|
|
|
|
|
|
by lordkrandel
210 days ago
|
|
|
You think so because you belong to the US groupthink. You cannot "buy" privacy and security, that's an illusion. Buy many workers' time making big fences and reviewing code, you're not "buying security". Anyway, privacy and security are rights for everybody, not only for the rich. Every developer should care and defend them. Otherwise you'll have to buy security and privacy for all the projects (and people) you care about. And that could become impossible, depending on how large your heart and scope are. If you become rich to just screw all the people that trusted you with a crappy product with no security, then to me you are just a fraudster. |
|
|
A medical clinic owner, a restaurant owner, an e-commerce store owner, and other business owners cannot spend much time on computer security and computer privacy. If you are not a business owner, then you are a janitor, a marketer, a store clerk, and so on. If a car salesman spent all his day on hardening his linux machine, he will become flat broke.
You can also buy some levels of security and privacy from purism and other similar companies. Buy a computer with Intel ME disabled from purism and other companies. Enable (mullvad) VPN, and implement browser isolation by installing multiple web browsers. Use a local password manager. However, you can go much further than that by configuring firejail and hardening firejail profiles through manual tweaking. You can also configure linux network namespaces and isolate applications in different network namespaces. There's even more. Security and privacy are an infinite rabbit hole. If you keep going in the infinite rabbit hole, you will grow old and die before you can do anything actually useful with your computer. Should a car salesman listen to you and learn about purism, Intel ME, firejail, browser isolation, VPN, apparmor, linux network namespaces, linux firewall, and so on? No! Hell no! Even if you are a software business owner or a programmer who is in charge of security and privacy, you cannot obsess with the infinite rabbit hole of security and privacy. If you spent years and years on linux kernel hardening, sandboxing techniques, linux network namespaces, and other things, then you won't be effective at all. As I said, it is an infinite rabbit hole, and you can be OCD about it to infinity. Infinite obsession with a specific aspect will kill everything you touch. You haven't stared into the infinite abyss, but I have. That's why you think people should obsess with security and privacy.
Also, if you are a software business owner, then you are not going to write code yourself. You are going to hire other coders. So, you have to buy security and privacy for your software product by buying programmer labor. If a business owner specifically pays programmers to work on security and privacy, then their software will have better security and privacy. But, I wasn't talking about a software business owner. I was talking about other kinds of business owners who may or may not want to harden their own personal computers. A restaurant owner cannot harden his personal linux system to the degree that I have, or he will lose his restaurant because he spent a year full-time on security and privacy.
I think the vast majority of people including car salesman, restaurant owners, and so on shouldn't obsess with security and privacy so much that they lose their jobs and their businesses. Security and privacy are basically a form of safety. If you are so paranoid about thugs and disasters and spend a year full-time on hardening your own house, then you will become very poor and lose financial security and financial freedom. If you obsess with safety too much, you will lose both freedom and safety. You should be rational about it, and "personal" computer safety should not be more than a small hobby if you run a business where "computer" isn't the core business. Businesses like medical clinic and restaurant. If you are a software business owner, then you should just pay coders to implement security and privacy because you can't specialize in many things and still be effective as a businessman. A businessman can't be an effective marketer if he has to write a lot of code.
There is a reason for division of labor and specialization. If you don't specialize in one thing, you will be flat broke. There are more than million specializations, and it's ludicrous to want to force people to obsess with one specialization. That's like saying everyone should learn how to play piano at expert levels. That doesn't mean you neglect security and privacy, but you should be rational about it and not make it more than a small hobby. If you have no profitable specialty, then natural selection will take you out.
Yes, everyone should learn martial arts at expert levels for self defense. Everyone should become an expert pianist because music is good? Martial artists would love to hear that. Learning martial arts takes years of dedicated efforts. A businessman can't be an expert martial artist, an expert piaist, a linux privacy expert, an expert businessman, and so on at the same time. If people listen to everyone else, then everyone has to be everything at the same time. That's impossible.
A few options I recommend
1. Don't care too much about privacy. Live as if there is nothing to hide. Then, you don't have to worry about leaks. You don't download movies. You don't download music. You don't distract yourself. You just focus on work.
2. Buy computers with Intel ME disabled from purism and other companies. Run (mullvad) VPN. Implement browser isolation. Use a local password manager. Call it a day.
Both options are viable. Option 2 can be done even by a restaurant owner although most people would just opt for option 1 unless they are interested in privacy and security.