It’a still end-to-end encryption when they have backdoored both ends.

Optus is barely an internet connection at this point. I’m using about 10 fearures on Aussie Broadband that simply don’t exist on the Optus network.

Not for long. That’s about to get fixed with encrypted client hello.

…and if you use DoH, they won’t even see DNS.

I would argue that you don’t need a VPN. It’s just another entity that can see your traffic, and there’s no reason to trust them over your ISP. They’re all for-profit companies.

Telstra (Australia’s largest telco) now provides IPv6-only to mobile handsets by default. They’ve deployed 464XLAT.

The main benenfit is not having to deal with NAT. You get your own address and your traffic is not conflated with other people’s.

You also get privacy extensions. Your device generates a temporary address for making outgoing connections. The address has no listening sockets. This means that you cannot get portscanned by every website you visit.

You don’t need to try and figure out your external IP address. There’s no differentiation between internal/external addresses. They’re all global, as the internet was intended.

You can throw as many IP addresses on an interface as you want. If you want to run two web servers from one machine, you can have multiple addresses with different services on port 443.

Enforcing TLS filters out a lot of spam connectikns too. Every legit provider has a cert these days.

I’ve got one, and it works well enough when offline.

If not, I could set up Home Assistant and self-host it.

It’s a shame, as Mozilla gave iRobot one of the better privacy ratings. That’s the only reason I allowed it in my house to begin with.

Google Keyboard has network access, so it can theoretically log every keystroke and send it somewhere.

Personally, I installed GrapheneOS which lets me deny network access to the keyboard.

Whenever I ssh into it.

What’s crazy is that my small UPS consumes 20W at idle (fully charged; AC connected).

I got my server down to 40W too, and the UPS ate all the savings.

That’s amazing. I’ll have to take your word for it. I only have Firefox on my devices.

I didn’t open port 53. It’s DoT.

Even then, it took some extra effort to ensure it didn’t return internal network addresses from the outside.

I found this was returning localised results from the other side of the planet, so I kept connecting to slow servers when more local ones were available. I ended up rolling my own from home. The only problem is there’s no way to do access control so I just have to hope not too many find it.

Good luck with using AI. The training dataset will be polluted, and so will the data of individual accounts.

My TV is signed into YouTube as me, but all my kids use it to watch Minecraft videos. Google probably knows my age by now, and all this will get flagged as typical viewing for a millenial.

Yes, git.

When you upgrade your desktop PC, plan for it to be the home server after that.

I got a rackmount case to transplant my old desktop montherboard into every 5 years. I also got a 4-port NIC so it can also be a router. My server is a 4th gen Core i5 and it’s still plenty of power for a home server.

If you’re a laptop guy, I’m not sure what you’d do. Maybe ask friends for their old desktops. The Win10 discontinuation next month would be a great opportunity to snap up some business PCs destined for landfill.

For Home Assistant, I think you either need Docker or a dedicated box. I kinda hate how there isn’t a .deb package for it like literally every other service on my server.

I signed a mortgage with a bank that was a 37 hour drive away before. One of my current banks is a mere 9 hour drive to the nearest branch.

It seems really weird to have any functionality that’s available on an app but not a website. Usually the app is stripped back to cover just the common website functions. I say this as a developer who writes both finance web frontends and mobile apps.

I was trying to write something that would save an AVIF image this week. Holy shit the ecosystem is bad. I had to encode the image and write the exif tags with two different libraries. The latter being a CLI program and not a library. The WEBP situation is even worse.

We are never getting away from JPEG.

I would just use a web browser. The apps do the same thing, but get it done a bit quicker.

Thankfully my banks don’t use hardware attestation.