I haven’t been around these communities in a while, so I can’t really speak for /c/privacy as much as /r/privacy and other communities, but I’ve noticed far far far far too many posts which are blindly perfectionist, with no consideration of threat capabilities or their motivations. Privacy is futile without a realistic threat model, that’s how you get burned out solving non-problems and neglecting actual problems.
My threat model is largely just minimizing surveillance capitalism and avoiding basement-dweller neo-nazi stalkers from connecting any dots between my online personas and real life identity. Even for that, my measures are a bit excessive, but not to the point where I’m wasting much time or effort.
Daily reminder: “more private” and “more secure” are red flags. If you see or say these, without a very specific context, it’s the wrong attitude towards privacy and security. They’re not linear scales, they’re complex concepts. That’s why Tor Browser is excellent for my anonymity situation but atrociously insecure to anyone who is being personally targeted by malware (tl;dr monoculture ESR Firefox[1]). That’s why Graphene is not automatically anti-privacy simply because it runs on a Google Pixel and Android-based OS. (Google is one of my main adversaries.) And I think this simplistic ‘broscience’ style of “[x] is better than [y], [z] is bad” discourse is harmful and leads people into ineffective approaches.
It needs to be accepted as currency to be useful.
My friend uses it to anonymously buy servers. Their country has a history of killing political activists so they take their privacy seriously when it comes to that kind of thing.
I would say Monero was useful to them, at that time. It didn’t have to be mainstream to be useful. They weren’t investing in it. It allowed them to make an international transaction which is much harder to track than other accepted payment methods.
Eh, one can’t really make a decent analysis using vague abstract ideals like ‘liberty’ and ‘security’.
In some ways, security is liberating! For example, some religions have anonymous (private) confessionals and electoralism has anonymous private ballot booths to encourage freedom in voting. I don’t know if I’d be as honest online if I knew people with too much time and money could track my posts back to my real identity and harass me. And without security, these privacies would be merely illusions (see: deanonymization)
And obviously, on the other hand, state security understandably sees certain personal liberties (like downloading bomb-making guides and then buying fertilizer) as a risk beyond the liberty they’re willing to permit. Corporate security might see user anonymity techniques as a legitimate fraud/bot risk. I’ve picked diverse and good-faith examples to demonstrate, there’s plenty of midground and abusive examples of both, don’t worry, I know. (I left reddit many years ago partly for privacy reasons, no need to preach to the choir).
I guess my point is, security and liberties don’t necessarily contradict. But if you have governments and corporations run by the owning class, they have a material interest in suppressing your liberties for their own security. To make that appealing and tolerable, they have an incentive to rebrand this as being about your security. I’ve been in protests that obviously wouldn’t harm a fly and the police presence is consistently absurd. It’s clearly not actually about any of our security, or even the security of property owners, but rather the security of the bourgeois owning class and their way of life.
Some people are, yes, but compare what happens when law enforcement agents use their arms, and what happens when regular people use their arms.
A critical part of the state is the monopoly on legitimate violence.
I only ever used Proton for a few secondary email accounts (compartmentalizing between personal and online) and I started transitioning shortly before they got in the news for statements.
My main problem was that I realized that I couldn’t use email forwarding (or at least without paying for a plan, I forget), and I couldn’t manually handle it with a third-party client without paying for their bridge, so unless I wanted to have to open and log in to an old email address for the rest of my life, I basically had to pay to deprecate an email address or move to another provider without risking any future emails to the protonmail address being lost, and I wasn’t in a position where paying was an option for those addresses. Now I only register single-use throwaways on Protonmail (despite their efforts to detect and stop it).
Private against who?
Privacy communities need to really drill in the idea of threat models instead of pretending privacy is some linear scale and the ultimate goal is to bury your phone and computer in a lead-lined concrete block underground. Privacy and security are meaningless concepts unless you know who your are protecting it from and what their capabilities might be. I don’t need to hide from NSA Tailored Access Operations because I’m not trying to x the y of the USA. I do need to protect myself from basic scam attackers, copyright trolls and neo-nazi stalkers. And Matrix, along with certain basic opsec guidelines, does that and more for me.
Ones like Lemmy fit in fine to my threat model. They enable me to use privacy tools up-to-and-including Tor routing, without a phone number or other personally identifying info (you can’t do those with many other social media platforms). I can use the Fediverse pseudonymously, and if I ever want to, anonymously.
I’m not hiding this conversation from you, but I am hiding my identity from companies.
It was released (read: forcibly shoved down our throats) by Google and came out of nowhere when there were zero problems with the decades old and extremely well researched incumbent image/video formats that the web was already using (i.e. jpg, png, gif, mp4, etc)
I don’t agree with this. There are many things wrong with those file formats. GIF, for example, is over 35 years old and has a 256 color pallete. Now, if it’s good enough for your purposes and it “ain’t broke” for that, fine, but compare these formats to JPEG-XL and it’s clear that they deserve to be surpassed. WebM/WebP, despite my many issues with it (WebP and AVIF are bullshit formats), they did serve a legitimate purpose, and quite frankly you can even say it was good for the environment due to lowering filesizes at an actually meaningful scale.
In fact, if I’m reading Mitre correctly, there are libjpeg vulns still being found since WebP was launched. I’m not saying this to equivocate the two from a security standpoint, hell no, but to critisize the common view I see online claiming the older formats are unbackable.
Thanks for the detailed reply :)
I agree with all your points, it is misleading and potentially harmful to use a strong term like spyware to refer to all of those things, without further context. I guess I’m still used to a couple of tech circles where people would jokingly throw ‘spyware’ around to describe anything and everything, so I didn’t realize how misleading it really is. Especially when it’s applied to things like automatic updates, which only the most extreme security models consider more of a risk than a security feature.
That website has a very strict, unusual interpretation of ‘spyware’. Even if all the telemetry and unprompted connections made by Mozilla Firefox are in good faith and legitimate features, that website still labels it ‘spyware’, as it is revealing unnecessary information without your consent.
The same website gives Tor Browser a ‘Not Spyware’ rating, as it (necessarily!) removed the default features of Firefox that concerned them.
Side note - I think you may have accidentally marked your account as a ‘bot account’ in the settings.
That website is […] full of verifiably false information
Could you please provide and example or two? I wish to verify it, since I didn’t notice any last time I checked the site.
they act as if any and all [unprompted] connections a browser makes are automatically bad and “spying”.
They’re very clear that this is their approach (bold text on the home page). Even if you disagree with their definition, that doesn’t make the site bad. And there are many valid situations where a threat model should be this strict, consider anti-government activists in any country.
They even claim that Tor Browser is a “spyware”.
It says “Not Spyware”. https://spyware.neocities.org/articles/tor
The book Manufacturing Consent has an excellent analysis of how advertising is one of the major filters which affect the content of news. Regardless of whether it is surveillance ads or not, the model of advertising, while lucrative, profoundly compromises the integrity of news.
Of course, I understand (and I believe the book also suggests) most news can’t be expected to self-sustain and compete without having ads in their economic model. So this isn’t a rebuttal to the article’s discussion on “Non-creepy” contextual ads.
As a quick introduction to the idea of Linux phones vs. Android ROMs, this post (updated about a year ago) gives an introduction from a security perspective. Depending on your adversary’s capability, security can be an important dependency of privacy.
It sounds like you’re suggesting Linux phones are more private and secure than GrapheneOS. Given their current state and limitations, it is extremely unlikely that any of them are more secure than GrapheneOS against a typical hacker or malicious app.
with the downside that is limited to one single phone brand In terms of security, this is also a benefit. It means they aren’t trying to aim at fifty different targets which may behave different or even unexpectedly. The software developers have far far far more confidence that their security features will work on your device if they test it on theirs.
Again, there is no such thing as “full privacy and security”. It is unpragmatic idealism. Not only does it misinterpret privacy and security as concepts, it is an unconstructive attitude for creating an effective security model, and just encourages burnout for no benefit. We don’t limit “full”. There is no full. There is no perfect answer. It’s an undefined and unachievable idea.
“[Someone made] a laptop, encased in foam in a full Faraday cage, wrapped by alternating metal foils, and finally covered by a 1” layer of reinforced concrete."
"It had been billed as the most secure computer ever. Right until two research papers had come out that showed it was possible to decipher processing by the amount of power being consumed and by pulling the slight RF signal being carried by the ground line. "
Now, I’m not saying you can’t effectively secure your device adequately against big-tech and corporate capitalism. I say you can! It’s achievable. But it’s unconstructive to hold the illusion that there is some absolute “full privacy” against them.
Who are you hiding from? “Increasing privacy” means nothing without context.
My adversaries (well, when I’m not at a protest) are not likely to be tracking my phones location, and my phone is set up that no app or website can, so to me personally it’s a large sacrifice for no benefit.
But for someone else, it could be good advice!
Thanks.
An interesting post linked in that thread (note: from 2014. I have no idea how they responded to this): https://lists.torproject.org/pipermail/tor-dev/2014-December/007999.html
I like the I2P project (despite not using it) and according to the official site “there are several bittorrent clients and trackers on I2P.” I’m sure they’d love you for it! Like you said, slow, but how much of the library do you expect the average user to download? A few MB? A couple of GB? Is the library a cohesive whole that needs to be one piece, or can you request people redistribute your library or its pieces onto the clearweb?
I see something mentioned about BiglyBT’s bridging (aka Network Mixing [github wiki link]), which allows I2P users to download clearnet torrents so long as a bridging user is seeding. I wonder if it works in the other direction: a BiglyBT seeder allowing clearnet users to download and I2P torrent. Maybe not.
Safe from who? ISPs? Copyright trolls? State law enforcement? Different problems may have different solutions.
People are often safe pirating without a VPN either because of ‘safety in numbers’ (essentially just obscurity) or by living in a region that doesn’t care much about it. But as a distributor, I would assume there is a higher risk if you’re distributing something that will make copyright owners seek a take down.
Further, what is the reason you’re open to onion routing and I2P but not VPNs?
and there’s people who have gotten in trouble because someone else downloaded child pornography through their network.
I doubt that, it sounds like a violation of safe harbor (similar to ISPs and hosting sites not getting in trouble unless they are made aware and fail to act) which is admittedly a gray area. Got a source?
Tor itself isn’t Tor Browser/TBB. You can use the Tor service to proxy applications through.
For example, I can simply run a program on terminal through torsocks, like torsocks git clone https://github.com/grassmunk/Chicago95 , or torsocks wget http://vww6ybal4bd7szmgncyruucpgfkqahzddi37ktceo3ah7ngmcopnpyyd.onion/favicon.ico
I haven’t checked how but you can probably configure a program or network that allows you to pick a proxy to go through the Tor network too.
Edit: If a virtual machine is appropriate (if you want a whole leak-proof Tor-only environment for browsing, email, software, etc. without rebooting), consider running https://www.whonix.org/ . You do need to launch the Workspace and Gateway OSs which will take a few seconds (a shortcut to a shell script can launch both at once) but if you are using Tor for security purposes then it might be more useful in your threat model.
xcancel is just one Nitter instance (just like lemmy.ml is one Lemmy instance). I recommend sharing the load around to other working instances, or better yet, as Avatar of Vengeance mentioned, use the LibRedirect browser extension which automates this for a huge range of other websites.