Q&A: The Mess of Private Cloud Options
Added 2024-09-11 17:00:06 +0000 UTCQ&A193: What are our recommendations for content-blockers Q&A194: What realtime file-sync options do we prefer? How do we navigate elitism in the privacy space? Would we ever sell merch?
Video Version: https://youtu.be/ZvVz_Y9deqA
00:00 Introduction
00:24 Private Cloud Storage
08:27 Avoiding Elitism
15:25 Merch When?
19:45 Privacy Disagreements
---
🙋 Go ahead and leave some questions below for us to look at for SR195 this weekend! (Note: We record on Friday nights in the US, so it's highly recommended to leave all questions by noon on Friday in the US)
It can be about a specific story, a general question about privacy/security, a question about the world, a question you tried last week, or anything else. Due to time restraints we can't promise that we'll get to yours, but we appreciate all of them!
To receive these posts via RSS, get your own custom link using these instructions.
Comments
Is it true the 8A turns off into a low power state?
Jay
2024-09-15 21:17:06 +0000 UTC3 network privacy questions because each is quite narrow, and there may not much to say in response to some/most of them: How do you protect yourselves against various technologies that "break" SSL/TLS? For example, *some in the privacy community say that Cloudflare breaks SSL/TLS for most web traffic, *multiple antivirus programs are configured to do so by default on the hosts where they are installed, *there was the showdown between the government of Kazakhstan and major browser makers over the former trying to become a root CA, and it is probably only the best known of such acts by a state actor *joining some institutional WiFi networks requires installing Apple configuration profiles that are also MITM. It seems like there are all kinds of ways to surreptitiously introduce certs without consent or notice on a variety of platforms. Unlike other aspects, this seems under-emphasized and unrecognized and not paid attention to or raise alerts in contrast to other routes of compromise. What do you think is the best E2EE/zero-knowlege alternative to Slack/Teams? Apps like Signal and Threema prioritise utmost confidentiality of ephemeral messages, which makes it hard to download old messages on new devices. In addition, their fight against session cloning often restricts the number of simultaneous logins, limiting functionality. It seems like there is space for a middlle-of-road threat model solution that faithfully preserves all message history but does not leave it sitting on the provider servers for any authorized and unauthorized party to use in any way one can and cannot imagine. Do you know of a reputable and audited VPN provider that supplies a dedicated IP to non-business customers and do you think it is worth getting? To access some very aggressive anti-VPN websites, running this on your gateway router (in addition to running a conventional VPN on your host) would be like having a company such as proton/mullvad for your ISP in the sense of although not having all your "off-VPN" traffic mixed with that of other users, not having it logged at the source and resold either.
David Johnson
2024-09-12 09:57:48 +0000 UTCThreat modeling. I can imagine an outsider to privacy and security drawing a mental blank when they hear this. Understanding threat modeling is important though, because there is no single solution that works for everyone's situation. For someone starting on their privacy and security journey, can you please give a brief summary of threat modeling? Can you provide examples of how a person does threat modeling? With examples covering two extremes: a Mother vs a journalist. Personal examples too if any come to mind. Wanting to make this abstract term a bit more concrete and approachable. Please and thank you!
Apricot
2024-09-12 01:34:24 +0000 UTCCouldn't SyncThing also be an option? It's best for only one user not sharing with others, but if it's just your own files I feel it could be better than Proton or Sync dot com. Also BTSync (Resilio) seems to allow sharing to others now.
WhatsInAName
2024-09-11 22:07:27 +0000 UTCBoth hosts, what changes have you noticed in your personal lives since both of you have taken the privacy route. What have been the major pros and cons that have affect both of you? I am early in my privacy progress and want to know what to expect from the masters.
Only_Exception
2024-09-11 20:47:26 +0000 UTCNate, how are you liking the Pixel 8a after a few days if you've already picked that up. And what OS and regular apps do each of y'all run or use on mobile daily?
Rasta
2024-09-11 18:58:24 +0000 UTC
