When I talk about digital privacy, there is always some smug genius who shrugs and tells me, "Who cares? We all know we don't have any privacy anyway." Nothing could be more wrong. Convincing you that the fight is already over to the way people in power get you to stop resisting.
@evacide I saw you on PBS last night!
@evacide I see this a lot too. Regular people seem to assume compromise at all times. And to tell the truth, sometimes reporting on infosec makes me want to roll back the internet and throw all my devices into the sun, but _most_ of the time, it's very empowering to know that we actually have a fair amount of leverage over our privacy even in today's world, and some pretty normal habits can go a really long ways.
@evacide It's exactly the same strategy as "there is no point in voting".
Also so what if they think "I have nothing to hide" (they actually do). It's pretty easy to understand that many (really all) people have very reasonable, legal, and valid reasons to have some privacy.
@JessicaTaylor
The quick response to that is "why don't you have a clear window into your bathroom then?"
@evacide
@JessicaTaylor @evacide Ann Frank had something to hide
@evacide Just because a lot of my privacy is already eroded doesn't mean I should let anyone else's be.
@evacide It’s either pretense or cowardice, either way fuck ‘em
@evacide it just feels futile sometimes when the US government is so influenced by corporate interests.
We can vote but getting better reps feels random without voting reform (and probably abolishing the senate)
@evacide TBH, also, when it's the people in power whose privacy is invade, they get legal. Most of us don't have those resources (see IRS data for billionaires becoming public and the response, compared to Tesla sex videos).
@evacide If you’re too cynical to accept that it is possible to maintain some degree of privacy and that bad actors and institutions can’t perfectly monitor everyone at the same time, at least develop the spite to make it as goddamn difficult for these fucks to get your data,
@evacide i mean… that's literally the case for any and every cause.
scott mcnealy's "privacy is dead. get over it." still makes me gnash my teeth.
sure, it's easier to give up. but we don't have to and i'm too cussed to just let the bastards have their way with no effort.
@evacide @thegibson I think it's worth engaging this topic if the interlocutor is good faith.
Many if not most people I talk to believe they do not have privacy.
We (infosec) should have something to day with that regard.
@evacide
Too right!
Here's some solidarity from the late David Fleming:
https://leanlogic.online/distraction/
@evacide EXACTLY THAT!
Instead I'd recommend people to start #CryptoParties even harder and go all in!
Teaching #TechLiteracy and how to use @tails_live / #Tails, @torproject / #TorBrowser, #PGP / #enc and all the other tools is kinda vital...
#CryptoParty
Cc; @cryptoparty@bonn.social @cryptoparty@chaos.social @cryptoparty@mastodon.earth
@kkarhan I worry that these days, people will think a cryptoparty is a cryptocurrency thing
@jo Nah, #CryptoParties are older than #NFTs!
Also none if those will promote #Shitcoins, in fact they'd not talk about #Cryptocurrencies AFAIK at all...
Ask @cryptoparty@chaos.social & @cryptoparty@bonn.social ...
@kkarhan @jo @cryptoparty@chaos.social @cryptoparty@bonn.social I'm assuming they do key signing at crypto parties?
@fluffykittycat @kkarhan @jo @cryptoparty@chaos.social Theoretically we do, although I don't see the meaning in it. I've been doing keysigning for 15 years now, see privacy issues and have not seen the web of trust to become big enough to fulfill its original purpose.
@cryptoparty@bonn.social @kkarhan @jo @cryptoparty@chaos.social the problem with the web of trust is you need a critical mass of cryptography nerds
@fluffykittycat @kkarhan @jo @cryptoparty@chaos.social I agree. Worse than that, your web of trust can turn against you. I know of a case of an Austrian pupil who got expelled from the US due to his PGP key being signed by a known ismamist.
@cryptoparty@bonn.social @fluffykittycat @kkarhan @jo @cryptoparty@chaos.social Do you have a link to the case?
Since anyone can sign anyone's key and upload the signature to key servers and the key owner has no control over that, this is an incredibly dangerous precedent since it only takes one person with a PGP installation and an entry in a government list to get everyone with a PGP key very deep in trouble...
@dmbaturin @cryptoparty@bonn.social @fluffykittycat @jo @cryptoparty@chaos.social good question...
@dmbaturin @fluffykittycat @kkarhan @jo @cryptoparty@chaos.social Regrettably I don't. I was in indirect contact with the family, but I don't have written statements.
@cryptoparty@bonn.social @dmbaturin @fluffykittycat @jo @cryptoparty@chaos.social but tzen again the #USA is known for absurd and nilly-willy border rejections, because it and Japan (and de-facto Turkey) are the only nations where the border personnel and not the visa decides whether one can enter or not.
I kid you not...
@fluffykittycat @kkarhan @jo @cryptoparty@chaos.social Just to give you an idea which topics we're handling on our events https://github.com/jrselzer/Andere_Linklisten/blob/main/digitale-selbstverteidigung.md Sorry for most of the descriptions being in German, but we can't expect our common audience to understand English.
@kkarhan @jo @cryptoparty@chaos.social Actually we do, just in order to explain the underlying concepts. As for myself, I don't have any cryptocurrencies and am not interested in having some. Due to my lacking knowledge in finances, I won't encourage people to invest in Bitcoin, Ethereum or other stuff like that.
@evacide For me the key is picking your battles. There's no way i'm gonna live modern life with my digital self 100% perfectly sealed up. But I don't see that as a reason to to just do nothing. I think part of make people NOT do nothing is letting them pick their battles, because making it all or nothing is what makes them choose nothing and go "eh, nothing we can do it's futile". Protecting yourself 100000% against the invasions on our privacy is not going to happen, so to me the important thing is not having 100000% be the goal in the first place. There's some stuff I have to let go or put up with for now, but I am constantly working on improving my own privacy, fighting against threats to that privacy, etc. I've seen privacy advocates who go to the point of being digital hermits, "can't even own a cell phone" kinda thing, which is fine if that's what they want to do but it's way too much to ask of most people. I think that's when people start feeling like it's futile, because they feel like the options are throw their phone in a swamp or do nothing. There's plenty of options in-between of Doing Something and Making Things Better for both yourself and everyone else.
@evacide What would you have us do? The companies themselves aren't going to self-regulate. There's no competition, really, so you can't vote with your money or feet. Legislation is a nonstarter in the United States because that country is a basket case -- and since that's where all of the major players are, the US are the only country with the ability to impose real consequences. The courts in the United States are very clearly on the side of the money. What levers do any of us have to pull?
@narinarinari
This is my frustration as well.
This year's presidential election is essentially about nearly unfettered capitalism vs outright fascist dictatorship. One outcome is superior, but only in the "better to have lung cancer than Parkinson's" sense. Both are shit for privacy.
@evacide
@evacide We can't even get our leaders to take existential threats like Climate Change seriously!
@evacide that, or the people who say "I have nothing to hide"
@evacide "the people become defeatist" is what I heard somebody say in a call earlier today re how we respond to pressure to give up our self governing power and I'm not sure it matters whether it's more forced or more embraced but the defeatism is all kinds of dangerous
@evacide I don't mind them taking my data as long as I get something in return. It's the freeloaders that bother me.
Establishing a private life is a way to avoid totalitarianism. Totalitarians do not want any privacy to exist.
Here is Timothy Snyder Discussing as such, taken from his book "On Tyranny."
@evacide the most will care future. you never know, what happen and it's not possible to delete history and leaked data later than and will follow you forever. It's may not problem now, but could be in future.
@evacide Just because the internet doesn't care for privacy, doesn't mean we have to willingly give it up...
@evacide
It's not exactly a black and white issue.
More privacy is always better.
@evacide@hachyderm.io
Does Google and Meta have a bunch of data on me? Ayup.
What I'm doing (or in the process of doing) by not engaging on their platforms, or flashing my phone with a new OS is I'm trying to do my part to not contribute any more of what I refer to as "click labor". I don't log in to my Facebook account any more. I use Proton mail for my email and calendar service and Signal/Element for messaging.
Am I sticking it to the man? In the grand scheme of things, they don't even care. But what I am doing is living my values as best I can in a system that forces us to compromise on those principles daily.
@evacide Scott what's his name said that at Sun in 2002. He was wrong then, as he was about do much else.
@evacide try asking the big tech companies what they have to hide. Often they aren't even willing to give you access to your own data, specific ways it's been processed or assumptions they have made about you.
@evacide Let’s make hash of the 4th Amendment, shall we?
@evacide My sentiments exactly. Beware of experts.
@evacide I think we need to talk about security like we talk about health.
Noone in their right mind world say "eat a carrot, to get health". It's health-y habits. Habits that you should get educated and navigate. Because what's the option?
Sadly we are not the ones who pay for our lack of security. We ofset this to political minorities.
It's fucking hard.
Kinda think that 'privacy' is a term that, while emotionally resonant, isn't one that most people have a strong model of as a concept.
Which, in a way, is almost heartening 'cuz if they don't have a strong understanding of it, they haven't -needed- one.
Something that's worked for me in the past to convince people of the value of it has been to point out that some information - e.g. their bank account login details - is sensitive and needs protection and auditing over who is allowed to have knowledge of that information - and since data is data, the same principle of understanding the scope of helpful vs. baneful distribution for other forms of data follows the same pattern.
@munin @evacide @saraislet The Stanford Encyclopaedia of Philosophy has long had a great and expanding section on the philosophy of what privacy is https://plato.stanford.edu/entries/privacy/
The one that resonates the most for me is “privacy as necessary for human dignity and intimacy”. For example, I don’t believe it’s possible to have an authentic intimate relationship under surveillance.
@evacide „there are coming up new information/data that they didnt get already...“
@evacide
I really we become quantitative here so users can start a hygiene. Giving up is only ok for the three minutes when this person speaks.
While it's true that our digital footprints are increasingly being tracked and monitored, I believe that it is still essential to uphold and defend our privacy rights.
The Interesting World Hypothesis suggests that when entities have greater autonomy, the world becomes more interesting and dynamic.
Privacy is a vital component of autonomy, as it allows individuals to make decisions about their own information without external interference.
@evacide
I'm tough to miss. I was the first person at HCA HQ in Nashville to learn of the raids in El Paso. A NYT reporter left me a voicemail intended for our SVP of PR. whose name is similar to mine.
@evacide Privacy is easy if you got the money