this post was submitted on 05 Jul 2023
66 points (97.1% liked)
Privacy
32173 readers
813 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Man all these mfs are steering you deadass wrong. If you’re a noob for privacy stuff start with an iPhone.
You get very clear user settings at first boot that let you choose your level of privacy and you have to actively add trackers on it. You get a very clear functional internal check that communicates what you’re letting different applications do and gives you an opportunity to change that. You get a functional phone that only requires that you trust the people who made it, honestly the same devils bargain any phone requires.
You also get one of the biggest userbases to look shit up and one of the longest support windows in phones.
Once you’re paying attention to your apps and data then you can get a sealed pixel from last year shipped to a vacant house and run graphene and only connect through a vpn and only log in with anonymous accounts.
Don’t try to learn in formula one. Start with a go cart.
The problem with the iphone, is that Apple has shown it's true colours in recent years. Scanning cloud documents etc under the guise of finding CSAM. Privacy to apple is an advertising slogan and it isn't as private as you'd expect.
Didn’t they end up not doing that?
I don’t have a kid with a cell phone so it’s not something I’ve looked into extensively but didn’t they replace the cloud scanning for on device scanning that has to be enabled through parental controls?
Wouldn’t you want a corporation for whom privacy and security are part of an ad campaign? You would want them to tie their identity and public perception to the things you want because when they violate those ideas (like scanning cloud documents for csam to comply with some eu directive) everyone will notice and yell and they’ll walk it back?
They ended up not doing it after the anger. If they could get away with it, they would have. If they didn't go ahead with it anyway, then the legal argument looking really shaky.
The last part of your post was a little weird to comprehend, a lot of weird leading the witness sort of questions. You can throw hundreds at me, but I'll give you the only ones that matters...
Do I trust them? No. Do I want to give them my money and activity? No.
That’s kind of a silly answer to any of the questions I asked. No one gets to have a cell phone without trusting some company. Even the beloved fairphone is manufactured in a factory and has a supply chain that requires trust.
I was trying to “lead” you towards discussing what company or kind of company you do trust. I didn’t suggest the apple stuff to the op out of love for that company, but recognition that for someone whose new to privacy it’s a platform that has a very good history of respecting privacy and providing tools that allow users to take control over it.
So no “leading” (some folks would just call it having a conversation…): what company do you trust? Do you recognize that given a lack of zero trust architecture in the hardware, software and infrastructure of cell phones you can’t get one without putting your trust in some company or group of companies? What do you look for in a company to trust?
Part of this discussion is why I didn’t suggest a secondhand pixel dead dropped and configured with anonymous credentials on a private network. A person who is new to privacy cant be expected to do that and understand it, they need to begin to see all the different ways their data, metadata, biometrics and analytics are tracked and start to decide what they want to protect. That’s how they get to baby’s first threat model and figure out how to respond to it.
"Baby's first threat model" is a little patronising. The specifically asked about Pixel and de-googling and your response is virtually "you know nothing child, go with apple".
I don't trust companies, generally. I tend to trust open source software that is quite well known, as security/privacy by obfuscation is a poor model. If people can see the code, and scrutinise it, they'll find the nasties generally.
By leading, you were asking weird question so only you could get the answer you wanted, and some were weird. Have to tie yourself in some real logical knots to get there.
Finally, no one mentioned second hand hardware. A few years old point I suspect was intended to mean not the newest model. I bought a 6a pixel when the 7 was out. It was £299. It was a good price for quality hardware that could be de-googled.
Lol “baby’s first threat model” was a joke. Not everything is an insult, even on the internet.
What answer was I trying to get and what logical knots did I tie? I’m not trying to fight you, just to explain the logic of recommending a specific platform to someone who asked about getting into privacy and de-googling.
I was using second hand hardware interchangeably with an older phone, but using a secondhand device does obfuscate the chain of ownership to anyone observing connections by imei (at least until you get a cell contract).
I use lots of open source software and have for decades but some of the repository audits recently are alarming. Of course, any reader of the jwz blog knows that the open source community’s idea of security often isn’t.