That must be the swedes. Danes complain constantly, about everything.

Edit: if you need examples.. DSB trains are slow/never on time/bad service/..; Post Nord takes WEEKS to get a letter out/too expensive. Well we switched to another provider now, Dao, so we’ll complain they are even worse! And complain why they are not doing it like in the good old days (see Post Nord); taxes are too high; public service is too bad/slow/low quality; too many cars in the city; never any parking space when I take MY car; the paid first child sick day is not enough we need at least a week (just for child sick days mind you, we need the 5 weeks paid vaca for relaxing on a Beach in Spain); btw our weather sucks; unacceptable that garbage collection service is not functioning during show storms; .. i can keep going all day

Knowledge or not, this..

> It's not impossible, it's just extra work that usually goes unrewarded.

.. is just not an acceptable way for business to think and operate i 2026, especially not when it comes to internet connected video enabled devices

And FP is a much worse modality to have registered because, as opposed to Face image, fingerprint is not affected by age. So that will match you 99.999999% for ever. Faces change.

Regulation is not done with the purpose of preventing companies from profits. It is done because companies cannot be expected to act in society’s best interest, so society has to make demands of companies, ie regulation.

Wireguard is a protocol. So what implementation is “very intentional about its choice of …”? Are you talking about my own WG client implementation? Or the one made by this other Chinese vendor?

I don’t care what software we are talking about, or who made it. All software has a risk of undiscovered/-disclosed vulnerabilities already existing, or when new ones introduced with an update.

If you really want to make this argument we can talk about the implementing organisations SDLC, including SW supply chain, and compare those.

But back to the OP/point above: its false to state that one piece of software has a “principle risk” of vulnerabilities that another piece does not. At least, not when both are internet exposed and accepting incoming data.

Lasty remember that I never disagreed with you point that a VPN solution is often a better solution, but that was never what I was arguing about. Simply that all code always has a risk of vulnerabilities. No piece of software is excempt from that.

Edit: codebase of ssh/wireguard implementations, just to be clear

The same with this last reply; you can keep throwing out new points all you want, but thats not going to make you correct in the original question.

Saying or implying that one software has a “principle” risk of vulnerabilities that another software doesn’t is plain and simply wrong.

And that has nothing to do with all the other stuff about layered defence, vpns, enterprise security, chatty protocols or whatever you want to pile on the discusion.

But saying ssh is a risk “on principle” due to possible vulnerabilities, and then implying that if wireguard is used then that risk isnt there is wrong. Wireguard, and any other software, has the same vuln risk “on principle”.

> For vulnerabilities, complexity usually equals surface area. WireGuard was created with simplicity in mind.

That is such consultant distraction-speak. Simple software can have plenty vulns, and complex software can be well tested. Wireguard being “created with simplicity in mind” doesn’t not make it a better alternative to ssh, since it doesn’t mean ssh wasnt created with simplicity in mind.

I don’t disagree that adding a vpn layer is an extra layer of security which can be good. But that does not make ssh bad and vpn good. Further, they serve two different purposes so its comparing Apples to oranges in the first place.

So what’s the difference in risk of ssh software vulns and other software vulns?

Also, another point of view is that vulnerabilities are not very high on the risk ladder. Weak passwords, password reuse etc are far greater risks. So, the alternatives to ssh you suggest are all reliant on passwords but ssh, in the case, is based on secure keys and no passwords. Should “best practices” not include this perpective?

If LG makes money from snooping on you, what makes you think the “off” button actually turns it off? People have no way of verifying this.

To me this is the worst part of TVs (and cars, and fridges, and so on) are even allowed to have these features[1]: non-techinical customers have no understanding that “smart” hardware is capable of doing whatever it wants - and hide it from customers. You have no way of knowing what your “smart” thing is doing behind the scenes.

[1]: any feature thats sending data back to company servers, meaning you loose control of your data. Features that are 100% on-device is not what I’m talking about.

First of all: occam's razor. Political theatrics seems simpler than the US defence/intelligence forces sudenly realizing that drones can be launched from ships. Esp. with the timing involved.

Second: Established/traditional radar systems cannot spot drones. Take it from someone living in a country that recently had its airspace violated by (assumingly) Russian drones, affecting national infrastructure. It was considered an attack at the time. I don’t think thats the word we use any more, for political reasons.

Third: Trump already shut down one of these windmill farms once this year. Until the danish company building the park sued and got the courts word that the shutdown was illegal, and resumed construction. The current shutdown has much larger impact for many multi-national companies. Usually there is a political process expected between allied countries before such a drastisc move. We havnt seen that ie no attempt to solve a concrete (security) issue before punching the red button ie probably because there was no motivation for a solution ie the security issue was probably not an actual issue)

Fourth: Earlier this week the danish intelligence services released a new security assesment of USA (that takes Trumps behaviour on the international scene into account). That probably hurt the little mans ego, and now we see a retaliation. This provides yet another motivation for Trumps action, besides factual, real security concerns.

Looking at this purely from the security aspect is naive, and fails to consider the context of the real world.

The orange shrimp pulling the “national security” card now, on the same day as he also creates a new Greenland debacle, is very clearly simply an attempt to strong arm the danish govt into Greenland concessions (in turn simply to please his fractile lille ego)

GDPR does not care how the data got “in the hands of” the company; the same rules apply. Another important thing is the pricipals of GDPR. They sort of unline everything. One principal to consider here is that of data minimization. This basically means that IF you have a valid reason to handle an individuals PII, you must limit the data points you handle to exactly what you need and not more.

So - company proxy breaking TLS and logging everything? Well, the company has valid reason to handle some employee data obviously. But if I use my work laptop to access privat health records, then that is very much outside the scope of what my company is allowed handle. And logging (storing) my health data without valid reason is not GDPR compliant.

Could the company fire me for doing private stuff on a work laptop? Yes probably. Does it matter in terms of GDPR? Nope.

Edit: Also, “automatic” or “implicit” consent is not valid. So the company cannot say something like “if you access private info on you work pc the you automatically content to $company handling your data”. All consent must be specific, explicit and retractable