The Privacy Iceberg

This is original content. AI was not used anywhere except for the bottom right image, simply because I could not find one similar enough to what I needed. This took around 6 hours to make.

Transcription (for the visually impaired)

(I tried my best)

The background is an iceberg with 6 levels, denoting 6 different levels of privacy.

The tip of the iceberg is titled “The Brainwashed” with a quote beside it that says “I have nothing to hide”. The logos depicted in this section are:

The surface section of the iceberg is titled “As seen on TV” with a quote beside it that says “This video is sponsored by…”. The logos depicted in this section are:

An underwater section of the iceberg is titled “The Beginner” with a quote beside it that says “I don’t like hackers and spying”. The logos depicted in this section are:

A lower section of the iceberg is titled “The Privacy Enthusiast” with a quote beside it that says “I have nothing I want to show”. The logos depicted in this section are:

An even lower section of the iceberg is titled “The Privacy Activist” with a quote beside it that says “Privacy is a human right”. The logos depicted in this section are:

The lowest portion of the iceberg is titled “The Ghost”. There is a quote beside it that has been intentionally redacted. The images depicted in this section are:

  • A cancel sign over a mobile phone, symbolizing “no electronics”
  • An illustration of a log cabin, symbolizing “living in a log cabin in the woods”
  • A picture of gold bars, symbolizing “paying only in gold”
  • A picture of a death certificate, symbolizing “faking your own death”
  • An AI generated picture of a person wearing a black hoodie, a baseball cap, a face mask, and reflective sunglasses, symbolizing “hiding ones identity in public”

End of transcription.

  • edel@lemmy.mlEnglish
    24·
    3 days ago

    Pretty good!! I agree with 95%.

    Loved the “As seen on TV” category!

    I agree that Tuta is more secure than ProtonMail.

    Some are blended like Tor, that should be in Activist if used in secured computer.

    Was not aware of the existence of Coincarp (logo by GrapheneOS). Is a crypto price tracker used by Activists? I left crypto a couple of years ago but though Activists just don´t trade much and stick for the long haul and use Monero for purchases.

    • hikeandbike@midwest.socialEnglish
      8·
      3 days ago

      Curious why Tuta may be more secure than Proton? I’ve been debating switching off Proton but calibrating my risk profile, Germany being part of 14 Eyes and all.

      • edel@lemmy.mlEnglish
        8·
        3 days ago

        Technically speaking is highly contested and you have arguments pro and con, one way an another. They use different technologies so it is hard to compare properly, specially since it depends on the users using it properly.

        If the technology is good, it does not matter where it is located. Switzerland, specially since a couple of years, does provide more freedom guarantees than Germany but it is not immune at all, actually, the US had used the Alpine country to do operations due to its attractiveness to dissidents and criminals alike. However, for the overwhelming majority of customers, either option is fine for they privacy and security. Only metadata has been obtained in few instances in both companies and nothing else… at least no that was used in a court of law.

        For ultimate targets, if they have to rely on email, that they should not, I would choose Tuta though. These are my reasons.

        1. It has a lesser footprint, so less likely intelligence agencies tried to infiltrate it.
        2. The people behind are there fro the very beginning and show their faces publicly (Many in Proton too like the CEO, but it is no so transparent with the rest)
        3. The people of Tuta are more ideological so it is a barrier for intelligent services to penetrate. Tuta has show however being anti the Russian government (rightly or not), so this point is not valid if you are in that side.
        4. Tuta has a very organic and progressive growth. Proton had an explosive growth. Of course, it could been good marketing, but still…
        5. Proton still today requires Google’s Push Notification servers, after years and years demanding a solution. Tuta had that solved since long, long ago.
        6. Recently a case came in Canada of a intelligent agent using Tuta since “it was infiltrate by intelligence agencies”… After a few hours going through the case, I read it the opposite, he used it because he actually considered it a better choice to cover his crime. He was not that high in the ranks, but I read that the he resumption o these officers.
        7. Nothing regarding security, but as a paying customer for both I was “tricked” far less by Tuta. Proton, for instance, does not refund you, only gives you credits. Even 20min after an accidental 2yr renewal I got stuck with them unwillingly. That practice should never be acceptable for a SaaS.

        Now, Proton overall, for most is a bit more reliable and full feature and better put together so it is easier to recommend. Think of Proton as the Apple of emails, quite secure and miles away from Gmail, but security wise and ethically, of the two, my bet would be with Tuta.

      • Broken@lemmy.ml
        4·
        3 days ago

        I would probably argue they are the same in terms of security and privacy. Privacy communities tend to disfavor Proton because its all eggs in one basket, and also for political reasons. Both of those are subjective to your personal threat/privacy profile.

        Its true that a single point of failure is more risk than separate services, but that fact doesn’t undermine their security on a technical level, and has nothing to do with privacy. As for the political, yes it’s something to watch but nothing wrong has been done. They are set up as a non profit with checks and measures in place to prevent corruption from happening. I’m OK with different points of view and having different points of view on a board is a good thing.

      • errer@lemmy.worldEnglish
        113·
        3 days ago

        The CEO of Proton has tried cozying to Trump and any company led by a guy who does that is knocked down several notches for me

        • chingadera@lemmy.world
          21·
          3 days ago

          If any service is at the whim of someone’s emotions or opinions, it’s at the bottom, and it should stay there.

          Let the program be the program, and if we can’t see how it’s written, assume the above is true.

          Foss or die

      • jagged_circle@feddit.nlEnglish
        3·
        3 days ago

        Its not. They don’t even sign their releases or support PGP

        Tuta is not a proton replacement

      • edel@lemmy.mlEnglish
        9·
        3 days ago

        Wow… I use Aegis exclusively as my authenticator since 2 years ago and completely did not recognize the logo by itself!!! I used Yandex image search and it told me coincarp… Sorry.

  • comfy@lemmy.ml
    27·
    3 days ago

    Oh, am I that far gone?

    spoiler

    I don’t see Qubes, Whonix or Tails on there.

    • jagged_circle@feddit.nlEnglish
      6·
      3 days ago

      My experience is it does work with most sites. And the minority of sites where it doesn’t work are evil sites that I don’t want to visit anyway

      • EngineerGaming@feddit.nl
        4·
        3 days ago

        In my experience, most sites are broken not by Tor, but rather by Javascript turned off. But I do it in my normal browser as well, and it breaks just as much, with the exception that there I whitelist a lot.

        • jagged_circle@feddit.nlEnglish
          2·
          3 days ago

          Maybe email the site admin and let them know

          I usually tell them to test their site in Tor Browser on Strict mode to reproduce the issue.

  • utopiah@lemmy.ml
    41·
    3 days ago

    You can replace the generated image by searching for images of “Goggle wool ski mask” IMHO.

  • utopiah@lemmy.ml
    13·
    3 days ago

    On the 5th layer I’d add NitroKey or YubiKey to remind people that in addition to software you can have physical tokens too.

  • Owl@lemm.eeEnglish
    52·
    3 days ago

    You play games on steam? clearly brainwashed.

    also how dare you slander Malwarebytes like that

  • rekabis@lemmy.ca
    254·
    3 days ago

    Any Chromium-based browser in anything but the top-most panel is a non-starter with their abandonment of Manifest v2. Manifest v3 seriously cripples any Chromium-based browser’s ability to be secure, as extensions like uBlock Origin are no longer compatible by design.

    Google has it’s ad business to protect, after all.

  • moseschrute@lemmy.mlEnglish
    271·
    3 days ago

    Weird how Apple and iMessage are not in the same category. How do distrust apple’s privacy claims but trust iMessage?

    • edel@lemmy.mlEnglish
      13·
      3 days ago

      True. Apple would need a category on its own, but if i have to choose would place it on “As seen on TV”.

      It is fairly private and they quite give a fight about maintaining that status. There are no cases I am aware off they comply to open the system for authorities publicly and if so, they do not claim encryption anymore (as per UK.) Now… the key word is publicly; If I were a zealous top intelligence agency I would not force Apple to break an account for me so to obtain evidence on an individual so I can present it to a judge… for me Apple or Protonmail (or any other popular encrypted service really) would be far more valuable a place where I quietly could obtain intel on tens of thousands of targets and with that find other ways to find evidence if need be. It is a good sacrifice for the sustainability of the scheme.

      Of course, this is just a thought and no evidence has been brought up. Apple is a large company and some whistleblower could easily popup if that were the case… yet again, having the right tight team is easy to keep it undercover, specially in a closed sourced software. The fact that the US is eyeing so many encrypted SaaS but Apple, with its omnipresence reach, is almost always left alone is a bit odd.

    • Natanox@discuss.tchncs.deEnglish
      5·
      3 days ago

      Well, following that (not fully wrong) logic everything until enthusiast level is useless since it runs on Windows and often not degoogled Chromium. And (given the meme doesn’t contain /e/OS, iode, ShiftOS or Linux Mobile anywhere) anything until activist that happens on mobile phones is equally useless since it runs on Apple/Google Android.

      I’m more annoyed about “Linux” as a whole being sorted into “Enthusiast”. Using your Steam Deck in Desktop mode, buying a brand new Linux laptop for +600€ or even installing and using Linux Mint really isn’t as enthusiastic anymore. :D

    • huppakee@lemm.ee
      2·
      3 days ago

      I guess maybe that iCloud (photo’s, storage etc) isn’t encrypted but iMessage is? But good point

      • moseschrute@lemmy.mlEnglish
        2·
        3 days ago

        What if you turn on advanced data protection? Though even if that does achieve what you want it sucks that it’s opt in.

        • TORFdot0@lemmy.worldEnglish
          2·
          3 days ago

          It’s worth noting that I had to retire a few devices that I used with my iCloud before I could enable ADP because they didn’t support it. That may be why it’s opt in, although it’s not a very good reason.

          The other reason may be because Apple can’t recover your passcode if you turn on ADP and they don’t want customer support nightmares of users losing access to all their precious photos and memories because they could be bothered to manually back them up or remember their passcode

  • mmhmm@lemmy.ml
    1101·
    3 days ago

    I was at the bike shop a few weeks back and a ghost walked in. He came in wearing a medical mask covered by a bandana, sunglasses, cap. They wore gloves, long sleaved pants and shirt.

    First question from staff, ‘this a robbery?’

    Ghost, ‘no, I just need 27 2.5 tubes, miss.’

    They get the tubes, he agrees. Staff asks if he has an account. Ghost says, “nope, why would I need one?” Staff says they do it for records, insurance claim assist, and discounts. Ghost goes with a John Doe, pays cash and peaces the fuck out.

    Total King, but dude was given up a lot. Half of us were drinking beers enjoying a warm evening in spring. I hope he has had some good rides.

    I can say with confidence thay he was a white male. In his 50s. About 5’10". 140 lbs-ish. If anyone wants to get any tips, good luck!

    • baaaaaaaaaaah [comrade/them]@hexbear.netEnglish
      24·
      3 days ago

      I respect it but what’s the point? I kinda hope he’s some kind of super-criminal or as you say he’s given up a lot to hide from a state that probably doesn’t even care he exists even if they did know who he was.

      • Broken@lemmy.ml
        19·
        3 days ago

        I’m no ghost, not even close. Be careful though, “what’s the point?” Is essentially the question everybody asks at every phase of that iceberg diagram.

        A possible answer to your question though, is that even if the state doesn’t know or care about him today that might change tomorrow.

        That’s not my threat profile but it’s a valid one.

        • mmhmm@lemmy.ml
          11·
          3 days ago

          I’d have guessed white nationalist if it was anywhere but a bike shop

            • mmhmm@lemmy.ml
              7·
              3 days ago

              Exactly right. My bad. Thanks for the reminder. Geography and majority opinions in the area were coloring my perspective but are not relevant

      • mmhmm@lemmy.ml
        6·
        3 days ago

        Speaking as a former kid of rural america you would be doing the lords work, friend