I don't wish to knock this great project, but I'm growing weary of reading what seem to be almost obligatory structures;
1) Initial platitude about how smartphones are ubiquitous,
inevitable, inescapable centres of existence without which humans
would die within seconds.
2) Tragic self-mocking account of how we're all idiots without
self-control who can't work these things, but remain utterly
dependent on technology we have no clue about.
3) Confusing, terrifying litany of all the evil-doers, hackers,
cybercriminals, corporations, agencies, and other bad guys f-king us
over, while trying not to sound paranoid and hopeless.
4) Optional apologetics justifying unconscionable shitshow of (3) on
the basis of convenience and getting stuff for free.
5) (Point at which most normies stop reading) Solution involving
jaibreaking, firmware updates, running a private VPS server,
building your own DNS network and soldering in some new chips using
dangerous solvents, X-Rays and a x100 bench microscope.
6) Shrugging summary about how this "probably isn't for everyone".Because for most people privacy on the internet isn't important. They either don't care it's being abused ("I've got nothing to hide"), or are OK with paying the price of giving it away in exchange for the services they get, and think are entitled to, for free.
This has many reasons, and a major one IMO is that we didn't build privacy-focused tools from the beginning. The web was built with a consumerism model where the user is only meant to browse it. When corporations grew larger based on a very lucrative market and adtech was born, there was no going back. Now, privacy-focused individuals are desperately trying to educate people and reverse the trend, governments are attempting to catch up and fight it, but that train's not stopping anytime soon.
The sad part is that majority of people won't even be interested in this article, let alone use the tools it suggests.
As for the tools themselves, as someone who's been using a de-Googled phone for years now, I'd never use any of these. It's great that they're FOSS and request no permissions, but the fact they're built by the same team and market being "privacy-friendly" as their main selling point just feels off to me. There are similar alternatives already on F-Droid and I'd rather use apps from different developers, in case someone goes rogue I don't lose all my eggs, so to speak.
This is untrue and the only place I see people claiming it's true (ironically) is here on HN. Privacy is intentionally made as difficult as possible when using anything where control could conceivably be centralized. These services are also made crucial through the elimination of others that are more privacy-respecting. In the case of the internet, this is inevitable because internet business don't have to make a profit, and they destroy the previous businesses that did.
I don't meet anyone who doesn't want privacy as the default. It's weird to even have to say that when Snapchat is winning among the generations that get most accused of being comfortable with this corporate and government-imposed lack of privacy.
The fact that "privacy" doesn't mean the same thing for all people isn't helping. Privacy fundamentalist use the same rhetoric and fundamentalism as Stallman does, where they use a definition of "privacy" which is disconnected from what most people are worried about when talking about "privacy".
Counting clicks on a button in an app (privacy fundamentalists: "spying") is far from concerning for most people while uploading their private messages, leaking their private pictures or having their coworkers read their messages is concerning. For an example of that, consider that in another comment thread on HN, the networkers were vehemently defending their right to reading anything and everything on "their" networks while still demanding privacy from their phones.
And as long as the definition of "privacy" is abused to harvest clicks and outrage, meaningful progress can't be made.
That's changing. There's a movement online to get people weaned off big tech and surveillance capitalism. The thing about privacy online is that it's hard to measure, since many opt out of telemetry so you can't easily gauge just how many people have opted out of big tech & surveillance. I imagine the number is exponentially rising as each year passes.
Now I don't expect everyone to be fully private in 10 years, and you'll always get freeloaders exchanging personal data for something free. That's just a fact of life. You have to think of this in terms of 'radioactive waste'. They say data is 'the new oil' but it's really the new radioactive waste!
It should be about as sad as the fact that addition and subtraction still need to be explained. People are still being born.
> I don't wish to knock this great project, but I'm growing weary of reading what seem to be almost obligatory structures;
If this is your first time reading something like this, you need the obligatory structure. If you already know everything, it's not for you. If it's complicated and normies can't do it, that can't be helped, it's what we have. If you are a normie looking for privacy and see that it looks unintelligibly difficult, that's educational. You might be upset by that fact, and therefore support and amplify criticisms of the current regimes, software that simplifies the process, and/or legislation to protect people.
This is the key. And privacy, the lack thereof, and what to do about it - is significantly harder to grok in 2022 than your standard education coursework.
Any material that attempts to educate and empower users on this subject should be encouraged.
Markets change when consumers demand it. Until consumers know what to demand and why they should demand it, change will not happen.
Not long ago, smart homes were reserved for tinkerers and tech savvy types. Now, almost anyone can set up some smart bulbs and such.
Staying private is in that earlier stage. Every product or movement that became accessible to the masses started out as an inaccessible or impractical hobby of a few.
I used to think the same way, and started out writing all my educational pieces in the vernacular structure... with great patience and sensitivity to the idea that maybe some people are ambivalent about privacy.
Over the years I've come to revise that.
We create mythologies in the hacker community. Amongst the many caricatures we conjure up are "Mom", "Gran" and someones "Little brother". These hopeless half-wits will set a computer on fire as soon as touch it. The reality is that todays "Granny" was head of social informatics at IBM in the 1960s. Todays "Mom" is ferociously aware of protecting her children, eschews 'nanny cams' and gets irate at the school for posting the class photo on Facebook.
We need to revise our stereotypes and should seriously ask; who are these imaginary people who are "reading this for the first time"?
Part of the reason I think we create these mythological half-wits is that it gives us a simple explanation as to why the uptake of dignity respecting technology is slow. The reality is that it's actively impeded, but we're not quite ready to fully take that on-board and point at the culprits.
Part of the solution I think is to adopt more direct speech, to stop treading on eggshells around privacy and start going in hard with a more mature understanding of where people are in 2022 with respect to their threat models around different technologies. Regular people get that the horsemen of the infopocalypse are bogus, that their phones are fundamentally insecure, and they want change.
> If it's complicated and normies [1] can't do it, that can't be helped
We do need to up the game in so many places, as you say, education and UI are still paramount.
> You might be upset by that fact, and therefore support and amplify criticisms of the current regimes, software that simplifies the process, and/or legislation to protect people.
You raise a really important issue. There's a lot of hostility towards advocates of rights respecting technology. I always assumed that came, at least here in forums like HN, from those directly involved in advertising and surveillance activities who see their livelihood threatened. But now I think there's more to it. I get about eighty percent very positive sentiment toward my Digital Vegan book, ten percent justifiably critical, but there's ten percent who are disproportionately angered and indignant.
I think the psychology is really complex and involves a kind of defensive rationalisation, learned helplessness, Stockholm syndrome and some sunk-cost bias. Some will vigorously shout down opponents in defending their right to be spied on and abused. Something's amiss there.
[1] sorry I used that word, it's demeaning
The problem I have reading criticisms of anyone else's interest in computer privacy is that in general most but not all people these days who are using their ability to program computers as a paying job are somehow reliant on the sustenance and/or growth of online advertising or other money-raising strategies that depend on surveillance of people's computer use, or simply people's continued computer ignorance. In the case that the critic has any connection to this type of "work", there is, IMHO, a conflict-of-interest/bias to consider. Needless to say, "normies" generally have neither the time nor inclination to pen such criticisms let alone read them.
It is remarkable how developers commenting on HN are so willing to speak on behalf of "normies". One can see this practice not only in this thread but routinely, on nearly every privacy-related discussion on HN. If normies were given a vote how would they exercise it. When iOS users were given the choice to block apps from tracking them, what choice did they make. Facebook lost 20% of its market value as a result of Apple giving people that choice. It's too easy to manipulate choice and then pontificate about what they do or do not want. This is the game "tech" companies play.
In any event, I think the six points lead to the following conclusion: we need to have (more) laws that regulate online advertising and the privacy-invasive practices used to support it. If computer surveillance shenanigans employed by "tech" companies were sufficiently regulated, it would bring a swift end to the type of "web content" described by the six points.
In my book I address precisely this. What I found in my research is that this is a driver in the privacy crisis, but it's a distorted account.
The software industry is enormous. The vast majority of it still delivers traditional value. In automotive, medical, military, civic infrastructure and commodities, space, pharmaceuticals, agriculture, education and much, much more - the majority of working programmers build benevolent utility for a fair days pay without compromising their morals.
The disease is in the smartphone/web ecosystem (I am simply paraphrasing it's creator Sir Tim Berners Lee), and we should not confuse that with the wider project of computing in general.
What is called "Silicon Valley" (The Californian Ethos) in the vernacular, is an aberration. Its culture is disproportionately supposed to operate throughout "tech". Part of this operation, and power, is indeed rooted in it's mythology, and the projection of its ideals, that there is "no alternative" and that the grotesque exploitation of other peoples private lives is somehow a natural, evolutionary condition of networked digital technology. It's insistence that "this is how we pay for free" is victim blaming.
> or simply people's continued computer ignorance.
Yes, but there's more to it than you surmise. The ignorance has overtaken the creators and investors as much as the users ("consumers in a marketplace"). We were long ago swamped in the complexity and uncontrollable churn of our own creations. Not to realise this is to set up a Machiavellian "us and them" schism, to put too much blame on ourselves and users as exploiters and victims respectively. The way out of this to admit that we don't have the first f-king clue what we're doing with technology and haven't for almost 30 years. The tech revolution has never had a telos, and is mostly the product of bored mathematicians creating solutions looking for problems.
To escape that spiral we need a new revolution of digital literacy. Digital Literacy 1.0 was all about discovering what amazing things computers are, and what they can do. Having now explored many the dangerous things computers shouldn't do, Digital Literacy 2.0 will be about figuring out what we really want them for, and why.
> It is remarkable how developers commenting on HN are so willing to speak on behalf of "normies".
Absolutely. I'm sorry that I too fall into that, and using that word. The arrogance is astonishing. Many of us are still stuck in a down-talking mansplaining way of seeing the world and have a good dose of "saviour complex".
> If normies were given a vote how would they exercise it?
The problem I am alluding to in my original (sardonic but hopefully not disparaging to TFA) comment is that right now it's not fair to even invoke the concept of choice. The greatest triumph of SV tech this past couple decades has been creating the illusion of unprecedented choice while stymying it and boiling down the market to a handful of near monopolies. These contradictions run deep. It's there in the distance between Apple's 1984 SuperBowl Ad, and its bid to introduce mandatory client-side content scanning almost 40 years later.
> laws that regulate online advertising and the privacy-invasive practices used to support it.
I am against regulation as a rule. If we're going to have it I see mandated interoperability and a legal support for radical consumer choice as a better way. The most powerful choice people may still have is non-participation.
They're powerful enough for me, and simple enough that I install them for my mom and grandma (grandpa can't read, dad chose the dark side), and my brother apparently also discovered them independently. Few months ago I figured I should take stock of how many of these apps we use together and did a donation for us collectively. One benefit for family members is that now they don't have to get used to a new interface if they get a new phone, so they're less locked into one brand. Android UI always changes and just gets worse imo, and unfortunately you need the stock camera for good quality pictures, but at least things like their gallery always looks the same.
https://simplemobiletools.com/
https://github.com/SimpleMobileTools
https://simplemobiletools.com/donate
I use half of them and agree completely on the peace of mind they bring when changing phones or onboarding other people.
It might sound sterile polemics but it's not, I'm really curious how techies can talk about privacy on Android, iOS etc. My sole opinion there is just avoid using them.
I was looking for your comment, but this line equating the two highlights a constant ambiguity in HN comments re: the threat model. Cut and paste from another of my comments on the subject:
If the subject threat model here is (1) defending against companies stealing and selling my data then Google should be called out. If the (2) state level agencies spying on you through these companies then you can add Apple to the call out.
I see this happen often and I think every conversation should be clearly grounded in the threat model that is being addressed.
We don't. And that's why there are efforts to create operating systems that are do not track users. Unfortunately those efforts are not well funded.
Again, we don't want big companies to track us and collect our data, but your questions sounds more like "since big companies collect our data, why should we put an effort to prevent everyone else from doing it?" I apologize if I am misreading what you're saying, but we have to do this one thing since the alternative is available, and once an alternative OS is here, we can switch to it as well.
I own a Pine64 phone, it's nice to play as it was the old OpenMoko, but it's not much usable as a daily driver suggestible to generic users, including those who can use GNU/Linux desktop normally as simple users. That's the biggest issue and it's a similar systemic issue described above: we can't have really Free software if it need non-free systems to run, so we can't have free OSes if they demand non-free hw + fw crap.
Since desktops so far are at least manageable I generally suggest to run to save them, pushing desktop computing again and simply say mobile world so far is just a prison. This way perhaps since actually we need desktops to work in 99% of the cases we would been able to have them in the future, as "free" as today...
If anyone has made a simple reminder/note app, similar to ones you'd find on smartphone pre-installed - please share. No idea how many apps I already tested, and each one has some annoying issues. I just need a simple Google Keep clone without sync, location features.
I think by having apps for so many use cases they may have better luck picking up enough users. I for one will be checking out the rest of their work based on that experience with the barcode scanner.
There's also something to be said for many small programs that do one thing well. See also the "Simple" suite of apps, which seem to have a similar philosophy.
I have a Samsung phone, s10+. I've not tried this app yet, but I will. However all apps I've tried so far got my steps wrong. I imagine because it's something that isn't documented by Samsung and they know exactly which values to use to calculate the steps and distance and speed.
So essentially you buy a product with the right sensors but there is no documentation for you on how to use those sensors to have near accurate conversion results if you're going to write software that uses those sensors.
If you know better, please let us know.
FWIW, every pedometer (digital or not) ever created is "wrong" about the number of steps you take per day. What they do offer is a device- or app-relative measurement of roughly how many steps you take.
https://www.medicinenet.com/pedometers/article.htm
"Accurate pedometers are those with step-count errors less than 10%, high or low. […] The Colorado on the Move, Sportline 330 and 345, and Yamax Skeletone EM-180 were within acceptable high or low error limits of 10%. The Accusplit and Freestyle underestimated steps by 20% and 25%, respectively, and the Walk4Life, Omron, and Oregon Scientific overestimated steps by 20%, 30%, and 45%, respectively."
https://developer.android.com/guide/topics/sensors/sensors_m...
I think there's a huge gap between what e.g. suckless.org produces, and what's usable by ordinary people, and it would be of tremendous value to society if we could push back on unnecessary software complexity.
One startup idea I briefly pursued some years ago was developing privacy focused work-alikes for common utility apps, and what I sensed from it was after "flashlight," "calendar" and "QR code reader" apps are their own contained brand experiences. There is no messenger workalike, each game is itself the experience, and playing a clone is less satisfying, and there's a quality to apps that is as intrinsic and unique as a story that you can't just replicate.
The business model was to charge for privacy focused work-alikes of popular free utility apps as an effective luxury privacy brand for apps, but even this misunderstood luxury products (an area I had some experience with, in addition to security and privacy). Luxury goods represent stories of aspiration and belonging, where privacy is a reactionary value that needs a foundation of something valuable beneath or behind it to protect. It's a quality and a feature, but to succeed, it can't be the reason.
To be valuable, privacy needs to socially elevate the user, similar to how the whole apple brand experience does, and distinct from the way someone using Tor/Tails all the time would relate to the world. Privacy as a concept has acquired the vibe of an inferior good, something you want when you don't have power, and so it's not something used for elite signalling the way exclusivity was just 20 years ago.
In this sense, privacy must be attractive, which is a real magic sauce. To do that, what people mean when they say something is cool or sexy is that it is powerful. Together, it means that for a privacy centric tech to succeed, it must first be powerful. Blockchains and cryptocurrencies were technically powerful, but their bar to entry meant they were adopted by unpowerful people first, and are still percieved as an economic "inferior good." Power over things is just leverage, where desirable power is necessarily status over other people. There's a lot of opportunity to refine this still.