Can you enforce a threshold of entries for a certain role after which you start displaying the salary? And then only display it as a range with information about the quartiles?
Otherwise it‘s not so anonymous. Sometimes the combination of role and Salary is enough to point to a single employee. That’s precisely the reason why you only get statistical information at the other sites.
If I apply replace entries with statistical ranges, then the product would become a clone of other products for this (like Glasdoor, LinkedIn Salary, etc.). And it won’t solve the problems I set out to solve with it anymore.
Austrian Post sold voter preference data without having the right processes in place and was fined 10% of last years profits.
Noyb.eu is also an interesting organization to watch. They are a non profit taking lawsuits against large incumbents with egregious privacy practices with the backing of the GDPR. They triggered the 50 million € Google fine.
Deutsche Wohnen, the much criticized apartment rental company from Berlin just got smacked with a fine of 14 Million EUR for collecting credit rating data after being warned several times.
I've found https://www.telepresence.io/ to be helpful. It allows to integrate a local running process into a K8s cluster seamlessly allowing for fast iteration and easy debugging.
This project attempts to parse url's and email addresses from text, even when the protocol is missing or they're mangled in some other fashion (i.e. google.com/test-url?id=2 gets parsed and identified as valid URL, but invalid.nontld/test not. Or "test@example.euSample Text" get's parsed as test@example.eu)
So it needs to be updated every time new tld is added? That seems... suboptimal. Also it will not work for intranet addresses (valid.insidemylan/test).
You trust whatever server you query. That might be server one, or it might be server one and server two. It's a federated network, so you make requests through your own server.
> And will XMPP server 2 have my IP address?
No. It's a federated network, like email, so it just gets your XMPP address (historically referred to as a "Jabber ID" or "JID").
XMPP is not e2ee, the second server gets your JID (but not your IP, supposing your client doesn't leak it): you need to trust the servers (1, 2 and the resolver).
Also; you don't get virtual circuits, but the performance should be superior. Tor only supports A, AAAA and PTR; DoX supports every record type.
You can connect to XMPP servers over tor, even host them on .onion addresses.
Also, XMPP has e2e extensions, at least one of which supports encrypting/verifying arbitrary XML[1], so if the resolver supported it, you could only trust the resolver. (also don't forget about DNSSEC which can be used to verify DNS responses too)
Agreed, the best case is when you have e2ee (which unfortunately is not in core) and DNSSEC.
I must admit to being biased against using DNSSEC alone because a malicious XMPP server can still inspect and/or modify queries and responses. By self-hosting you mitigate, but without e2ee the server is still trusted (in the threat-model).
mailbox.org has been great. They can encrypt all your incoming mail content with your PGP public key. And you can enforce to receive the mail over a TLS encrypted SMTP using a special subdomain.
Unfortunately there’s even less research on those than on the original.