this post was submitted on 03 Dec 2024
33 points (82.4% liked)

Privacy

32442 readers
604 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

Everything I say will be generally speaking for all privacy communities so not specific to this community or another one unless I say otherwise in a short section.

Almost every single time I start a topic or make a reply and also many of the posts I read because they are interesting, there's always this one guy or several guys who have to say the same old argument about "that's tin foil, feds don't do that, unless you are a president or something like that then you don't need to have that in your threat model".

That's the divide I'm talking about because the privacy community can be split into two categories that are opposed to each other on that point. And it's a big issue because it becomes core in the types of discussions we can have.

For example in techlore's community they are very much against people who take privacy seriously. If you go to there community and start talking about leaving phone at home, using grapheneos, qubesos, intel me, etc, you will get run over by lots of angry people telling you not to talk about that and then you get censored and maybe banned. Techlore himself have made several videos recommending against grapheneos and he prefers Google. I mentioned that community because I think it's at the extreme end of the spectrum of this divide.

The problem with all the people on that end of the divide is they can't know what they're saying is true but they are saying it like its a fact. Where are they even getting those ideas from? Are they insiders working high up in the ranks for intel agencies like fbi, cia, nsa? Are there basically hundreds of Edward Snowdens out there? I don't think so.

I think the cause for the divide is unfortunately political. It's about where are you getting your news from and which political party do you prefer. We're not going to talk about that in this topic more than to say I think that is the cause of the divide.

Technology is great to discuss because it's just logic and facts and objective arguments. But bring in politics and it becomes a mess and that's the problem with this divide in the privacy community.

There's also another possible cause which is actually very likely as well, which is that at least some of the people on that side of the divide are feds spreading propaganda to get us to lower our guard against them.

The problem with both sides of the divide trying to talk to each other is all the unknown data we deal with in privacy and security discussions. And there is a lot of those unknown data. Those black holes get filled with arguments based on the political ideas from their side of the divide. It's just not possible to have discussions with people on the other side of the divide.

With all that said I think [email protected] is one of the best privacy communities and have done a good job trying to get both divides together but personally I mostly just try to ignore the ones from the other side of the divide and listen to only those on the same side of the divide.

top 17 comments
sorted by: hot top controversial new old
[–] [email protected] 17 points 2 weeks ago* (last edited 2 weeks ago)

Technology is great to discuss because it's just logic and facts and objective arguments. But bring in politics and it becomes a mess and that's the problem with this divide in the privacy community.

Good post in general, but I disagree with this in particular. All technology is political. Not in a Democrat/Republican way but in a “how do we distribute resources within society?” way. Not to mention a big selling point for privacy tools is that they can be used by political dissidents. I think a problem does arise when a community manages to fool itself into believing it’s apolitical when what it’s really done is develop an orthodoxy to shut down political discussion.

[–] [email protected] 13 points 2 weeks ago

There is a convenience vs privacy/security line to things that any given individual needs to decide where that lies for themselves. Plenty of people use Facebook and similar because there are a lot of people using it and there is a low bar to entry. Many of these big tech options will let you authenticate via a single click to share creds from another service, the 'sign into Reddit with your Google account' simplicity.

Then there are people like me who self host everything they can. I know exactly where my cloud files are, where my movies are, where my chat messages reside, heck where the Lemmy instance I'm posting this from is, all a few feet away from me. There is a cost to this, not only in actual hardware and electricity but in time and friction in that these systems are not going to have that ease of access that other do.

The bigger challenge is the bleed-over privacy risk. There's no reasonable way for to ask the rest of the world not to post pictures or similar side channel disclosures. Short of becoming an outright hermit in the woods there's always going to be some level of privacy leakage, that's the part harder to manage.

[–] [email protected] 13 points 2 weeks ago

Are you saying the two sides are...

  • Do literally everything possible for privacy, and
  • No, some things are not necessary

?

[–] [email protected] 12 points 2 weeks ago* (last edited 2 weeks ago) (1 children)

No, that divide isn't political. Its about utilitarianism.

The side you are opposed to cares more about getting many people "good enough" privacy, than getting the best possible privacy for a few while alienating most other people.

[–] [email protected] 1 points 2 weeks ago

i forgot about that reason. That's true I think some people have that as their motive. They are probably thinking that it's best to not let the beginners know that vpn doesn't do much on its own or that brave doesn't actually stop all tracking and won't necessarily give you a non-unique fingerprint etc. They want to make it look easy to get privacy because if they make it look hard that these simple beginner steps aren't enough then they won't even get started and give up.

I think it's a wrong mindset to have. I don't think those types of people who give up if they realize privacy isn't a one click solution are the target audience for privacy. We want the people who can actually spend some time to learn and put in some effort because if they can't do that then they probably don't care that much about privacy to begin with.

But its just my opinion not a fact.

[–] [email protected] 7 points 2 weeks ago

I don't have the time or resources to keep state sponsored actors off my back and its almost impossible for the average schmuck to do anyway. Some people really do need that level of privacy and its great that there are tools available to do that, but for me personally I just need to keep Corporate America off my ass and block passive surveillance by governments.

I'm (almost) completely degoogled and the only Microsoft product I use is outlook for work. For the moment, that's good enough for me. I'd like to do more but honestly right now I'm up against diminishing returns.

[–] [email protected] 5 points 2 weeks ago* (last edited 2 weeks ago)

It sounds to me you are dealing in absolutes. When someone gives advice saying you don’t need to worry about that based on your threat model, that’s exactly that, nothing political about it. That’s the point of a threat model, so you can balance privacy with convenience and allow yourself to prioritize what you need to protect. It doesn’t mean you don’t care about privacy at all.

You also need to remember that security/privacy is only a fraction of the tech industry. Not everyone involved in tech is privacy conscious, just like why there are appsec teams to make sure devs code securely.

When you start talking about “grapheneos, qubesos, intel me” to the average person, you will obviously be looked at as either a nerd or a paranoid person depending on how you approach the subject. Imagine a non-techie person posts in this community saying they want to start taking steps to improve their privacy and asking for advice. Responding with a wall of text about “grapheneos, qubesos, intel me” will just scare them away. That's why the first thing people respond with is "What is your threat model?", because you want context to give proper advice to fit their needs. Going nuclear on the first step is overkill and unnecessary.

Taking tiny steps to improve privacy and not going full hermit doesn’t mean you don’t care about privacy. Don’t let perfect be the enemy of good.

[–] [email protected] 5 points 2 weeks ago

The reason you got that reaction in your last thread is because you’re dealing in absolutes, and most people don’t. Most people do not have a threat model that requires them to worry about whether or not second-hand Thinkpads are secretly a honeypot to steal their data. And I honestly would wager money that your threat model doesn’t require you to be that conscious of attack vectors either.

For most people, the common sense steps to limit corporate tracking of personal data is more than enough to meet their needs. There’s no reason for anyone to sacrifice convenience for security to the degree you seem to be worried about, if they don’t have a practical need to. For example, they are doing something their government would frown upon, be it political activism or illegal activity.

That doesn’t mean those people aren’t privacy conscious. It just means they don’t require absolute privacy, which is impossible to obtain online anyway. And just because this is a community dedicated to privacy, it doesn’t mean everyone here is as worried about privacy as Edward Snowden. Most of us probably don’t need to be, because we didn’t piss off the NSA, and we aren’t worried about covert rendition to Guantanamo Bay. So when you make posts like you did, worried about an attack that is so unlikely that it would be incredible if it actually ended up being worth the effort, of course people are going to poke fun at you.

[–] [email protected] 5 points 2 weeks ago* (last edited 2 weeks ago) (2 children)

If you are going to protect something, then you should not spend more on protection than the protected property is worth... It's always about balance. :)

[–] [email protected] 4 points 2 weeks ago (1 children)

You are right but I think most people would in hindsight say they wished the did more to protect their computer when shit happens. It's like a camera, you can buy a cheap camera meant to be used for a vacation then thrown away and it's not worth much but the pictures you have taken are worth a lot as in semantic value, memories you want to keep.

In someones computer they have their entire digital life. Work, personal life, social life, all kinds of data, pictures, banking, investments, crypto, etc. All that is priceless. That's why ransomware viruses are so effective, people will pay and do anything to get their data back and they all wished they had just done some simple backups and from then on they will probably spend effort on security.

[–] [email protected] 3 points 2 weeks ago* (last edited 2 weeks ago)

Yes, value can be expressed not only in monetary terms. If people find it very valuable, they should pay more attention to privacy. However, you can protect yourself from cryptolockers by remote backups as one of the ways.

[–] [email protected] 2 points 2 weeks ago (1 children)

Let's say your life is on the line. How much is it worth, to you?

[–] [email protected] 3 points 2 weeks ago* (last edited 2 weeks ago)

Then all available and legitimate methods of ensuring confidentiality are adequate and justified. But sometimes at work you may need to use programs that you don't really like etc. And without work, you will have nothing to eat. Maybe a little exaggerated.

Speaking specifically about me, I try to use free and open source software to the maximum extent possible. I only run non-free games sometimes. And sometimes some propriatary software for/at work.

[–] [email protected] 4 points 2 weeks ago* (last edited 2 weeks ago)

The problem with all the people on that end of the divide is they can't know what they're saying is true but they are saying it like its a fact. Where are they even getting those ideas from? Are they insiders working high up in the ranks for intel agencies like fbi, cia, nsa? Are there basically hundreds of Edward Snowdens out there? I don't think so.

I think the cause for the divide is unfortunately political. It's about where are you getting your news from and which political party do you prefer. We're not going to talk about that in this topic more than to say I think that is the cause of the divide.

Idk, I think it's good ol' fashioned "cope." "Oh I don't have to inconvenience myself that much, I'm just a Joe not a srs target." "Oh those people take it too far, I'm not one of those weirdos I just hate ads." I really don't think it's much deeper than that.

[–] [email protected] 4 points 2 weeks ago (1 children)

Why is the techlore community against more advanced privacy? At the very least they could suport the people who have a higher threat model than them instead of banning them.

And why on earth does techlore prefer Google over grapheneos?

[–] [email protected] 1 points 2 weeks ago

I think it's personal for techlore regarding grapheneos because a few people in the gos community helped him in a way he felt was rude. Then techlore started making lots of bad videos about gos and then maybe he out of cope had to try see some light in google because he alienated himself from gos community. That's just my guess.

[–] [email protected] 2 points 2 weeks ago

Talking about privacy and using the internet. Honestly it's kind of stupid. The internet is a data gobbling machine and they are doing things we don't even know about to collect data.