Q&A: Undoing Years of Not Caring About Privacy
Added 2024-11-28 18:00:10 +0000 UTCQ&A203: How do you undo all the information you've already shared before getting into privacy? How can you privately backup your mobile contacts? What are the latest RSS reader options? Do we still recommend Nitter? Does mass surveillance work after all? Does being different from everyone else offer any security? What about being the same as everyone else? Any suggestions for using voice assistants privately?
Video Version: https://youtu.be/OWDsWgZ2rdg
00:00 Introduction
00:33 Past Data Sharing Management
07:48 Privacy-Respecting Contact Backups
10:17 RSS Reader Options
12:53 Thoughts on Nitter
13:32 Efficacy of Mass Surveillance
14:50 Security Through Differentness
17:02 Security Through Sameness
19:32 Private Voice Assistants
---
π Go ahead and leave some questions below for us to look at for SR205 this weekend! (Note: We record on Friday nights in the US, so it's highly recommended to leave all questions by noon on Friday in the US)
It can be about a specific story, a general question about privacy/security, a question about the world, a question you tried last week, or anything else. Due to time restraints we can't promise that we'll get to yours, but we appreciate all of them!
To receive these posts via RSS, get your own custom link using these instructions.
Comments
What real-time behavioral antiviruses do you know of and recommend for Linux? While it is true, as you point out, that developing malware is expensive, and thus a malvare dev gets a lot more bang for the buck by targeting Windows, it is also true, as you point out, that Linux is not invulnerable to viruses. Granted, most Linux systems do not drag as much vulnerable legacy bloat attack surface with them as Windows does. However, as was pointed out back in 2011 by Qubes founder ("The Linux Security Circus: On GUI isolation"), X offers basically no containment protection against GUI "lateral movement" should an attacker get in -- perhaps the design of most of security measures in Linux has been focused on protecting Linux servers that have no GUI. Overall, it appears that most Linux desktops have no real-time antivirus protection at all (aside from maybe Safing/NextDNS-type filters), which seems unwise. Perhaps the most well-known antivirus for Linux is clamav, which seems to be a signature-based scanning antivirus, rather than a real-time behavior-based antivirus. However, with relatively few Linux viruses (and hence signatures) known, it appears that such an approach is more likely to detect Windows-oriented malware that found its way onto Linux systems, but is not a threat there, than to detect actual Linux viruses and actually protect the machine it is running on. At the same time, with Linux's rich logging capacity and recent advances in machine learning, it seems like it would be straightforward to implement a basic real-time monitoring program that would run locally without consuming a ton of resources to detect and alert the user to unusual (to that user) patterns of activity (e.g. in network traffic or use of services). That might be one case where "mass surveillance" would "work" considering that there has not been as much cat-and-mouse between antivirus companies and malware devs on Linux compared to on Win, and manually reviewing Linux logs is not something most users would want to do. At present, most vendors that offer Linux antiviruses seem to be enterprise-oriented, where the only way to order something is to "contact sales", and it is unclear how affordable they are to an individual user, how much personal privacy in computer use they would require one to relinquish, and how much meaningful protection they offer. How do you see and deal with this issue?
David Johnson
2024-11-29 10:21:30 +0000 UTCSo, y'all know the joke about using the $5 wrench to bypass encryption and digital security. Expanding on that thought process, do y'all have any advice or resources for physical security around the house? I know the threat model of a home invasion or anything is a bit extreme but some people do have it.
Rasta
2024-11-28 19:51:56 +0000 UTC
![J.A.X [Ai art]](https://xaiju.com/istorage/100248.jpg)
