Yeah, I thought I implied that, but that was the reason SNI started - IPv4 is a scarce resource and thus expensive and the only way to host multiple https websites was having multiple IPs (not necessarily multiple servers, you can easily have multiple IPs for one server, you just had to bind one IP per host), which was adding to the costs quite a bit and hobby projects couldn’t really afford it (well, they could, but not many people are spending hundreds of dollars for a hobby website).
It’s happening as part of the handshake. Probably not completely what it’s about, but it was the first that came to my mind.
Edit: It has to happen before the encryption is established, because otherwise the server doesn’t know which certificate to use, because it doesn’t know which host is the client requesting. There’s also ESNI (encrypted SNI) to solve this but I’m not sure on how many servers actually deploy it.
It is kinda big, previously you had to send the host unencrypted to support SNI which in turn was needed to support https for multiple sites per one IP address, which was needed because we lack IP addresses. So there were basically two options: compromise privacy a tiny bit (by sending host unencrypted), or make it impossible for most websites to have any privacy at all (by making it impossible to have a https certificate).
Now you can have the best of both worlds. Granted, you need to have DoH (which still isn’t the default on most systems AFAIK), but it’s still a step in the right direction.
It has a free tier, for 12 months you can run one t3.micro for free. That’s more than enough for a single user VPN. Afterwards it costs like $9 a month for on-demand instances (in the EU, it’s cheaper in the US), at that point you can either switch to reserved instances (which brings the cost down to around $3 or create a new AWS account to enjoy the free tier again.
Google is locking down certificates in Android 14 which absolutely cannot be changed even by devs
Hopefully Firefox adds an easy way to add a certificate. They had it already, never understood why they removed it.
Google has put into place infrastructure to lock apps down as well with its App Bundles to replace APKs
I don’t think they can replace APKs with AABs as the only solution - EU wants them to have support for alternative stores. In theory they could do separate Android for EU and the rest of the world, but I don’t think they will.
Sounds like bullshit. I’m a millennial and most people I know know shit about computers. Even those who use them every day only know how to do the few things they need to do and that’s it.
So I don’t think gen Z is any worse in that, most people suck, regardless of generation, with computers and that’s it.
I forgot this thing existed!