If I added hedges about every similar possibility of supply chain attacks due to e.g. non-formally verified build signatures, the guide would grow bloated for reasons outside the comprehension and threat model of the vast majority of my readers. So while I agree with you about the possibility, I don't think it's relevant for me to note in the text. (Maybe you agree?)
Calling Proton Mail "E2EE" is pretty questionable.
Yeah. The original article addressed the issue but buried the lede. Will update:
Old: Proton Mail stores your emails e2ee. ... (Later warning) Most of your email can still be read in transit by the authorities. If two Proton Mail emails communicate, they automatically use e2ee. However, if e.g. a @gmail.com address sends you something, the content will be plainly visible to the authorities.
New: Proton Mail stores your emails E2EE. If two Proton Mail email addresses communicate, they automatically use E2EE in communicating with each other. However, if e.g. a
@gmail.comaddress sends you something, the content will be plainly visible to the authorities while in the sender's account (if they seize the data) and during transmission. Once received, Proton encrypts it in your mailbox, but the government could have already intercepted it in transit.
.
Not only do they handle the plaintext of most of your mail
IMO --- Not Proton's fault, just how email works sadly. I also warn that most emails will be read by authorities via other access points.
they also provide the code you use to handle the plaintext of all your mail.
Yes, but the code is open source and independently audited. I don't see why I should call this out as a trust deficiency in particular.
I think there are probably occasions when even relatively normal people should be using Tor or I2P, rather than a trustful VPN like Proton or Mullvad. [And, on edit, there is some risk of any of those being treated as suspicious in itself].
Yeah, I agree. I'm adding a section on Tor.
I'd be careful about telling people to keep a lot of cash around. Even pre-Trump, mere possession of "extraordinary" amounts of cash tended to get treated as evidence of criminality.
Thank you. I'm now planning to advise that people keep a small amount of cash (< $2,000) in a fireproof safe with receipts of legitimate withdrawal. High-risk individuals should ultimately consult with asylum experts.
Do you know of that one famous geoguessr guy? What he's doing is possible with more than just locations
Yes, the appendix of the second article discusses geoguessing. Especially with powerful base models, authorial fingerprinting is concerning but out of scope for most of my readers.
EDIT: Whistleblowers should probably mask their writing, on second thought. Thanks—I'll add this.
handling over the keys of your privacy to external powers
You fundamentally misunderstand the nature of Bitwarden password management. Bitwarden is zero-knowledge end-to-end encrypted:
Bitwarden encrypts all of the information in your Vault, including the websites you visit, even the names of your individual items and folders. We use the term zero knowledge encryption because only you retain the keys to your Vault, and the entirety of your vault is encrypted. Bitwarden cannot see your passwords, your websites, or anything else that you put in your Vault. Bitwarden also does not know your Master Password. So take good care of it, because if it gets lost, the Bitwarden team cannot recover it for you.
They are also open source and regularly audited. You can also self-host.
Thanks so much. I'll update the guides on both counts. I'll also add in a section on Tor.
Yes, Proton is definitely more trustworthy than ISPs in authoritarian countries
Furthermore, Proton claims to keep no logs of your activity and has its no-logs implementation independently audited.
When I'm approached to give again within 24 hours
1I donated $7K to Scott and $7K to Bores.
4Testimonials
If you're interested in learning what making progress on a hard problem actually feels like, Team Shard is where you want to be.
— Bruce Lee. MATS 7.0, primary author of Distillation Robustifies Unlearning
I really like Team Shard's focus on solving big problems that other people are missing. This focus resulted in me doing work that I think is much more impactful than I would have otherwise done. Being in Team Shard is also really fun.
— Luke Marks. MATS 8.0, primary author on Optimizing The Final Output Can Obfuscate CoT
Alex Turner and Alex Cloud provided consistently thoughtful guidance and inspiration that enabled my progress. I also had a ton of fun with the team :)
— Ariana Azarbal. MATS 8.0, primary author on Training a Reward Hacker Despite Perfect Labels
Being a member of Team Shard helped me grow tremendously as a researcher. It gave me the necessary skills and confidence to work in AI Safety full-time.
— Jacob Goldman-Wetzler. MATS 6.0, primary author of Gradient Routing, now working at Anthropic
The mentors are ambitious and set high expectations, but are both super friendly and go out of their way to create a healthy, low-stress atmosphere amongst the team, ideal for brainstorming and collaboration. This collaborative environment, combined with their strong high-level research taste, has consistently led to awesome research outputs.
My time on Team Shard set the bar for what a productive collaboration should look like.
— Jacob Drori. MATS 8.0, primary author of Optimizing The Final Output Can Obfuscate CoT (Research Note)
Apply for MATS mentorship at Team Shard before October 2nd. Alex Cloud (@cloud) and I run this MATS stream together. We help alignment researchers grow from seeds into majestic trees. We have fun, consistently make real alignment progress, and have a dedicated shitposting channel.
Our mentees have gone on to impactful jobs, including (but not limited to)
- @lisathiergart (MATS 3.0) moved on to being a research lead at MIRI and now a senior director at the SL5 task force,
- @cloud (MATS 6.0) went from mentee to co-mentor in one round and also secured a job at Anthropic, and
- @Jacob G-W (MATS 6.0) also accepted an offer from Anthropic!
We likewise have a strong track record in research outputs, including
- Pioneering steering vectors for use in LLMs (Steering GPT-2-XL by adding an activation vector),
- Masking Gradients to Localize Computation in Neural Networks, and
- Distillation Robustifies Unlearning.
Our team culture is often super tight-knit and fun. For example, in this last MATS round, we lifted together every Wednesday and Thursday.
Apply here before October 2nd. (Don't procrastinate, and remember the planning fallacy!)
22
I'm guessing you think "I'm a citizen. I don't break laws. I'm not in a directly targeted group. I'm low risk."
You might be thinking about risk as binary—either you're targeted for arrest/elimination, or you're safe. The thesis isn't "you might get swept up." The thesis is: "The 'medium risk' assessment is based on the principle of 'authoritarian creep.'" The tools and tactics normalized against one group (immigrants, protesters) invariably get turned against the next, less-popular group.
Disclaimer: This comment is AI-written but human-composed. I spent over an hour thinking about your question, articulating my views, dialoguing with the AI, fact-checking its claims, and adding new content. It'd be a big pain to rewrite everything myself and I want to finish up thinking about this for now, so posting as-is.
Authoritarian regimes exert control in two ways:
You say you oppose Trump and follow politics closely. That means you have political awareness and opposition. Under ambient fear tactics, you don't need to be individually hunted down—you just need to know that your legal status won't protect you if you're inconvenient.
The infrastructure for widespread fear already exists
Citizen status doesn't ensure protection
Over 170 US citizens have been wrongly detained by ICE, including George Retes, an Iraq war veteran whose ID was in his car mere feet away but who spent three days in jail with pepper spray burns, unable to make a phone call or speak to a lawyer. He wasn't charged with anything. He was just released with no explanation.
And how hard would it be for ICE to flip an entry in a database?
Court orders don't ensure protection
Trump has threatened to invoke the Insurrection Act to override judicial rulings. In Chicago, ICE continues to tear gas protestors and not wear identification in violation of a court order.
Congressional oversight doesn't doesn't ensure protection
Twelve Democratic members of Congress filed a lawsuit after being denied entry to detention facilities in violation of federal law explicitly granting Congress the right to conduct unannounced inspections. Rep. LaMonica McIver was charged with "assaulting law enforcement" for trying to enter—charges she calls "purely political."
Why this matters for you
ICE ignoring court orders in Chicago shows contempt for the judiciary. The Congressional blockade shows a contempt for the legislature. This creates an unchecked executive. An unchecked executive means all citizens have a higher risk profile, because the legal systems designed to protect you have been proven to be ignorable.
As Bruce Schneier notes: "If ICE targets only people it can go after legally, then everyone knows whether or not they need to fear ICE. If ICE occasionally makes mistakes by arresting Americans and deporting innocents, then everyone has to fear it. This is by design."
You're meant to be chilled. Maybe you won't be put in a camp. Maybe you'll never be arrested. But maybe:
This is what 1950's McCarthyism looked like—most people weren't jailed, but thousands lost jobs, were blacklisted, had their lives destroyed. The threat didn't need to be execution; it just needed to be real enough to make people shut up.
Medium risk means: You probably won't be individually hunted down. But you absolutely could face consequences—detention, job loss, legal harassment, having to lawyer up even for bullshit charges—for being a visible Trump opponent. The goal isn't necessarily to arrest you. The goal is to make you wonder if sending that frustrated text message, or writing that Google Docs comment, or making that donation will put you on a list. The goal is to make you self-censor.
You're politically aware enough to understand what's happening. You openly oppose Trump. The system has demonstrated it will ignore your legal protections when convenient. That's not low risk, that's medium risk—the infrastructure exists to grab you if you're inconvenient, and your citizenship won't stop them.
I don't know if it'll get to camps. I don't know if it'll get to purges. But I know the ambient fear infrastructure is already functioning, and you're in the category of people it's designed to intimidate.
That's why I recommend taking precautions now, as listed in the article.