Hello there! Im looking for increased privacy when it comes to my network connections. So far I know of TOR as an almost absolute bastion of security, but how do I ensure the remaining network traffic is encrypted and private? I know of signal for communication, and I’m aware of VPN’s. However I’m not sure whether to trust most providers regarding government interference as their software often isn’t open source. Is there a federated VPN of sorts, similar to how lemmy and other fediverse apps work?

  • ______@lemm.ee
    link
    fedilink
    arrow-up
    2
    ·
    1 year ago

    I know you guys are technical and smart. Can you explain to me how secure https is in terms of privacy. I heard that isps can track which domain you’re hitting but not the exact endpoint, is this true ? Where can I read more about this sort of thing?

    • jet@hackertalks.com
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Https is based on the web of trust. You’re trusting each of the central certificate authorities not to issue a certificate incorrectly.

      So if you’re doing something sensitive enough that somebody might compromise their certificate authority for then HTTPS is not the be all end all.

      There was a fun program that the Great firewall of China was running, they would look at where you were sending traffic, and then do a man in the middle attack giving you a different certificate so that they can see what you were actually saying unencrypted.