Hetzner server hosting potentially running MITM proxies on hosted servers

⁨100⁩ ⁨likes⁩

Submitted ⁨⁨1⁩ ⁨year⁩ ago⁩ by ⁨empireOfLove@lemmy.one⁩ to ⁨privacyguides@lemmy.one⁩

https://old.reddit.com/r/hetzner/comments/17ccp3i/hetzner_does_run_a_mitm_proxy_in_front_of_my/

Potentially under the command of law enforcement.

source

Comments

Sort:hotnew top

taaz@biglemmowski.win ⁨1⁩ ⁨year⁩ ago
The linked research: notes.valdikss.org.ru/jabber.ru-mitm/

I have two dedis from Hetzner and I was somewhat satisfied with it. Oh my, it migh be that time of the year where I go shopping for a NUC.

source
- empireOfLove@lemmy.one ⁨1⁩ ⁨year⁩ ago
  Ahhh. Going after Russian services of course.
  
  Knowing the German government I’m not terribly surprised Hetzner was forced to comply quietly. But still, if they’ll do it for one user, they’ll do it for everyone. Really sucks.
  
  source
- justJanne@startrek.website ⁨1⁩ ⁨year⁩ ago
  There’s no provider that’s going to be more safe than Hetzner, tbh.
  
  If a provider doesn’t comply, you’ll just get special services raiding their DCs instead.
  
  And if you switch to a VPS provider, you’re even more exposed.
  
  source
- ezchili@iusearchlinux.fyi ⁨1⁩ ⁨year⁩ ago
  Just buy a raspi to check the certificates periodically :>
  
  source
ericjmorey@programming.dev ⁨1⁩ ⁨year⁩ ago
more discussion news.ycombinator.com/item?id=37955264

source
iso@lemy.lol ⁨1⁩ ⁨year⁩ ago
Interesting 🤷‍♂️ I’ll check news on this. I won’t use Hetzner if its true.

source
- geekworking@lemmy.world ⁨1⁩ ⁨year⁩ ago
  If want something that is immune from law enforcement wiretap warrants, you should avoid basically all hosting and internet service providers.
  
  Read the TOS on virtually every service. There’s some language to say that they will comply with legal requests. The company is not going to fight the government for your $5 account.
  
  Microsoft, Google, Amazon, Facebook, etc all have wiretap and legal discovery tools built into their platforms and have a dedicated team to process wiretaps.
  
  source
  - iso@lemy.lol ⁨1⁩ ⁨year⁩ ago
    Stop the service and inspect the machine for law violations. I’m ok to that. But proxying the network without a notice is literally spying.
    
    Reverse the case, if a Chinese/Russian provider did this, would you still be OK?
    
    source
    -> View More Comments
- empireOfLove@lemmy.one ⁨1⁩ ⁨year⁩ ago
  Please do. An unsubstantiated reddit thread does not a stotlry make- but the more people we get to look into it, the more likely someone will corroborate it (or not)
  
  source
  - QuazarOmega@lemy.lol ⁨1⁩ ⁨year⁩ ago
    
    An unsubstantiated reddit thread does not a story make
    
    Awoken I am
    
    source
Madiator2011@lm.madiator.cloud ⁨1⁩ ⁨year⁩ ago
It’s is also affecting auction servers?

source