tim: Tim with short hair, smiling, wearing a black jacket over a white T-shirt (Default)
This article about applying harm reduction to your secure use of the Internet has been going around. I can't share it in good conscience without adding a few things to it. I work for Google, but the following is my personal opinion.

If you're concerned about your data being collected (and I understand that you may be concerned about Google retaining your data not because you think Google will use it inappropriately, but because you fear that the federal government will require them to surrender it), use Chrome without being logged in. People disagree on how safe Tor really is, but my odds are on "not." If you don't have the level of technical expertise necessary to read the source code for yourself, you probably shouldn't be risking your life on it. It doesn't guarantee full anonymity. The reasons why are fairly complicated, which is a good sign you might want to avoid being lulled into a false sense of security.

For email, I wouldn't really recommend riseup. The author alludes to this, but: any widely used anarchist/radical site has been compromised already. Having a low volume of data makes you an easier target.

A friend I trust has confirmed that Signal is trustworthy. I agree with this article that regular SMS is not secure.

Passwords: use a password manager, turn on 2-factor wherever you can. Pretty much what they say.

Google: Don't log in when searching if you're worried (use multiple browser windows). As an insider, I can say Google takes user trust and privacy extremely seriously. I can't share everything that backs up that belief, but I will vouch for them.

It was pointed out to me that: "Turning off geolocation on a cell phone doesn't do much; the government can and will subpoena cell phone tower records which provide enough geolocation information."

If you would like to see how Google works with government requests for data, watch this official video on how Google responds to search warrants.

I don't trust Duck Duck Go any further than I can throw them, honestly. I would say the same thing about any other small service. They may be trying to do the right thing, but there are lots and lots of ways to retain more data than you intend to, and it takes a huge amount of human resources to not do that.

tl;dr: Only big companies have the resources to actually protect your privacy. Whether they want to do that is a different story. I'm confident that Google does want to do that, because without user trust, Google has no business.

Pretty much nothing is resistant to the government coercing you or your friend with the email server or Google into giving up data, because coercion is how the government works.

Use non-discoverable media when possible. Talk in person.

Whatever you're doing, think about what security people call your "threat model": what are you trying to defend against? What concrete risks do you face if your data gets into the wrong hands? What are the benefits of using a communication mechanism that's subject to surveillance? An example of threat modeling is your bicycle lock: if you have a nice bike and you ride in a major city, you might want to carry a heavy-duty Kryptonite U-lock at all times, plus extra locks for the wheels. That's because you can infer, based on information that you have, that your bike is attractive to thieves, there are many thieves, and they will try hard to steal your bike. If you have a rusty bike and live in a small town, you might be OK with a cable lock because the benefit of not having several pounds of metal to carry around outweighs the risk of theft, and a good U-lock costs more than your bike did. You can think about analogous trade-offs as they apply to your use of networked communication technologies.

This is one post where it's perfectly fine to well-actually me if you have security or systems expertise.
tim: A person with multicolored hair holding a sign that says "Binaries Are For Computers" with rainbow-colored letters (binaries)
There's a thing that happens sometimes when language changes, which is that people mistake a conditional claim for an absolute one.

For example, a person of color might suggest that the terms "primary/replica" could be used instead of the technical term "master/slave", to avoid trivializing an extended era of structural violence which to this date the United States has never made amends for. A white person might reply indignantly, might condemn "language policing" and say "you can't tell me what words to use!"

Now suppose I make the claim that an adjacency list uses less memory to represent a sparse graph than an adjacency matrix does, at the cost of making edge-existence queries less efficient. Is anybody going to tell me that I'm algorithm-policing or that I can't make them stop using an adjacency matrix? I don't think so, because they would recognize that I'm stating that there's a trade-off implicit in your choice of data structure: make edge-existence queries faster, or use less memory. I'm not telling you how you should resolve that trade-off, just that there is one.

Like engineering, language involves trade-offs. Continuing to use the term "master/slave" in technical contexts where it's historically been used arguably has the advantage of being a well-understood term, as well as saving the time that would be spent explaining and possibly defending the decision to switch to new vocabulary. The disadvantage of continuing to use "master/slave" is that it alienates many Black Americans, among others.

It's up to each individual to decide whether they want to resolve this particular linguistic trade-off on the side of subjective clarity, or of making as many people as possible feel welcome. To point out that a trade-off exists isn't to demand that it be resolved in one particular way. It's just to help people make decisions that reflect their values, just as explaining engineering trade-offs helps people make wise use of the resources available to them.

Another politically loaded technical term is "divide and conquer". Recursive algorithms aren't inherently violent or militaristic -- why not "divide and solve" or "divide and organize"? Again, there's a trade-off: using the historically accepted term "divide and conquer" has the advantage of clarity, while "divide and solve" has the advantage of not normalizing violence or abuse of power. You might choose to accept "primary/replica" but continue saying "divide and conquer", and that's fine. Just realize that there are trade-offs involved in both, and that the choice to continue using an accepted term whose connotations are political is just as political a choice as the choice to adopt a new term.

If I say that QuickSort has better average-case performance while MergeSort has better worst-case performance, I don't think anyone would complain that I'm telling them what sorting algorithm to use, or dictating whether they should care more about average-case performance or about worse-case performance. So why do so many people seem to interpret observations as commands when those observations are about language trade-offs?
tim: "System Status: Degraded" (degraded)
I hate to say one more thing about Steve Jobs. But last night, after I lost cell phone signal while driving through wildest Marin and could no longer listen to Pandora, I turned on the radio to an archived Fresh Air interview with Jobs from 1996.

And he had all these inspiring things to say about how at Apple, they believed that everybody should be able to use technology, and that what's more, math and science should be for everybody.

But he didn't really mean it, because the people who work in factories in China assembling Apple products don't get to learn about technology or science, because they're paid such low wages that they can't possibly have time to. This is not an accident; without exploiting people this way, Apple wouldn't be able to sell you the products that entertain you so (including the one I'm using to type this post) at such low prices.

Nor do the people who suffer ill health or early death because of environmental degradation caused by Apple's manufacturing processes (they have one of the worst environmental records in the tech industry) get the chance to enjoy the delights of math, science and technology.

So when Steve Jobs said that technology was for everybody, he didn't really mean everybody, and he knew it, and everyone he was speaking to knew it. "Everybody" means white people, upper-middle-class people, Westerners, people who have privilege. Everybody else just doesn't quite make the grade of being considered "people".

And that's one of the fundamental problems I have with working in the field that I hypothetically still work in: you have to listen to people saying all these grand things about access to technology, and you have to know that those grand things fall somewhere in between meaningless and mendacious because they're deeply predicated on the maintenance of social inequality. You have to know it without talking about it, because the price of talking about it falls somewhere in between hostility and banishment. You have to embrace hypocrisy.


tim: Tim with short hair, smiling, wearing a black jacket over a white T-shirt (Default)
Tim Chevalier

March 2017

5 678910 11


RSS Atom

Most Popular Tags

Style Credit

Expand Cut Tags

No cut tags