[thought experiment] the WORST possible case scenario happened. now what?

It’s already in the title but, just to really get the point across: this is JUST a thought experiment, I’m NOT saying these things are going to happen 100%

It has been undeniable that, this year A LOT of moves against online privacy were made in a worldwide scale, with a lot of recent events, I can’t help but wonder on a “worst possible” case scenario, while I could add WAY more stuff to make it the worst possible, I will be focusing on things based on recent moves:

1- A worldwide UK OSA, many US states are already demanding ID verification for accessing certain websites, Brazil has also approved a similar law to be enforced by March next year, and even Australia now demanding “ID verification” for something like Github, now let’s imagine a worldwide OSA, EVERY country requiring ID verification for accessing websites, basically rendering VPNs useless (as you can no longer just, from the UK put your VPN somewhere like Switzerland/Netherlands since they will also be doing the same thing)
2- Chat Control, while there has been a lot of fighting against it, I really don’t see this being rejected, but let’s take a step further and, imagine it as a worldwide thing instead of EU only. MANY countries out there (such as India, Russia, Turkey, Brazil etc) would LOVE to just backdoor every single messaging app as way to spy on people that disagree with the regime, and, once again falling under the same thing as an worldwide OSA, if EVERY country is doing this, you just can’t run from it through VPNs (it should be noted that, I surprisingly can’t see the US doing something similar to this at this level, but don’t rule it as unlikely)
3- The “Apple-fication” of Android/Death of GrapheneOS. Google has been made a lot of horrible decisions regarding AOSP in the past months, of course the main issue here is the sideloading of apps, which Google wants to enforce ID verification for app developers which at this point everyone knows of (and, that I sadly think it’s unavoidable, ever since 2016 the plan has always been to Apple-fy Android, it’s just, in my PERSONAL opinion, going faster now as a way of mass control) but let’s just go a step further: NOTHING is stopping Google from just, making Google Pixel’s bootloader no longer be unlockable, and keep in mind that to this day NO ONE has managed to bypass the bootloader lock for Verizon’s Pixel devices of the FIRST generation (nearly a decade by now btw) which would just be a complete deathblow to GrapheneOS (and keep in mind that, GrapheneOS has been getting A LOT of attention, specially in Spain, so you shouldn’t be surprised A LOT of politicians think it shouldn’t exist.) while for the devices that have been able to run Graphene we’d still get support for as long as they still have security/firmware updates, after they are done, it would really be the death of private and secure phones, and with Android and iOS not even having any difference among themselves anymore (no removable battery, no microsd slot, no headphone jack, no sideloading, nothing, only price and specs being the sole difference)
4- Russia’s MAX application. Basically for the unaware: a Russian state-funded WhatsApp clone which installation on smartphones has been MANDATORY (it’s the same as China’s WeChat in a way) and will also come preinstalled on new mobile phones of Russia, not only it mandates an ID to register (meaning no anonymous account) AND, of course it has backdoors so the government can read all that you say, it can also spy on all of the phone’s processes, check for what apps as installed and even unsent texts are leaked (basically if you have MAX installed and you also have say, Signal/SimpleX, MAX will send this info the Russian goverment) and it also records geolocation, records videos and sounds AND what is happening on your screen (even if you’re not using it). Now let’s take this a step further and, while once again, I actually can’t see the US doing something similar (but don’t rule it out 100%), I can totally see the likes of Europe/Australia and other countries doing something similar (just remember the “selfie verification” Australia did to enforce lockdowns back in 2020) just take a look at OSA/Chat Control, while the EU wanna criticize Russia, they are no different when it comes down to want to crack down on online privacy/anonymity (and just so someone doesn’t completely tries to say I said something I didn’t: no I don’t support the Russian government and I never will.)

And these have been the main things I’ve been thinking about recently, while I could go and make this much worse such as saying “all computing will go full ARM like Macbooks M Chips and making it impossible to forever use Linux”, I actually feel I’m more likely to randomly receive tomorrow 1 million in my XMR wallet out of the blue than this happening honestly (I could go on as well about crackdowns on private/anonymous crypto wallets/methods of getting XMR/BTC with no KYC/the death of paper money but this really outside of the scope of this, you may add your opinions on this if you want although) so let’s just focus on the above points and imagine the following: the WORST happened and, ALL of the above things have happened, OSA is now a worldwide thing, and so is Chat Control, Android is just the same as iOS now and GrapheneOS can no longer save us AND all governments worldwide mandate the installation of a state app for further mass surveillance, the question I make is, WHAT to do in this scenario?

While I do believe that, technology will always find a way and we will develop something to escape this, it SADLY won’t be quick, and projects always come and go (RIP DivestOS, I truly loved you) due to many reasons, so, on the above scenario WHAT would you do?

And, I feel it also needs to be said: while, YES I can see that, if every single country tries to do something like OSA/Chat Control would just create a financial incentive for some country to just “what if I don’t.” and try to make money out of this, I sadly can just see any country that tries to go against this as being HEAVILY sanctioned/scrutinized and having A LOT of propaganda to make the common folk view it as a bad thing, kinda like how, on popular perception, having a bank account in Panama/some Caribbean nations is seen as a “bad” thing like someone is a criminal/money laundering/has illicit money they are hiding, same thing but applied to apps in a way (and, honestly for most people, specially US citizens, there’s already HEAVY legislation that makes it so that, doesn’t matter if you have a bank account in Panama or whatever, they will know and they will still want the money etc)

1- ID Verification. My country has privacy enshrined in our constitution. If other countries have a similar situation, it’s unlikely (or far more complicated) for this to happen world-wide. There will court challenges. The majority of any countries population will have to vote to change the constitution.

2- Chat Control. This is a tough one. I used to think Briar as the obvious solution but if Google starts blocking side-loading, only those on degoogled OSs will be able to install it.

3- No more GOS. I remember life before the smartphone and, if forced, I can go back to what I did before the all-in-one device. Camera, MP3 player, paper notepad, making phone calls at home.

3- All computers with stock OS. Buy several used computers. When one dies, move to the next one. I’m in my 50s so I could buy enough to last the rest of my life. Continue with Linux.

Tor would probably become a large part of my life and this would be a very steep learning curve for me.

“Rambling”

I’ll will be using Denmark as boogeyman why because fuck you Peter Hummelgaard and also it’s a open secret that the Danish government helped the USA to surveillance/spy on their own citizens and other country’s in Europe from the Edward Snowdon leak.

ID verification will probably be something like the Danish MitID just for every big sites. Every country’s has to make their own MitID system, it will probably make it a lot easier for each country government to surveillance their own citizens. I don’t think a phone app is going to be mandatory it isn’t in Denmark.

Chat control is a bit too hard/early to say. I have no idea how they want to enforce it. But Denmark already uses AI to scan all SMS. So encrypted chats is the logical next step.

The Google side-loading block is really scary in many ways. It will probably not stop most of us from side-loading. But it will be a very big block for non-tech people from downloading a ”Backdoor Free Chat.” enten if a chat magically get verification by Mr don’t be evil what stopping them from banning it by country to country bases?

Is also in the Danish constitution 3.1 but it isn’t stopping them from shitting all over it.

I hope we are just getting hammered with bad news lastly nothing going to pass. Surely.

the problem lies on the “degoogled phones” honestly on a security level, cause while we could very well all go back to something LineageOS/wait for something like a DivestOS 2.0/get a Pinephone and run some Linux mobile OS like postmarketOS, the level of security would be subpar to Graphene’s, making exploitation MUCH more possible (by both state agents which, I don’t think we can fight, but also bad actors too)

this much is true, however, the question now is society as a whole. I have no clue where you live (I will assume US maybe?) but, in a lot of countries, using something like WhatsApp is sadly a must, entire economies are moved and function through that, not having whatsapp is basically akin to being socially outcast/left out of a lot of stuff (even a lot of important announcements of stuff are done through whatsapp these days where I live, like if they are having classes tomorrow etc) and let’s not even get started on going out to eat AND they just have no more menus and only QR codes (although one could argue against eating out often I suppose)

I try to do that as much as possible honestly, it’s a pain sometimes and I often don’t know if it’s the network or my own network but, it’s somewhat doable, I could’ve went on to also put in a worst case scenario the “total death of Tor/I2P” (since there has been a recent article throwing shade at Tor iirc + the guy running a Tor relay being arrested) but, while I could see them going after it, I don’t know if they could REALLY ban Tor/I2P from existing.

my thoughts too, although I do believe that, even if we can stop Chat Control, stop the death of sideloading (this one is actually much tougher to stop imho, never seen some company before backing out of a horrible decision, maybe sometimes they do for a bit but then when nobody is expecting they announce something big to distract everyone and put what they wanted in the small letters of the announcement so nobody picks it up) AND the 4chan/Kiwi Farms wins in court against the UK OSA thingy, I believe these will be forever battles we will have to fight, Chat Control, OSA etc WILL make a return and it will be up to us to keep on fighting it.

And, I guess that one thing I could see happening as well is, immigration of people from countries trying to do this to poorer countries that either technology is not that accessible/plays a role in everyone’s life so big like it does nowadays in a search for privacy, if you’re from Europe kinda like how people fled Europe to America in the 19th-early 20th century in hopes of restarting life, maybe we are about to see something similar again (even if Brazil is currently doing an OSA of their own, and while I don’t know if many other countries in the continent are to follow, I could see Colombia trying something similar soon) and, I could even see Africa playing a role on this too but I digress.

Honestly we just have to wait and see. It is still the same old cat and mouse game.

If GrapheneOS died then we just have to adapt. I think we are slowly learning only relying on GrapheneOS for anything is probably a bad strategy a specially if it relying on a monopoly that can easily kill it if they wanted to. If GrapheneOS raising white flag tomorrow then hopefully someone else will raise the flag fight on. May not be as “secure” at first but sadly we just have to adapt as we go. I think the QubesOS strategy has shown to be more future proof.

The Google side-load block there will probably be workarounds. Maybe User profiles, Private space or Work profiles will work or someone will make a sandbox’ish launcher or a jail break. Who knows.

Chat control there will be still be encrypted chats enten if it passes in every country in the world it’s to late for them enforce it 100%. The real question is can we use it on phones or how hard is it get it to work on quote n quote normie phones.

As we are getting closer and closer to Orwell’s nightmare. I think we should be looking more at.

• Compartmentalization: You can pretty most applie it to everything and you can go as extreme as you want.
• Relying monopoly is bad enten if the monopoly makes quote n quote more secure, Hardware/Firmware/Software you’re shooting yourself in the foot long term.
• Self-hosting is probably not as big of a sovereign meme as I thought after all.
• As @anon32558482 pointed out there are nothing wrong with vintage tech. And is probably the most future proofing thing people can do.
• Support FOSS devs where you can.
• People really need to start defining what they mean when saying X software is more secure then Z Software, security can mean 100 different things.
• Torrent is probably the future for private media. I mean Linux distros ofc.

Etc, etc.

Lets see based on my opinion and facts I’ve heard

All those scenarios you’re describing and assuming they’re everywhere, even in Japan and all of United States and EU, and you add surveillance of cameras. Well basically we’re doomed, at the end of the day how can you escape.

Also the whole russia max app, how does it even work, is it preinstalled on even Apple and Android devices with no way to uninstall them on both?

but then ill count one by one then:
1- Again wordwide as in even in Japan? Impossible, culturally, Japanese people DEEPLY Care about Privacy, real or digital, a single clue of such an age verification scheme passing would make Japanese people protest and Politicians who oppose will be making serious movements. But let’s say that’s not the case then, then in that case, we would be fighting cat with mouse or going to alternatives.

2-I still stand by 1, but way less severely than before. It would unfortunately cause everyone to be wary of what they say and/or it would likely adapt an economy where now it is mandatory to pay yearly/monthly for a lawyer in case your content gets scanned and detected for what a government deems “illegal content” so you have a law firm to fight in cases those happen. Kinda like how by law we need to have car insurance to even legally drive. Alternatively we collectively as citizens Urge Apple to fight with us (peaceful protest turned to a mega corporation pinning down the government for it. Like how the Visa and Mastercard mass calling happened: calling and talking in a peaceful manner and if the rep was rude, remain calm as they get too many calls and insist to talk through this.). Apple markets privacy as a human right, Urge Apple to join the collective fight and then they have a positive headline and keeping that marketing in tact. Unless Apple doesn’t wanna do this which then will give huge doubts (as it like kinda already does at this point, just worse) about the Apple Privacy marketing they’re giving.

3-By then GrapheneOS would have their own phone in house by the major OEM so Google removing the ability to lock the bootloader will not be a problem when you could resort to this method.

4-Still dont understand how the whole MAX app thing works, I dont think even Apple in china preloads WeChat, at this point as before, GrapheneOS phone or Apple Device (both also have many protections preventing from what alot of the Russia government is trying to do with the app). Sorry not sorry

Finally, self hosting would mostly solve 2’s problem, probably even 1 for self hosting search engines, invidious/piped youtube instance, reddit instance, self hosted AI etc. All combined using Tor and Tails if you so luckily happen to have one, saave.

Everyone finds that tech savvy family or friend and they evenly go together about acessing that one’s server and/or doing it themselves.

(of course this will excludes games and gooner content, but especially for gooner content, hey at least I would take a god damn retirement for once, games seeing china, likely not much of a problem, especially with age rating systems in place, but some creativity hindering tends to happen in china with gaming, not most but some.)

god this was a thought experiment and a half not gonna lie, I do have to preface I doubt anything as extreme as that will happen, at least as you stated, EVERYWHERE(I doubt), so yeah

Max (or Rustore which is a government owned app store) comes preinstalled with almost all major vendors (obviously chinese) except Apple. Gov representatives had negotiations with Apple recently but they failed. Since this is mandatory country-wide measure, local resellers are forced to mark imported apple products as “No Rustore/Max installed” to warn potential buyers and to avoid any legal responsibility. For now it works. That being said Apple products are hardly a bargain or a viable mass solution since they’re insanely overpriced in Russia (minimum additional 300-400usd over US retail price), also almost every major banking app is removed (due to sanctions), so is everything that remotely represents a vpn solution (Apple removed them by request from the government, which is fun). Max as an app is available in the App Store though, with no sanctions or other repercussions in mind. Max is positioned not as a communication platform but as a universal platform connected to almost every government service that is available such as taxes, applications for ID’s, document sharing etc. So without this app on your phone you won’t be able to use any service. Also local digital currency is coming within an year, allegedly in september of 2026 and it’s going to be tied to your Max ID. As much as I value privacy and respect any effort in that direction, I don’t see any real means to stop or counter this. As I see it, the only option to survive and act in this is to blend in - any generic tech, mindfully and rarely used.

I don’t think it’s as black and white if you are looking at Japan’s car industry it isn’t really screaming privacy just as a example.

Also one main reasons I think the Japanese care deeply about privacy right now is probably because they are 99% Japanese and has very low crime rates if crime rates changes the Japanese’s will most likely demand safety and stability over anything else.

If you look at scandinavian history. You will see the same, scandinavia they are trust based societies and their people (not governments) they’re culturally really private home and publicly but as crime rise they started to demand more safety and stability. Iceland and Faroe Islands is good example of this.

I only skimmed the post but I’d say that at the end of the day, we’d need to try to build computers which are freedom-respecting and secure by design from the ground up. This is incredibly difficult to do when related projects are fragmented into a thousand pieces, but I’d like to hope that as things gradually become more authoritarian, more people would be motivated to work together and pool resources. Anything less will probably be a game of cat and mouse where we keep losing so long as things continue to get worse, which I think we should expect for the foreseeable future.

Sorta off-topic but it does seem like ARM and/or RISC-V are going to take over x86 in the future, but I don’t see how that’d be the death of desktop Linux. Linux already runs well on most ARM processors I’ve seen (especially those used on mobile devices and SBCs) and as I understand it the only issue with Linux on M-series Macs is that the community has to reverse engineer everything which takes a lot of time, especially since Macs aren’t very prevalent or in-demand in the Linux community.

Alright you both calm down
As null said they don’t wanna get political

I wanna make it clear that I’m reffering to the idea of age verification passing in this country, not in general. Jesus Christ

Please do not equate this to general data practices of Japanese corporations, they do not go together in this context.

I know. What I tried to say countrys politics changes as reality change. USA and Europe would also never had accepted age verification 20 years ago and would had protested it.

I would have preferred to use political issues in Japan but honestly I don’t know what issues they are dealing with.

Thanks for understanding at least, I appreciate it. I agree, that’s why I added the like “Let’s say it’s the opposite then and that Japan also passes age verification” kind of thing