Hello, I've been feeding ADS-B (to various sites, obviously adsbexchange too) since 2015 and there's one thing that always bothered me: Many (big) websites gladly take your data, but few actually care about protecting the feeder's privacy. When feeding MLAT, the MLAT server must usually know the exact location of the antenna. This is obviously technically required (MLAT won't work otherwise), still this is sensitive data - I suspect many folks install their antennas close to where they live, so you're effectively stating "this is where I am!". So any feeder trusts adsbexchange with this data, which is fine - I believe you're good guys who don't sell my personal data. I know that you do have a privacy option for not displaying dots on the map (and are approximating locations on public displays). However, the current protocol sends this information to the adsbexchange servers unencrypted. That means anyone listening on the global internet (CIX, upstream ISP or whatever) can see "oh nice, there's IP x and that's the exact location of that user!". To protect users privacy (and to improve integrity & confidentiality in general), feeding over TLS would be a really good thing. Since I believe that your current feeding protocols (beast & mlat) both use TCP already, adding TLS would not change much: You can still use the exact same protocols, just tunneled over TLS. TLS does not use significant amounts of CPU (unless you're trying to send gigabit/s of data) and should run without performance issues even on low-end devices. To ensure backwards compatibility (or to make things optional), you will probably need to offer both plaintext & TLS ports. But I do believe that this would be worth the effort, to go the extra mile and protect the users privacy. I believe TLS to be useful for both beast as well as mlat data, as both contain data useable to fingerprint user's location. A large feeding site that shall not be named already does this . Please let me hear what you think about this, and thanks for considering!
