• 0 Posts
  • 17 Comments
Joined 7 days ago
cake
Cake day: November 7th, 2024

help-circle








  • I would add from an end-user privacy perspective, they might want HTTPS. If I hit a website not using HTTPS, I pretty much immediately back out. Bad actors like hostile governments and hackers can use seemingly meaningless data against you.

    I can’t remember exactly what happened but I remember back when WebMD was fighting against rolling out TLS hackers were able to find medical weaknesses against people.







  • One thing I want to bring up just so you’re conscious of it is WiFi calling.

    I currently use Tailscale and a sophisticated setup to route traffic via commercial VPNs. I also do a ton of DNS ad/tracking blocking which Tailscale wasn’t really designed for (and requires a rat’s nest of routing, iptables and the like).

    I’ve noticed I never receive incoming calls now even while attempting to send traffic to my carrier’s WiFi calling server (it’s just another traditional VPN server at a technical level) through the nearest Tailscale exit node.

    All this is to say, if you want WiFi calling to work you should consider this. I believe it’s the same for Android and iPhone.

    As for the traditional VPN bit I kind of discovered this a few years ago when using one of those mobile cellular gateways you can plug into your LAN (I lived in a dead zone). When looking up my current carrier’s WiFi calling server (a different carrier) I realized the port matches the same VPN thing they were doing on the cellular gateway, so I think it’s fairly common for wireless carriers to just use a VPN to get you into their backend.