|
|
|
|
|
|
by wutanc
2423 days ago
|
|
|
Given that they've commented on the fact that all traffic is end-to-end encrypted you'd not notice them sending things you don't want to be send. Maybe they're sending a list of all sites you visits? How about them sending any login information that you add on sites that for whatever reason isn't doing tls? One important point here is that they "claim" to be GDPR compliant but are already somewhat breaking GDPR. All data is encrypted on the APs so we can't really know what is sent. This is a complete buy in in trust from us, the customers. We're supposed to trust them that they're not sending anything they shouldn't, even tho they selected not to tell us at all about them implementing this. It's horribly sketchy at best, if ont illegal. |
|
|
That is of course assuming that the GDPR is being honoured, and that's a pretty big if. Most european companies are still struggling to be compliant, as _EVERYTHING_ that can identify you as an individual is to be handled. It also includes backups, and also when the authorities requires you to store data for 5-15 years, but also allows the right to be forgotten.
I know we've had our fun devising a scheme to delete records from archived backups.
The only way to check is to request your personal data from UBNT. The GDPR allows this free of charge, and they're obligated to hand over all personal information they have on you.
In any case, I already block all internet access for networking equipment, and based on this I added trace.svc.ui.com to PFBlockerNG, just to make it resolve to something local.