You're thinking of "How does the client know what IP address to send the request to?" OP's point was about "How does the server know which IP to send the response to"
It's a hard technical problem and a harder social problem.
Keeping a private server secure is usually labor intensive, but in theory could be reduced to straightforward steps. But ultimately most people will never care enough to perform those steps. So we get "the cloud" of total enshittification.
Most people can't understand the boundaries of what is and isn't "necessary."
It's the give an inch problem. I want web sites to get only the data truly needed - enough to deliver the page, so my IP and a boolean for whether i'm on a mobile or desktop screen, little else. But they want it all.
info sec at my company mandated that we “stop downloading logs” for analysis and instead view them in this special internal browser that disallows saving the content.
I asked them how exactly the browser displays the logs without “downloading” them and got a “shut up and stop asking questions”
Similar thing but instead they restricted access to the terminal while allowing us to use python. I don’t think they wanted me to write a terminal app in a Jupyter notebook with a handful of UI elements, but they left me no choice.
It was creepy, though, the first time I saw the logs of a massive corporation full of extremely identifiable info. Of course they need your IP once. But they sure don't need to store it in perpetuity.
the government already has a lot of info but there are still things I like to be able to "hide behind the demand for a warrant." My health records, for example, and frankly even some basic stuff like "the schedule of when each light bulb is turned on or off" can be dangerous under certain conditions
Comments
Sweden’s company Proton VPN is good start
Keeping a private server secure is usually labor intensive, but in theory could be reduced to straightforward steps. But ultimately most people will never care enough to perform those steps. So we get "the cloud" of total enshittification.
It's the give an inch problem. I want web sites to get only the data truly needed - enough to deliver the page, so my IP and a boolean for whether i'm on a mobile or desktop screen, little else. But they want it all.
I asked them how exactly the browser displays the logs without “downloading” them and got a “shut up and stop asking questions”