Because “adversary” is clearly gender neutral and “man” is not, so “man” isn’t able to continue it’s double meaning as being short for “mankind” which itself is short for “humankind,” for fears that it’s exclusionary.
“No security person is ever comfortable with this, no matter what consent we get from the general public. The general public just doesn’t know how this stuff works”
Apparently there was some debate among the Facebook leadership about whether getting clueless people to sign a consent form was good enough for them.
There is a lot of confusion amongst plenty people here, in how they are perceiving VPNs.
It is correct that VPNs are not designed for complete anonymity, security or privacy. However, they absolutely are designed for privacy and anonymity against certain actors, ISPs and regular script kiddies being one of them.
It is also correct that VPNs are not easy to trust, but that is the case with most, NOT all VPNs. Mullvad, IVPN are solid paid options, and Windscribe, AirVPN, ProtonVPN and Cryptostorm are slightly below but good to use as free/paid options. Most other VPNs either have poor technical management, poor uptime or poor track record (affiliate ads, user data leaks) or may be shady.
I agree, it’s all about understanding what the actual value these services provide is and what the risks are. There are legitimate use cases, but it’s important to be aware that it’s not a panacea.
So (and im asking for technical clarification as a layman) Facebook didn’t put this data miner on unknowing user’s phones but did pay teenagers to install one (onavo) on their phones that worked to decrypt traffic for everyone those users interacted with… Right?
There is no way to know whom the trustworthy VPN provider shares data with. That’s just the reality. And sure you’re back to square one if you don’t use a VPN, but the point here is that people think that using a VPN is much safer than it actually is. Furthermore, another option is always to just run your own VPN that you can host in whatever jurisdiction you want.
It’s safe to assume they were not providing data to anyone at the time, and perhaps they are not now. Thing is that you don’t know that, and it’s a relationship fundamentally based on trust. There’s nothing wrong with trusting a company like Mullvad, but it is just trust in the end.
The creators of MullvadVPN or their identities are not prominently disclosed, which means you have to trust them. For all we know they could be working with Swedish law enforcement.
@yogthos Is anyone surprised by this anymore? Facebook is evil- full stop. We don't need any more reasons to obstain from using their products but "mArKeTplAcE" and "mY cOuSiNs WoNt SwiTcH."
Craigslist also doesn't have shit on it. try and buy a car on there. if you're looking for a beater, sure. but a halfway decent sports car, fb marketplace is the only place
its still OK for other stuff, I've bought tools and whatnot off Craigslist, but for vehicles fb is unfortunately still king
What you’re describing is the network effect in action, not a flaw in Craigslist.
(It will be the same with every alternative you find, except perhaps one that’s well funded with outside money, which will be awful on the privacy front, of course.)
The way we overcome a network effect is piece by piece:
First we switch to the privacy-friendly service for everything we can. That immediately reduces our exposure, reduces the power of the incumbent, and makes the alternative more useful by giving more users a reason to switch.
Then, over time, we switch for the remaining things as we find a suitable service for each one. (This might even be the same privacy-friendly alternative we started with, after it has grown a little.)
If I felt I had to buy a sports car, and some awful invasive site like Facebook was somehow the only viable venue, I would buy just the car there. I wouldn’t make them the middle man for every other transaction in my life.
well yea its not Craigslist itself that's the issue, its the fact that its a smaller platform. and yea I use eBay or Craigslist for everything but vehicles.its sad that Craigslist has been forgotten though.
I agree. However, I think that most people won’t use Craigslist simply because it doesn’t have a lot of the modern niceties, specifically modern messaging solutions. The email system they have is pretty painful to use.
It’s easy enough to do messaging via text, or whatever other contact info you choose to give out. I like that I can use Craigslist without giving them much info about myself.
If you’re suggesting that a messaging system built into the venue is critical for success, then I suppose all of us wanting privacy are out of luck for now… but perhaps Craigslist (or some other privacy-friendly venue) could make it happen by integrating Matrix.
I agree that most messaging services are problematic, but Facebook having Messenger is part of the moat that’s keeping FB users on Marketplace. I think offering any non-email messaging solution would be hugely beneficial. I like the Matrix idea quite a bit.
Europe’s new Digital Markets Act might help in this department, too, through legally mandated interoperable messaging. Let’s hope it works out in our favor.
I feel you. I’ve spent the last couple years building up self hosted replacements for these enshittified services as they flop. But despite all the work I’ve put in, I can’t even get them to log off facebook to look at what I’ve got.
You make an excellent point, without use it’s mostly just there for nothing… but, specifically I build shit that they complain about. I have my personal photo site up with all my digital photos from the last 25 years catalogued and available from anywhere, I did this because they complained about not having them accessible. Hasn’t been logged into by anyone but me…
But I don’t really blame them, I get it. The easy button is right there.
Maybe the idea is to show the folks who keep complaining about defederating from Threads that they either don’t know or have forgotten just exactly what kind of company Meta is.
Another option, if you have technical skills, is to just run your own VPN which tends to be pretty easy to setup on a VPS nowadays. You can find a VPS provider in a jurisdiction you want, and you control what gets logged.
The only thing that actually matters is the jurisdiction. If your hosting provider is in a place that the country you live in can’t legally force to hand the data over then you’re much better off than using a service that may be sharing data with your government.
The topic in question here is not about government abuse of data, it’s corporate abuses, but okay, let’s set that aside.
You’ve said that it’s safer to roll your own VPN using a VPS service precisely because you can’t trust any VPN providers, or auditing organizations.
But you’re now saying that you can trust a hosting provider based solely on which jurisdiction they reside in.
You’re just arbitrarily picking which companies to trust with your connection traffic, but with added complexity, and significantly reduced egress locations for your traffic, which itself dramatically impacts any privacy benefits you were looking to achieve.
First of all, nowhere did I say anything about trusting any hosting provider. The point once again was about jurisdiction of the provider. Meanwhile, there’s nothing more arbitrary about picking a hosting provider than a VPN.
Add comment