The people who say big tech already has so much data on them so why care are missing the valence of time. What you did, thought, said.. last year is much less valuable and useful than what you are doing today.
People are manipulated on a large scale. States, advertisers, political movements, and others are investing a lot of money in it. They are getting something for their money.
That is the most important issue; that is the power in our society. Propaganda was effective before the Internet. Now, with incredible amounts of information about your behavior, interests, needs, situation, etc., and with expertise and A/B testing, it's certainly possible to move the needle. Yes, for you and me too.
Secret police was trying to recruit a dissident to be their informer, but he was resisting. They tried to bribe him. They tried to cajole him. They tried to threaten him. He did not break.
One day a senior agent went by to introduce himself. When the dissident started to protest, the senior agent waved him away. 'We already know everything there is to know about you. We even know you drink tea and not coffee.' The treats, speeches and monetary gain had no hold on the dissident, but when he learned someone close to him betrayed him, he internally gave up.
The moral of the story is and always has been the same. Information is valuable. You may not think it is, but someone does. Do you think that someone has your best interest at heart?
I believe the old idea that would hold even more so now is that the only defense against propaganda is essentially to be illiterate. It is really hard to propagandize a person who can't read. The more informed a person believes themselves to be about the world from text, the more propagandized they are. I believe that is from Edward Bernays.
A crypto proponent might argue that transactions are anonymous. However it is impossible to remove entries from the ledger, which is of course public. Hence even if this anonymity was true today it would also have to withstand ever-increasing capabilities of "chain analysis" for an infinite amount of time.
The existence and use of "crypto mixers", e.g., by criminals, suggests identities are indeed traceable.
To be clear, like the OP, I am not referring to privacy from the government, i.e., so-called "state actors". I am referring to privacy from "tech" companies. Regardless of who develops the methods to trace crypto, or why they do so, history has shown it is "tech" companies, collectively, that have the greatest desire for internet surveillance data and pose the greatest risk to online privacy.
Surely for a government, approaching VISA is far more conveneint
The thing is, is that actually true? What always comes to mind for me is the Cambridge Analytica scandal, which involved their self-declared 'psychometric targeting', which it turned out, after scientists did some studies had a measurable effect of zero on people's behaviour[1].
People love this idea of 'big data' as some powerful ominous tool, even big companies themselves seem to push it explicitly to seem more towering than they are. It's much more boring and unfashionable to think that people are a little more complex and have more agency and that companies push it because it makes them sound more sophisticated than they are.
[1]https://www.vox.com/science-and-health/2018/3/23/17152564/ca...
But the amount of data companies have on their markets now is astounding, and can be used in more ways than just directly targeted ad serving.
I wonder if, when it comes to marketing at least, the opposite is true.
Facebook have x million data points on each person, but at the end of the day everyone fits into a very finite number marketing buckets based on gender, age and location. In terms of selling you a netflix series, razor, theragun or some other gadget people are predictable with just regular data, it just sounds fancier if you call it big data with a twist of AI and a quantum neural network chaser.
Social media isn’t a boogeyman responsible for everything but it is a critical channel to influence. My mom gets bombarded with crazy tales of Joe Biden taking gasoline away, etc. I get lots of crazy dramatic fundraising requests from EFF, broadband advocates, etc.
It’s real and it works.
This isn't true for biodata or medical related data.
Ordinary individuals who attempt to use technology to 'go dark' will likely, if they're careful, be able to conceal their online identity from your average stalker type, malicious ex, or seedy credit card fraudster, but certainly not from the likes of Google, Apple, Verizon, or any number of government agencies with access to those outfit's data centers. This is called mass domestic warrantless surveillance and it is illegal under any reasonable interpretation of the US constitution, and certainly shouldn't be allowed by private parties either.
As far as spies, every history of spies I've ever read has one thing in common: they all hide in plain sight, using cover identities of some sort, acting as much like a normal member of society or their organization as possible, and then running off to do their data transfer/nefarious activity in secret only rarely. Notably, mass domestic surveillance isn't a very useful tool for catching such people - it's more about authoritarian snooping on the population, engendering fear of the state as with STASI, as a means of control. That nonsense shouldn't be allowed, and those who promote it are nothing but authoritarian enemies of democratic rule and free expression.
"Then he said he was going to buy the book with cash, so nobody could trace the purchase to him and exploit his interests for commercial purposes" - Calvin, talking about his Dad, in Calvin and Hobbes by Bill Watterson, December 1993.
I don't think this is correct. Google etc are private actors so no state action, no constitutional violation plus they get your legal consent whether you like the way they do it or not. Government agencies if they get the info must get a warrant or have exception or info's use is barred from court and can't be used against you. So why the claim it is illegal mass domestic surveillance? Hyperbole. Mass surveillance that IS used against citizens all the time is China in WeChat, mass camera use, etc. where there are no constitutional or other protections.
By your interpretation this is okay because its done by a private industry. That makes no sense to me, can the cops now go pay some random thugs to break into my place and search it without a warrant too? Sorry, that's fucking insane just like being able yo purchase the surveiled data
Whether a thing is "legal" when it comes to government (ab)use of power is the thinnest of defenses. As the senator from Naboo said: "I will make it legal."
Facebook tracks millions of people who never sogned up to a facebook account and has never agreed to anything
Technological resistance is, however, a useful form both of social resistance and a means of determining the pervasiveness, nature, and scope of the problem.
That said, individual action alone is profoundly insufficient.
Law enforcement would have to build it from scratch (and trick users to fall for it or pass laws to force people/companies to use it) where as right now they can just dip into the data companies already collect.
The "attention economy" is the best thing that happened to intelligence agencies worldwide. Where as before they had to build surveillance infrastructure themselves (which requires budget, skills and secrecy, all of which is costly and politically risky), nowadays they get all of that not just for free but much better than anything they could build themselves.
Instead we need to focus our efforts on political action. Privacy is not something that can be controlled at the individual level when you're up against billion dollar budgets.
But the billion dollar budgets are spread across an incredibly broad scale and have to handle a ridiculous amount of data. Certain patterns scale very well for the companies, e.g. using google chrome while logged into the google account
If we just avoid the big players and use a bunch of different, unaffiliated services, it makes mass surveillance more expensive and less likely to yield a strong ROI
Defeatism just gives these companies a better ROI with respect to surveillance, and it also makes us more susceptible to pushes to erode privacy, like the current one to replace passwords with biometric data
This is the most popular move against action, to convince people it is hopeless. In fact, when the people want something strongly enough, it certainly happens. There is a long, well-established history of it.
But I agree that the legal solution is certainly necessary and most essential.
Use FOSS, now the price of direct compromise rises above $0. Turn on NoScript? Whoops, there goes like 90% of web tracking, goodbye surveillance capitalists. Use Tor or other multihop for casual browsing? Most adversaries will now be incapable of tracing an arbitrary circuit of an arbitrary user. Cost of tracking activity is now way up there.
It's true that against an adversary with enough money to surveil massive swathes of ISPs worldwide, strong anonymity is not viable for casual use- that kind of thing requires networks of fixed-rate dummy traffic tunnels, public/open LAN networks, proper operational security with devices, avoiding as much social interaction as possible, the whole shebang.
Political action is needed, but I fail to see how we can actually get past dark money like super PACs and such.
Failing that, if enough people use their general purpose machines in a subversive manner, they themselves will become more difficult to suppress.
Avoiding surveillance is becoming very hard. But giving incorrect information is very easy.
Hypothetical, imagine your fake profile indicates you are a minority in some demographic dimension that is now out of favor politically. The dragnet would not really care if it happens to be true for you or not.
I'm recalling the Turkish cleansing of a local religious sect from all government jobs when its two leaders had a falling-out. This could happen in any country, imo.
If there is a conflict and you don't know who will come out on top, either support both of them (one actual support and one fake) or don't support either of them.
Either way, I believe that this topic of giving incorrect information is worth looking more into.
Even if Google/NSA knows your name, they can only see the online activity that you choose to do. You can intentionally choose to give them very incorrect online activity.
For example, intentionally visit websites (manually or automated) that you don't believe it. This will trip up their algorithm. How are they supposed to know what you actually think or believe in?
Not worth the effort. I assume everything I do is (potentially) seen by someone, and the typical approaches are only going to make me look more suspicious.
No verified images nor any evidence that is indeed his real name.
Gwern Branwen is a prolific [1] netizen who is also completely anonymous. I don't know how people like him [2] do it. Surely the people who know him IRL are aware of what he's working on day-to-day and someone would be able to connect the dots. Unless he lives alone or his housemates are completely offline - and he doesn't talk to anyone IRL about what he does at home.
[1] Sometimes on Twitter or Hacker News I legitimately just scan my eyes around the screen expecting a comment from or link to Gwern to be already in my field of vision.
[2] I have seen since-scrubbed evidence Gwern is a "him" though he now seems to hide that too
[1]: https://en.wikipedia.org/wiki/Gege_Akutami
[2]: https://www.animenewsnetwork.com/interest/2021-01-27/gege-ak...
Occam's Razor suggests it probably is his real name. There are a few other biographic details online which I suppose someone could verify if they cared enough, especially if they were local and he actually lives in Perth. He's certainly been using that name since the early 80s.
It's mostly that he just completely avoids fandom and publishing circles and he's of an age where photos of you mostly didn't randomly show up on the Internet unless you deliberately put them there. And he is apparently determined to keep it that way.
This is actually a pretty good example of a person who could probably be found pretty easily if someone, and certainly the government, really wanted to but they keep out of the public eye except for their books and the occasional interview.
It's a bit of a state wide trait to be general while leaving a semi challenging last mile problem.
Having a capital city described by early US personnal in orbit as "the most remote city in the world" leads to a mild village syndrome when outsiders come asking for <insert specific name> .. who wants to know & how come you don't know already?
As for gender, roughly a third of the math | physics | comp sci staff were female in the early 1980s (Cheryl E Praeger and others) and a number spent the early Usenet days with nome de guerra to sidestep the complications.
The reality is that it really depends. Maybe you do need to flash your phone and use a VPN or maybe not. It's complex. I work in Cybersecurity and I often get into projects where PMs want magic bullets but there isn't one. Are you processing personal data? Are you going to have legal, financial or reputation implications if you have your data stolen? It's not binary.
The idea is to get the basics right so I can defend to my significant other why she doesn't see ads on Google: it's because pi-hole, honey.
I will come up with the list of things you can do and share it here soon, sorry if you think it's clickbait.
I have nothing against Tofu (maybe the texture) but if you are going to convince someone that an opensource project made by mostly one person with very little financial backing, over a corporate MFA provider, data or rationale is required!
Then you have the extreme options available like Tor, using Qubes, GrapheneOS on your phone, changing your legal name, using burner phones, Faraday sleeves, VPNs for public Wi-Fi, network segmentation for IOT devices, disabling Intel Management Engine. Having multiple operating systems for compartmentation purposes, etc
There is a privacy rabbit-hole to get lost in. Luckily I’ve found a reasonable middle ground and am not one of those LARPer types who take it all too seriously.
No, it's like that in countries without pretenses of democracy or civil rights too. If anything it's a fair bit worse.
Some articles do address such things but they have something of a tendency to be addressed as a separate issue from "online privacy" rather than one element of the issue and a bigger issue for some individuals than others.
Certainly there are steps someone can take to be make themselves invisible online but it severely limits career and other options.
I think you forgot one important point. Lack of privacy harms journalism and activism, making the government too powerful and not accountable. If only activists and journalists will try to have the privacy, it will be much easier to target them. Everyone should have privacy to protect them. It’s sort of like freedom of speech is necessary not just for journalists, but for everyone, even if you have nothing to say.
This subject is very important so OP took time to write a really long intro, please subscribe to his blog to get the answer next week.
In the meantime feel free to read the discussion in HN because it's probably more interesting until the part 2 eventually comes out.
The idea is also to discuss the what and the how of online privacy. The list of actions can get pretty long, so I decided to divide the article while I was writing it.
Pass.
When I first saw the title, I thought the author was going to discuss truly taking the red pill. I was disappointed to read just another '10 things you can do to increase your privacy' piece.
You're not going far enough.
Unfortunately the average person tends to be less concerned about invasions of privacy they cannot see. Like when you go through a scanner at the airport which let's someone in another room basically see through your clothes, vs. the way you feel if someone standing in front of you says to strip naked.
Another excellent site is Privacy Tools at https://www.privacytools.io/
While taking the class, I came to realize the paper trail you leave the moment you become an adult is immense and almost impossible — from a government perspective — to eliminate entirely. If you require a license or own property, you have no choice but to be in the system. You literally have to disconnect from society and live as a hermit in the woods (and even then I wouldn’t doubt the ability to be tracked.)
The digital realm has only made this paper trail exponentially impossible to control, even if you’re consciously trying. I’ve adopted the practice of limiting my digital footprint as much as possible (within reason). I don’t have accounts or engage with the social media walled gardens. I am very conscious of the media I consume. For instance, I don’t follow my curiosity about topics an on platforms where an algorithm might force feed me — if I wanted to know about a conspiracy theory for giggles, I’d read on Wikipedia, not watch a video on YouTube.
And, finally, ad and tracker blockers at every possible level. I figure if someone has me profiled, I can at least block the tailored message they’re sending.
> As early as 2010, Facebook’s marketing director argued that “online anonymity has to go away.”
These companies have a financial incentive to destroy online anonymity to the detriment of the rest of society, and biometrics are the latest attack
Don't let this happen to you! https://taskandpurpose.com/news/army-daniel-blackmon-romance...
No references, I'm afraid I stopped reading there. Sorry.
