Mordikan

Germany hasn’t officially endorsed ChatControl, and groups like Hetzner outright oppose it. In the US, ChatControl takes the form of the LAED Act and the EARN IT Act. All three focus on this appeal to emotion that to protect kids we need to get rid of end-to-end encryption. Legislators are pretty fucking dumb when it comes to this stuff, though. They don’t understand that if they have a backdoor to encryption, everyone has a backdoor to encryption.

that would require sitting down and manually doing that for every conceivable payee

That’s just called VLOOKUP(). I think you’re over-complicating this process. If you sit down and look at your finances, you’ll notice that the number of payees you have isn’t some absurd unmanageable amount. As others have mentioned, there’s no real use case for involving AI this way. There’s no scale, no real benefit to financial tracking, etc. I get this is just to use AI for the sake of using AI, but that’s not really a goal when writing financial software.

Honestly, you don’t even need NLP for this. Excel supports regex now so you could just do a call like =REGEXTEST(A1, "(?!)^w.*mart$"). Then just mark by type and graph out to see where your main spending is coming from.

Germany’s legislation is largely spearheading the effort. They aren’t trying to build the infrastructure to support it, they already have the infrastructure. They are one of if not the biggest GDPR actors and have a large datacenter presence through companies like Hetzner and DE-CIX.

I’m sorry, its been a long day.

DNS4EU doesn’t provide DDNS service, you are correct. Checkout deSEC, they partner with DNS4EU and the EU as part of the initiative to limit dependency on US based infrastructure.

You might try DNS4EU: 86.54.11.1 86.54.11.201 DoH: https://protective.joindns4.eu/dns-query DoT: protective.joindns4.eu

I had a similar setup to this awhile back. You have to port the number to your VoIP provider of choice and then decide on what client you are going to run (no need for SIM card). I was wanting voice service and only needed limited SMS, so I went with linphone (and played around with zoiper too). If you are needing good SMS support, then JMP is probably the best. It supports both SMS and MMS. You won’t get E911 access I believe, but as data only its a good solution.

Free wifi is all over the place and if you wire up a mobile hotspot in your car (yes it somewhat defeats the purpose), you can get some pretty decent coverage.

No, installing Tailscale on all machines is not actually required. You can setup a funnel that exposes a service to the internet for all to see. This also removes the requirement for them to access via Wireguard if desired. https://tailscale.com/kb/1223/funnel

I think the idea of an IP address (IPv6 or not) providing anyone a semblance of privacy is wishful thinking in this age. Google ad revenue in the EU is estimated to be lower because the power in GPDR areas isn’t in PII obfuscation, its in the consent model. Positive opt-in to Legitimate Vendor Interest makes tracking difficult, not whether your IP is generic. You have to remember companies like Google are still able to monetize off of users in mobile CG-NAT environments in the US/EU. Given the roughly 150 other metrics Google (or any publisher/SSP would have access to), removing one doesn’t really stem the tide.

What’s also interesting is how IPs become anonymized. For IPv4, the industry standard I kid you not is to take the 4th octet and mark it zero. That’s it. It just assumes carriers use /24 CIDRs like someone’s home network might. The funny part is what if that was 50.50.0.0/22? A publisher could in practice replace one user’s IP with another user’s IP which means that they still would be passing PII unanonymized which could violate GDPR.

IPv6 uses the same basic system. 2001:db8:85a3:8d3:1319:8a2e:370:7348 becomes 2001:db8:85a3::. You just truncate at the 64th bit. Rolling through available host bits doesn’t really matter then. IPv6/IPv4 really aren’t ever used for Google user syncing.

I’ve mentioned this elsewhere, but to fair, even without you providing Google an IPv6 address, they still know exactly which computer contacted them from inside your LAN. Even in GDPR territory they can do that.

I would only expose a port to the Internet if users other than myself would be needing access to it. Otherwise, I just keep everything inside a tailscale network so I can access remotely. Usually I believe people put a reverse proxy in front of the Jellyfin server and configure your certificates from there. So Jellyfin to proxy is insecure and then proxy to internet is secure. Lets Encrypt is an easy way to do that. And if you are going to expose a port you definitely want fail2ban monitoring that port.

If using tailscale funnels, you can technically skip the certificate part as that’s done for you, but that would take away from the learning experience of setting up a proxy.