I started thinking about threat modelling in respect to cleaning up my internet presence, and my interest in future content creation. I started looking around about handling Youtube privately, which turned into researching threat models.
On one hand, you have people who are presently closer to a kind of “school of fish” theory. A lot of info is probably out there, nothing I can do but move forward and be more cautious. I tell myself my interest is how can I balance keeping my life compartmentalized while still interacting, sharing, and engaging with everything life and the internet has to offer?
Just reading that stresses me out. I don’t know anything about “How to be Invisible”, but if it gave reasoning for living like THAT, I’m terrified. Why would I want to live my entire life constantly lying, or have so much time take up with dozens of fake everything? Should I? It’s a great illustration of part of the problem for me too: the sheer effort and knowledge base allegedly required for “privacy”. If you don’t have the means to buy a new device for every account, or knowledge to build and program all your own devices - or god forbid you just want to interact with people and be a person in the world - what’s left?
I almost hope people will do the opposite of that thread, and reassure me that I don’t need to be like that to be safe, or that it’s acceptable to keep money in banks, live at my address, or tell my friends my name. If not then it’s pretty much over for me I guess.
EDIT: Or this one: A Modest Privacy Protection Proposal
Which includes becoming homeless to avoid data leaks, not using phones, spending thousands on trusts and LLCs and fake things to be safe and “private”. Contacting state officials to get yourself removed from all public records. The plans I entertained to get a PO box is only “better than nothing”. Their “very basic” moves all sound so extreme to me.
I feel this must be a satire based on A Modest Proposal, but even I can’t genuinely tell.
Threat modeling is done before you take action. It sounds like you are trying to do both at the same time. Take a breather, and figure out what’s important for you. Sometimes you’ll find that you’ll make tradeoffs for convenience and certain benefits as you run into them, but this comes later on. Start with a basic idea of what you want to secure against, and that will let you know where to start making changes now. Then you can iterate on your first round of changes as you close gaps.
I’ve been ruminating about this all day. One thing I realized is a worry that digital privacy might not be for me.
I want to talk to people. I want to participate and chat and be a known entity. I’ve even entertained content creation.
I’m also worried about being hacked, doxed, or something Terrible happening because of my lack of opsec.
A great example, my biggest privacy sin is Discord. I’ve been on it for about 8y, and I’ve shared all manner of things. I’ve been in mental health groups and still am; I’ve shared all manner of stuff about my life throughout the years. I’ve been leaving and joining new servers throughout the years with my changing interests - I first got invested as I am through gaming groups, then a small group that split off and like I said, talked about everything. That group has drifted away over the years. So I join others, and overshare there, and so on and so forth.
So people come along and explain how Discord is a privacy nightmare and at most you should never use it for anything personal, it seems like it’s all over especially because there are no alternatives.
I don’t even WANT to get rid of my account, I’m too emotionally attached to it. And the “private” process of making a new one in order to not talk and had perfect opsec just isn’t worth it for someone who wants to spill their guts or at least shoot the breeze about their life.
Honestly that’s my problem. I want to be “known” - I’ve been just as much an open book on public forums in the past, those posts are long buried. But I also worry about the consequences, and would like to keep other things separate or distinct.
TL;DR: Threat model. Your future self will thank you.
Then do so.
Ok you are worried, but how likely is it to happen? As @overdrawn98901 threat model first. Don’t take action and threat model at the same time. You’ll burn yourself out.
You don’t have to delete your account. You really don’t. Discord is definitely not that privacy respecting, but it doesn’t mean you can’t be more private on there. Like for example, use the PWA instead of the app on your PC and phone, that way, you can restrict access that Discord has to your device. If you are willing too, try and migrate your personal DMs to something like Signal or SimpleX. You can then just keep Discord for community. These things already vastly improve your privacy.
That data will eventually bring no value to companies or people. Things will change in your life in the years to come. While the damage has been done, that doesn’t mean you can’t prevent future damage.
I will be honest here, I too was in a similar boat a little while ago. I too was thinking “oh should I stop using the internet? Should I stop engaging with people over the internet? Should I isolate myself from the entire world to stop surveillance of me?”. All these questions come down to one solution: threat model. I used to think that I should use Tor for everything I do online to stay anonymous and to be “totally” private (already in itself is impossible even with Tor). It was not till I took a step back, and took the time to evaluate my threats. Sure, there is still some data online floating around about me, but what I have done now, even simple things, like switching my browser and my search engine, already vastly improves my privacy. Don’t take everything in as a threat to you.
I feel like these kind of things are not talked about enough in the privacy community. That’s why it is important to remember “Privacy is not black and white, it is a spectrum”. Just like @Jordan stated in a recent video.
Eric Murphy on YouTube, also made a fantastic video about this topic (which seriously PG should include it as some kind of resource).
Privacy Guides has a great threat modeling guide in case you didn’t see it.
Privacy is not binary. It’s not a win/lose game. The only way to win is to be a hermit in the backwoods in a the cave. That’s plain stupid for most people.
I’m a privacy enthusiast and advocate, but I am not a privacy maximalist. I have a Discord to be involved with some communities. I use WhatsApp to stay in contact with some friends. I turn off my VPN sometimes when I need to. My threat model is geared against surveillance capitalism, but I’ve made incremental steps in getting closer to better securing that, and stopping where it actively hurts my quality of life or I’m unwilling to make those changes.
I have gained privacy from where I started my journey. I have not made it miserably by isolating myself socially.
That’s one of my biggest problems with “alternatives” to things like Discord and Reddit - there is no userbase. Everyone suggests Element, but there’s no one there unless your favorite hobby is coding or enhancing your privacy.
Though I’ll still probably worry when I hear the next round of “Discord is literally the WORST THING for privacy and you should never use it!” Incidentally I already use it primarily in browser, though I’ve had it on phones (both sandboxed and not) throughout the years. Never used the client.
Earlier today I was looking at OSINT type stuff, and worrying about photos. I don’t take a lot of photos, or post selfies really ever, but I might want to in the future, am I doing something terrible? I’ve also expressed an interest in content creation, and looking for ways to keep that and my regular, dysfunctional online self separate sent me on this adventure.
I first learned more about digital privacy years ago, and I think I had similar freakouts. I switched over to Linux recently (on the recommendation of a Discord acquaintance, in fact). I rarely use Google unless it’s on a public computer, and Proton VPN is great. I still have several gmails for things. I traded in ChatGPT for Llama run locally, esp for personal questions. I’ve made more of a habit of scrubbing accounts as best I can, including going through and deleting super old Discord messages for a kind of minimalism; reduce down to the servers I use or that have sentimental value. Even for my behavior on social media, I keep telling myself I’m more concerned with individuals and servers, or with a kind of “image management” - do I really want to share that, do I need to be that kind of person, etc, even if I still want to make use of venting chats or mental health groups, especially because there IS NO REAL ALTERNATIVE. Not one where you can find a public server and meet people.
That behavior change has been a slow process with mixed results. There is a certain peace to taking some things offline, but as you and Overdrawn said.
It’s the desire to be more social combined with the fear that nowhere is “safe” that gets me.
Exactly this. Not sure why people thought that going private is going full tinfoil hat living in cave somewhere away from the society and from the open internet. Its a spectrum, not black and white.
As example if everyone here took privacy to the far extreme, this forum wouldn’t even exist. We all be a hermit in an antartica cave.
Since by prioritising privacy and/or security would often lead to some sacrificed convenience, threat modelling is exactly to find your personal thin line between your privacy and your modern convenience.
