- cross-posted to:
- selfhosted@lemmy.world
- cross-posted to:
- selfhosted@lemmy.world
Likely under the command of law enforcement and without informing any clients.
The linked research: http://notes.valdikss.org.ru/jabber.ru-mitm/
I have two dedis from Hetzner and I was somewhat satisfied with it. Oh my, it migh be that time of the year where I go shopping for a NUC.
Ahhh. Going after Russian services of course.
Knowing the German government I’m not terribly surprised Hetzner was forced to comply quietly. But still, if they’ll do it for one user, they’ll do it for everyone. Really sucks.
There’s no provider that’s going to be more safe than Hetzner, tbh.
If a provider doesn’t comply, you’ll just get special services raiding their DCs instead.
And if you switch to a VPS provider, you’re even more exposed.
Set up CAA with proper restrictions, enforce CT for your clients and use proper full disk encryption to prevent them from placing implants on your server itself.
Just buy a raspi to check the certificates periodically :>
Alwyzon is nice. Good ping times.
Had a friend that got a cheapo Gigabyte NUC and he needed to use a dummy HDMI for it to even boot. As it, it wouldn’t boot w/o a monitor. Take heed.
That’s a pretty meh problem though. It’s the whole reason dummy HDMI’s exist.
more discussion https://news.ycombinator.com/item?id=37955264
Interesting 🤷♂️ I’ll check news on this. I won’t use Hetzner if its true.
Please do. An unsubstantiated reddit thread does not a story make- but the more people we get to look into it, the more likely someone will corroborate it (or not)
An unsubstantiated reddit thread does not a story make
If want something that is immune from law enforcement wiretap warrants, you should avoid basically all hosting and internet service providers.
Read the TOS on virtually every service. There’s some language to say that they will comply with legal requests. The company is not going to fight the government for your $5 account.
Microsoft, Google, Amazon, Facebook, etc all have wiretap and legal discovery tools built into their platforms and have a dedicated team to process wiretaps.
Stop the service and inspect the machine for law violations. I’m ok to that. But proxying the network without a notice is literally spying.
Reverse the case, if a Chinese/Russian provider did this, would you still be OK? It’s funny US and west countries blaming easterns for spying while doing far far more.
It’s is also affecting auction servers?