Mozilla’s “least to most creepy” ranking is the best resource I’ve found so far:
https://foundation.mozilla.org/en/privacynotincluded/categories/cars/
Respectfully, an article from four years ago that I cannot read in full without creating an account, which seems to just reference a calculator from FT that is over a decade old at this point (whose sources I also cannot seem to find) doesn’t impress me. Do you have anything more recent, preferably that sites sources, that you can share? I’m genuinely interested in what data is actually worth
I also feel many don’t understand the full extent, either. They’re used to using fairly secure devices in their everyday life (often not realizing how much the software they install is also spying on them), so why wouldn’t these IoT things also be secure?
In my experience, it’s all very vague and ethereal until the risks are highlighted for them. “So what if Google can read all of my emails? What could they possibly do with that information, anyway; why should I care?” is an example of a portion of a real conversation I’ve had.
I guess my first question would be: do you have a need that device can fill, or are you looking to take on a project for some other reason (education, boredom, etc.)?
I honestly don’t see to what great use a router (and modem) that was discontinued a decade ago can be put that couldn’t be accomplished with less complication and less power draw by using a modern device. I’m not trying to rain on your parade, but knowing nothing else about your situation I don’t know that I can see any utility in a device like that anymore.
I honestly wasn’t super familiar with WebView until you asked!
It looks like WebView is a stripped-down browser, more than anything else. It can leverage different rendering engines depending on the platform, and on Android it looks like it leverages Blink just like Chrome.
My turn for a wall of text, sorry!
I do appreciate your preface, and I can certainly empathize with your frustration. Like you, I think that secure, private communications is generally a good thing and I am happy that there are awesome FOSS devs and groups devoting their time and skill to try and bring stuff like that to life. It is inspiring and I really do appreciate it. I, too, have had many a similar conversation :)
That said, I cannot disagree with your "it's not that hard" statement. At best it's well meaning but wrong, and at worst it is dismissive and counterproductive. Every change of any kind has a cost, as you pointed out (correctly): there is always some friction. When it comes to something that most non-tech enthusiast users view as pretty insignificant as messaging platform's privacy policies, any entrant is going to need to have a lot going for it to overcome the existing market inertia of the current players.
Honestly speaking, most people settled on their chat platforms of choice out of convenience a long time ago. Their friends used WhatsApp, so they hopped on. Meta bought them, but did that drive anyone away? Not really. They changed their privacy policy in ways that raised all sorts of alarm bells, but did it really change anything with their general user base? The fact that they still have somewhere between 2 and 3 billion people on the platform would seem to suggest it didn't have much, if any, effect either.
And it is important to highlight that that sort of inertia - a single platform being used by somewhere between a quarter and a third of every human being on this planet - is what needs to be overcome. Even Signal, arguably the current most mainstream FOSS app designed for private (though not anonymous) communication, which has been operating for around half a decade and has millions of dollars behind its development, has only managed to capture a measly 50 million or so users.
Then there's the reality that these standards keep changing which leads to new apps and protocols coming out. Again, I don't view this as a bad thing as a techie, but it could lead a reasonable user to ask: "why bother switching to this platform when I just switched to that other platform a year or two ago?".
I don't think the argument you are trying to make is that the overwhelming majority of people should be onboard with chasing after a new, more secure/private/anonymous/whatever platform every few years, but that's what it honestly amounts to at this point. No platform has everything, and even if something were written today that does have the everything of today, there's nothing to stop someone else from developing something new to entice people away yet again especially when you factor in profit motive to do stuff like that (case in point could be Meta's entering, and planned expansion within, the fediverse).
None of the above should be seen as arguments to accept the status quo or that people shouldn't be looking to move to something better. I wrote the above only to illustrate that moving platforms, especially for non-technical users, really is hard. It's frustrating for me because I, like you, would love to see users move to privacy-respecting and secure platforms. The reality, though, is that most people genuinely just don't care; nothing can make that more clear to me than WhatsApp. That is why having bridges (that wouldn't break native security and privacy features and wouldn't potentially get your account banned) would have been a gigantic feature that maybe could have enticed the average user. Unfortunately, that is not what the Matrix bridges do so I am left without a strong reason for even me, as a technical individual, to move off my current platforms.
Matrix doesn't provide better encryption than Signal (or even WhatsApp, ignoring the privacy side), it still requires trust someone just like Signal (your own paid, or someone else's, server vs Signal's servers), and even if I do adopt it I don't know that I would feel comfortable trying to convince the few members of my social groups to move as well given they are entrenched in their platforms and don't value the few additional benefits Matrix would seem to bring over something like Signal (which most of them didn't switch to, either).
I would love something like Matrix to "win" if it is as good as you say it is, but if its biggest (maybe only) selling point is privacy and security then I really don't think most users will move. Given Signal's security and seeming lack of a profit motive to sell my metadata, I am also ok (though not necessarily screaming with joy) with what they offer as well.
If you feel I missed or got anything wrong, I am open to hearing it! I feel we agree on way, way more than we do not.
Hey, thanks for taking the time to reply!
I’m still not sure that moving our trust from a megacorp (as you put it) to some random person or organization running a Matrix server is an improvement. Even assuming the Matrix server admins aren’t selling your data out the back door, there’s no guarantee their admin accounts, or the server itself, isn’t compromised by those same corporations or others, allowing them to harvest all your data (and potentially more of your data than would be possible if you were using at least some of these services natively).
I respect that you have your opinion, but I’m not sure it makes sense to move trust from one organization/corporation to another is guaranteed to be an improvement.
From a security perspective, Signal seems to be brought up the most in these conversations, so I am surprised that you called it out between WhatsApp and Discord. Do you have any evidence that the Signal foundation is spying on its users, selling their data, or that the E2EE they natively employ is compromised?
I’m a fairly technical guy, but I genuinely cannot figure out why I’d want to use Matrix at this point.
My understanding, which may be wrong, is that it can communicate on its own encrypted standard, and that there are bridges that allow it to communicate with other services like Signal and WhatsApp. You have to register for a home server, which essentially means trusting the individual(s) running that home server not to abuse that privilege, especially considering that not all features are supported by the bridges to other protocols at this point (including end-to-end encryption in some cases), so they may have access to your unencrypted content. Not only that, but your data is then replicated on other servers where the other participants in your conversations are registered, which means you essentially need to trust all those other admins as well.
Then there are the clients, which (at least on iOS) seem to be few and far between. The (seemingly) most popular, Element, appears to collect a crap-ton of personal information - including user content!
I was a big fan of Trillian back in the day, which sought to unify AIM/MSN/ICQ/etc. into one place; am I correct in thinking Matrix seeks to do something similar today?
Given the seemingly large amount of trust you need to put in potentially numerous individuals and organizations, is the convenience of a unifying protocol that may or may not bring your various chat and calling services under one roof with varying levels of compatibility and security (not to mention the apps, some of which appear to collect everything under the sun about you) worth it?
Breathedge.
It has a quirky sense of humor that I enjoy, but even if you don’t I think it does a great job exemplifying the solo space base-building, survival, and mystery genres.
I paid for Reddit Premium for years to help support the service and legitimately remove ads. If I remember right, it was around $4/month, so $48/year.
view more: next ›
mreiner
joined 1 year ago
I’m not getting this, at least not yet.
Maybe it’s because I run Pi-hole; I know it filters out a TON of Roku’s telemetry and other traffic. Might be worth setting up Pi-hole on your network and see if stuff like that goes away?