Forgive me for not covering 100% of this advanced topic in my 3 paragraphs on Lemmy...

Quite obviously the problem is not that you did not write an 560 page essay, but that you were misleading by basically saying "nah, it's fine, nothing could leak, everything is ultra secure nowadays".

If you purposefully steer your car off the road... of course you're going to crash. If you're going to expose non-encrypted things onto the internet...

did you just ignore a whole lot of points here? DNS, SNI? smb clients? whatever else? its not like I'm using HTTP. things are largely encrypted, the rest is out of reach!

Encrypted SNI (ESNI) / Encrypted Client Hello (ECH) exists... Cloudflare for example supports ECH, and they transit a LOT of data.

how many sites exactly support that configuration? do you need additional configuration for that in e.g. nginx? if so, most selfhosters probably don't have it, because it's talked about almost nowhere.

and is it finally enabled by default in firefox? will firefox just retry without encryption when the connection fails?

But once again... would be outside of the scope of discussion here. Yes... an ISP can make an educated guess of where you're likely to be going... and maybe even make a reasonable guess of what you could doing... But certainly not the details of it.

it is certainly in scope. the discussion is not about security and your accounts getting hacked by evil EU, but privacy and data mining, for which all of these is a treasure trove.

And this all ignores the fact that a random coffee shop isn't going to do full packet inspection to get this data to begin with. It's not worth it for them.

probably not the coffee shop but the networking equipment, where even cheaper models include some form of "smart cloud security"

They seem pretty evenly distributed to me ?

Sure there are a few everywhere, but the big gaps are the issue.

For example in your screenshot if you zoom in on Poitiers you'll see there are none there, only in the two northern neighbor communes Neuville de Poitou and Jaunay-Clan. Similar for Nantes, none there, they are all in Saint-Sébastien-Sur-Loire and Thouaré-sur-Loire, the center and all the other suburbs have nothing.

Sure, if you're just trying to say that they can technically do something you're right. I just thought that we're discussing if it's safe to use this service or not. The fact that they can technically track you is inconsequential to the security here but you're right, they can do it.

That's a bold claim. Do you have some official figures to back that up?

I somehow assumed that if we have reasonable plans, limits and laws in east europe, surely you have it better in central european hub, you know? But no, I lazied out on checking the official figures, but where I live, I rarely hear about someone paying for limited plan, it's just not worth it to save 10€ and worry about hitting walls.

Speaking of slow speeds, I live in semi-rural area and here's my speedtest: https://www.speedtest.net/my-result/a/11047555422 (on 5G)

Who are you?

Most people are better off buying a lightly-used Mac (or not, it's been a while since people have been happy with Apple) or replacing their laptop with a Fairphone or Graphene OS phone than switching to Linux from Windows 10.

I don't really see the connection there with somebody bringing down their own firewall, hosting open services, and basically putting out the welcome mat. You can burn yourself on any OS (and if you can't, I don't want to be using or pushing it).

Best option is to just go to places where the wifi service is affordable but not free so that the operator needs to keep tabs on whether users are doing something other than browsing the internet or playing games

What place charges little enough for the WiFi to be affordable but has somebody live monitoring network traffic?

You're telling me Internet Cafes can't exist? Yes, they're not available, but they should be. And supporting industry of small business IT Security providers still do business with motels and hotels.

Maybe increase the standards of service requirements, but if not? Yeah, we need to find a way to make free WiFi that doesn't demand you trust the operator will monitor for malicious users, instead of limiting safe internet access to our own homes at best.

Internet cafes, at least in my experience, provide you computers. They don't sell you WiFi access. And I very much doubt they have somebody monitoring network traffic live.

If you're saying they COULD exist, I doubt they're financially viable.

Maybe it's different in the EU then. Here, when cafes had internet, they offered a WiFi password for customers.

I feel like we mean very different things with the term 'Internet cafe'. This is what the term brings to mind for me.

Apparently you're thinking of actual cafes with F&B. Cultural differences I guess.

I still don't see the point. Even if the location offers some sort of 'secure' WiFi, you cannot trust them. Every link on the chain between your device and the server must be considered potentially malicious. The main thing that needs to change is the current leak of sidechannel data needs to be halted.

How, though? If it's inherently unsafe, what's the alternative?

Leaving the EU is one of the stupidest self harming things we ever did.

And I'm glad that the UK left the EU, because now the EU has its own Cuba in front of its shores. Makes life more interesting, doesn't it?