stuff?
Since when is Bitcoin a brand lmao? I’m really struggling to see how it is comparable to McDonald’s or Windows. Having a logo does not make you a corporation
6·3 months agoI would say a rock is a better approximation than an aircraft lmao
It seems like your whole threat model is avoiding DNS poisoning, which is fine, but I fail to see how you can compare using DoH/DoT to a VPN.
Except for the DNS provider (in your example, Google, so… yikes), the operator of the network you’re on (since the destination IP can be rDNS’d or WHOIS’d, or simply grabbed from the Host header if your browser still tries HTTP first). Any traffic that is not encrypted will be snoopable. Traffic volume and connection times to each destination can be analyzed.
By contrast, a VPN will also use secure (if you trust the provider ofc) DNS servers for your requests, plus making all of the traffic completely opaque except for “going to this server”.
You can also make your own, free VPN service with a little technical knowledge.