They are bound by anti money laundering laws (AML) and are required to Know Your Customers (KYC).
https://support.kraken.com/hc/en-us/articles/know-your-customer-kyc-questionnaire
Yes it does compromise privacy because now when the exchange is asked who owns this wallet they have to hand your details to law enforcement.
Exchanges without KYC are getting rarer.
In an absolute sense, yes a modem can spy on you by hijacking requests and redirecting them to controlled locations. We use TLS to prevent this, even stronger with technologies like HSTS.
Does this happen in real life though? More then you think, but less of an impact then you think.
Some US providers will hijack DNS requests and redirect them to their own DNS servers, but this can be solved with DOH or DOT.
TLS interception is a thing but it requires the device you are using (phone, PC, tablet, laptop) to have a root certificate installed that the ISP also controls. Almost all browsers will only install root certificates from root certificate providers with good standing and have no quarm in untrusing the root certificate if things go badly.
How will they enforce it? I’m sure big/medium businesses will comply, but how can you track a cash transaction between private citizens?
Because that is not the point of the laws.
Infact the NL implementation of the laws specifically says it is for business to business and business to consumer.
There is no mention of private transactions.
This whole article is an advert for this companies own new secure messenger because…
Why Would We Stop Using Signal?
We had a security breach of some root keys for a legacy chat server we were running and it got attacked and destroyed. It was too hard to restore after the attack and was abandoned. We tracked down the data leak to Signal, as the engineers had used Signal to send these keys between themselves.
Human error. Why are you allowing private keys on untrusted devices?
How are you on self hosting something? You could give a couple of these a try. Data stays with you so you get to decide how much to track.
https://github.com/awesome-selfhosted/awesome-selfhosted?tab=readme-ov-file#analytics
I am failing to see any discrimination here.
The 4 banks I use all have the same policy. Auto sign out after inactivity from web.
Web pages don’t really know if a monitor is turned off due to inactivity so it is safer to log them out.
because who locks their screen when they aren’t using their system?
When using an app, you have to re auth with a device specific pin or bio metric if the screen turns off due to inactivity or switching apps.
Because it is a website created by a Kiwifarm transphobic individual who is scalping data from discord and selling access under the disguise of “seeing what your friends are up to” when in reality it is used to harass people.
y̷̪͎͙̣̠̪̅͆̕͝ͅọ̷͒̍͟ͅų̸̮͎̞͙̣̥͍̽̌͒̉͋͊̽̆̽̋͘͡͠r̸̡͈͈̬̬̹̭̹̍͗̐͂̑͛̅̄̕̕͘͠ ̷̨̙̩̘̩̰̀͋͜w̸̗̖̺͖̫̐́͋̐̀̈́̋̓̕͠ę̶̡͎͉̪̰̲̼̠̭͓̳̀͐̀ͅl̶̰̺͚̫̦̍́̓̐̅̈́̓̂̑͝͝͝c̵͖̞̀̈́͋̓́̓̌̓̋̕͘͠ò̴̫̰̬̮̗͓̻͚͛́͘͟ṁ̷̳̣͔͖e̶̖̝͎̞̅̓̾̍̉́͌͆͝ ̸̳̜̳̥̠͍̲̠̣̈́̾̍͗̌͂͑̚͝m̸̧̛̳̠̦̩̱̞͎̝̯̲͚̜̬͗̓̄̓́̈́̾̾̈́̊̽ͅa̸̧̨͖̼̦͉̲͛̾́͋̌͑͌̽̚͝t̴̝̦̘̞͇͖̪͔̙̠̲͈̀̒̒̋̇̎̔̄̂̇́ę̸̧̼̮̭͉̼͔̮̥̗͇̟̥̤͛̐̉̾͗̓̆̇͛̀̚͘͟
Cleartext (What does this mean in the context of protocols? Is it inherently bad?)
It’s like sending a postcard. Anyone can see who it is from, who it is to and what you are sending.
Install Wireshark and filter for DNS them open your web browser to see where you are calling to.
DoH an DoT are essentially the same thing encrypt the DNS request in a TLS session so others can’t see what you are requesting. The main difference is DOT uses port 853 so at a glance it is DNS traffic and the port may be closed. While DoH works over port 443, the same port as regular encrypted web traffic so the port is likely open.
DoQ and DoH/3 uses UDP 443 compared to TCP 443 but still encrypt the traffic.
DNSCrypt is a DNS proxy.
Do53 is yet another implementation of DNS over TLS but using port UDP 53 the regular DNS port.
Facebook? More like FBI. Wouldn’t be the first time.