posted at 2020-08-24 17:37:20 UTC(UTC)
@sir @mke I appreciate the write-up. One thing you don't mention is two factor authentication, which would be an important criterion for me. For access via a client like Thunderbird rather than the web, the only one who seems to offer 2FA is Protonmail via their bridges, acc. to another mastodon user when I tooted about this. I don't use protonmail for several reasons (likely overlapping with your dozens), but this I like. I just wish I could find it elsewhere.
posted at 2020-06-19 19:19:58 UTC(UTC)
@aktivismoEstasMiaLuo @thenewoil Anything taken from Google is favorable to #privacy long-term, given their reach and ambitions. Among not-Google's, companies publicly hammering privacy as a value are helping by making privacy a clear value to consider when choosing #search.
posted at 2020-06-13 17:08:07 UTC(UTC)
@Decentralize_today Maybe Signal is better than many options, but centralization still means it is susceptible to compulsion. So Briar is better, especially for the threats that protesters face (attacks on infrastructure, NSL's, etc.). Note too that the availability of code does not tell us what is running on Open Whisper's servers, and since there is no federation (again, since Signal actively prevents it), there's little we can do about it.
posted at 2020-06-04 02:24:28 UTC(UTC)
@Decentralize_today Not to heckle you, but FEH. Signal snarfs your contacts, uses your phone number, is centralized, and actively prohibits federation. Their statement is fine, and EARN IT does suck, but if you want to make EARN IT and its inevitable successors moot, you use something distributed and robust. #Briar, maybe (I have no affiliation, but last time I checked they were doing good work).
posted at 2020-06-04 00:51:04 UTC(UTC)
@Decentralize_today Not to heckle you, but FEH. Signal snarfs your contacts, uses your phone number, is centralized, and actively prohibits federation. Their statement is fine, and EARN IT does suck, but if you want to make EARN IT Act and its inevitable successors moot, you use something distributed and robust. #Briar, maybe (I have no affiliation, but last time I checked they were doing good work).
posted at 2020-06-04 00:50:31 UTC(UTC)
@aral It's interesting how some developers invest time in personal narratives to shore up their answer to "can you trust the people who make it?" For example, when you read the many stories that Moxie Marlinspike has posted on his website, are you more likely to feel that you can trust him?
I also think about someone like Ladar Levinson, or the Calyx guy (whose name I forget). They've been tested, and went to the mat, which should count for something.
posted at 2020-05-07 22:41:00 UTC(UTC)
Anyone know what happened with the exemption given by Mozilla's HTTP Observatory to Cloudflare's __cfduid tracking cookie? Looks to me like they buried the attempt to remove it.
posted at 2020-04-05 14:56:49 UTC(UTC)
@info_activism I will just leave this here as well 😀
"For ORDER OF MAGNITUDE, I viewed every one of these recordings and used them to build a supercut drawn from three of Mark’s most favored words: “more,” “grow,” and his every utterance of a metric such as “two million” or “one billion.” The result is a nearly fifty minute film that reveals primary topics of focus for the tech CEO, acting as a lens on what he cares about, how he thinks, and what he hopes to attain."
posted at 2020-01-02 23:20:35 UTC(UTC)
Thoughts on taking money from #Facebook?
They now sponsor #privacy research directly:
They give large amounts of money to organizations with a privacy-focused mission:
Is it possible to just take their money and do your work? Is it unfair to compare this to "the BP endowed chair of environmental protection" or "the Phillip Morris center for lung cancer research?" I have my views (clearly) but I recognize disagreement here as well.
posted at 2019-11-19 14:57:43 UTC(UTC)
@neoncipher Somehow, I had never watched that documentary. It was very powerful; thank you. I see surprising cravenness among academics faced with losing funding, as these conferences would if they turned down sponsors. Counterexamples that have impressed me (on open-access) were Mathematicians boycotting Springer (http://gowers.wordpress.com/2012/01/21/elsevier-my-part-in-its-downfall/), and ML researchers on Nature Machine Intelligence (https://openaccess.engineering.oregonstate.edu/home). On #privacy I can't think of counterexamples.
posted at 2019-01-17 05:30:16 UTC(UTC)
Privacy conferences certainly don't mind having the likes of Google, Facebook, Palantir, and Acxiom among their sponsors (https://fpf.org/about/supporters/). Prominent privacy researchers don't mind serving on the board of Palantir, either (https://www.palantir.com/2012/11/announcing-the-palantir-council-on-privacy-and-civil-liberties/)
posted at 2019-01-15 06:51:38 UTC(UTC)
@janvlug How about something like what readthedocs does? https://docs.readthedocs.io/en/latest/ethical-advertising.html
posted at 2018-02-09 00:57:55 UTC(UTC)
Has anyone noticed the sponsors for #privacy conferences / events are ... interesting? Examples I've seen, off the cuff: Facebook (SOUPS); Cisco, Intel (#DataPrivacyDay); and ... Acxiom, Euclid Analytics, Palantir, etc., (Future of Privacy Forum, https://fpf.org/about/supporters/). I am conflicted about whether to speak out on this stuff to organizers.
posted at 2018-01-28 21:59:00 UTC(UTC)
@deutrino @peter @torgo
May I highlight this fundamental issue, from that discussion:
"... any study that lumps browser vendor and version differences into its analysis of the fingerprintability of a population is largely useless for evaluating either attacks or defenses. Unfortunately, this includes popular large-scale studies such as Panopticlick and Am I Unique."
posted at 2018-01-25 19:32:46 UTC(UTC)
#introduction. Joined this instance by referral. Student of #privacy technology in its many forms, and generally of civil rights online. Lover of #libraries; enemy of CYBERCRUD. Run #OpenBSD, #Debian---when I want a trusted opinion, I pipe to cowthink. #philosophy #ai #crypto #blockchain #floss #libre #pgp #gpg #gnu.
posted at 2018-01-18 17:44:47 UTC(UTC)