this post was submitted on 07 Apr 2025
365 points (98.4% liked)

Privacy

37671 readers
686 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
top 50 comments
sorted by: hot top controversial new old
[–] [email protected] 116 points 1 month ago (4 children)

The Free Software projects in question: Tor, Let's Encrypt, and F-Droid

[–] [email protected] 63 points 1 month ago (1 children)

Let’s Encrypt

God damn they literally just want to watch everything burn.

[–] [email protected] 23 points 1 month ago (2 children)
load more comments (2 replies)
[–] [email protected] 17 points 1 month ago (3 children)

I did not knew that Tor was getting funded by the american state. Thats giving me some spooky vibes.

[–] [email protected] 37 points 1 month ago (1 children)

It was invented by the US Navy.

[–] [email protected] 4 points 1 month ago (1 children)

Well color me stupid color me gone.

[–] [email protected] 5 points 1 month ago (3 children)

... Except not using it would be less secure, so I'm not sure I'm following..

load more comments (3 replies)
[–] [email protected] 4 points 1 month ago* (last edited 1 month ago)

One theory is that Tor was opened to the public by the United States Naval Research Laboratory only to create a crowd of users for their agents to hide in. You need a large enough anonymity set for these sorts of technologies to work.

[–] [email protected] 4 points 1 month ago

More exactly by Defense and secret services

[–] [email protected] 7 points 1 month ago
[–] [email protected] 3 points 1 month ago

Well, at least the one he used for thruth is safe (mastodon IIRC?)

[–] [email protected] 57 points 1 month ago (1 children)

Elections have consequences. I am no longer on speaking terms w/ trump voters.

[–] [email protected] 4 points 1 month ago (1 children)

I'm no longer on speaking terms with any voters

[–] [email protected] 24 points 1 month ago (2 children)

I'm no longer on speaking terms

[–] [email protected] 10 points 1 month ago

Hey! I'm speaking!

[–] [email protected] 4 points 1 month ago
[–] [email protected] 50 points 1 month ago* (last edited 1 month ago) (1 children)
[–] [email protected] 16 points 1 month ago (1 children)

the enemy is both weak and strong

[–] [email protected] 7 points 1 month ago

The appropriate sequence of events would be:

Trump starts tariffs > People switch to FOSS > Trump cuts funding to FOSS

This really isn't double-speak and, if anything, clearly shows the hostility of the admin. They are just incompetent, short-sighted, and overall an enemy of the people.

[–] [email protected] 40 points 1 month ago (1 children)

Well it looks lime most of us are going to have to step up our donations foe the next few years

[–] [email protected] 13 points 1 month ago (1 children)

You will never approach the amount they receive from government funding. That is the point.

[–] [email protected] 19 points 1 month ago (1 children)

We're going to have to try or potentially lose the project

[–] [email protected] 10 points 1 month ago

Let me spell it out for you. Trump has removed our cyber defenses and now he's defunding FOSS projects like Tor and Let's Encrypt!…

Now Trump wouldn't know a FOSS project from a hole in the ground but do you know who does? What world leader who has an entire cyber attack force on his payroll and wants to remove any barriers in finding dissidents who are probably using Tor to coordinate and hide from them?

Do the math. If the government funding of these projects is allowed to be removed it's gonna be a whole new ballgame on the internet and the only ones to reap the benefits are the dictators.

[–] [email protected] 34 points 1 month ago

Wait you guys were getting paid to work on open source?

[–] [email protected] 23 points 1 month ago (2 children)

the guy is literally a political front for techbros, it's not like he would do something else.

[–] [email protected] 13 points 1 month ago

Those mf build their empires on the back of open source.

[–] [email protected] 10 points 1 month ago (1 children)

Tech bros are only interested in getting the results from open source. They want the free software from their slaves, they aren't interested in paying anything.

Tech companies, for a while, added a bit to open source as it was in their own self interest, but they still shut out everything that wasn't them, they still make the internet in the horrible stonewalled garden that it is today. No account? Half the internet isn't accessible to you anymore

Fuck all the big tech and social media companies

load more comments (1 replies)
[–] [email protected] 15 points 1 month ago

Delta Chat was one of the FOSS projects affected: https://chaos.social/@delta/114211300446944585

[–] [email protected] 14 points 1 month ago* (last edited 1 month ago) (5 children)

As far as Let's Encrypt goes, the easy way to solve that is self-signed SSL certificates and Tofu. Just make it stupid obvious if an SSL certificate changes on a site that you go to. Like, turn your browser into a giant red screen that says that the security of the website has changed and may be broken obvious. Maybe you could have search engines also index SSL certificates so you could see if Google and Bing and DuckDuckGo and whoever else all say that this website has the same SSL certificate that it has had for X amount of time and if the search engines start showing different results you get suspicious.

Edit: Using self-signed certificates and tofu fits better with the decentralized ethos of the original web anyway since you're not relying on some third-party authority to tell you what's safe and what's not.

[–] [email protected] 3 points 1 month ago (1 children)

Never heard of tofu before (the software). What is it?

I had heard about DANE and how that would help in scaling back the need for big CAs but I could never grasp how one would do that. Do you know about it? I'm looking for someone to explain it to me.

[–] [email protected] 6 points 1 month ago (7 children)

Tofu stands for Trust on First Use. So basically, you would get an SSL certificate from the website the very first time you connected to it, instead of trusting a certificate authority. Then, if the SSL certificate changed, you would then be warned that the certificate had changed and would have to decide whether to trust the new certificate or not trust the new certificate. That's why I said perhaps search engines could index certificates and tell you how long the certificate has been active and you could check several engines quickly to determine whether each engine has the same certificate indexed for the same website and if they did not then you would know something might be up.

[–] [email protected] 3 points 1 month ago (1 children)

I don't feel like this adequately accounts for stupid people though. The number of times I've seen people freak out over a perfectly legit website because a cert warning popped up or others who have ignored the warning and clicked through to a scam or malware... 🤦‍♀️

load more comments (1 replies)
load more comments (6 replies)
[–] [email protected] 3 points 1 month ago (1 children)

i don't think this is a good idea. govs could just set up a big reverse proxy for lots of sites to serve them with their own certs, and you wouldn't know

[–] [email protected] 2 points 1 month ago

Seems like no change from right now, because currently the certificate authorities are centralized entities, which could be pressured by governments to add their own certificates.

load more comments (3 replies)
[–] [email protected] 11 points 1 month ago (2 children)

This is terrible news, anyone know of alternatives to let's encrypt?

[–] [email protected] 13 points 1 month ago

they have more sponsors and won't go broke because of this

[–] [email protected] 2 points 1 month ago (1 children)

HTTP works pretty well, if you don't mind various governments spying on the traffic.

[–] [email protected] 3 points 1 month ago (1 children)
[–] [email protected] 2 points 1 month ago (1 children)

http://longeepsiteaddress.i2p. Bonus points for having an option for a human-readable domain as well.

[–] [email protected] 4 points 1 month ago* (last edited 1 month ago) (3 children)

But i2p doesnt have PoW DDOS protection. Trust me, that shit helps a fuckton for limiting ddos. I witnessed firsthand nine onion services that upgraded from not having DDOS protection to having DDOS protection while under attack and the attack completely stopped.

Edit: RetoSwap, a decentralized Monero exchange, has 9 onion seed nodes and they were being DDOSed to oblivion. As soon as they added PoW the attacks stopped and havent happened since. That was about 9 months ago now.

load more comments (3 replies)
[–] [email protected] 7 points 1 month ago

Make America great again

[–] [email protected] 5 points 1 month ago

Trump needs that money for his big boy parade.

[–] [email protected] 4 points 4 weeks ago

This is it... This is the last straw!!! I was ok with the destruction of free trade, I was ok with the genocide funding, I was ok with the bastardisation of the administrative branch, and I was absolutely okay with the racism!!! But this, THIS??? ABSOLUTELY UNACCEPTABLE!!! As a MAGA supporter, I cannot stand for this any longer! You should be dismantling the minorities, not my website!!!

/s

load more comments
view more: next ›