Net neutrality / HTTPS

Anomaly

Demon Girl
Dec 19, 2013
62
8
#1
Hello everybody, you may not be aware of the changes occurring in the USA regarding ISP network usage collection and I'm here to help bring you up to date. The short story is that previously your ISP wasn't allowed to collect, store, sell or divulge your internet usage habits without a warrant. This is changing and the invasion of privacy here at ULMF can be mitigated with an HTTPS upgrade.

Currently ULMF runs on HTTP only. That means a couple of critical personally identifying information points are exposed to your ISP or people on various home and public network configurations.

Key vulnerable points ULMF currently:
1) Your username, account login password, login session etc are all flapping in the breeze.
2) Any activity you do is plaintext and easily stored at your ISP: post text/edit etc.
3) Any threads you browse regularly is easily indexed by your ISP: dat boi loves the MilkyQuest thread.

What does an HTTPS upgrade do for ULMF (basically)? It hides all unique information in the points listed above. The only things your ISP or a man in the middle attacker will see is that your IP is communicating with ULMF but not what specifically it is doing on ULMF.

There are plenty of free HTTPS certificate providers that are easy to configure such as CloudFlare.

EFF Provided diagrams:
HTTP (current ULMF)
HTTPS
 
Oct 31, 2014
1,498
113
#2
Re: Net neutrality / HTTPS

Hm thanks, been wondering what the difference between http and https was. :eek:

But as for the upgrade, in terms of who would be able to do that it sounds pretty similar to a server move, and the owner of the site isn't on much anymore. I'm not sure the admins or super admin would be able to do that on their own :/
 
OP
OP
Anomaly

Anomaly

Demon Girl
Dec 19, 2013
62
8
#3
Re: Net neutrality / HTTPS

Hm thanks, been wondering what the difference between http and https was. :eek:

But as for the upgrade, in terms of who would be able to do that it sounds pretty similar to a server move, and the owner of the site isn't on much anymore. I'm not sure the admins or super admin would be able to do that on their own :/
It is fairly easy actually. Either use the webhost's SSL services or go with something like cloudflare which is 1) sign up for CDN service (like cloudflare) 2) configure DNS to go to the CDN 3) point the CDN at ULMF 4) use cloudflare 1 click SSL feature.
 

Lurker_01

Demon Girl Master
Feb 16, 2012
178
28
#4
Re: Net neutrality / HTTPS

Spoiler

Also the certificates aren't that cheap last time i heard about it and the cheap ones don't follow the best practices.
We had cloudflare before and from what i remember it wasn't stable.
 

Hentaispider

Lord of the Tap Dance \oO.Oo/ (And Reputation Mana
Staff member
Administrator
Moderator
Nov 24, 2008
11,911
83
#5
Re: Net neutrality / HTTPS

It is fairly easy actually. Either use the webhost's SSL services or go with something like cloudflare which is 1) sign up for CDN service (like cloudflare) 2) configure DNS to go to the CDN 3) point the CDN at ULMF 4) use cloudflare 1 click SSL feature.
Configuring DNS is something vanilla admins DEFINITELY can't do, even if they had root access to the server.

And anyway, the EASIEST way would be through Let's Encrypt.
 

super_slicer

Tentacle God
Nov 17, 2010
3,135
113
#6
Re: Net neutrality / HTTPS

Or you could just jump on someone else' connection, if you're the type that REALLY doesn't want someone knowing what they're up to.

Any internet cafe will do... just be sure to pay in cash and wear a hat for the security cams :)

If you're in a rural area, there's always some schmuck with an unsecure connection.
 
OP
OP
Anomaly

Anomaly

Demon Girl
Dec 19, 2013
62
8
#7
Re: Net neutrality / HTTPS

Or you could just jump on someone else' connection, if you're the type that REALLY doesn't want someone knowing what they're up to.

Any internet cafe will do... just be sure to pay in cash and wear a hat for the security cams :)

If you're in a rural area, there's always some schmuck with an unsecure connection.
Those are relatively impractical approaches to privacy for a majority of users though. The point of introducing HTTPS is because it is a much more mature solution at this point in time and there are now very free and easy ways to set it up. It helps the layman who doesn't know why things like these are useful. It isn't about using a VPN, helping yourself or behaving like a criminal for legal behavior. It is more about helping the people who use the same password to log into every site to not get sniffed, doing due diligence for privacy on an adult content site and putting a damper on gross power creep of ISPs.
 
Oct 9, 2009
1,497
63
#9
Re: Net neutrality / HTTPS

I take offense to this.

Suggesting complete anonymity is some childish trick.
You shouldn't. Mature solution means the technology has gone through more development and is less likely to fail. It has nothing to do with human age.
 
Feb 2, 2014
357
43
#10
Re: Net neutrality / HTTPS

You shouldn't. Mature solution means the technology has gone through more development and is less likely to fail. It has nothing to do with human age.
I think you're missing the point, and intentionally. Needing anonymity in an age where net security and privacy should be a given is childish at best, suspicious behavior at worst. If you're not guilty of questionable behavior, then you don't need to worry about staying hidden on the internet. People who want to remain anonymous indefinitely either lack the moral behavior to keep them out of prison without threat of repercussions, or have failed to mature to a point post-2003 when the rest of us have grown out of the 1337 HAXXOR stage of our immature years.

And before you start with "b-but muh freedom!" bullshit, be aware that I've already pointed out the flaw with that argument. A security agency could literally give two fucks about someone browsing ulmf as long as they aren't shipping child porn or other contraband to others. Even then, I doubt they're going to make an issue of it until there is enough reason to be concerned, a la you're now making home movies or giving opposing gangs/armies nukes to blow each other up with. Your ISP can log your info and sites you visit (and does, same with your cellular company, your bank, etc with their respective areas of expertise) and you could go to the end of your days none the wiser. It is literally the shittiest, most contemptible behavior to complain about your activity being monitored because you want to be 13 again.
 

Hentaispider

Lord of the Tap Dance \oO.Oo/ (And Reputation Mana
Staff member
Administrator
Moderator
Nov 24, 2008
11,911
83
#11
Re: Net neutrality / HTTPS

an age where net security and privacy should be a given
You're joking, right? Net security is a complete joke, just look at all the high-profile attacks where personal data and passwords were stolen, and then recall that these are just services with 100 000 000+ users and think about how many other attacks happened that didn't make the news. And privacy? There's no such thing as privacy unless you take serious steps to maintain it. Facebook, Google, et al do their best to know everything there is to know about you regardless of whether you'd like them to know it or not.
 
Feb 2, 2014
357
43
#12
Re: Net neutrality / HTTPS

You're joking, right? Net security is a complete joke, just look at all the high-profile attacks where personal data and passwords were stolen, and then recall that these are just services with 100 000 000+ users and think about how many other attacks happened that didn't make the news. And privacy? There's no such thing as privacy unless you take serious steps to maintain it. Facebook, Google, et al do their best to know everything there is to know about you regardless of whether you'd like them to know it or not.
Hence the "should". There is no replacement for common sense and protecting yourself, but that's a separate concern from whether Telus knows that I like hypno/mind control content and large tits. As for facebook and google getting to know every little thing about you(including that pimple on your left ass cheek), refer to the above. The only way they can bog you down with relentless ads and annoying spam is if you make that info known 24/7. My facebook profile is basically empty minus a few photos from years ago and my super sentai profile picture. When I'm done with my fap session, I delete my browser history. It's not a surefire means to avoid that information being picked up (it likely will), but I would love to see google and facebook try to sell me Stuffie's tail or a tap-dancing spider.

I would probably buy both, too.
 

super_slicer

Tentacle God
Nov 17, 2010
3,135
113
#13
Re: Net neutrality / HTTPS

Uninformed millennial drivel
When speaking about the internet anonymity is all but synonymous with privacy.

Privacy is a basic human right, whether governments will add it to their charters or not. What I use my computer for should not be easily obtainable information, just as what I do in the privacy of my home shouldn't be (where I'd be using my computer if it didn't somehow magically break the privacy that I'm LEGALLY entitled to in my own home), just as what random thoughts I have floating around.

Your argument against this is what? "Oh it's already being breached so that's no big deal" I guess if someone is assaulting another the blow that cracks the assaultee's skull and causes them to die is only as serious as the one that gave them a fat lip right? Wait a second... that's actually the difference between assault and murder!

Stop interrupting the adults and go back to your playing with your smart phone.
 
Feb 2, 2014
357
43
#14
Re: Net neutrality / HTTPS

When speaking about the internet anonymity is all but synonymous with privacy.
Under what pretext? Because you say so? Sorry, the world doesn't work that way.

Privacy is a basic human right, whether governments will add it to their charters or not.
It's a right inasmuch as when you are in a place and position where your own privacy is guaranteed, e.g., your own home. If you go to a hospital or get arrested, the only guarantee of privacy is what you are willing to disclose or required to to the professionals. While you are not under any obligation to share with the world what ails you, it's also not required for the world to give you privacy in a public forum. Not sorry, you need to re-educate yourself if that concept flew over your head.

What I use my computer for should not be easily obtainable information,
Yeah, no. Your computer connects to thousands of public channels in a day. You're saying just because you have a private, home network that your ability to access the outside world ought to be concealed? Not how this works. If I walk outside, I can't demand everyone ignore my existence. They do regardless, but that's aside the point.

just as what I do in the privacy of my home shouldn't be (where I'd be using my computer if it didn't somehow magically break the privacy that I'm LEGALLY entitled to in my own home),
Okay, here is where you're confused. You're inside your own house. Your computer is in your house. If you refuse to get internet, then your privacy is secured. You're not required to share anything with anyone from the outside unless they have the authority to demand it. Now, here's what you're not understanding.

The internet isn't your personal safe space.

It is a PUBLIC space, where ideas, thoughts, and opinions congregate in a (mostly) anonymous series of forums. The moment you boot up your modem, that's you agreeing to accept the responsibility of being in a public space, same as you would if you were outside. That includes(but isn't limited to) having what you say/do shown to everyone. If you can't handle the "extreme" responsibility of acting like a civilized adult in a public place, then internet "privacy" probably isn't the biggest concern you should be having.

just as what random thoughts I have floating around.
Again, you're confusing being in your own home/head with being equatable to saying stupid shit in public.

Your argument against this is what? "Oh it's already being breached so that's no big deal"
No, my argument is "the internet is a public space, and like all public spaces, what you say/do is on display for everyone." Or, that's the point that should be getting across. Maybe I wasn't clear?

I guess if someone is assaulting another the blow that cracks the assaultee's skull and causes them to die is only as serious as the one that gave them a fat lip right? Wait a second... that's actually the difference between assault and murder!
And a false equivalence irrelevant to the topic at hand. If you can't even manage a relevant and (mostly) accurate comparison, then your argument has no ground to stand on. Right now, all you have is "b-b-but mommy and daddy told me I shouldn't be judged for what I do publicly!" Well, since you like false equivalences...

You assault a man in public and get arrested. That is a public thing, and the police and other people not only have the right to watch the event, but also to step in. Now, if you did it in the comfort of your own home, it's another case. Nobody else has the power or privilege to witness or step in without cause, and even then must possess the authority to do so. So, if that man claims you kicked the shit out of him in your house, the police have the right to knock on your door and ask you about it, but cannot do anything else without being given permission by a higher authority to do so.

You see how simple that is? The internet is a public place. Just because you have a computer that connects to it doesn't mean jack. You have a front door, too. Are you going to demand we let you jerk off in public, too?

Stop interrupting the adults and go back to your playing with your smart phone.
Nothing about your argument was "adult", buddy. If you can't even manage to form a strong, coherent counter-argument, then you should take your own advice.
 

super_slicer

Tentacle God
Nov 17, 2010
3,135
113
#15
Re: Net neutrality / HTTPS

More retarded millennial flailing
Your original argument never mentioned such blatant idiocy. So let's take a moment and correct your mistake of thinking that the internet is a public space.

FYI the definition of a public space: A public space is a social space that is generally open and accessible to people. Roads (including the pavement), public squares, parks and beaches are typically considered public space. To a limited extent, government buildings which are open to the public, such as public libraries are public spaces, although they tend to have restricted areas and greater limits upon use.

Before you tout out some supreme court ruling I'll tell you this: Legal rulings made by ancient fucks that don't understand the technology with the ulterior motive of 'public safety' have no validity.

One needs an account with an ISP to connect to the internet barring the special circumstance where they are using free wi-fi granted to them by an account holder, meaning that the internet does not fall under the definition of a public space as it is not generally open and accessible to people.

But let's ignore that for a second and say the network on which the internet exists IS a public space, akin to roads, however once you reach a site you've entered a private space just the same as entering a business off of that road. And even in the aforementioned public space of the road, Law enforcement agencies still need probable cause to search your vehicle, and anyone caught rummaging around through it without your consent can still be charged with burglary.

How about next we ignore that EVERY site not using .gov is housed on a privately owned server? Sure, without that context, forums could be considered public spaces... except for the fact that you need to create an account and gain membership in order to interact with them. Outside of forums I really can't conceive of any sites being even remotely considered public spaces as they aren't social spaces, perhaps news sites?

So if it requires us to ignore all these facts how can one logically view the internet as a public space?


Bravo on your attempt to change your argument to something more suitable though, it was thiiiiis close. Keep pushing that mommy and daddy routine though, I'm getting a kick out of imagining you acting it out.

As for the only meaningful question you asked: It is up to the user and the site as well as the ISP to maintain privacy, unfortunately 99% of sites don't give a damn about their user's privacy and all of 0% of ISPs do, many even sell usage statistics. Thus the only way to maintain one's privacy (as the corrupt government couldn't give less of a fuck about your privacy) is to maintain their anonymity.
 
Last edited:

Yoshiiki

Grim Reaper
Aug 29, 2016
752
93
#16
Re: Net neutrality / HTTPS

Is Internet payed by governments? No, it's payed by private companies and users paying for accessing it.
So it can't be considered a public space.
Yet in many cases it's open up for anyone who have access to it (payed or not, as there are open connections you can use without paying for them).

Can companies collect your data? Yes and it's often stated in rules that you have to agree with if you want to use their services (not reading that doesn't mean they don't apply).

Do ISP companies or site owners need to give a fuck about your privacy? No. If you go to a place that does have security cameras all over, your problem. They may use it for marketing, use it to make sure no laws are broken, etc. You pay for accessing something, that data goes through their servers and they can use it. Releasing such data to general public is (or should be, depending on country) considered as something against the law. Companies are responsible for making sure your private information won't leak to the public eye.

But, because anyone can access Internet, there are some rules that made it over from public spaces (and I guess, this is where confusion starts).

Also, Internet anonymity and privacy are two different yet related things. By using, for example, facebook your privacy goes to hell. They have access to every single bit of your data, private or not and it's something you agreed on. Same with google and 99.9% of any company that manages data (even your ISP). Sensitive data is something they can't release to the public and making sure it's safe, again, from the public view. Doesn't mean they can't use it.
Internet anonymity is something you can do if you want to, just to make sure most of your information is not being recorded. No company needs to enforce that and mostly won't do it.

Whatever happens in your own, private network, is your own deal and your privacy right there. As soon as you connect it to Internet, you are literally giving your data left and right. Because you don't own your ISP, you don't own google, you don't own DNS you are using, you only own few cables, electronic devices and that's all. You only pay for accessing it and whatever is in your agreement with a company.

Want a good example? Have a smartphone? Using it for taking photos?
1. Send me those, share them with me. As soon as I have them, I can take everything stored inside and get your location with 4m error. Don't like that? Shouldn't have done that in the first place. But, I don't want to get sued for releasing that info to everyone, I am only going to use it to send you a profiled offer about a fucking company that offers delivering healthy food to your door. I have a deal with them and see that you are quite often buying fast food, which means you don't have a time to cook.
Annoyed? Problem? Well, you gave me that yourself.
2. Oh, so you know what you are doing and you sent me photos that got all that valuable data removed? Well, shucks.

1. Your privacy over the Internet.
2. Internet anonymity.

On the other hand, most people don't give a single fuck about their data being collected, they are just happy that they get everything for (((free))). Well, fuck you, nothing is for free, even your mom's love comes with some strings attached, just because you aren't paying with money, doesn't mean you aren't paying at all.
Sure, some people aren't even aware of all things that are going on, but mostly it's just "meh, whatever".

EDIT:
Oh and one more thing, because there are going to be some people not seeing how it is.
All your private data, that company has access to, is not being analyzed by some Joe Shmoe with nerdy glasses on, no one have time for that shit. Algorithms do that, so technically no one is looking at it unless those lines of code detect some illegal shit.
 
Last edited:

super_slicer

Tentacle God
Nov 17, 2010
3,135
113
#17
Re: Net neutrality / HTTPS

On the other hand, most people don't give a single fuck about their data being collected, they are just happy that they get everything for (((free))). Well, fuck you, nothing is for free, even your mom's love comes with some strings attached, just because you aren't paying with money, doesn't mean you aren't paying at all.
Sure, some people aren't even aware of all things that are going on, but mostly it's just "meh, whatever".
Oh you mean people who think erasing their browsing history is practicing good security?
 

Hentaispider

Lord of the Tap Dance \oO.Oo/ (And Reputation Mana
Staff member
Administrator
Moderator
Nov 24, 2008
11,911
83
#19
Re: Net neutrality / HTTPS

Do ISP companies or site owners need to give a fuck about your privacy? No. If you go to a place that does have security cameras all over, your problem. They may use it for marketing, use it to make sure no laws are broken, etc. You pay for accessing something, that data goes through their servers and they can use it. Releasing such data to general public is (or should be, depending on country) considered as something against the law. Companies are responsible for making sure your private information won't leak to the public eye.
Using your own analogy, even though they own the place, the corporations have no right to stick security cameras into changing booths or toilets.
 
Feb 2, 2014
357
43
#20
Re: Net neutrality / HTTPS

Your original argument never mentioned such blatant idiocy. So let's take a moment and correct your mistake of thinking that the internet is a public space.
Mind not resorting to mud-slinging? It hurts your point and makes you out to be a child.

FYI the definition of a public space: A public space is a social space that is generally open and accessible to people. Roads (including the pavement), public squares, parks and beaches are typically considered public space. To a limited extent, government buildings which are open to the public, such as public libraries are public spaces, although they tend to have restricted areas and greater limits upon use.
Well, at least you can use wikipedia. +1 point in your favor.

Before you tout out some supreme court ruling I'll tell you this: Legal rulings made by ancient fucks that don't understand the technology with the ulterior motive of 'public safety' have no validity.
See, you said I was doing some millennial flailing of the retarded variety, but right here is more in line with that kind of behavior. Sorry, bud, but you can't simply disregard the law when it's inconvenient for you. If you don't like a law, go through the proper channels to change it rather than whining and name-calling on the internet with all your impotent rage. I would be feeling embarrassed right now if I were in your seat.

[qupte]One needs an account with an ISP to connect to the internet barring the special circumstance where they are using free wi-fi granted to them by an account holder, meaning that the internet does not fall under the definition of a public space as it is not generally open and accessible to people.[/quote]

Yup. And nowhere in that contract are the words "oh, and we'll totally keep your information safely hidden behind 72 proxies!" You've signed up for a service, which includes keeping your own information limited to what you want other people to see.

But let's ignore that for a second and say the network on which the internet exists IS a public space, akin to roads, however once you reach a site you've entered a private space just the same as entering a business off of that road. And even in the aforementioned public space of the road, Law enforcement agencies still need probable cause to search your vehicle, and anyone caught rummaging around through it without your consent can still be charged with burglary.
I'm glad you comprehend this much, even if you're failing on the rest. Yes, the internet at large is like a public roadway. If the police see you doing something illegal in your car, or hear of something illegal happening in or around your vehicle, they can search it and even arrest you. You're correct that "probable cause" is a necessary factor. How do you avoid that? Don't give them cause.

And to add to your point about entering a business, again you're exposing yourself. The only difference here is, your activity is limited to that place of business until you leave. That doesn't preclude that they are required to protect your behavior or habits, or that they are somehow required to not tell another business about you so that business can then go and try and make another sale. You can tell them to kindly fuck off and they have to respect that.

But, McDonald's isn't required to keep anything you say/do private. Their business is open to the public, and you've entered into a social contract with them that doesn't preclude that you ordering a cheeseburger is a private affair.

How about next we ignore that EVERY site not using .gov is housed on a privately owned server? Sure, without that context, forums could be considered public spaces... except for the fact that you need to create an account and gain membership in order to interact with them. Outside of forums I really can't conceive of any sites being even remotely considered public spaces as they aren't social spaces, perhaps news sites?
Yeah, just like every business is on private property. What's your point? That business has the right to open its doors to you or tell you to leave and never return. Also, they're not obligated to listen when you demand they put up a curtain when you enter their business. Something you don't seem to understand is that, when you access a website or a McDonald's, your privacy is limited to what you choose to surrender. If you put all your information up for everyone to see, boo-fucking-hoo. Nobody is obligated to keep that private because you chose to throw a temper tantrum.

So if it requires us to ignore all these facts how can one logically view the internet as a public space?
Because it is? Your connection is like a road, or a sidewalk. You can walk on it, go wherever you want, etc. As soon as you enter a place of business open to the public (of which a majority of businesses and websites are), you're not suddenly given some cloak of invulnerability where your information is safeguarded by them. You're under their roof abiding by their rules and no amount of whining will change that. If their rules preclude that you not only tell them your dick size so they can tell their pals at the sex shop and those guys can try to sell you growth pills, then it's your decision to share that info or leave.

Basically, if you don't like sharing shit with others, stay on the sidewalk.

Bravo on your attempt to change your argument to something more suitable though, it was thiiiiis close. Keep pushing that mommy and daddy routine though, I'm getting a kick out of imagining you acting it out.
I didn't change my argument, though. I've stayed the course. You're blindly throwing out assumptions based on your own interpretation instead of applying any amount of critical thinking. Also, once again, your argument is only hurt by insulting the other guy. It's also a sign of reluctant surrender.

As for the only meaningful question you asked: It is up to the user and the site as well as the ISP to maintain privacy, unfortunately 99% of sites don't give a damn about their user's privacy and all of 0% of ISPs do, many even sell usage statistics. Thus the only way to maintain one's privacy (as the corrupt government couldn't give less of a fuck about your privacy) is to maintain their anonymity.
You're correct. 99% of websites, ISP's, places of business, and even Pres. Trump don't give two fucks about protecting your privacy when you go to pornhub or your local 7-eleven. Why? Because you've signed a social contract that says that while you are in PUBLIC, you will behave in a manner that they determined appropriate. If you don't like it, then you've the right to protest it. Thankfully, they don't have to give a damn about that, either.

...And then you fall back on "THE BIG BAD GUBBMENT" schtick. Listen, friend. No government is perfect, and no politician is squeaky-clean. I'm not squeaky-clean. Yoshiiki isn't squeaky-clean. Oh, and here's a newsflash: you're not squeaky-clean. The other thing is, the people running the government were chosen by a representative majority. I don't like the PM of my country, but I also accept that fact that he is in charge for better or for worse.

Whining about how your local congressman or whoever is such a corrupt snake changes nothing. Bitching (as you are now) about how your ISP won't protect the information you made available changes nothing. You want privacy online? Don't share shit. You want to share shit without consequences? Too damn bad. Part of being an adult is accepting the rights and responsibilities of your social contract with the rest of world, whether online or offline. If the concept of "PERSONAL RESPONSIBILITY" is too difficult for you to handle, then maybe you shouldn't try to own a home or vote. It's clear that you'll just blame everyone else when things don't work how you want them to.

I'm done, since you clearly can't argue for shit and it's a waste of my time to help you understand why you're wrong.