I just wonder how much privacy (protection) do we’ve here on the https://forum.qubes-os.org. As usual it’s pretty cool to have all activities logged and nicely presented in the user summary but it has a flip side. I mean, who are the actual operators, which services are used, where is it located (which data laws are valid). I’d appreciate some background info and insights. Thanks.
You never really know who you are talking to on the internet but these community exists for a reason and we all believe in good faith and move forward with security and privacy as prime goal.
Absolutely agree but this is not related to my questions.
Aug 22, 2021, 17:22 by email@example.com:
by Discourse, and this is no longer true). You are invited to PM the
moderators with any queries.
In general, I wouldn’t expect any privacy from something that is public on the internet (at least not the public parts).
The new provider is Communiteq. I’m not sure what you mean by “operators.” Would that be us, the Qubes team, or the folks at Communiteq? It depends on what you mean by “operator.” I don’t know where the server(s) are located. @deeplow, do you know?
I guess I’ll update this to say “Communiteq” instead.
@whoami and all the other with the same question:
- do not post anything you don’t want to be public forever
- THINK before you post: does this reveal my name, location, habits, hardware, motivation … am I OK with that FOREVER?
All your questions about who, where, what, policy … you are kidding yourself! How will you verify the answers are true? How do you protect yourself against (innocent?) mistakes? If that’s how you approach security or privacy you won’t have either.
@adw thanks for all your answers this is what I was looking for. I couldn’t find a legal note or imprint for this web page.
Remember that everybody has unique behaviors on the internet, including writing style (grammar, sentence structure, idioms). If you want your posts here to be anonymous throughout the (at least near) future, I’d definitely try to write in a way that helps to counteract forensic linguistics.
Thanks, all good suggestions but I don’t want to be anonymous here (grammar, fingerprint, IP address …). My questions have been answered by adw:
So, Same company, different name.
Note to the company:
Communiteq was founded by Richard and Michael, two fourty-ish computer engineers based in the Netherlands. We both have 20+ years of experience in high-end application hosting and application development in various markets.
=> Based in the EU.
Yes. And we are also currently hosted on the EU plan of Communiteq. You can also find more info by doing an IP lookup. For example https://tools.keycdn.com/geo?host=forum.qubes-os.org.
Discourse logs quite a bit of user behavior and it is exclusively used for usability purposes as far as I’m aware. It should stay local to the instance. These are links like what posts you read (to show you only posts you haven’t read), bookmarked topics, etc. A lot of usage statistics can be found on your user profile page, which you can also hide from the public (although this does not prevent an experienced “attacker” from mining that data – see explanation)
If you think these are too invasive, your best choice is Using the forum Via Email.
We have telemetry disabled so it doesn’t report back to discourse HQ.
Also, you can download all user data (supposedly), via the Download All button (bottom left) of your activity tab:
whoami with your username).
at the bottom of each category listing, and at the bottom of each thread.
wget shows the link is being served in the footer, so your
browser is “handling” that in some way.
If your browser is blocking certain content, i don’t think any one can
Well, you helped me already. adw pointed me to the hidden links.
no footer links on
when loading https://forum.qubes-os.org/ main page.
but … nice … with Windows Internet explorer 10 links show up but it comes with the message:
… your browser is too old to work on this site…
I suspect this is your configuration.
Firefox shows the footer for me.
TBB has a menu entry for “FAQ”, which takes you to the Privacy page.
No link for me as well. Unmodified Fedora-33 Firefox in a disposable VM. Both when logged in and out.
To make the button more visible on mobile devices, please reach out to the discourse community at meta.discourse.org. They’re the ones making the software. We just use it.
None of the browser tests I have made have been made on a mobile device. Maybe you thought so due to the small window screenshot.
I will add more details to my previous list:
- Brave, Windows 10, with and without VPN-A > no footer links visible
- Firefox, Qubes OS (normal AppVM) with VPN-B > no footer links visible
- Tor, Qubes OS (via Whonix), no VPN > no footer linkes visible
- Chrome, Windows 10, with and without VPN-A > no footer links visible
- reported (confirmed) by @fsflover Firefox, unmodified Fedora-33 displ. AppVM > no footer links visible
- Internet Explorer 10, Windows with and without VPN-A > footer links are visible
since you put “mobile” to this discussion I made two additional mobile tests:
- GraphenOS, Vanadium with VPN-A > no footer links visible
- Iphone, Safari with normal mobile data connection > no footer links visible
If it is ok for you, I would like to close this dialog now :
- You have shared the links and additional explanations > Thank you.
- Footer links are not visible for almost all browsers (OS, AppVM)