Hello there! Im looking for increased privacy when it comes to my network connections. So far I know of TOR as an almost absolute bastion of security, but how do I ensure the remaining network traffic is encrypted and private? I know of signal for communication, and I’m aware of VPN’s. However I’m not sure whether to trust most providers regarding government interference as their software often isn’t open source. Is there a federated VPN of sorts, similar to how lemmy and other fediverse apps work?
I know you guys are technical and smart. Can you explain to me how secure https is in terms of privacy. I heard that isps can track which domain you’re hitting but not the exact endpoint, is this true ? Where can I read more about this sort of thing?
Https is based on the web of trust. You’re trusting each of the central certificate authorities not to issue a certificate incorrectly.
So if you’re doing something sensitive enough that somebody might compromise their certificate authority for then HTTPS is not the be all end all.
There was a fun program that the Great firewall of China was running, they would look at where you were sending traffic, and then do a man in the middle attack giving you a different certificate so that they can see what you were actually saying unencrypted.
Some more info and helpful blogs from mullvad https://mullvad.net/en/help/all-about-dns-servers-and-privacy/
You can use quad9 or mullvad DNS resolvers for free to prevent DNS leaks
No all of your packets will have a destination IP address. Meta data isn’t encrypted for an HTTPS.