this post was submitted on 19 May 2024
107 points (88.5% liked)

Privacy

32029 readers
1613 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

When I announced I would be closing my communities earlier this year, a curious thing happened: a surprising number of regulars replied with some variation of “I think this is my exit.” While some were specifically talking about Matrix, claiming that mine was the only room they were really active in and therefore they saw no point to having a Matrix account anymore, at least one specifically announced they would be quitting privacy entirely, save for a few basic techniques like using a password manager and being mindful of what to post online. While I didn’t expect the number of people responding that way, I was expecting that response from one or two people. If you check any given privacy forum – especially the ones with a heavy overlap of mainstream users such as Reddit – you’ll find no shortage of people asking “is all this work worth it?” and/or announcing that they’re giving up privacy because it’s too much work. So what gives? Is privacy worth the work?

you are viewing a single comment's thread
view the rest of the comments
[–] Imprint9816@lemmy.dbzer0.com 21 points 6 months ago (3 children)

I really appreciate privacy articles that talk about threat modeling as it seems like its the biggest part of privacy people miss.

[–] MigratingtoLemmy@lemmy.world 7 points 6 months ago (2 children)

The problem with a threat model is that higher threat models are plainly dismissed by the community. For example, if your threat model is to escape the NSA, it doesn't matter if you're using a burner over TAILS to post this message, you will be dismissed.

The problem is not the tech, it's the community that doesn't want to engage

[–] Imprint9816@lemmy.dbzer0.com 6 points 6 months ago* (last edited 6 months ago) (1 children)

Let be honest, If your threat model is truly to escape the NSA you probably shouldn't be risking being on social media.

I think part of the reason people dismiss the idea that someone could have that big of a threat model is in most cases it would be unbelievably bad opsec to risk talking about your threat model on social media or something like the privacy guides forum.

[–] MigratingtoLemmy@lemmy.world 3 points 6 months ago

Except that forums are exactly the best place to talk about (at least in theory) better OPSEC practices. Crowd-sourced knowledge is fairly good in technical spheres, even if they try to influence it

[–] refalo@programming.dev 6 points 6 months ago

Not only that but I think there's not enough middle road. The very tech-savvy people either seem to not care about privacy at all, or they think glowies are out to get them. Of course, it's not paranoia if they're really out to get you. But most people are not as interesting as they think they are, and their threat models do not match their reality.

[–] BearOfaTime@lemm.ee 5 points 6 months ago

Threat modeling is hard.

Just like anything, that beginning step to assess where you are, and where you want to go, is critical.

Frankly my threat model is way too ambiguous...and I'm trying. I can't imagine trying to convince non-tech folks they need a threat model assessment and then walk them through it, design a plan to improve their security/privacy.

Hmm, well, sounds like I just described a consultancy.

[–] SomeAmateur@sh.itjust.works 2 points 6 months ago

Yeah I'm not really trying to hide from the govt, but I would vote on limiting their power if given the chance. Anyway, what I don't want is every corporation I deal with (car, bank, phone, apps, isp, etc) to track me so excessively.

If the govt did get curious it would take zero leg work, just ask those companies that are very willing to hand over my data to damn near anyone, or hold onto it long enough to have it stolen.

So with that in mind limiting corporate surveillance and limiting ease of govt surveillance is essentially the same thing, but the govt has the ability to put in the work and get you if they really wanted to.