Hello there! Im looking for increased privacy when it comes to my network connections. So far I know of TOR as an almost absolute bastion of security, but how do I ensure the remaining network traffic is encrypted and private? I know of signal for communication, and I’m aware of VPN’s. However I’m not sure whether to trust most providers regarding government interference as their software often isn’t open source. Is there a federated VPN of sorts, similar to how lemmy and other fediverse apps work?

  • jet@hackertalks.com
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    Https is based on the web of trust. You’re trusting each of the central certificate authorities not to issue a certificate incorrectly.

    So if you’re doing something sensitive enough that somebody might compromise their certificate authority for then HTTPS is not the be all end all.

    There was a fun program that the Great firewall of China was running, they would look at where you were sending traffic, and then do a man in the middle attack giving you a different certificate so that they can see what you were actually saying unencrypted.