Everything I say will be generally speaking for all privacy communities so not specific to this community or another one unless I say otherwise in a short section.
Almost every single time I start a topic or make a reply and also many of the posts I read because they are interesting, there’s always this one guy or several guys who have to say the same old argument about “that’s tin foil, feds don’t do that, unless you are a president or something like that then you don’t need to have that in your threat model”.
That’s the divide I’m talking about because the privacy community can be split into two categories that are opposed to each other on that point. And it’s a big issue because it becomes core in the types of discussions we can have.
For example in techlore’s community they are very much against people who take privacy seriously. If you go to there community and start talking about leaving phone at home, using grapheneos, qubesos, intel me, etc, you will get run over by lots of angry people telling you not to talk about that and then you get censored and maybe banned. Techlore himself have made several videos recommending against grapheneos and he prefers Google. I mentioned that community because I think it’s at the extreme end of the spectrum of this divide.
The problem with all the people on that end of the divide is they can’t know what they’re saying is true but they are saying it like its a fact. Where are they even getting those ideas from? Are they insiders working high up in the ranks for intel agencies like fbi, cia, nsa? Are there basically hundreds of Edward Snowdens out there? I don’t think so.
I think the cause for the divide is unfortunately political. It’s about where are you getting your news from and which political party do you prefer. We’re not going to talk about that in this topic more than to say I think that is the cause of the divide.
Technology is great to discuss because it’s just logic and facts and objective arguments. But bring in politics and it becomes a mess and that’s the problem with this divide in the privacy community.
There’s also another possible cause which is actually very likely as well, which is that at least some of the people on that side of the divide are feds spreading propaganda to get us to lower our guard against them.
The problem with both sides of the divide trying to talk to each other is all the unknown data we deal with in privacy and security discussions. And there is a lot of those unknown data. Those black holes get filled with arguments based on the political ideas from their side of the divide. It’s just not possible to have discussions with people on the other side of the divide.
With all that said I think privacy@lemmy.ml is one of the best privacy communities and have done a good job trying to get both divides together but personally I mostly just try to ignore the ones from the other side of the divide and listen to only those on the same side of the divide.
The reason you got that reaction in your last thread is because you’re dealing in absolutes, and most people don’t. Most people do not have a threat model that requires them to worry about whether or not second-hand Thinkpads are secretly a honeypot to steal their data. And I honestly would wager money that your threat model doesn’t require you to be that conscious of attack vectors either.
For most people, the common sense steps to limit corporate tracking of personal data is more than enough to meet their needs. There’s no reason for anyone to sacrifice convenience for security to the degree you seem to be worried about, if they don’t have a practical need to. For example, they are doing something their government would frown upon, be it political activism or illegal activity.
That doesn’t mean those people aren’t privacy conscious. It just means they don’t require absolute privacy, which is impossible to obtain online anyway. And just because this is a community dedicated to privacy, it doesn’t mean everyone here is as worried about privacy as Edward Snowden. Most of us probably don’t need to be, because we didn’t piss off the NSA, and we aren’t worried about covert rendition to Guantanamo Bay. So when you make posts like you did, worried about an attack that is so unlikely that it would be incredible if it actually ended up being worth the effort, of course people are going to poke fun at you.
If you are going to protect something, then you should not spend more on protection than the protected property is worth… It’s always about balance. :)
You are right but I think most people would in hindsight say they wished the did more to protect their computer when shit happens. It’s like a camera, you can buy a cheap camera meant to be used for a vacation then thrown away and it’s not worth much but the pictures you have taken are worth a lot as in semantic value, memories you want to keep.
In someones computer they have their entire digital life. Work, personal life, social life, all kinds of data, pictures, banking, investments, crypto, etc. All that is priceless. That’s why ransomware viruses are so effective, people will pay and do anything to get their data back and they all wished they had just done some simple backups and from then on they will probably spend effort on security.
Then all available and legitimate methods of ensuring confidentiality are adequate and justified. But sometimes at work you may need to use programs that you don’t really like etc. And without work, you will have nothing to eat. Maybe a little exaggerated.
Speaking specifically about me, I try to use free and open source software to the maximum extent possible. I only run non-free games sometimes. And sometimes some propriatary software for/at work.
Are you saying the two sides are…
- Do literally everything possible for privacy, and
- No, some things are not necessary
?
There is a convenience vs privacy/security line to things that any given individual needs to decide where that lies for themselves. Plenty of people use Facebook and similar because there are a lot of people using it and there is a low bar to entry. Many of these big tech options will let you authenticate via a single click to share creds from another service, the ‘sign into Reddit with your Google account’ simplicity.
Then there are people like me who self host everything they can. I know exactly where my cloud files are, where my movies are, where my chat messages reside, heck where the Lemmy instance I’m posting this from is, all a few feet away from me. There is a cost to this, not only in actual hardware and electricity but in time and friction in that these systems are not going to have that ease of access that other do.
The bigger challenge is the bleed-over privacy risk. There’s no reasonable way for to ask the rest of the world not to post pictures or similar side channel disclosures. Short of becoming an outright hermit in the woods there’s always going to be some level of privacy leakage, that’s the part harder to manage.
No, that divide isn’t political. Its about utilitarianism.
The side you are opposed to cares more about getting many people “good enough” privacy, than getting the best possible privacy for a few while alienating most other people.
i forgot about that reason. That’s true I think some people have that as their motive. They are probably thinking that it’s best to not let the beginners know that vpn doesn’t do much on its own or that brave doesn’t actually stop all tracking and won’t necessarily give you a non-unique fingerprint etc. They want to make it look easy to get privacy because if they make it look hard that these simple beginner steps aren’t enough then they won’t even get started and give up.
I think it’s a wrong mindset to have. I don’t think those types of people who give up if they realize privacy isn’t a one click solution are the target audience for privacy. We want the people who can actually spend some time to learn and put in some effort because if they can’t do that then they probably don’t care that much about privacy to begin with.
But its just my opinion not a fact.