💾 Archived View for splint.rs › privacy.gmi captured on 2023-09-28 at 16:16:19. Gemini links have been rewritten to link to archived content

-=-=-=-=-=-=-

Privacy for One

Privacy for one makes very little sense. As individual as an individual might be, humans think in groups. We talk, research, and revise ideas together.

I once had super-encrypted email with Tutanota. Nobody could see it, even with a court order, because the emails were persistently encrypted on the server's disk, and would display unencrypted only in my browser, which had my password cached in RAM.

Then I sent an email to my friends on Gmail, making the entire thing pointless.

I don't have that email any more, and I don't have the same beliefs about privacy. We have to look at tech, but better encryption can't help much when the real problems all stem from centralization.

When all emails rest in a single location, we have one thing that can go wrong before all our thoughts lie naked and exposed to exploitation. If we have 30,000 different email servers, then 30,000 things must go wrong before our private thoughts become public.

Focussing on our own privacy is about as much use as spending efforts to ensure that our vote has been counted properly and nobody has interfered with it. If the system is rigged from the start, and only a tiny minority of tech-heads can ensure their vote goes to the right place, then their efforts are futile. If your voting system requires signing votes with a GPG-key before it's secure, then the entire system is insecure, and the only way to fix it is to fix it for everyone.

Federated networks like Mastodon are not encrypted, but are still far better for privacy than e-mail. Even if e-mail can attain perfect encryption with the right setup, the defaults are awful, and so with 95% of users being completely insecure, the platform/ protocol as a whole is 95% insecure. On the other hand, if 1/3,000 Mastodon servers have a bad admin who sells data, then the platform still boasts 99.99977% security.