“Wants to post on a social media website” “Wants pure privacy on the social media website”
I’m not sure what the issue is here… Did you know that your ISP has a record of every website you’ve ever been to on a server you don’t control and they can look at it whenever they want?
Did you know you leave a record of your device on any network you join, leaving a unique ID behind that can be mapped back to you? This record is stored on severs you don’t control and the operatora can view this record whenever they want?
Did you know that the admins of raddle have access to all your comments and DMs?! And they can read them at any time?!
I’m not sure what the issue is here… Did you know that your ISP has a record of every website you’ve ever been to on a server you don’t control and they can look at it whenever they want?
This is pretty much entirely incorrect.
It is part of the purpose of HTTPS that your ISP does not have the URLs of pages you visited, nor the content of the data sent in either direction. That information is all encrypted from your browser to the web server and vice-versa.
Encryption became standard in browsers in two waves: first, with the commercialization of the Web in the late 1990s and the need to encrypt financial credentials (e.g. credit card numbers) to do e-commerce; and second, after the Snowden NSA scandal that led to almost all non-commercial web sites adopting HTTPS as standard, followed by most browsers flagging unencrypted sites as “insecure”.
Classically, your ISP would have the domain names (e.g. lemmy.world) as you’d usually be using your ISP’s DNS server; and even if you were using a remote DNS server the DNS traffic would be unencrypted through your ISP’s network.
But these days, they might not even have the domain names, as DNS over HTTPS is used in many browsers today.
Even today though — unless you’re using a VPN, Tor, or some other form of encrypted tunneling — your ISP can certainly discover the IP addresses of hosts you communicate with.
“Wants to post on a social media website” “Wants pure privacy on the social media website”
I’m not sure what the issue is here… Did you know that your ISP has a record of every website you’ve ever been to on a server you don’t control and they can look at it whenever they want?
Did you know you leave a record of your device on any network you join, leaving a unique ID behind that can be mapped back to you? This record is stored on severs you don’t control and the operatora can view this record whenever they want?
Did you know that the admins of raddle have access to all your comments and DMs?! And they can read them at any time?!
This is pretty much entirely incorrect.
It is part of the purpose of HTTPS that your ISP does not have the URLs of pages you visited, nor the content of the data sent in either direction. That information is all encrypted from your browser to the web server and vice-versa.
Encryption became standard in browsers in two waves: first, with the commercialization of the Web in the late 1990s and the need to encrypt financial credentials (e.g. credit card numbers) to do e-commerce; and second, after the Snowden NSA scandal that led to almost all non-commercial web sites adopting HTTPS as standard, followed by most browsers flagging unencrypted sites as “insecure”.
Classically, your ISP would have the domain names (e.g.
lemmy.world) as you’d usually be using your ISP’s DNS server; and even if you were using a remote DNS server the DNS traffic would be unencrypted through your ISP’s network.But these days, they might not even have the domain names, as DNS over HTTPS is used in many browsers today.
Even today though — unless you’re using a VPN, Tor, or some other form of encrypted tunneling — your ISP can certainly discover the IP addresses of hosts you communicate with.