Kenyans are watching you masturbate.

Make it a subdomain on a wildcard cert if you’re concerned about that.

The only issue is your phone collecting location data and then relaying it to somewhere in the internet.

The privacy risk is when things have location access AND internet access.

I’m fairly certain my phone is not accessing my location unless I ask it to (I have GrapheneOS). But it’s absolutely pinging my location when I open a map or upload a photo to the internet. I do those things sparingly.

Just expose it on single-stack IPv6. Nobody ever knocks. The address space is not scannable.

The best thing about Motorola is that they ship with a very stock android ROM. It’s also the worst bit, because there’s nobody maintaining any software. Handballing software maintenance to GrapheneOS would be sweet.

The problem is this also blocks SMS from those outside your contacts. It will be an issue with 2FA.

I created a “Do not disturb” profile that only blocks voice calls for non-contacts. SMS still comes through. My ringtone is a silent file, but that’s just my preference.

In the DND profile, I only allowed messaging apps to show notifications. I don’t care about the rest.

Example.com recently had an issue where its traffic was found being routed to the wrong place (its traffic should get discarded).

I use it for email accounts on test data in environments with a live mail server configured. The point of this domain is that it doesn’t work.

This is how I do it. No VPN. No NAT nonsense. You can open an IPv6 address to the public internet and nobody is going to stumble across it. You don’t even disclose your address to servers you connect to.

100% of shady connections come from bots scanning address space on IPv4.

I don’t get how a single person would have that much data. I fit my whole life from the first shot I took on a digital camera in 2001… Onto a 4TB drive.

…and even then, two thirds of it is just pirated movies.

Just like hospital care, amirite? 😆

It’s funny that we complain about it, but it’s completely free, unrestricted, and beats everything else hands-down.

I’ve done almost everything on that list. The hardest ones require convincing other people to switch platforms for communications.

I deliberately have not used docker at home to avoid complications. Almost every program is in a debian/apt repo, and I only install frontends that run on LAMP. I think I only have 2 or 3 apps that require manual maintenance (apart from running “apt upgrade”). NextCloud is 90% of the butthurt.

I’m starting to turn off services on IPv4 to reduce the network maintenance overhead.

It’a still end-to-end encryption when they have backdoored both ends.

Optus is barely an internet connection at this point. I’m using about 10 fearures on Aussie Broadband that simply don’t exist on the Optus network.

Not for long. That’s about to get fixed with encrypted client hello.

…and if you use DoH, they won’t even see DNS.

I would argue that you don’t need a VPN. It’s just another entity that can see your traffic, and there’s no reason to trust them over your ISP. They’re all for-profit companies.

Telstra (Australia’s largest telco) now provides IPv6-only to mobile handsets by default. They’ve deployed 464XLAT.

The main benenfit is not having to deal with NAT. You get your own address and your traffic is not conflated with other people’s.

You also get privacy extensions. Your device generates a temporary address for making outgoing connections. The address has no listening sockets. This means that you cannot get portscanned by every website you visit.

You don’t need to try and figure out your external IP address. There’s no differentiation between internal/external addresses. They’re all global, as the internet was intended.

You can throw as many IP addresses on an interface as you want. If you want to run two web servers from one machine, you can have multiple addresses with different services on port 443.

Enforcing TLS filters out a lot of spam connectikns too. Every legit provider has a cert these days.