Fun? I’m not here for fun. I’m here because the big tech corporations aggravate me and I want to give them the middle finger and move away from being dependent on them and their overly greedy corporate bastard mentality of turning the customer into the product while not getting screwed over myself in the process.
I have a legitimate concern that in trying to avoid lining their pockets I could get had by some confidence tricksters. It’s like when someone gets screwed over by the medical system then turns to “alternative medicine” to get the care they needed out of the main stream system only to get taken advantage of by crack pots and con artists who sell them bunk that “works” because of the placebo effect, leaving them worse off and poorer than before. Meanwhile both the big pharmaceutical companies, the health insurance companies, AND the snake oil salesmen are laughing all the way to the bank while the rubes bankrupt themselves trying not to die.
I don’t want to be a rube. I don’t want to be taken advantage of. Fun? To hell with fun, I don’t want corporations sticking their hand so far up my rear end that they can wiggle their fingers and make me talk and vomit what money I can save for myself their way, BUT I don’t want to be conned either. Savvy?
“Fun” means that in the end if you are exposed there is nothing that you actually hide. Linux, open source, degoogled and some form of VPN is enough. Even non-bigtech email account doesn’t matter if you are sending emails to other people with gmail etc. You can’t control every detail and especially binary drivers without audited source code that is included in any device and operating system. You can also never know when some organization passes to the government or someone is bribed to implant Trojans or leak data etc. Some people are just lunatics causing havoc for no reason. The whole thing should be considered like wild West where anyone at any point can shoot you so keep the game fun. Anything serious do it offline as much as possible though probably thousands of cameras will capture you in the street while your carrier will know your position if you don’t turn off your phone.
These are very valid questions. Considering how dynamic technology development is, your PhD and private investigator’s license won’t be enough unless you dedicate all of your time on auditing the tech - which makes it not doable even for the people with the right qualifications.
Opening the source code is a good first step an organization can make. With most products, it’s almost the only step needed to help ensure privacy/transparency for the community. But with complex products like Android, it’s not enough - you can’t open source it all (as a custom ROM developer you don’t even access a significant part of it), and there are 2.5 million lines of code, with new code coming in every other week. So good luck verifying that every other week. Good example is the XZ Utils backdoor introduced in open source project - you can read the story and understand how lucky and random catching it was. Imagine how many weren’t caught.
I’ve read the argument that there are “security researchers” auditing the tech. The job of the security researcher is to see if the system works as intended without being breached by an external actor. Nothing to do with privacy design.
Attackers will always will target the weakest link in a system. And history shows that the weakest link are people.
So as much as some people wouldn’t like to admit, at the end of the day, you end up trusting an organization of people with your privacy. You trust them to:
Tell you the truth when promising they work in the best interest of your privacy
Be capable to deliver technically on the promise
Be capable to ensure that no threat actor infiltrates them (unknowingly)
Have the mechanism and process to manage external pressure, as there will be at some point in time
In the context of this, the first step which I shared as important - sharing the source code - serves as a good indication of whether an organization has good intentions, but is nowhere near enough.
I would like more info on this, switching to this on the B3 would be excellent. Feel free to dm me, etc, but, explain to me like a very low iq simpleton lpl.
I don’t know which law in particular was being referenced (it wasn’t mentioned specifically). I only know it was mentioned as a reason for the Graphine OS exit.
Yes I can imagine that some projects with certain actions would be come more of a target compared to others. But it is sad any are. And I realize you can’t go into any details. But it is also obvious this (and other) such situations are being watched with a careful eye. That is all I was wondering about.
