Tech that is available to safeguard your privacy and security

There is no such thing as a free lunch. Obviously, our private details are worth a lot of money to tech companies that thrive while charging nothing for their services and running massive operating costs.

We would feel safer if we actually had to pay for these services, and knew that the service provider realizes 100% of its turnover from their real customers’ fees.

Such a system could work in a world where not everyone has the financial means to pay for services. Actually, quite a few tech companies offer a choice between a free account with maybe less storage space, and paid accounts which come with all options. This system makes it possible for the less privileged to keep using their private apps.

Maybe this sounds unfair, “why would the poor get poorer services? Everyone should get the same quality, and for free.” We all know the implications of such business model.

A good example is ProtonMail, allegedly the most secure email service you can find. You can get a free account, with 500MB storage space, while paid accounts give you 5GB or more. As per the company’s statement, the system allows people such as dissidents, who may not have the financial means to pay for an account, to remain fully protected.

The only question is, which of these secure messengers and email providers is actually financed by the NSA? Or worse? Which ones have been hacked by governments? Will using one of these services make you seem more suspect, and increase your odds of being tracked by governments? After all even if they can’t read the encrypted communication between you and the server, governments are paying attention to which servers you’re contacting. And governments have other options such as hacking your own device.

So, what you’re actually suggesting is what, exactly? That we should keep using free services we know exploit our private details, or should hide under a stone?

Most people don’t care about the NSA’s capability to hack into our devices, but certainly care about private companies mining our data and selling our contact details and psychological profiles.

The founders of Silk Road were identified even though they were operating deep in the dark web. Are you implying that as soon as I start paying for a more secure service, I will be investigated, and what? indicted for making sure my privacy is respected?

ProtonMail, for instance, has millions of users, for all good reasons. Their privacy is safe, there’s nothing anyone can do to violate that, and if governments feel bad about it, what can they possibly do?

An interesting discussion. There is the distinction between:

  1. Commercial entities that invade your privacy
  2. Government-driven surveillance efforts

Most people care more about the first (if they care at all) than the latter. But - if you are living in an (upcoming or settled) authoritarian state, you will have most trouble with the second.

The ironic facti is, indeed, that the more you protect your privacy, the more interesting you become to government surveillance (and commercial entities related to that).

A good example is the Tor project - creator of the ‘anonymous’ browser software. Browsing with Tor (if done well) provides anonimiy on the internet and access to ‘The Dark Web’ (which not only attracts criminals due to the high privacy, but journalists and activists that are legitimate users).

It is well-known in security circles that Tor was funded by companies liaisoned to NSA (though it is unclear if they actually compromised this open-source effort; they and others are continuously research ways to crack it, and find ‘zero-day’ defects).

Use Tor browser, and yes, you stand out in the crowd. Does that mean you shouldn’t use it? Depends. If only activists, journalists and criminals would use it, then that would mark you as being in one of those 3 categories immediately. Therefore Mozilla (creator of Firefox) and others are sponsoring and promoting Tor for broader application. Having a way broader user base, would give cover to legitimate users (though incidentally also to criminals).

Now, browsing is much slower with Tor, because of the decryption going on. Ideally you would switch from a regular browser (say, Firefox with ad-blockers, etc.) to Tor for your most intimate internet use. Say you have some kind of medical condition. Would you like to let Google know about that? If no, then use Tor to do your Google searches and related browsing (combined with other measures, like using a VPN, e.g. ProtonVPN)

PS. Note that the whole security field is a ‘can of worms’, that is only sideways relevant to Humane Tech IMHO. There are way better places to inform yourself on this subject, than CHT can ever provide.

2 Likes

Tor is a great example. It’s well documented that Tor users are flagged. Why would these people go to such great lengths to cover their tracks? Hopefully, as its use becomes widespread, it becomes impossible to figure out why exactly people would use it.

Oh you need much more precautions to be really secure (if that is at all possible), like running a secure operating system from a USB stick (like Qubes or similar), VPN, Tor (or similar), etc. Like I said: Can of worms. Luckily for most people that is not needed.

Georges, I really wasn’t suggesting or implying anything at all besides the words that I wrote. I agree with aschrijver that most people have no fear of government security agencies such as the FSB, GRU, MSS or MI6 and are more afraid of tech companies who are mining and private storing data about us.

However the product you mentioned ProtonMail seems to focus on secure encrypted communication and they specifically mention that their other core feature is that they’re shielded from the US and EU governments since they are protected by (controversial / maybe even evil) Swiss privacy laws.

I too would welcome free email that isn’t spying on me or loading my devices with trackers. I’m sure that I wouldn’t need to pay anything to get this, that this is technically feasible as a free product, and that it wouldn’t require end-to-end encryption or servers 1 km underground.

We definitely do need more security, to protect ourselves first and foremost from hackers, which can exploit us directly, and also indirectly through tech companies that spy on us and then themselves mismanage our private information though their own greed and lack of security. You’re right that securing email is important along with things like securing passwords and credit cards, and not using the same password on different services, and also of course avoiding tech companies that spy on us.

(Note: Discussion moved from Why is google still collecting my data?)

@aschrijver is it possible to get these protections on an iPhone? Thanks!

Yes, though I did not try it (no iPhone). They also have integrated blocking now, I see. I use the full version. Firefox Focus is new to me.

@aschrijver thanks I like that Firefox feature already! What email do you think- proton seems good but I’ve been wondering which one you recommend?

I have recently created a ProtonMail account on a paid plan (I believe $4 p/m) and am quite happy with it. With Proton you also have the option to create, I think, 5 email aliases, so you have e.g. healthyswimmer@protonmail.com and healthyswimmer@mydomain.com

Besides you also have the option to use ProtonVPN so you can browse with an anonymous IP address (leaving you almost anonymous… there still is the question of your browser fingerprint).

You can test your safety regarding trackers and finger print here:

For many, many tips to defend yourself against surveilance check this link:

Edit: I have to nuance this… you are almost anonymous wrt common tracking techniques, which can be defended against by the average user. But there are many other smart and highly technical methods to ensure you can still be tracked. Defending against these requires more technical knowledge (like changing a bunch of settings in your browser’s about:config). And for real anonymity you have to go much further still.

Edit 2: EFF keeps extending the information on the Surveillance Self-Defense site. Very useful.

1 Like

@aschrijver wow thanks!! How informative! - We could archive this chat for non tech people- or submit it to Huff post.

Glad to be of help. I don’t think this is usable as you suggest. But spread throughout this forum and out on the internet there is much more useful information to be had.

This one of those things where there could be a CHT follow-up project and create something like Privacy Cheat Sheet - a checklist with information and references to sites like the one above (don’t want to duplicate all that).

Also I think something like a Surveillance List of Shame would be nice. A crowdsourced list of apps/sites and ways that they are tracking you, information that is gathered, etc.

1 Like

Great idea! You are right get there is lots of great information out there- a little too much. For someone like me- a medical professional- we don’t even know what to look for. So consolidating and simplifying the information to make it accessible is super important.

99% of people I interface with everyday don’t understand why privacy is so important- in fact a tech educator for an elementary school didn’t understand what datamining was!! And this person worked for Common Sense media in the past.

I agree not duplicating this exact thread is the way to go- a cheat sheet is a great idea!!

Educating the public is the ticket to a more humane tech future.

If you would like to draft up samples I would be happy to look at them from a layman’s point of view.

1 Like

Developing costs, running costs, data centers: all this costs money. Nobody would want to cover this from his own pocket to give you a secured email for free. And I would never trust anyone pretending to do just that.

What if I had the money to develop and operate completely private, free and ad-free internet services such as email and social networking, and was able to win over a large percentage of the population in your rich country as customers? Would that relationship of trust enable me to market additional paid services, both internet and offline? Would that give me a huge and loyal customer base to launch ethical alternatives for things we already pay for online? Or would nobody with money ever invest in this ethical path to begin with?

@Free, you’re right, this may happen, but it would likely require grants and donations. This is actually not unheard of: Signal is a free, secure messaging service supported this way. So I would retract my earlier message, save for the fact email service requires a lot of storage space and bandwidth, unlike text messaging services like Signal where nothing is stored and most messages are less than 1kb.

Now say some billionaire wants to spend his own money on such an initiative, I would have concerns to trust just one person instead of say, a community of donors. Just my thoughts!

1 Like

Not sure this is the right place to post this. Just saw a Mozilla article on Christmas gifts that might spy on you.

A post was merged into an existing topic: A better social network (inspiration, research, opinions?)

The Electronic Frontier Foundation wrote an insightful article about how to protect yourself from trackers in emails that are sent to you. Many people do not realize that email tracking is at least as bad (and sometimes worse) than the tracking that occurs when browsing the web.

Examples from the article wrt tracking. They’ll try to:

  • correlate your email address across different emails that you open
  • correlate cross different websites that you visit, further shaping your invisible online profile
  • correlate your identity across devices to trackers (and often network observers)

There is mention of responsible tracking too:

Responsible tracking should aggregate a minimal amount of anonymous data, similar to page hits: enough to let the sender get a sense of how well their campaign is doing without invading users’ privacy. Email tracking should always be disclosed up-front, and users should have a clear and easy way to opt out if they choose to. Lastly, organizations that track should minimize and delete user data as soon as possible according to an easy-to-understand data retention and privacy policy.

Here’s the article:

It also mentions a website where you can check your own email adress for trackers: Email Privacy Tester (which I’ve added to the awesome-humane-tech list).