I was watching Eric Murphy's video on "Privacy faigue" and it certainly provided some food for thought. (https://www.youtube.com/watch?v=Ab6ryHD_ahQ)
I like how he conceptualizes privacy as multilevelled, with no one-size-fits-all solution, which should be tailored based on the individual's threat model.
So, with that in mind: what would y'all consider your threat model?
As far as I'm concerned I suppose my main goal is to avoid advertisements, particularly targeted advertisement. Additionally I would obviously like to avoid getting hacked, but I know I'm not being targeted particularly (and wouldn't be a worthwhile target anyway). Curious to see if I have any obvious blindspots that could be remedied based on everyone else's answers.
i'm thinking long term - sure, right now google knowing everything about me isn't dangerous. but if a massive political slide to the right happens in countries that host services, suddenly all the saved data from many years ago can be used against me. and don't fall for the "end to end encrypted" bullshit either - all these services can flip a switch and have your encryption keys instantly. (or, if its an open source app that ACTUALLY keeps keys on the device only, which is extremely rare, it's one update away from happening, and you better read the whole diff every update and compile the app yourself.)
that's why i choose to self host everything. yes there's a risk of being hacked, or installing something malicious because i don't read every diff on every update. but i feel more confortable with it being my own responsibility, and my services are also all on seperate virtual machines to hopefully isolate any breaches.
That's not how end to end encryption works.
Your scared of a slide to the right but already falling for their propaganda to undermine privacy by destroying encryption.
Would you consider all activists on the same threat level? I was imagining what the Just Stop Oil protesters in the UK might consider their threat model, I'd imagine it would be different to an activist in Iran or Russia for instance. Am I wrong?
If we were talking about the EU or the UK, probably you're right. But in the US the situation is not great afaik
same for EU, Yep,
They explain that it will be to prevent the child abuse content, but we already know,.. its false.
I found the Anarcho-Texh security guide helpful in getting started thinking about this with more nuance. I’m including the link below but here’s a short summary
Are you an: Individual Journalist Targeted Activist
Are you annoying: Random assholes Assholes with resources The State
Each category has bigger security needs on one side and more powerful tools on the other. It’s kind of humbling to realize that I’m just an individual and the NSA has no special interest in me, but that makes me feel better using a separate browser without additional security to shop on sites that block a VPN etc
(Also tbh I’m not sure when this page was last updated and I have no involvement with the org. Just a cool resource)
https://github.com/AnarchoTechNYC/meta/wiki/Persona-based-training-matrix
