When I announced I would be closing my communities earlier this year, a curious thing happened: a surprising number of regulars replied with some variation of “I think this is my exit.” While some were specifically talking about Matrix, claiming that mine was the only room they were really active in and therefore they saw no point to having a Matrix account anymore, at least one specifically announced they would be quitting privacy entirely, save for a few basic techniques like using a password manager and being mindful of what to post online. While I didn’t expect the number of people responding that way, I was expecting that response from one or two people. If you check any given privacy forum – especially the ones with a heavy overlap of mainstream users such as Reddit – you’ll find no shortage of people asking “is all this work worth it?” and/or announcing that they’re giving up privacy because it’s too much work. So what gives? Is privacy worth the work?

  • poVoq@slrpnk.net
    link
    fedilink
    arrow-up
    75
    ·
    6 months ago

    The problem is that the so called privacy community is full of security LARPers that have no idea what their threat model is and in addition many snakeoil vendors trying to sell you (usually unnecessary or even counter-productive) VPNs etc.

    So it’s understandable that people get tired of these grifters and stop bothering.

    • RvTV95XBeo@sh.itjust.works
      link
      fedilink
      arrow-up
      21
      arrow-down
      1
      ·
      6 months ago

      If you can’t enter a kill code and have your phone self destruct into a million pieces, can your life even be considered private?

    • hperrin@lemmy.world
      link
      fedilink
      arrow-up
      19
      ·
      edit-2
      6 months ago

      ^ This.

      I’m a software engineer, and I’ve worked for the big tech giants. I’m familiar with how they track you. VPNs are worthless. Unless you’re trying to hide your activity from your own ISP (like if you’re pirating stuff), the VPN does next to nothing to cover your tracks. And it’s not like they’re gonna advertise their VPN by saying, “you can pirate stuff without your ISP catching you!”

      If you want actual privacy, you’ve gotta use something like Tor browser or Tails. Of course, I’ve gotta wonder what you’re up to if you need that kind of privacy. Usually a privacy window is good enough.

      • Zerush@lemmy.ml
        link
        fedilink
        arrow-up
        7
        ·
        6 months ago

        Privacy on the Internet is certainly necessary and often synonymous with security. But privacy depends 80% on the user himself, who too often publishes sensitive data on the Internet too easily.

        I know that every page I visit knows my public IP, the OS and Browser I use, my screen resolution and other technical details. This can of course be avoided and falsified, but this can have negative consequences for myself, for example that the page does not present correctly, that it does not fit my language or does not work at all.

        What we must avoid is that pages load identifiers in the browser or in the system to track our activities on the network in order to sell this data to third parties for commercial reasons (as Google does among others), since we do not know how these buyers process and protect this data, which becomes, apart from a privacy problem, also a security problem, as several leaks in the past of hundreds of thousands of user data, including banking and medical data, already show.

        I sometimes use a VPN, or rather a proxy, but only for the sole purpose of being able to watch videos and channels with country restrictions, not for other reasons.

        100% privacy does not exist on the network, not even using the TOR network and VPN, we can only avoid the worst abuses and invasive surveillance of large corporations, the rest depends on our common sense and discretion with our data as the best tool, not a tin foil hat.

    • Scolding7300@lemmy.world
      link
      fedilink
      arrow-up
      10
      arrow-down
      1
      ·
      6 months ago

      I feel like “threat model” can distance people away from privacy communities, i.e. thinking you need a threat to get privacy. I certainly avoid using it because of that opinion. I wish there was a more approachable non-security term for it, like “data priority” or something like that.

      Again, just my opinion and how I react to hearing “threat model” (as a privacy advocate myself).

      • refalo@programming.dev
        link
        fedilink
        arrow-up
        1
        arrow-down
        11
        ·
        edit-2
        6 months ago

        harmful network effect

        that’s a funny way to say marketing.

        I think most FOSS zealots simply despise capitalism in general, they want everyone else to be poor like them. Kinda like socialism.

        • Doods@infosec.pub
          link
          fedilink
          arrow-up
          3
          ·
          6 months ago

          I think most FOSS zealots simply despise capitalism in general

          No, my ideal economic system is capitalist in nature, I just don’t trust western powers (the enemy) with my data. I say western powers, but that includes Russia and China and other things.

        • lemmyreader@lemmy.ml
          link
          fedilink
          English
          arrow-up
          2
          ·
          6 months ago

          I think most FOSS zealots simply despise capitalism in general, they want everyone else to be poor like them. Kinda like socialism.

          One well known exception to your comment is Linus Torvalds. He didn’t mind moving to the USA to make some good money after being a student who could afford a whopping 386! And unlike some people believe, the GPL does not restrict a programmer to make money.

          • refalo@programming.dev
            link
            fedilink
            arrow-up
            2
            ·
            6 months ago

            Indeed, his views are not quite as extreme as RMS for example, Linus specifically did not want to require GPLv3 which is probably sacrilege to Stallman.