Internet-age privacy
Apr. 19th, 2018 12:16 pm![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
drwexhttps://techcrunch.com/2018/04/14/how-to-save-your-privacy-from-the-internets-clutches/
This is one of the best-written and clearest articles I've seen since the Cambridge Analytica story broke that talks about what end users (us) can do. It lists a lot of possible actions, with details on who each action is appropriate for, from "everyone" to "if you're Edward Snowden" or similar.
Lots of them are easy to do, like installing HTTPS Everywhere and switching to an anonymous search engine (I've used Duck Duck Go for years, ever since the medical incident*). Some of them are surprising, like the recommendation to switch to iOS from Android. Given the recent practices and actions of Google and Apple that makes sense, but it also assumes that things will continue as before.
What do you guys think? Are you doing some of these things? I already cover all my web cameras by default and won't have a "smart" speaker in my house.
*The medical incident occurred when a friend was at my house and we were discussing a condition they were concerned they might have. That involved web searching. The next day I was doing a demo on a projection screen at work and starting to type in a query popped up completion suggestions that included those medical terms. That was uncomfortable in front of coworkers, to say the least. I sent a fairly angry letter to Google and switched my search engine literally right after that meeting. Had I been thinking about it, I would have used an anonymous tab, but it didn't occur to me to think about that while socializing with my friend.
This is one of the best-written and clearest articles I've seen since the Cambridge Analytica story broke that talks about what end users (us) can do. It lists a lot of possible actions, with details on who each action is appropriate for, from "everyone" to "if you're Edward Snowden" or similar.
Lots of them are easy to do, like installing HTTPS Everywhere and switching to an anonymous search engine (I've used Duck Duck Go for years, ever since the medical incident*). Some of them are surprising, like the recommendation to switch to iOS from Android. Given the recent practices and actions of Google and Apple that makes sense, but it also assumes that things will continue as before.
What do you guys think? Are you doing some of these things? I already cover all my web cameras by default and won't have a "smart" speaker in my house.
*The medical incident occurred when a friend was at my house and we were discussing a condition they were concerned they might have. That involved web searching. The next day I was doing a demo on a projection screen at work and starting to type in a query popped up completion suggestions that included those medical terms. That was uncomfortable in front of coworkers, to say the least. I sent a fairly angry letter to Google and switched my search engine literally right after that meeting. Had I been thinking about it, I would have used an anonymous tab, but it didn't occur to me to think about that while socializing with my friend.
no subject
Date: 2018-04-20 02:32 am (UTC)This one seems like a no-brainer to me.
Google has, from the outset, made no bones about its true ends: to know and to monetize everything about everything in the world, and people fall neatly into the category of "everything." As they say, if you're not paying for the product, you ARE the product. And really, even if you are paying for the product, there's no saying someone still can't monetize you -- does anyone at this point think any paid internet service isn't "double-dipping" with your info?
I've long believed that Tim Cook, a gay man who grew up in "the buckle of the Bible belt", is almost uniquely qualified to understand the ramifications of privacy. And his response to the FBI over the past years (an enthusiastic and steadfast "go pound sand!") has only galvanized my belief. Tellingly, during that same period, Google was conspicuously silent about its views toward privacy.
no subject
Date: 2018-04-20 04:26 am (UTC)no subject
Date: 2018-04-20 04:27 am (UTC)no subject
Date: 2018-04-20 04:14 am (UTC)no subject
Date: 2018-04-21 01:31 pm (UTC)yeah, no smart speakers anywhere near me. definitely not in my house.
no subject
Date: 2018-04-20 05:55 pm (UTC)-- Haven't taped over the laptop webcam yet, but I don't use the laptop all that much. The desktop cam always has its cover on, except when I'm in a meeting. Hadn't thought about it for the phone; that's an interesting idea.
-- HTTPS Everywhere: not yet, but I probably should. I do spend some effort nowadays hassling every company I work with professionally that they should be forcing HTTPS for all interactions.
-- I don't entirely approve of ad blockers on principle. (Although so many sites are so awful that I can't really argue against them, and I wish more sites offered reasonably-priced no-ad subscriptions -- I support several of those.) A tracker blocker would be a good idea, though.
-- Private search engines: honestly, this is one where I'm of mixed minds. I actively *like* Google's memory when it comes to professional research -- it just plain speeds up my life day-to-day. But I'm queasy about it much of the rest of the time, so the reminder of DuckDuckGo is useful.
-- Private browser sessions: frequently. I pay a good deal of attention to whether I'm in incognito mode or not.
-- VPN servers: the only one I use is the one that Querki runs, but that's mainly for work.
-- Encrypted messengers: occasionally. I'm generally leery of putting anything in IM that isn't at least public-ish. (I generally figure that it's as secure as email, which is to say not.) For the rare times when I need security, I have OTR installed.
-- iOS over Android: hard. I'm pretty committed to the Google ecosystem (and I just plain like Android more), but am increasingly painfully aware of the implications. I don't like this one personally, but I'm not ruling it out in the medium term.
-- Deleting Facebook: nah. I've been a member forever, but I've *always* been careful about what I put there -- I consider it entirely public. (I'm not sure I've ever posted anything that *wasn't* public.) Yes, I'm easy to profile, but that's been true since the early days of Usenet. My only real concern there is the damned trackers.
-- Smart speakers: I find them downright creepy. Maybe useful, but until I see an architecture that provides some privacy guarantees, no chance.
I wonder if there's a market opportunity for somebody to create a smart speaker that at least spells out *contractually* precisely what the data will and won't be used for. More generally, I wonder how much leverage one can get from clearly guaranteeing privacy. I suspect at least *some*, but don't know whether it's a lot or not...
no subject
Date: 2018-04-20 06:18 pm (UTC)I am also deeply embedded in the Google ecosystem but I've trimmed down what I share. I find gmaps stupidly useful but entirely too creepy. The first time I brought up a S'ville map because I was going to NESFA and found that it had marked the homes of a large swath of my friends I was thoroughly creeped out.
I've also avoided Apple on principles because they've been hostile to several people I know who've tried to develop apps. But that might be a smaller point now.
OTR? I use Signal for SMS for roughly the same reason that I advocate HTTPS - encryption should be the default regardless of the content.
no subject
Date: 2018-04-20 06:45 pm (UTC)The Off-the-Record plugin for Pidgin. Quite specialized, admittedly, but there are very few people who I trust to communicate securely with, and they also have it.
Other than that, frankly, the *vast* majority of my instant messaging is on Slack, for better or worse...
no subject
Date: 2018-04-21 03:20 am (UTC)I do "say no to always-on voice assistants", though, because I don't want to talk to my phone.