> It's the mindset assuming that for anything to have value in data privacy it needs to be 100% perfectly private and secure.
It does also need to make a difference though. If Google has say three different ways of figuring out who I am and I eliminate one of them then nothing has changed.
Let’s say IP address, fingerprinting and cookies.
In that sense it is somewhat all or nothing. Either I’ve eliminated all three or I have not. I know that’s not precisely what the author means by all or nothing but there are certainly dynamics at play here that are not a smooth continuum
> Let’s say IP address, fingerprinting and cookies.
This will still not lead to a binary outcome. Cookies can be deleted and fingerprints aren't perfect. Nor is Google able to obtain this data from sites equally. Amazon and Facebook certainly are not sharing liberally, as this is a big part of their revenue streams too. Their competition can benefit us in our defense.
You also forget time. There is historical data, current data, and future data. You can tackle all of these, and they should be addressed differently. You can remove data and that can prevent future players or potential sales of your data. But we should also be really aware that the future data is most important. You change over time and they want to track these changes. The more you can limit their access, the more you fight back. One easy method is to use email masks. You can do this for free or relatively cheap, but I've changed most of my logins to unique emails as well as unique passwords (fwiw, Mozilla Relay integrates into Bitwarden, making this simple). I've now been able to track who is leaking my information to who, and better adapt to the environment. It also means that if one of these sites gets hacked than I can easily burn that email address and not be forever locked in a circulating list.
So I just want you to realize, you haven't been defeated yet. As long as you generate new data, there is time for you to fight back.
> If Google has say three different ways of figuring out who I am and I eliminate one of them then nothing has changed.
That's not true! If Google has three ways and you eliminate one, and nothing else ever happens, then you might as well not do anything. But if there's one approach to data security that protects you from one kind of tracking, and you "set it and forget it," then it's chugging away in the background not really protecting you now—but if you later "set and forget" two other approaches to data security, then, together, they might have eliminated the problem, even if none of them individually made any difference.
Long ago I started only using browsers in private/incognito mode with ads blocked with the idea that I was preserving my privacy in some meaningful way. It's been a few years since I realized this alone was a futile exercise because there's a lot of money paying for a lot of resourceful people whose raison d'etre is to poke holes in my fig leaf. It's small consolation to know that what I'm doing might work for the long tail of sites while doing nothing to hide me from the big players.
If you eliminate fingerprinting, that is in and of itself a fingerprint. If you block cookies, that is too. So the person with your IP address and blocks fingerprinting and cookies is you. Someone with your IP address and only blocking cookies could be you as well on another device, or a family member on their device. Either way, they're on to you
Even a random Fingerprint can be used as identification since you will always have some static values between each session. The better approach would be to get in a big enough group with the same/similar fingerprint. That's how tor browser works.
Classic example with theZuck claiming privacy is dead, yet goes off and buys the houses around him so he can have privacy while creating one of the largest privacy invading morally bankrupt companies.
Is it though? I don't think even rich individuals enjoy good privacy today. It's just that personal embarrassments cease to matter when you're rich and powerful.
There's a big difference between something you post intentionally that doesn't age well versus theZuckTracker5000(TM) that follows you every where you go on the internet without you explicitly consenting to it. There's a difference between showing people you went to suchandsuch ___location with suchandsuch friends doing suchandsuch that might only be legal in 28 states versus knowing exactly what you bought from where for how much and when. The graph you make with your posts is not the privacy being discussed. It is about the graph made by the invisible data paparazzi selling the most intimate and private bits of your life with whoever has the cash vs some paparazzi catching you in an unflattering situation from a mile away with a telephoto lens while you think you're having a private moment.
I know. What I'm saying is that I don't believe one can escape the network effect of the surveillance apparatus by being rich. What wealth and power can do, is make those who have it immune to the consequences.
One of the fascinating effects of the EU's GDPR laws passing is that you can see european data get more expensive for data brokers to sell (I don't have sources for this, just something I read somewhere). Ostensibly, you now have a way to compete with different legislatures as to who is doing the best job of protecting their constituents' privacy-just see who's data is most expensive to aggregate/resell.
It's hard to discover how much money is being made off selling user data, and I think this only leads to smaller companies trading in user data to disappear, while the larger players can do more with your data behind the scenes. The larger companies having fewer competitors allows them to spend more of their time on finding ways that are "legal" to track users, ones which are technically in compliance with existing laws. Maybe my way of thinking about the situation is different than yours, and I could also be completely wrong. I am just much more pessimistic when it comes to how much value is in user data (especially as AI develops more), to think that larger players won't do anything they can to collect user data by finding loopholes in the law, or allowing themselves to be taken to court because the laws aren't defined well enough.
Larger companies has always been able to break the law and get away with it. That is unlikely to change. However laws do have an effect on such companies, because their protection is only as strong as people are willing to give them exceptions. When they break the law too much and looses popular support, the result in targeted laws that either break the large companies into smaller chunks or impose additional laws that just target the big companies (sometimes by name).
I agree with you, but I think that having fewer smaller players makes it easier for bigger ones to get away with far too much. If smaller players existed, they could fight to keep the amount of data extracted smaller so they were able to continue existing. Of course, this is a dream, but worth thinking about (at least in my head as a though experiment on keeping privacy more constrained so bigger companies didn't have as much to work with).
For me, privacy is a way, or tao. It's how I carry myself, internally, externally. And I know much of my effort is ineffective. I know I'm oozing identifiers and unique signatures everywhere.
But to me it's similar to posture, or maybe hygiene. I stand tall but know I'm feeble. I wash but know the bacteria persists. And I actually think the invasion of privacy is analogous to bacteria in its inevitability, ubiquity, and perhaps even virulence snd symbiosis. It's a kind of day dream - one that if ever presenting actual opportunity, I will seize if I can grasp it. But I've come to not expect much of it, however much I desire it or make token efforts toward.
But I remain closely aligned with its principle. And I sustain its spirit. Primarily, I uphold it by valuing, respecting and defending the privacy of others where I'm able. There's a different kind of privacy, and vaguely but formidably unassailable solitude, for those who value the sanctity of others. I think it reduces the value of the corrupt currency of data, in some small way.
But I don't think I'd survive long without ublock or the cozy alcove of foss. Nor might I want to.
Again, and tediously, with my rule of thumb about privacy technology guides:
Here's a concrete example: Let's say your friend just told you they moved their communications from SMS to Signal. This is something to celebrate! Your friend just improved their data privacy a lot by deciding to start using Signal instead of SMS. It is absolutely not the time to tell your friend things like "Okay, but you're not even using Firefox!
If a privacy source suggests that Firefox is an absolute improvement over other browsers without actually laying out the security tradeoffs you'd be making by adopting it, you should trust that source less.
I would personally go much farther with this analysis; I have categorical opinions about the relative security of browsers. But you don't have to follow me that far down the path to see the merit of the rule, because if you think "just use Firefox" is an uncomplicatedly strong recommendation, you're simply not paying attention to browser security at all, in which case: why are you making recommendations?
You’re quoting from a hypothetical discussion scenario, not an actual recommendation.
They do indeed recommend Firefox (as a third choice, after Tor and Mullvad Browsers), and the recommendation page doesn’t go into reasoning, sadly, but it does discuss some pitfalls of the default config and how to fix them: https://www.privacyguides.org/en/desktop-browsers/#firefox
Most are, most are affiliate link-farms in disguise as well, and privacyguides.org is written in response to such guides.
It is called privacy guides and not security guides for a reason, and many of our basic "recommendations" are geared towards a specific threat model that does not include, for example, being targeted by law enforcement or others with access to zero-day vulnerabilities or similarly targeted exploits. They are geared towards avoiding commercial-grade tracking, especially by corporations, and dragnet mass surveillance programs.
This is why we place so much of an emphasis on threat modeling before suggesting recommendations in the first place though, to make sure readers know exactly when the recommendations apply to them and when they instead need to seek additional resources. We have countless pages within our community forum detailing why and when Chromium is technically superior to Firefox.
This is also why we don't recommend Firefox on mobile devices at all, because while we do feel Firefox on desktop is adequately secure for many people, we don't feel that is the case on Android, unfortunately.
Anyways, thank you for your insight. I will look into making this more clear at a glance.
Privacy is dead. But its all the more worthwhile to resurrect it.
When someone might benefit from marginal privacy, its best to ask who they want to be private from. Sometimes the juice is worth the squeeze (Privacy from ISP, Spouse etc) sometimes it isn't (State actors, large corps) depending on how much effort they want to put in.
It's also important to remember how easy it feels to setup and use when it's all done and working.
When you're starting out you're learning everything and trying to adjust your current usage with the limits of the private alternatives. And then we live in a society there is the learning curve for those who want to interact with you and are somehow willing to cooperate and use a more secure/private thing than the tool/service they're used to.
Let people get better and encourage them to keep going is definitely the right advice. The tone, intent, and timing of telling people how to keep going further is as important as the advice or recommendations you're giving them.
I don't trust Privacy Guides. They must have some kind of deal with Brave. They didn't accept Brave and then out of nowhere they start accepting it with the excuse of having a Chromium-based browser.
Hey, I'm Justin from the 501(c)(3) fiscal host of Privacy Guides, MAGIC Grants. Us board members administer the funds for Privacy Guides, and we are different people than those who are on the Privacy Guides committee.
I assure you that Privacy Guides has not made a deal with Brave or any other of the tools that it recommends on the website. I'm happy to address any other questions about raising funds if you have them.
There are lengthy discussions about whether to recommend a tool or not on the Privacy Guides GitHub and their forum. There is a lot of great context there.
> There are lengthy discussions about whether to recommend a tool or not on the Privacy Guides GitHub and their forum
The process doesn't strike me as consensus driven? Mods/team have become gatekeepers (both for persisting with existing recommendations or adding new ones), including aggressively shutting down conversations/threads they personally don't like (I was told, all moderation actions are final, regardless of who on the team does it, even if why they did it doesn't hold water). I imagine, such a rigid setup is in response to prevent bad faith actors (but then, I lose count of how many times team/mods have called others "extremist", using it as a slur, just because ... reasons).
It is hard to definitively prove ulterior motive, but other folks do observe such nefariousness and come to their own conclusions, valid or not, as GP has done.
All that to say, the way it is currently run, "discussions happened" isn't really the defence you think it is.
We don't have a deal with Brave. It was added almost 3 years ago, and nobody has even proposed removing it in the time since. Furthermore, it would be insane and likely illegal for a public charity to strike a deal to serve an undisclosed advertisement for a product from a private company.
I think our position on Brave is clear enough from the very first paragraph in the guide:
> We recommend Mullvad Browser if you are focused on strong privacy protections and anti-fingerprinting out of the box, Firefox for casual internet browsers looking for a good alternative to Google Chrome, and Brave if you need Chromium browser compatibility.
> We recommend Mullvad Browser if you are focused on strong privacy protections and anti-fingerprinting out of the box
Just want to put emphasis on “out of the box”. Changing any of the default settings will cause you to stand out. The fingerprinting protection is essentially to have a bunch of people all using the same browser with all of the mechanisms used for fingerprinting being either disabled or giving the same results on all installations; everyone has the same fingerprint.
We cover that too [0]. In addition, while I wouldn't blanket recommend a VPN usually, it's important to use a VPN in conjunction with Mullvad Browser (specifically). If you're not blending in with a crowd of similar browsers at the network level too, the fingerprinting protections are a bit pointless.
> Like Tor Browser, Mullvad Browser is designed to prevent fingerprinting by making your browser fingerprint identical to all other Mullvad Browser users, and it includes default settings and extensions that are automatically configured by the default security levels: Standard, Safer and Safest. Therefore, it is imperative that you do not modify the browser at all outside adjusting the default security levels. Other modifications would make your fingerprint unique, defeating the purpose of using this browser.
> We recommend Mullvad Browser if you are focused on strong privacy protections and anti-fingerprinting out of the box, Firefox for casual internet browsers looking for a good alternative to Google Chrome, and Brave if you need Chromium browser compatibility.
What about a WebKit based browser?
"Orion comes with state-of-the-art ad and tracker blocking enabled by default, unlike any other browser in existence... Beyond blocking all ads and trackers by default, Orion is also a zero telemetry browser. It protects you from websites on the web, and the browser itself never leaks your private information anywhere."
They specifically state on their page for the Brave listing (and all the other ones) that they aren't affiliated with any of the projects they recommend. They also list the criteria they have for listing a project. If you think something shady's going on, perhaps you could point out which of their publicly available criteria Brave doesn't meet?
Agree. Firefox is the only browser I "trust". It does the best job of respecting the user out of any available option. I am the user and I deserve respect. You are also users, and you deserve respect, too.
In their defense, I think it is good to have a more private chromium browser if we’re talking about the subject of accessibility for new folks. Much easier to get them off chrome proper.
I dont understand the needed distinction between "chromium" and "non-chromium" browsers, thyre just web engines and ultimately technical details. Although chromium having significantly more compatibility (or chrome features that websites use) the average consumer will be using websites that keep strict accordance with webstandards to support safari.
For technical users its another story but for the average user the web engine of your browser doesnt matter, just the shell around it, so I find it quite silly the notion we need X browser and also an X chromium browser
Some people think it’s important to support more browser diversity by not using chromium-based browsers. Some people also think that it’s bad to use pretty much anything produced by Google. Plenty of reasons to want non-chromium browsers
For me personally, it comes down to diversity. If all other browser engines "go under" and we are only left with Chromium, websites can only be built for 1 browser. Although Chromium is a great engine (evidenced by how many browsers are built on top of it and how widely the underlying Chromium engine has been embraced), it's not without quirks, bugs, flaws, and vulnerabilities.
Firefox is built from the ground up in a different way from Chromium, with its own set of bugs, quirks, flaws, and vulnerabilities. There may be some overlap, but having entirely different architectures means we keep pushing the compatibility envelope, we get "copycat" features, where one engine does something great and the other implements it in a way that works with their own engine, etc.
It's just better to have more than 1 browser engine around. I wish it wasn't so difficult to start a new engine from scratch today, the sheer amount of features a web browser must have to get people to even consider reading your About page, and the overwhelming complexity of modern webstacks, mean you basically have to be grandfathered in as a browser that's been around for decades and has a huge amount of community support.
I am aware of alternative browsers, Arc and the like. I'm very happy to see someone seriously go after an entirely new browser engine that's not Gecko or Chromium, and the traction they're gaining while not being "fully featured" sort of sums up the sentiment of my message (I hope). Having alternatives is good.
And there’s the other side of the coin: some websites break in Firefox (and other non-Chromium brewsers, perhaps). I’m keeping Ungoogled Chromium just in case (and for testing my own websites, of course).
(Remember to complain politely, but loudly, if something works in Chromium only.)
I only started really using Firefox as a daily driver probably two or three years ago so I’ve been lucky to have my compatibility be like… 99.9%. Little snitch and my VPN break far more sites than Firefox does. But I keep brave on hand just in case.
I am somewhere in the middle. If people could see something like Privacy Guides that is trying to be a primary privacy resource, and then look up any advice on another source, it could be useful. People aren't used to challenging something they read when it comes to privacy from a "trusted source", and I think that should be a key part of privacy and security. Try to find other sources, that aren't connected, to back up a claim.
third approach, is to batten down the hatches as tight as possible,pragmatism, with the objective of seeing as little proof, ie: targeted adds, inbox invasions, etc. That they are in fact violating privacy rights wholesale.And so one ,not see or hear much of the material bieng pushed. Two, as a bonus, knowing that it's costing them. And three, returning serve by useing the web and its tools, to sell my business and things for sale, but in a manner that requires a customer to perform a search.
"Binary thinking" and "zero-sum game framing" are (ime) extremely common logical facilities that affect even highly educated people. I think the reason for this is that these framing are approximate solutions. But truth is that approximate solutions are often insufficient. Very few things are zero-sum games once we incorporate that pesky variable "time". I often see this framing with economics, yet a rising tide lifts all ships and even poor men (in developed countries at least) are far better off than kings of old. Similarly, one of the greatest advancements in logic in the 20th century was where (one of) my namesake noted that a binary decision has a third answer: "indeterminate"[0]. This is also at the heart of both computer science (halting) and physics.
I see this mindset a lot with privacy, and I think a lot of it is apathy or more that people have been run down. I'm at the tail end of a CS PhD and I even have a hard time convincing people in my program to communicate with me over Signal vs text. Common answers being "they have my data anyways" and people buying into a whole ecosystem. But truth is, fragmenting your data is an important part to data privacy. You minimize what you can, and what you leak you try to distribute. Information's power is in its aggregation, so you make it harder to aggregate.
I think it is the same as with security. There's no real perfect security[1], and realistically security is more about putting up speed bumps than impenetrable doors. Just sometimes your speed bump is so large that you got to build a car that couldn't fit on the road if you want to make it over (you can always brute force a password). The goal is to make it too expensive, too time consuming, or too costly to use that route or maybe even to attempt an attack in the first place. The same is true for privacy. Make them pay more for that data. Make it harder to aggregate. Make your data as noisy or indistinguishable from noise as possible (small footprints are better than extra footprints). Because this isn't a zero-sum game instantaneous game, this is a constant battle and it is always cat and mouse.
But I do think we as the programmers, the developers, the makers, should also have a serious talk about the consequences of surveillance capitalism. With any engineering, it is always easy to get caught up in the upsides and downplay the downsides. The path to hell is paved with good intentions, not malice[2]. Every engineer has to have a code of ethics, surely Ethan Zuckerman didn't foresee the hell he created, and had good intentions. While we don't build bridges that can collapse (actually... we do) there can be no doubt that information can be weaponized. It seems no matter what your politics are that this is recognizable and in conversation. And I think these conversations can still be had in an apolitical setting (which I hope we will do here, but I understand the pull towards that direction[3]). I do encourage apolitical discussions because these can be had within the workplace and can be had without starting fights. I do believe that many people will often find themselves on the same side when had conversations not initiated this way they would not have. At the end of the day, it requires a community to make these changes and even if we disagree on some things that doesn't prevent us from working together towards common goals.
[0] Godel was said to have been inspired by the paradox "this statement is false" but that's probably folklore. "Indeterminate" here is equivalent to "this statement cannot be proved"
[1] Okay, I know, but if you know then you know what I mean here
[2] I think it is important to recognize that evil is often created when good men are trying their best. So be careful when making attributions, because evil is sly and subtle. If it weren't, we'd have purged it long ago.
[3] I believe that the discussion around "Turnkey Tyranny" often helps with keeping things apolitical. Because one needs not say that any one party is or will become tyrannical, but we can remain abstract in a future scenario and consider the risk-reward calculus (I'm sure more relevant than ever).
It does also need to make a difference though. If Google has say three different ways of figuring out who I am and I eliminate one of them then nothing has changed.
Let’s say IP address, fingerprinting and cookies.
In that sense it is somewhat all or nothing. Either I’ve eliminated all three or I have not. I know that’s not precisely what the author means by all or nothing but there are certainly dynamics at play here that are not a smooth continuum