All of the below examples aside, why not? Why should your wanting to hide something be any more sinister than what you want for dinner? And if you yourself don't have anything to hide, awesome. Is it not worth protecting my right to hide things should I want or need to?
There are many reasons to desire privacy other than wanting or needing to hide something. The existence of this site does not invalidate those. But one great technique, when someone holds a rhetorical gun to your head, is to just reach up and pluck out the bullets, reclaiming and sanitizing the opposition argument. "If you have nothing to hide, you have nothing to fear." "Guess what, I do have things to hide, and that shouldn't get stigmatized."
"If you have nothing to hide, you have nothing to fear." "Guess what, I do have things to hide, and that shouldn't get stigmatized."
The argument isn't about hiding things, it's about the right to privacy. The right exists whether you have something to hide or not or whether you like to swim or anything else that irrelevant.
And if you don't "have anything to hide" your right doesn't automagically go away.
I disagree with the phrasing -- it shouldn't be about what you want to hide, it should be about what you want to show. I always go back to the same argument: if you're OK with the government recording absolutely everything, does that include the bedroom? The bathroom? I'm not doing anything illegal in there, but it's definitely not something I'd be OK with sharing with the world at large.
I firmly disagree. Hiding things is a hack; the actual solution is to change society such that exposure entails no significant consequences.
Sure, as a band-aid to make existing real people feel secure? Hiding things and keeping them hidden is fine. It's just an indicator of how far we as a society still have to go.
Do remember: "it's our responsibility to hide things to support freedom and democracy" is the exact argument used by the government against things like Wikileaks. The exact argument.
I'm not sure I follow your logic. So are you saying if we were a further advanced society people could have sex a crowded bus or restaurant and we should just all accept it and not expect them to get some privacy?
I'm not suggesting anyone should be ashamed of sex. I am suggesting that most people want that moment to be private and even those that around them want them to keep it private as well.
"Do remember: "it's our responsibility to hide things to support freedom and democracy" is the exact argument used by the government against things like Wikileaks. The exact argument."
The government does not have the right to privacy, we do. And exercising that right is well doing something we have the right to do.
It is the response to the argument that "If you don't have something to hide, you shouldn't mind having your rights trampled on" with the attendant presumption that anyone with something to hide must be a criminal or a T7t.
I understand that we're in an individualistic society, and that personal concerns are more effective at driving behavior than societal concerns, but as the responses here show that many people equate hiding with guilt we might as well address both :)
Third parties are happy to extract value from data you share. Even if you’re not doing anything wrong, controlling that information has an impact. The way I see it, saying “I have something to hide” is, WLOG, the same as saying “I want to control what gets shared with whom.”
EDIT: If the site author is reading this, tip #6 misspells ‘diaspora’ as ‘dispoara’.
I hear this response often to the "i have nothing to hide" camp. Feels to me like we would have something better to say. Pointing to one thing most clearly wish to hide is just not a good comparison with the digital breadcrumbs we throw around. They dont compare.
We have all come to accept that some people are able to know when you walk down the street past their store, if they wish. The bus driving is free to mentally note when you get off and on the bus.
Telling people to wear masks when walking outside because our daily routine is as equally private as our sex lives, just does not equate. At times I feel this line of argument belittles everyone and their opinions in debate.
OK. Supposedly,I have no expectation of privacy when I am out in public. Certainly, anyone could see me go into a particular store. That is not the same as following me around everywhere and noting down everything I am doing. Most people would call that stalking. So what if I have nothing to hide? It is still creepy and inappropriate. This is my main objection to widespread surveillance cameras and an analogous argument applies to my online activity.
You are arguing for a world that might benefit you, will definitely benefit intelligence creepers, and would be considered by most human beings undesirable and downright hostile. Expect resistance.
Exactly. The phrase 'something to hide' has become synonymous with 'something illegal' or 'you're doing something wrong', when in reality everyone has things they simply wish to keep private.
'I have something to keep private' isn't as punchy. Also it doesn't go far enough. 'My entire life is private' is closer. Of course my public interactions aren't AS private; but still largely private (its nobody's business what laundry detergent I buy at the public supermarket).
I wasn't talking about the title of the article, but in general. Those in support of these surveillance programs have worked hard to conflate 'something to hide' with 'something illegal' so that most people will go along with them as they have 'nothing illegal to hide.'
"Would you allow a stranger to enter your home, and look around?"
Yeah, that's how you make friends. Certainly not into government spying but this is a ridiculous comparison.
Reminds me of those piracy ads that try to convince you not to download music by saying "you wouldn't download a car". It's like pretty different and of course I'd love to download a car.
I'm down for the cause but I don't think talking to people like they're idiots is a good way to rally support.
>Yeah, that's how you make friends. Certainly not into government spying but this is a ridiculous comparison.
I disagree. The wording might not be perfect, but the comparison is sound imho.
Potential friends aren't typically total strangers. You are usually at least considered aquaintances at first. And potential friends don't typically go "looking around" your home on the first visit, either. They're usually quite respectful of your privacy from what I have gathered over the years.
They don't just get up and search for a bathroom, they'll ask you where it is.
Really? I always know someone a fair bit before they're welcome in my home. I'd invite some of my co-workers here, people I go to clubs with and the like. There are some local community projects that are effectively run from my home, since that's where we have all our meetings. But even then, the idea of picking a random stranger off the street is a bit... no.
It's not ridiculous at all. Would you? Would you allow a stranger (not a friend, but LEO) to just "poke around" to make sure everything is up and up, and to look through your phone to see if you've taken illegal pictures? Called anyone suspicious?
It's absolutely the exact same thing, and you are incorrect, sir/ma'am.
Not to mention the website wanted to drop a cookie too.
I block cookies by default, and only allow manually selected sites to set them. Even then, the default for allowed is only until end of browser session.
So unless the cookie was something like "irony=true", it should not have been there. (I didn't bother to look what value it tried to set.)
Unless you're trying to demonstrate why. It doesn't seem to be the case here, but you could probably get the point across better if you simply showed people how much information you could gather about them.
This week's episode was pretty cool from the viewpoint of someone who works on communication efficient distributed computing. The story (for lack of a better non-totally-spoiling word) seems to be ahead of the research community there ;)
> Have your server at home. Why? People would need to break into your house to get your data.
Really?? Don't tell people things that are patently untrue.
Your home server can be hacked remotely. And if you don't fully trust the hardware and software in your server then it is probably already compromised.
Physically keeping your server in your house, by itself, does nothing to increase your cyber-security. Its like trying not to get sick by avoiding handshakes, but welcoming coughs and sneezes in your face.
Could be relevant: http://blog.higg.so/2015/04/29/do-ad-blockers-and-anti-track... I wrote this in response to all the silver bullets being offered as a solution to fingerprinting. It turns out, it's a hard problem and not a quick fix. A small excerpt:
"The EFF have released a tool called Panopticlick that creates a lossy hash of your browser. The idea behind the tool is to issue each user with a very unique browser footprint that is used to definitely verify you are the person visiting a page. I stress the importance of definitely because the tool can zoom right in to an individual at the personal level, or a small sample size of users. (More on sample sizes later). Especially concerning about fingerprinting is how accurate it can be. If a useragent is changed, something else will give an identity away like the fonts installed on a machine, the pixel depth of a screen, or the time you visit a page. Flash and JavaScript are typically disabled by users now because they can prove too invasive"
The phrasing of Flash and JavaScript are typically disabled by users now because they can prove too invasive is awkward. I guess you must mean that is the typical motivation of people that choose to block, the problem I see is that it can be read to mean that typical users block flash/js (of course they don't).
It's a tricky one this, because on one hand it sounds like a blanket statement: that all users of a web browser disable...and on the other hand it could be entire opposite - that some users block. I don't have the numbers, so there is wiggle room for awkwardness. Please read the entire article and don't snipe out isolated sentences please.
It's not even a little bit unclear, the vast majority of people don't even use adblock and the like, never mind more invasive stuff like noscript (or turning JS off entirely). They've never even heard of it.
A primary goal here appears to be one of convincing people to use open and secure tools, but if you are already convinced of that, a far more comprehensive list is PRISM-break https://prism-break.org
I commend you for compiling all of the resources. I would like to point out that your choice of Ubuntu linux is deficient. If one was concerned about privacy the choices that come to mind are tails/whonix. Debian and OpenBSD both respect privacy
But Ubuntu sends all queries typed in Unity to Amazon by default. Canonical says that the queries are anonimized, but no one can check what data is actually leaked.
I think that adding a few other user-friendly distributions such as Fedora or Mint in the "Install Linux" step might be a good idea.
Also, I haven't really followed the developments on this story but Ubuntu did effectively spy on you at some point by sending your searches to Amazon, considering this it is a pretty bad choice to recommend it in my opinion.
Has uBlock reached "just werks" status (not referring to ease of installation)? It was still really unwieldy in terms of what it blocked/didn't block last time I tried it out when there was a thread on it.
First time I'm hearing about Disconnect. Is it really all it's hacked up to be? On first glance to me, they have a pretty package but I feel like in practice they are just as furtive as Ghostery is with the promise of blocking all the bad shit.
Nice site too btw. Great presentation for those looking to make a change with their habits.
uBlock is constantly blocking things that I actually would like to see. Wasn't able to download msu packages from Microsoft's website without turning it off as recently as last week.
It seems to hog less resources than AdBlock/etc, but I still find it breaking a lot of things. Maybe I need to tweak the settings, but with that in mind, I don't consider it to be "just working!"
Neat site. I like the presentation of talking points.
My question, though, is how does this differ from other similar sites such as privacytools.io? How do I reconcile the privacy tools listed there with the ones listed here? Most of them are different.
And thanks for privacytools.io, I wasn't aware of!
We want to spread the word that people should protect themself. Once we manage to convince, people are like "Ok, but what now?"
You'll probably answer: "Well, you have to quit facebook, start using linux and have your server at home". And the person will be overwhlmed and just say "it's too complicated."
We try to offer a gamified way: "Here is the first step, and it will take you 5mins of your time!"
Then people feel they are on the way to get better at protecting their privacy.
And if you feel we don't recommend the right one, please get in touch, we'd love to collaborate to make it better!
For me, I only saw a few things I wasn't aware of. The site itself seems to be more general knowledge about how to keep your info from being scooped up.
Just using some of the tools will thwart most 3rd parties and a significant chunk of government techniques to spy on you.
I would trust their recommendations since you see the same applications popping up repeatedly like Tails, Tor, Linux, Diaspora, etc. These are are well known tools in the hacking community and have been used and tested for years.
Speaking of which, did anyone else notice that the Initializr default favicon is still present? The owner might be wise to find his own (and to make it look less Initializr-y). :)
If you don't actually audit the hundreds of thousands or millions of lines of code comprising an open source application stack you don't have a guarantee of what's happening either.
Bugs like Heartbleed demonstrate that massive vulnerabilities can be introduced and persist in well-regarded open-source codebases for long periods of time without detection in spite of theoretical "millions of eyes". Heartbleed was, to the best of our understanding, the result of an honest mistake. What's to say that any significant OSS codebase with thousands of committers doesn't have a substantial number of subtle and less-than-honest "mistakes" of a similar character?
In proprietary software it's different. Proprietary software is less vulnerable to infusions of backdoors from untrusted sources and side channels. Proprietary software can only be audited by the developers themselves, and it will depend on the kinds of resources the developers can bring to bear directly. Companies that can afford it can dedicate large teams to reviewing and testing their codebases.
That open source code can be audited by third parties is only relevant if it actually happens, and otherwise you have only a false sense of security.