So you’re telling me that blanketing cities in CCTV over the past decade or so has failed to stop crime? And you’re telling me that you need more of it to stop crime?
Please do. An unsubstantiated reddit thread does not a story make- but the more people we get to look into it, the more likely someone will corroborate it (or not)
If want something that is immune from law enforcement wiretap warrants, you should avoid basically all hosting and internet service providers.
Read the TOS on virtually every service. There’s some language to say that they will comply with legal requests. The company is not going to fight the government for your $5 account.
Microsoft, Google, Amazon, Facebook, etc all have wiretap and legal discovery tools built into their platforms and have a dedicated team to process wiretaps.
Stop the service and inspect the machine for law violations. I’m ok to that. But proxying the network without a notice is literally spying.
Reverse the case, if a Chinese/Russian provider did this, would you still be OK? It’s funny US and west countries blaming easterns for spying while doing far far more.
The entire term wiretap comes from spying on phone conversations upstream without the target’s knowledge. This is no different.
China and Russia are 1000% doing this and more to anything hosted anywhere under their jurisdiction. The CCP brags about the Great Firewall.
I don’t necessarily agree with any of it, but I am pointing out that changing providers to one who wasn’t in the news is not a way to get around government data collection.
There’s no provider that’s going to be more safe than Hetzner, tbh.
If a provider doesn’t comply, you’ll just get special services raiding their DCs instead.
And if you switch to a VPS provider, you’re even more exposed.
Set up CAA with proper restrictions, enforce CT for your clients and use proper full disk encryption to prevent them from placing implants on your server itself.
Knowing the German government I’m not terribly surprised Hetzner was forced to comply quietly. But still, if they’ll do it for one user, they’ll do it for everyone. Really sucks.
Have fun! Don’t hesitate to ask me via DM if you have a question or encounter any problems as I’d say I’m quite experienced with all the tools I listed.
In terms of security, Vanadium is better than Mulch. Mulch uses some of the patches of Vanadium, but it lacks many security improvements that are present in Vanadium. My current setup is Vanadium for tasks where high security is very important, and Mull for just standard browsing.
I use Vanadium for high-security tasks, but Mull is my default browser for standard browsing. It has better privacy, because it has built-in anti-fingerprinting mechanisms and you can actually install proper adblockers like uBlock Origin. Also, I don’t want to support Google’s monopoly on browser rendering engines by using a Chromium-based browser, so I prefer Mull which is based on Gecko.
For security: aegis (totp manager) , keepassxc/dx (password manager), veracrypt (local encryption) and cryptomator (cloud/mobile encryption). Thats it pretty much everythng else I use is more for privacy Edit: cant believe I forgot about ublock origin. it’s like a condom for the internet
my favourite "Cyber-Security-Tool"? None of those logos up there qualify for that descrption... well... Authy perhaps...
yet, my favourite "Cyber-Security-Tools" would be
Configs:
GrapheneOS, Signal, Vanadium, Mullvad VPN, extremely strict permissions. I don't do much with my phone, but I still need to know I'm in control of my privacy.
privacyguides
Oldest
This magazine is from a federated server and may be incomplete. Browse more on the original instance.