frogzoneDear @EU_Commission, please see above, but what is more concerning is EU's own infrastructure and I have CC'd a few random people and groups in his so they are aware....
While your :mastodon: mastodon, :butterfedyC: fediverse server (social.network.europa.eu) is OVH (EU-served), the other three major(?) domains i happened to test showed up as:
- https://european-union.europa.eu - amazon cloudfront (possibly meaning that amazon DECRYPT the traffic themselves and thus see EVERYTHING, all communications, they say this is to protect against bots but there are less invasive ways)
- https://commission.europa.eu - amazon cloudfront (as above)
- :mastodon: https://ec.social-network.europa.eu - Fastly servers (fastly is usa-based, even if they don't have access to the unencrypted data, they are able to collect metadata, eg. what IP addresses are interacting with the service. It also means a european business is not serving it. Serves: European Commission, EU Research Executive Agency, EC DIGIT, NGI, OSPO )
maybe you find this as alarming as i do.... if so, pls fix it, if you don't know where to start maybe try @fsfe
CC: some other random folk who may (or may not) be interested, if no interaction you won't receive more from me on this thread @PPRU @ppbe @stefano @gabriel @jeffcliff
All GNU social JP content and data are available under the