Everything is tracked, everything is logged, its been this way for a long time and there's nothing you can do about it. You have zero privacy in the internet and you're an idiot if you think otherwise.
Every step you take, every word you write, every picture or video you look at, every single thing you pay for, every place you go, every person you call/message, or are physically near to. And the times when you left your phone behind. For everyone, combined, analyzed, searchable, with machine-learning-everything thrown at it to find and predict patterns and of course to stalk exes, political activists, anybody.
Imagine what the Stasi police could do with all of this and know that your current administration is doing it.
It’s a bit depressing even if put to the music of I’m Watching You by hmmm… the Police.
But this nihilistic, all-or-nothing attitude is another kind of naïvety.
There are absolutely still ways for people to keep large chunks of their online presence and activity private. Using E2EE services like Matrix and iMessage, for instance. De-Googling sharply reduces the amount of information Google has about you. Etc, etc.
It may not be accessible—or even understandable—for everyone, but the idea that absolutely everything we say, do, want, and think will be collected and tracked and there's nothing we can do about it is just not true.
If Meta wants to read your WhatsApp messages they’d just do it on your device. How would you know?
And it's a lot harder to spy en masse if for each act of spying you risk exposing your chip-level backdoor, instead of just asking Facebook for the data.
This type of statement usually comes from the "schizo" who is "living on the internet", not the "normie" who has a life away from the internet and only uses it occasionally. It is a common "all-or-nothing" perspective that has been shared on HN for at least a decade. Meanwhile so-called "tech" companies spend millions on lobbying against privacy regulation and pay millions in fines and settlements for violations.
Perhaps whether one has "privacy" is not as important as whether one believes they might be able to get it. As long as the possibility of "getting it" exists in people's minds, and people take action toward that end, then so-called "tech" companies face a potentially existential threat. It interferes with the progression of their only "business model". The "all-or-nothing" view of "privacy" seen in HN comments is particularly suspect when one considers that those invested in so-called "tech" companies have a financial interest in erasing the _possibility_ of "privacy", i.e., the motivation to take action, however small and seemingly insignificant, from people's minds.
There are ways to use the internet that send minimal useful data to so-called "tech" companies and there are ways to use the internet that send maximum amounts of data to so-called "tech" companies. Neither is "internet privacy" in the absolute sense. But each has a different effect on the "business model" of so-called "tech" commpanies.
More importantly, less use of the internet may result in less data being shared with so-called "tech" companies. Good luck getting the "schizo" to reduce their internet use. It is not suprising the "schizo" would suggest an absolutist standard of "internet privacy" where achieving it is impossible. For the "schizo" who is wedded to the computer, this is probably true.
It's less a function of mental illness or time spent online, and more simply pointing out the old-as-writing state of affairs where companies will do whatever they can do to you to make more money. See the "Complaint tablet to Ea-nāṣir" for a timeline of this.
It is not hallucinatory to observe that companies take advantage of people given the opportunity to do so, and it is not indicative of mental illness to be unhappy about being on the receiving end.
>always-on backdoors embedded in consumer routers and CPUs Are we talking about IME? That's more of a 'theoretically it could execute code, but they'd need a crazy amount of software engineering to really use it to monitor you'. Besides, you can MITM your network traffic and see if it's phoning home. And I'm sure people do, and I've read no cases of it actually being used that way.
Not that I'm okay with this or happy about it. It's just less dire than could be since, although the infra is there, it's not being used.
My particular hot take, speaking partially from experience, is that indeed, there are insurmountable amounts of data collected - but it's collected by hundreds of disconnected, inhomogeneous and incompetent organizations with conflicting goals. There's no global all-knowing conspiracy, even governmental organizations in a single country have poor data sharing capabilities. And this should be trivial - it gets much harder when you take into account commercial organizations that store user data but it's not their main focus, commercial organizations that want to sell user data, but not for free, commercial organizations that really want to pretend they care about user privacy, foreign organizations, foreign organizations from hostile countries, and everreaching bureaucracy related to getting data from basically any of those.
Likewise with private messages on Facebook, order history on Amazon.
Big Tech has way more to lose than the small "privacy focused" alternatives, and clearly for them to go this long with this many employees its through design not luck.
This doesn’t quite refute your assertion of no leaks of searches but it is just as egregious. You are right about incentives too.
And yes, Amazon employee #18447272. You are just as responsible for empowering Bezos to fuck over the WaPo as the rest of them. Employees of big tech corporations are the silent accomplices of the tech oligarchy we’re headed into.
Apple and Amazon will at minimum compromise your privacy to improve their products. And since they have no extra motivation since they don't make more or less money (because Siri and Alexa are loss leaders) they will have no extra considerations of privacy regardless.
Comparing Signal to protonmail is a much more interesting problem and you can go on to what has been subpoena from Signal and protonmail. Since there was one actually disclosed we can see the information (or really lack of) that was given by Signal [1] . We have a statement by proton mail on what can be subpoena [2] but there have been arguments against it.
[1] https://signal.org/bigbrother/cd-california-grand-jury/ [2] https://proton.me/legal/law-enforcement [3] https://protos.com/protonmail-hands-info-to-government-but-s...
This will immediately get thrown out of the window when it hurts profit (and may have been already been thrown out of the window, see OpenAI partnership).
On top of that, at this point all they have to do is to just be ever so slightly better than the rest when it comes to privacy. The bar is so low as to be non-existent
> This will immediately get thrown out of the window when it hurts profit
This is the important thing I'm always trying to note to people that think incentives are enough (as I used to). You can never know what the incentives of the company will be 5, 10, 15 years from now, or whether that company or division will exist or have been sold to some other company.
Incentives based on current conditions only matter for outcomes that don't have ramaifications far into the future. That's definitely not data collection and privacy, where you could find that 10 years worth of collected information about you has been sold at some future date.
And lest anyone think they can predict the stance a company will have on a topic a decade or two later, all I can say is that any example someone can point to of a company that has stayed the course we can easily look at point in history where a series of events could have gone the other way and they would be close to being bought out if not defunct. Even Apple had a period where they were bailed out by investment from Microsoft, and many other large names of that period were gobbled up.
Always keep in mind, Sun was an amazing company with amazing products and engineers that embraced open source and competed with Microsoft in the enterprise market, and eventually after declining they got bought by Oracle.
The reason why I trust Apple a little bit more than, say, Google on something like this is that Apple is pitching their products as luxury goods - a way to be different from the hoi polloi - so they need features to plausibly differentiate along these lines. And privacy is one thing that they know Google will never be able to offer, given its business model, so it makes perfect sense for Apple to double down on that.
(Ironically, this means that Apple users benefit from Android being the dominant platform.)
> In theory, rationalists like game theory, in practice, they need to adjust their priors. Real-life exchanges can be modeled as a prisoner's dilemma. In the classic version, the prisoners can't communicate, so they have to guess whether the other player will defect or cooperate.
> The game changes when we realize that life is not a single dilemma, but a series of them, and that we can remember the behavior of other agents. Now we need to cooperate, and the best strategy is "tit for two tats", wherein we cooperate until our opponent defects twice
> The problem is, this is where rationalists hit a mental stop sign. Because in the real world, there is one more strategy that the game doesn't model: lying. See, the real best strategy is "be good at lying so that you always convince your opponent to cooperate, then defect"
> And rationalists, bless their hearts, are REALLY easy to lie to. It's not like taking candy from a baby; babies actually try to hang onto their candy. The rationalists just limply let go and mutter, "I notice I am confused". This is also why they are poly.
>But was is happening in your inbox, really? >Most spam is not "black hat spam". It is what I call "white-collar spam": perfectly legitimate company, sending you emails from legitimate address. You slept in a hotel during a business trip?
This is pure survivor paradox. This is true for your Gmail account, because all "black hat spam" was already filtered! I own two unfiltered email accounts that were sadly scraped from the internet, and the spam is - by far - almost completely malspam, romance scam, cryptocurrency spam, scam attempts, spoofs, phishings.
Email spam is not the huge problem people make it out to be. Common sense goes a long way.
Let’s take the two advertisements that the author has. I call them advertisements because, despite being sure neither Signal or Protonmail paid this guy, he fell into the obvious trap of “xyz sucks, here’s what to use instead”.
Amazon is bad, Apple is bad, Kagi is bad because they all take your money. But Protonmail is good because they…take your money? They take your money and if they did something bad you wouldn’t pay them. Ok? And this obviously has happened to all the secure apps that people continue to use despite them being hacked, or the companies that rebrand after it’s found out they were leaking your information? If Protonmail was found out tomorrow to be a front for the CIA, who suffers? What’s stopping the people running it from just making Electronmail tomorrow and claiming that they aren’t a front for the CIA?
Meanwhile Signal is an open source project and that means everyone has reviewed the code and trusts it. What happened to giving companies money so that they suffer when they violate your privacy? If Signal makes it so that you don’t want to use it, what harm do they suffer? If they add new code that backdoors the app or sells ads or harvests your contacts, what are you going to do about it? Will you publish a blog post explaining how you were the geek who got conned this time?
I actually have nothing against these specific projects, just as I generally don’t have specific vendettas against the other dozen things these blog posts tend to shill (DuckDuckGo, Brave, Quebes, GrapheneOS, Firefox, whatever). My point is that the geek is perpetually vulnerable to thinking his choices are good because of some technical reasons, when in reality we choose what we associate with based on trust and human factors. You probably choose your software because your buddy from IRC told you it is good. A lot of people choose their software because they saw an advertisement showing that this company actually cares about their privacy. Neither of you is dumber than the other and making people feel bad for not keeping up with the evolving landscape of privacy is generally not productive.
if Proton or whatever gets behind their mission, people will move on to the next company they can 'humanely can trust'... chosing the best option among all the bad options still is progress
You're displaying the exact naivety he's trying to point out.
A decade ago I ranted about Facebook to my technical friends. They all agreed that it was a terrible privacy nightmare, that eventually it would start selling that data to generate a profit, that we really ought to use something else, but in the end I had no alternative. As one of them said "If you don't have anything to hide, you have nothing to fear". I was ready with the counter, but before I could even get to the counter point he retorted "Yeah that's obviously not true, but it is the argument". At the time I didn't understand, but now I do. Fighting against these systems is meaningless for the individual. I can't stop Facebook from gobbling up all my data any more than I can dictate that the petrol in my car must be ethically sourced from Sweden.
You can't distrust your way out of Google, Amazon, and Apple storing your voice.
It was a lot easier to be a counterculture rebel when what you were counter cultural about was the driver for the printer at your research institution. When I want to pay my taxes (which I can do electronically, imagine that) I need my phone and browser and weird authentication app to work. I need them to be the ones that everybody else uses, because if I'm using some niche application, nobody is going to help me when it breaks. When an important email doesn't arrive in my mailbox, the sender isn't going to be understanding that I want my mail on protonmail that for some reason has a technical problem that day. He's going to ask me why I'm being difficult.
Apple has far more to lose monetarily than protonmail if it comes out that Apple sells off iMessage contents or similar.
I agree with the ideal of the article and the plight, but the shilling of Signal and Protonmail absolutely destroy the message because it goes right back to who you decide to trust to run a closed source service for you.
A corporation betraying a relationship with a customer is not a magic property of a corporation. It can happen just as easily with non-profits, coops, and any other org structure.
They are all groups of people in the end who you don’t know and fundamentally cannot trust to be acting as an agent of your interests.
100% we need more of Stallman or someone pushing actual open source.
Signal and Protonmail are not that. They are just other SaaS providers that you have to trust the marketing of.
And you don’t have to trust the registrar because of what I just said. You don’t need to depend on PKI.
My $.02
"Not a corporation" means little if there's no transparency to how the nonprofit's board members are appointed or elected.
See the controversy that is the WordPress Foundation, which is also a 501(c)(3): https://www.pluginvulnerabilities.com/2024/09/24/who-is-on-t...
I guess geeks should be sceptical of legal structures that might get passed off as "feel good" marketing too. :)
[1]: https://www.francetvinfo.fr/internet/apple/entretien-on-parl...
I worked on on-device speech at Google, both frontend and backend. Unless there was a secret cabal mirror team that did all the evil stuff and made us think we were writing the code that was shipping, it doesn't come close to describing how things actually were worked through internally.
Most trivially, and narrowly, Most Evil Amazon would be just as happy with a transcript of what you said that was recognized locally. There's 0 reason they need the audio. I'd also hazard a guess they're not streaming audio to the server, no one would create a hotword detector that would rely on that, due to the latency and bandwidth demand alone.
The way things are is also a mirror of large society. It takes a lot to keep it all going, combined with nobody has time or wants to care about the technology in their life. At best there are some negative events that makes people think about it for a little while, and for some there will be a bad memory, but in the end it just fades out of focus to the same place where oil changes and filter changes go.
> Did you really think that "marketing" is telling the truth? Are you a freshly debarked Thermian? (In case you missed it, this is a Galaxy Quest reference.)
Did you really think that an article humiliating your readers is going to change anything?
Yes, we the people, are stupid. No, we the people, are not keen on being called stupid. We might accept that from people we admire but not from someone we have to look up on the interwebz. Someone who has to point out that there is a page on him - in, for god's sake, the FRENCH wikipedia! And yes, I missed it, because Galaxy Quest is nice popcorn TV but nothing I would commit to long-term memory.
No matter how justified the cause, badly voiced anger just sounds like something between bad impulse control and idiocy.
I get the points the author is trying to make, I sympathize with them, but I would never send that text to anyone I try to convince.
Without the ease for proprietary software development Rust wouldn't get as popular nor it would receive the same support from big tech. Without that popular support it wouldn't be as performant, nor it would attract the top system programmers it did.
It is also extremely naive to think that copyleft licenses aren't actively violated. It is rampant and at this point violating them is the industry standard actually. Making software effectively "ownerless" by accepting many independent developers makes it also equally hard to defend its licenses. The socioeconomic system of the West prioritizes private ownership. Without a clear private owner (or a consortium acting on behalf), it is hard to defend GPL and the rights.
I’m personally completely fine(legally not morally) with people or organizations who want to keep trade secrets secret, but not if they also want society to protect anyone copying their work. The tradeoff is you show society how to accomplish your innovation and we’ll guarantee you profits for X years with the might of law
Edit: this was in response to the comment about no one should be compelled to share their work. I don’t know enough about the nuances of copyleft vs permissive licenses to have useful commentary
LOL!
But we're in a capitalist system, right? We want companies to compete on features that have value to users. And privacy is definitely a thing of value.
And god help me, I never wanted to be an Apple apologist, they're a giant capitalist organization. But they're also the ONLY one that is attempting to compete on the basis of privacy.
And so they have e2e encryption on iMessages, most of iCloud, are the only people doing meaningful things with homomorphic encryption and AI, etc. They recently, very publicly, turned off these features in the UK due to recent legislation.
But if I look at what they're doing, and the audits they're admitting, and the political hits they're taking, and if I dismiss all that I'm supposed to be "candidly naive"?
Do you want us to choose our platforms on the basis of privacy, or not?
And I'm not just "trusting" Apple, I'm looking at their financial incentives. Which are focused around selling extremely overpriced, decent quality hardware. Not ad targeting. For me to believe that Apple is wantonly and deliberately harvesting my data would require that I believe they have an entire secondary advertising business that has remained completely under the radar.
Again, fuck you for making me defend Apple. They have so many issues. But also if we just go pure nihilist and don't even allow companies to compete on the basis of proper security, what's left, unless we go offline entirely?
What we want and what actually happens are two different things. In many cases there isn't a whole lot of competition. For example, Apple's only competitor for mobile OS is google.
> And that’s why I see Apple as a cult: most tech people cannot be reasoned about it.
After presenting zero actual reasons to believe they are not taking privacy seriously. Just.. beliefs.
> Corporations are lying. You must treat every corporate word as a straight lie until proved otherwise.
> I don’t say that Signal is perfect: I say I trust them to believe themselves what they announce.
I share the distrust in corporations, but there is zero technical reason to believe Signal apps are more secure than Apple's unless you reviewed the code yourself, entirely, and built it from source.
Pot, meet kettle.
> First of all, Signal is open source. And, yes, I’ve read some of the source code for some feature I was interested in. I’ve also read through some very deep audit of Signal source code.
