It's time to worry about online privacy again

[-]jefftk3y*185

This post would benefit from being clearer about its threat model, and the recommendations seem hard to square with what seems to me to be the most likely. Who are you worried about using your information to trick you? The government, Google/Amazon/Facebook/Apple/etc, independent scammers? Most of your examples seem like the third category, but then your recommendations are mostly about avoiding information being available to the second category.

One of your recommendations in particular, though, seems especially wrong given a wide range of potential privacy threats: "Preferably use Mastodon". The Fediverse has almost no ability to protect against bulk collection and retention of data, and while people who say "I'm going to be scraping things and archiving them" will get blocked, someone who does it quietly won't. (I'm strongly in favor of people switching to Mastodon, but privacy is not its strong point.)

Separately, I don't see a consideration of costs and benefits here. You've described some ways in which having more information about you on the public internet could be used to attack you, and advocated some large changes to what technologies and approaches people use, but without acknowledging that those changes have costs or attempting to argue that the costs are worth it. I'd especially be interested in arguments around how much your proposed changes would reduce someone's exposure by, since the benefits of decreasing information available to scammers aren't linear (ex: a complete decrease is probably worth much much more than 4x as much as a 25% decrease).

I use a pretty different approach here, and one that I think is a lot more robust: I expect privacy to continue to decay, and that measures that we thought were sufficient to keep things private will regularly turn out to not have been enough. This will happen retroactively, where actions you took revealed a lot more about yourself than you expected at the time (ex: revealing HN alt accounts. So I make "public" my default and operate on the assumption that people already can learn a lot about me if they want to. This means I can use whatever tool is best for the job (which may still be Linux or Mastodon!) and get the benefit of sharing information publicly, and am in a much better position for when it turns out that some bit of privacy protection had actually stopped working years ago.

[-]Viliam3y71

In general, use free software ... If it's free, you are the product.

Wait, what? 😲

[-]tricky_labyrinth3y91

Probably supposed to be something like "If it's free [and not open source], you are the product."

[-]Viliam3y40

I know, it just sounded very funny in the same paragraph.

(And there is a possible overlap, for example Android.)

[-]Malmesbury3y20

Android is (partially) open source but it's not "free as in freedom", which is a technically narrower thing: https://itsfoss.com/what-is-foss/

[-]corruptedCatapillar3y10

I've heard this comment as, "if you're not paying for the product, you are the product."

[-]Erik Jenner3y65

If your main threat model are AI-enabled scams (as opposed to e.g. companies being extremely good at advertising to you), then I think this should influence which privacy measures you take. For example:

A personal favourite: TrackMeNot. This doesn't prevent Google from spying on you, it just drowns Google in a flood of fake requests.

Google knowing my search requests is perhaps one of the more worrying things from a customized ads perspective, but one of the least worrying from a scam perspective (I think basically the only way this could become an issue is if there was a data leak that revealed people's search histories?)

"Remove all public information on social media." seems like by far the most important point on your list from a scam perspective. I'd add something like "avoid giving data to smaller websites/apps/..." (like the GPS example you mention earlier). On the other hand, most of the typical privacy measures people talk about are geared at preventing big companies from getting your data, but that's only a secondary concern for AI-enabled scams. So I'm not convinced that things like switching away from gmail or WhatsApp, etc., make sense on those grounds.

(AI could also be used to make an argument for privacy from big companies, e.g. based on worries about recommender systems becoming too good at maximizing engagement, but that seems quite distinct.)

[-]Malmesbury3y10

I see your point, and you're right. Data leaks from big companies or governments are not impossible though, they happen regularly!

[-]Vladimir_Nesov3y3-12

A lot of this sounds AGI-complete, won't be a problem before AGIs could hack you physically using diamondoid nanotech anyway, which they won't if alignment works out.

[-]Dagon3y107

Most of it is available with good tool-level ai, plus motivated human scammers which we know already exist in quantity. Don't think of it as AI-led, but AI-enabled-scaling.

[-]Vladimir_Nesov3y5-2

I think scaling with sub-AGI capabilities won't produce that phase transition the post references. There might be noticeably more social engineering of the normal mass produced kind, with marginally better guesses and scripts, but not at all resembling something a talented professional backed by surveillance and hackers might be able to pull off at present. So if you are currently invincible to cheap scammers, you'll continue being so, perhaps adapting to become a bit more suspicious to unverified communications than now. It's not even clear if they would bother you more as they become more "productive", because their tools might figure out that you are probably invincible and so not worth bothering with.

[-]Dagon3y52

I honestly don't know. Ability for scammers to get 1% success rater vs 0.01%, or susceptibility of 5% rather than 1% (wild guesses; it's hard to find un-motivated stats) of the population could easily be a big enough change to break the world. I don't know what things look like if single-digit percentages of adults can't have a bank account or credit card without getting scammed.

[-]lc3y30

If you want to really go ham, check out Michael Bazzell's book and podcast.

[-]MondSemmel3y21

I understand the arguments, but I'm not sure the suggested solutions make sense from the perspective of security:

As your prototypical nerd, I used to be really into FOSS, the EFF, blob-free GNU/Linux distros, XKeyScore, Echelon, INDECT, PRISM and other names most of us have forgotten what they were. Then, like most people, I gradually stopped caring, and now I'm leaving a trail of personal data wherever I go.
I guess it's time for me to go back to my pre-2015 technoparanoia.

Very popular vetted open-source software can be more secure than closed software, but it by no means has to be. And software by volunteers can't necessarily react as quickly to newly discovered security vulnerabilities. Using a privacy-conscious FOSS browser, for example, might improve your privacy but leave you temporarily more vulnerable to newly published security vulnerabilities, and the overall sign of such a trade-off is unclear to me.

Or: If secure code is sufficiently hard to write, the AI task of crawling the web to profile individual users seems way harder and less useful than unleashing exploit-finding AIs on Github. Can secure open-source software even exist in such a world?

[-]Malmesbury3y10

I agree on the point that open source software doesn't have to be more secure. My understanding is that they are less likely to send user data to third parties as they're not trying to make ad money (or you could just remove that part from the source). For the exploits-finding AI, I can only hope that the white hats will outnumber the black hats.

[-]Bezzi3y2-2

I've adopted Richard Stallman lifestyle long ago, primarily by refusing to use a smartphone. I also don't have an account on the major social media, never buy anything online (to the point that someone once gave me an Amazon shopping voucher but I didn't start to use Amazon anyway), pay cash whenever possible, use Protonmail, don't store anything in the cloud, and obviously use Linux. Also, my browser is configured to throw away every cookie after every session. I am probably still far from Richard Stallman's level of attention, but so far I've been very happy with this lifestyle; the level of online annoyances is very low.

[-]Rana Dexsin3y10

If you feel comfortable answering: what type of career are you able to sustain? When did you begin this career? If you did not already have your current set of occupational/professional contacts, how plausible would you guess it would be to come by them in the present day within your current lifestyle?

[-]Bezzi3y30

I am a post-doc in academia, which probably helps with the no-smartphone thing because people in academia are quite accustomed to communicate by email anyway (I've never worked outside academia). Absurd as it may seem, me not having a smartphone is surprisingly difficult to notice, because even if someone notices that I never extract smartphones from my pocket, no one is going to directly ask me why I don't obsessively check the phone. I know many people (colleagues included) who are probably still assuming that I had a smartphone, even if they just know that I don't use their favourite message app. And I don't deliberately lie to them; I just avoid to introduce myself as "weird person without smartphone" from day one.

As for the third question, most of the professional contacts in academia are from in-person networking at conferences, and of course I go to conferences (maybe I told a small lie, it's not literally true that I never buy anything online... I make a small exception for air travel tickets and reservations in foreign hotels, since they are very difficult to purchase offline and I can't avoid going to conferences, but these are expenses that I must report anyway to get the refunds).

[-]Malmesbury3y10

I'm also a postdoc, and my institution more or less requires having a smartphone because you can't do anything without their proprietary 2-factors authentication. The other proprietary thing that seem mandatory is Zoom, have you found a way to escape from it?

[-]Bezzi3y10

Well, I actually don't have the first problem since my institution still uses the old username + password login procedure (for other things needing 2FA like Protonmail I use a free desktop program to generate the keys). They also prefer Google Meets or MS Teams to Zoom. Both are nonfree, but at least they work directly in the browser and I don't have to install nonfree software on my laptop.

[-]Coafos3y20

Thanks for the post, it's an important update on the state of information warfare.

Privacy can be thought of as a shield. If you build a wall against small-arm spam, then it's ok, but if you try to build an underground bunker, then it's weird because only Certified Good Guys have access to advanced weapons. Why are you trying to protect yourself against the Certified Good Guys?

What changed is that thanks to AI advancements in the last few years, it become possible to create homemade heat-seeking infomissiles. Suddenly, there are other arguments for building bunkers.

[-]ponkaloupe3y30

The underground bunker is only weird if I’m vocal about it. Am I posting this from behind tor? Do I pass my messages through an anti-stylometry filter before sharing them? I’m already operating behind a nonsense pseudonym, but if I used a real-sounding name that wasn’t my legal name, would you question it? It’s often the case that effective privacy techniques simply aren’t easily detectable by 3rd or even 2nd parties: the goal is frequently to blend in (to become a part of some larger “anonymity set”).

[-][anonymous]3y21

Because many of those Certified Good Guys happen to not be from my country.

LESSWRONG
LW

LESSWRONG
LW

71

It's time to worry about online privacy again

71

71

1. Radioactive decay

2. The classic roast chicken scam

3. An appointment at Times Square

4. When to get paranoid