undefined | Better HN

0 pointsfiysp6y ago0 comments

My ISP, since I have a contract with them, I can switch to another ISP anytime, and they are bound to lots of data protection laws.

On the other hand, the Mozilla Corporation clearly is desperate to find alternate sources of funding.

0 comments

tptacek6y ago

You have a contract with your ISP not to collect and monetize your DNS queries to their DNS servers? Are you in the US on a mainstream ISP? If so, you surely do not, unlike with the Mozilla TRR program, where you in fact do.

Aaargh203186y ago

> You have a contract with your ISP not to collect and monetize your DNS queries to their DNS servers?

You don’t ? Why would you sign up with such an ISP ? My ISP has a very clear privacy policy, and they obviously have to comply with the GDPR as well.

fiddlerwoaroof6y ago

In America, at least, there are only one or two high speed ISPs in any area: and so, unless you want to use DSL or satellite or something and deal with latency/speed issues, you basically pick whoever is fastest for the best price

2 more replies

pmoriarty6y ago

"My ISP has a very clear privacy policy"

I have to wonder: is anyone actually regularly auditing these companies to make sure they abide by their privacy policy?

I see lots of privacy policies all over the internet, but absolutely zero oversight.

gpm6y ago

Often, I don't have a contract with my ISP. Since my ISP is a random coffee shop, the public transit provider, or so on.

type06y ago

You should be using a VPN in a random coffee shop anyway, not that I particularly like how falsely advertised those are, and their security (Nord cough cough), still it's usually better than nothing.

gpm6y ago

It doesn't matter what I should do, it matters what a random firefox user who finds themselves in a coffee shop is doing.

Some of the public transit I've been on disagrees strongly with VPNs because they do heavy traffic shaping and VPNs fall into the "make this really slow" category. Reasonably so.

I also disagree with this advice. For myself and the vast majority of people $5/month is not worth it for the negligible difference in security and privacy over https, and DNS over https. This becomes even more true with encrypted SNI.

In fact, a VPN is largely worse privacy wise because "random coffee shop internet with random MAC address" is pretty anonymous unless you sign into anything over http.

j / k navigate · click thread line to collapse

0 comments

tptacek6y ago

Aaargh203186y ago

> You have a contract with your ISP not to collect and monetize your DNS queries to their DNS servers?

You don’t ? Why would you sign up with such an ISP ? My ISP has a very clear privacy policy, and they obviously have to comply with the GDPR as well.

fiddlerwoaroof6y ago

2 more replies

pmoriarty6y ago

"My ISP has a very clear privacy policy"

I have to wonder: is anyone actually regularly auditing these companies to make sure they abide by their privacy policy?

I see lots of privacy policies all over the internet, but absolutely zero oversight.

gpm6y ago

Often, I don't have a contract with my ISP. Since my ISP is a random coffee shop, the public transit provider, or so on.

type06y ago

You should be using a VPN in a random coffee shop anyway, not that I particularly like how falsely advertised those are, and their security (Nord cough cough), still it's usually better than nothing.

gpm6y ago

It doesn't matter what I should do, it matters what a random firefox user who finds themselves in a coffee shop is doing.

Some of the public transit I've been on disagrees strongly with VPNs because they do heavy traffic shaping and VPNs fall into the "make this really slow" category. Reasonably so.

In fact, a VPN is largely worse privacy wise because "random coffee shop internet with random MAC address" is pretty anonymous unless you sign into anything over http.

j / k navigate · click thread line to collapse