I was originally going to name this thread share your favorite privacy memes and infographics, but it would seem staff and other members object to sharing memes. I personally think they are both compelling ways to communicate important ideas about privacy fast, even if I recognize that some memes are not helpful.
I love the articles on PG and elsewhere, but I have noticed that for privacy and other issues I care about most of my friends and family will not read articles I send them. Not even a short one.
On the flip side, mini infographics get basic ideas around privacy across without requiring much effort. They can be the crumbs that lead to your friends and family reading the articles and watching the videos you want to send check out.
I want to build a little collection, so I have a variety to choose from and share. Please provide the source of your mini-infographic if you think it’s generally good source for privacy information.
I’ve never found this basket of eggs thing compelling. If my basket is very secure (other people can’t get the eggs easily) and very protective (the eggs are less likely to be damaged), I can reduce the number of points of failure by keeping them all in this basket.
An example is that I often see people say they keep their passwords in bitwarden because they don’t want everything in proton. However their proton password and possibly their webauthn is in bitwarden, so compromising bitwarden means compromising their proton. They could have kept everything in proton, gotten a couple physical FIDO 2 keys to protect their account, and made their information easier to manage more carefully.
Using multiple services tends to mean at least some information is going to be duplicated as well. I prefer to have my private information as few places on the internet as possible while also retaining offline backups. That allows migration to other services if it becomes necessary, but reduces the number of places my information could be leaked from.
It can be valid to use multiple services, but I don’t think it’s an inherent benefit. Don’t keep even a single egg in a basket you don’t trust. The reason why having all your data in google is bad is because of how your data is handled and what unwanted additional information they collect, not that it is all on google per se. That and the fact that psuedo-monopolies aren’t great for society.
Behold, the fool saith, “Put not all thine eggs in the one basket”—which is but a manner of saying, “Scatter your money and your attention;” but the wise man saith, “Put all your eggs in the one basket and—WATCH THAT BASKET.”
One of the reasons I like LRNG + ChaCha20 + BLAKE2 + Argon2id. Single computational hardness assumption (ARX) instead having to rely on multiple ones being secure.
Although I don’t fully agree with you, there is value in your criticism. The most important thing is having the ability to choose. And there’s an argument to me be made that Proton doesn’t give you that choice since they don’t allow their users to subscribe to multiple services under the same account. They want to force you between a subpar UX or upgrading to Proton Unlimited. Proton wants you to put all your eggs in their basket. They won’t settle for just two or three. It’s one or all. That is not choice.
With all that being said, this was not the point of this thread. The point of this thread was to invite others to share their favorite mini-infographics, so that others can use them to share with their friends and family. To the extent that the message of this infographic is valued and adhered to by many people in the privacy community, it is worth sharing.
If you don’t think the message is valuable, that’s fair. Don’t use it. Share infographics that convey the privacy messages you think are worthwhile. That’s the whole point here.
I was going to try to respond at length, but I’ll try to avoid derailing the thread more, sorry. But I do want to say that with proton it’s purely an issue of billing, rather than a lock in. You don’t have to use every service just because it’s available, while they in no way try to prevent you from migrating to another service.
I recently migrated my passwords to bitwarden to make use of duck aliasing. If proton truly wanted to me locked in, they would not have provided a password export function to facilitate exactly this action. Exporting emails is harder (command line), but they still let you let you do it. They are being responsible here. The prices for everything are also similar to what buying 2-3 services separately would cost.
I would post an infographic, but I don’t have any, so I’ll try to avoid posting more here. I wish you luck with those and appreciate the civility in disagreement.
That’s fine. I don’t object to discussing the message of the infographics. I just want to invite people to share the ones they find compelling here. I don’t deny that there are benefits to putting all your eggs in one privacy suite, whether it’s Proton’s or any other trustworthy privacy company.
I’m simply saying there are also drawbacks and you gotta weigh the pros and cons and do what’s best for you. I don’t have an issue with anyone putting all their eggs in the Proton basket. I just think all users should have the choice to pick and choose.
I’ve heard people say that before, I was still skeptical then, but even more so now, since Proton introduced add-on subscriptions for new products like Lumo and Proton Meet. Proton doesn’t want to include those services in Proton Unlimited without raising its price. That is proof that there is nothing preventing them from allowing people to just pay for Proton Mail Plus, and Proton Pass Plus under the same account. But they continue to refuse.
There is a difference between being subscribed to Proton Unlimited and only using Proton Mail and Proton Pass, versus only wanting to pay for Proton Mail Plus and Proton Pass Plus, with the same account, which is not possible. In the first, you’re paying for something you’re not using. In the second, you can’t pay for just the services you want.
Allowing users to easily migrate from one password manager to another has always been a common practice by the companies behind them. If Proton didn’t allow that, they would receive a lot of criticism. But just because they have good practices that are in the interest of the customer, doesn’t mean they don’t have bad practices that are against them. Two things can be true at the same time.
No worries. You don’t need to go search for them. I’m sure you will stumble upon some eventually, and you can share them there when you do.
Gotta love that SimpleX that leaks IP address to service provider by default is below Tor that actively hides it. The problem with memes and infographs is they’re usually not easily patchable when errata is spotted. And the misinformation spreads.
In my opinion, about the clear web, a tun of web-apps could totally work by keeping user data only in the user device & therefore not requiring any sign up involving phone/email. If it’s paying app, payment can be in crypto and processed by generating a bunch of rsa keys to identify the user and associate the payment on the server before delivering the features.
If web services & apps don’t do that, but pretend they work for your privacy, then your privacy is their product.
Therefore from any privacy list, me I would remove anything that is asking for phone/email/address/credit card payment and also, and that’s a big one, that is using google analytics on their websites.
Imo, from my researches, I don’t think it can get more private for clear web services than save data client side encrypted (as we do), with when required, auth by rsa signing… Or can it ? What could we do or add to make our apps even more private ?
bottom line => Features only should be the product in a free world.
You don’t need to go search for them. I’m sure you will stumble upon some eventually, and you can share them there when you do.
