The government who wages the wars and brings its terrors home invades people's privacy and comfort in the small amount of time they have away from the toll they put to pay their taxes, and the people are thankful, after all, all of it is for their safety.
Would you? I think that EU mandates a mobile connect for emergency services (eCall), but can you point out a legislation which forbits the owner to disable it in the vehicle they own?
The EU-wide "911 eCall" system records your location at all times and has a cellular modem connected to government systems. It is illegal to disable this system. If you still do so, there are fines, and your insurance is no longer considered fully valid in case of an accident.
You asked for specific legislation. For the Netherlands and our "APK" system, the relevant rule is under "Geluidssignaalinrichtingen en eCall", article 5.2.71 of the APK handboek, issued by our Rijksdienst voor het Wegverkeer.
In the EU, automatic surveillance cameras on the side of the road enforce this APK system, so if you do disable the eCall system, you will fail your APK, and you will automatically receive a fine. Even if you don't leave your driveway, the government is working hard to keep you safe; government camera surveillance cars drive around constantly, scanning your license plates, cross-referencing surveillance images with other government databases to automatically issue fines if you step out of line.
I really don't think there's anything to worry about, though; to quote another comment of mine:
>Thankfully, we're safe. Car software is notoriously high quality and rarely hacked. All governments are fully trustworthy, especially around espionage and privacy, and have a perfect track record of never lying to the public.
>Look, the European Commission stated that it cannot be hacked; "hackers cannot take control of it", from ec.europa.eu. They built an unhackable device. I am not sure what you could be worried about. If the government tells you something cannot be hacked, then it cannot be hacked. Furthermore, none of the EU member states have been found using other infrastructure to violate privacy laws.
They'll have to find you first, which (without a cell modem and GPS) would be an undertaking. The cell antenna "accidentally" falling off or the cable developing a fatigue break after the connector might be easier to explain. A Faraday bag comes to mind, as well.
>DNS query [...] in the clear. [...] (DoH) plugs this privacy leak [...] no one on the network, not your internet service provider [...] can eavesdrop on your browsing
Whoever could see DNS traffic can still see the target you're connecting to...
The promise is especially dangerous when a huge fraction of traffic doesn't use Encrypted Client Hello, [1] so the domain name is sent in the clear with the initial request to the server.
A while back I wrote a quick proof-of-concept that parses packet data from sniffglue [2] and ran it on my very low powered router to log all source IP address + hostname headers. It didn't even use a measurable amount of CPU, and I didn't bother to implement it efficiently, either.
I think it's safe to assume that anyone in a position to MITM you, including your ISP, could easily be logging this traffic if they want to.
But if that request is going to a large provider (GCP, AWS, CloudFlare), without the hostname, the request is going to be close to meaningless for the snoop.
This is correct. The right way to think of DoH is as part of a package of mechanisms (including ECH) that collectively are designed to close network-based leakage of browsing history. Used alone, it has some value but that value is limited.
When citizen science is ridiculed and "the institution of science" is glorified this is what you get.
And anyone who dares to profess this, is a loony, a conspiracy theorist, an anti-scientific person, etc.