Talking about privacy and using the internet. Honestly it's kind of stupid. The internet is a data gobbling machine and they are doing things we don't even know about to collect data.

If you are going to protect something, then you should not spend more on protection than the protected property is worth... It's always about balance. :)

I don't have the time or resources to keep state sponsored actors off my back and its almost impossible for the average schmuck to do anyway. Some people really do need that level of privacy and its great that there are tools available to do that, but for me personally I just need to keep Corporate America off my ass and block passive surveillance by governments.

I'm (almost) completely degoogled and the only Microsoft product I use is outlook for work. For the moment, that's good enough for me. I'd like to do more but honestly right now I'm up against diminishing returns.

The reason you got that reaction in your last thread is because you’re dealing in absolutes, and most people don’t. Most people do not have a threat model that requires them to worry about whether or not second-hand Thinkpads are secretly a honeypot to steal their data. And I honestly would wager money that your threat model doesn’t require you to be that conscious of attack vectors either.

For most people, the common sense steps to limit corporate tracking of personal data is more than enough to meet their needs. There’s no reason for anyone to sacrifice convenience for security to the degree you seem to be worried about, if they don’t have a practical need to. For example, they are doing something their government would frown upon, be it political activism or illegal activity.

That doesn’t mean those people aren’t privacy conscious. It just means they don’t require absolute privacy, which is impossible to obtain online anyway. And just because this is a community dedicated to privacy, it doesn’t mean everyone here is as worried about privacy as Edward Snowden. Most of us probably don’t need to be, because we didn’t piss off the NSA, and we aren’t worried about covert rendition to Guantanamo Bay. So when you make posts like you did, worried about an attack that is so unlikely that it would be incredible if it actually ended up being worth the effort, of course people are going to poke fun at you.

The problem with all the people on that end of the divide is they can't know what they're saying is true but they are saying it like its a fact. Where are they even getting those ideas from? Are they insiders working high up in the ranks for intel agencies like fbi, cia, nsa? Are there basically hundreds of Edward Snowdens out there? I don't think so.

I think the cause for the divide is unfortunately political. It's about where are you getting your news from and which political party do you prefer. We're not going to talk about that in this topic more than to say I think that is the cause of the divide.

Idk, I think it's good ol' fashioned "cope." "Oh I don't have to inconvenience myself that much, I'm just a Joe not a srs target." "Oh those people take it too far, I'm not one of those weirdos I just hate ads." I really don't think it's much deeper than that.

Why is the techlore community against more advanced privacy? At the very least they could suport the people who have a higher threat model than them instead of banning them.

And why on earth does techlore prefer Google over grapheneos?

Technology is great to discuss because it's just logic and facts and objective arguments. But bring in politics and it becomes a mess and that's the problem with this divide in the privacy community.

Good post in general, but I disagree with this in particular. All technology is political. Not in a Democrat/Republican way but in a “how do we distribute resources within society?” way. Not to mention a big selling point for privacy tools is that they can be used by political dissidents. I think a problem does arise when a community manages to fool itself into believing it’s apolitical when what it’s really done is develop an orthodoxy to shut down political discussion.

No, that divide isn't political. Its about utilitarianism.

The side you are opposed to cares more about getting many people "good enough" privacy, than getting the best possible privacy for a few while alienating most other people.

Are you saying the two sides are...

• Do literally everything possible for privacy, and
• No, some things are not necessary

?

There is a convenience vs privacy/security line to things that any given individual needs to decide where that lies for themselves. Plenty of people use Facebook and similar because there are a lot of people using it and there is a low bar to entry. Many of these big tech options will let you authenticate via a single click to share creds from another service, the 'sign into Reddit with your Google account' simplicity.

Then there are people like me who self host everything they can. I know exactly where my cloud files are, where my movies are, where my chat messages reside, heck where the Lemmy instance I'm posting this from is, all a few feet away from me. There is a cost to this, not only in actual hardware and electricity but in time and friction in that these systems are not going to have that ease of access that other do.

The bigger challenge is the bleed-over privacy risk. There's no reasonable way for to ask the rest of the world not to post pictures or similar side channel disclosures. Short of becoming an outright hermit in the woods there's always going to be some level of privacy leakage, that's the part harder to manage.

It sounds to me you are dealing in absolutes. When someone gives advice saying you don’t need to worry about that based on your threat model, that’s exactly that, nothing political about it. That’s the point of a threat model, so you can balance privacy with convenience and allow yourself to prioritize what you need to protect. It doesn’t mean you don’t care about privacy at all.

You also need to remember that security/privacy is only a fraction of the tech industry. Not everyone involved in tech is privacy conscious, just like why there are appsec teams to make sure devs code securely.

When you start talking about “grapheneos, qubesos, intel me” to the average person, you will obviously be looked at as either a nerd or a paranoid person depending on how you approach the subject. Imagine a non-techie person posts in this community saying they want to start taking steps to improve their privacy and asking for advice. Responding with a wall of text about “grapheneos, qubesos, intel me” will just scare them away. That's why the first thing people respond with is "What is your threat model?", because you want context to give proper advice to fit their needs. Going nuclear on the first step is overkill and unnecessary.

Taking tiny steps to improve privacy and not going full hermit doesn’t mean you don’t care about privacy. Don’t let perfect be the enemy of good.