The New Oil

Prime Day is This Week. Here’s Why You Should Stop Using Amazon

July 10, 2022

Amazon’s now-legendary “Prime Day” is July 12-13. Boy that sneaks up on you fast when you avoid them and don't have ads in your life. Much like Black Friday or Cyber Monday, this means sales on lots of items on Amazon’s vast marketplace, and as such many people flock to the giant’s website to get sweet deals on everything from computers to small kitchen appliances and more. But this year – as with all years, hence why this repost – I urge you to resist the allure. Far be it from me to tell you what to spend your money on or where, but in this week’s post I hope to lay out a compelling case for everyone for why Amazon is full-stop evil, no caveats, and is undeserving of your money on a moral and ethical level. Amazon needs to be stopped, and legislation will not do so. Only its loyal consumers – who keep the beast alive – can do that by taking their money elsewhere. No matter your political or ethical beliefs, I'm certain Amazon violates them in one way or another, and you should vote with your dollar by buying from other places whenever possible.

Here are five reasons that you should stop supporting Amazon with your money and purchases.

Amazon Is An Enemy of Black Lives Matter

Do you believe that black lives matter? Do you think police have too much funding, too little oversight, are a tool of an oppressive regime, and/or are a private police force for the rich to keep the poor and minorities in line? Well guess what: up until 2020 Amazon proudly sold their facial recognition software (called “Rekognition”) to law enforcement agencies all cross the country. Like every other facial recognition software out there, this system was notoriously bad at accurately identifying minorities, mainly people of color and women (if you have Netflix, there's a whole movie about this called Coded Bias, I highly recommend it). Amazon only stopped for PR reasons at the start of the George Floyd protests, and even then they only issued a “one-year moratorium.” This has since been extended indefinitely, but frankly that doesn’t matter. It’s still just PR. Why do I say that? Because for one, that ban only applies to the US. Amazon is still free to sell their faulty facial recognition services to other countries and industries. Second, Amazon still gives police across the nation unfettered access to Ring doorbells, allowing police to have vast real-time surveillance networks paid for by private citizens who may not even know law enforcement has this sort of access. Amazon is actively helping police spy on and identify – poorly – everyone, even peaceful protesters.

Amazon Is An Enemy of Small Businesses

“Well I think all lives matter,” you may say to yourself, “and I support our law enforcement officers.” That’s cool. If you’re more right-leaning, you probably believe in the free market and you’ll likely be furious to know that Amazon actively crushes small businesses. To be clear, I'm not talking about the free market where they simply provide a better product/service and win over customers from the other guys. Amazon has been repeatedly proven to use data gathered from small merchants who use their marketplace to create competing products, avoiding the financial hit of the mistakes that those smaller businesses may have already made in marketing, pricing, or production. (I believe this is the exact sort of data that would be covered by nearly every standard non-disclosure agreement that nearly every company uses these days.) Not that it matters, because Amazon can also just use their massive empire to undercut the competition, selling products at a massive loss until the competitor is eventually driven out of business, then bouncing prices back up to profit-making levels once there’s no alternatives to compete with. The use of this data in the first place isn’t just free market sorting itself out, it’s straight up corporate espionage. It’s one thing if I left my job to work for a competitor and said “we learned that our customers respond better to blue than red.” It would be completely different for me to take a copy of all our business records, marketing documents, and passwords with me. That’s basically what Amazon does. They leverage their highly-invasive platform (which is so ubiquitous that to NOT sell on Amazon is practically a death sentence) to harvest sensitive business data and then use their resources to take the hit until the smaller guys can’t anymore and fold. In any other scenario, this would be corporate spying and illegal monopolizing. Even if it wasn’t illegal, I’d have a hard time believing any free-market enthusiast actually has no problem with this.

Amazon Is An Enemy of Human Rights

Maybe you’re an apolitical person (there’s really no such thing and that’s actually a very “privileged” stance to take, but I digress). In this situation, you can probably agree that we’re all human beings. We all deserve to be treated with respect, no matter what. Well, Amazon is unbelievably hostile to worker’s rights. For years, Amazon Prime delivery drivers have been reporting unrealistic expectations like being expected to deliver 200 packages in a 9-hour shift (that’s about 1 package every 3 minutes), missing pay, intimidation, favoritism, and buggy AI tracking their “performance” (even off the clock). Many of them have reported having to pee in bottles to try to stay on schedule. One reported a hospital-worthy injury where he was advised to finish his deliveries (several hours’ worth) before seeking medical treatment. Warehouse workers report timed bathroom breaks and not being allowed sit down for a few minutes outside of breaks. I’m all about hard work ethic, but you’ve seriously never had a day where you just needed five minutes to gather yourself? Amazon took it one step further with patented wearables in the workplace to spy on employees and make them work even harder. (For the record, there’s no evidence they plan to roll this out yet but the fact that they expressed an interest in controlling the rights to this technology is unsettling.) When workers expressed an interest in unionizing so they could force more humane working conditions (aren’t there already supposed to be labor laws in the first place?) Amazon used their powerful surveillance network to spy on and infiltrate those groups and even attempted to put cameras over the ballot boxes during a union vote to “ensure integrity.” Amazon doesn’t give a crap about their employees, it’s all about the bottom line and quite frankly I’m surprised they haven’t just moved overseas to sweat shops.

Amazon Is An Enemy of Democracy

“Wow, we really need some regulation on Amazon!” you might be thinking. Yeah, that’d be cool, except that at this point Amazon is more powerful than the US government. Amazon spent $18 million in 2020 on lobbying, and then increased it to $20.3 million in 2021 – for those who live outside the US, “lobbying” is a fancy word for “legal bribery.” I’m not making that up. It started off with good intentions and it does make sense, but it gets abused constantly and in laughably transparent ways that make every American citizen wonder how the hell this practice is legal. Anyways, that’s not the point. Have you ever wondered why the “settlement” amounts in corporate lawsuits are always so obnoxiously low? It’s because corporations hire GOOD lawyers. They can afford to hire lawyers who are field experts and can pay them to focus all their time and attention only on that one company and that one subject/department. Then they can pour even more resources into filing new paperwork, doing research, fighting the case, etc. Eventually the court costs start to pile up and the idea of dragging this out for years and spending millions of dollars becomes arduous, frustrating, and impractical. Look at the recent Home Depot data breach settlement – 10 years later! This is compounded even more when you’re an elected official. “You’ve spent HOW MUCH taxpayer money on fighting over some silly case that doesn’t even concern me – the voter – in a way I can tangibly see and understand when that money could’ve gone to better roads, schools, healthcare, national defense, etc?” The fact is that these cases do matter and do concern everyone, but it’s hard to care when you’re buying new rims multiple times per year because you damaged the old ones on a pothole, or when your kid brings home a history book from 1989, or when you work 60 hours a week and still can't afford basic healthcare coverage (the fact that we're the only developed nation that doesn't have free healthcare is a completely separate issue). Amazon can’t be reigned in by regulation because they can outspend the government in time, fines, lobbying, and any other area that they need to. The government has to answer for their tax money spent (in theory). Amazon only has to answer to shareholders and only one question: “how much more money did you make me this quarter?” They can afford to hire lobbyists who shape the laws – literally – and if they fail that they can always drag the court case into oblivion until it just gets settled.

You Are Part of The Problem

Do you remember when Chris Brown beat Rihanna? When that was still top news and I met people who listened to his music I’d always ask them “don’t have you an issue with him beating up Rihanna?” and without fail they’d always answer “Of course! But I just like his music, I don't support what he did.” Here’s the thing though: it’s impossible in situations like that to benefit without supporting the person in question. Every album purchase, every stream, every shirt purchased, every YouTube view, these are all metrics he can use to justify his popularity and book large venues with large guarantees. Honestly I’d even leverage illegal downloads if I was his booking agent. “They can download a song, they can’t download a concert. Those are potentially paying fans.” The same is true with Amazon. In no way can you give any money to Amazon and NOT be directly contributing to these problems I’ve listed above. Every penny you spend can be directed towards developing new surveillance tech or hiring new sales people to score new government contracts. Every purchase you make says that you’re okay with how things are currently working at Amazon and shows them that you’re willing to spend money there. Even using Alexa is sharing your data, which Amazon then uses to refine their products or serve you more ads (which they get paid for). There is absolutely no way for you to use Amazon that doesn’t tell their shareholders “I’m okay with this. Keep the course.” The only way that we can ever hope to affect change is to force their hand by taking your money elsewhere.

Reality and Next Steps

Look, I’m a realist, okay? I know that sometimes there are things that you absolutely cannot get anywhere else except Amazon (or if you can, it costs significantly more). First off, I’d ask you to weigh your definition of “significantly.” Paying $5 more on a $100 product – especially a luxury you can live without – is not “significant.” Furthermore, depending on your financial situation, paying $5 more on a $20 product may also not be much for you. In these cases, I urge you to take the ethical path and not give into Amazon. It’s worth paying a little extra for a good cause. Having said that, paying $50 more for a $10 product, that’s understandably different. If you must use Amazon, here’s my suggestions: First off, if you already have an account, you’re probably fine to leave it active. Your history will stay there, but frankly if you create a new account, it’s likely to get flagged and suspended or if you do it wrong Amazon will still trace it back to you anyways. Feel free to keep your current account, but go ahead and make sure you use good practices like 2FA, strong passwords, and masked e-mail addresses.

If you’re making a new account, I recommend using a masked email address or an old, already very-publicly exposed email address for credibility purposes (like an old Gmail address). I’ve had good success with buying pre-paid Amazon gift cards in cash at 7/11 and using those to make my purchases, however I’ve heard some people have still had their accounts flagged regardless in those situations, so don’t put too much money in right away in case that happens. You can attempt to make new accounts for every purchase (since ideally this should be rare for you anyways), or you can attempt to make one account and just keep topping it up as needed. Michael Bazzell offers more details on what's worked for him on this podcast episode.

Last but not least, I encourage you not only to avoid Amazon itself, but avoid their subsidiaries as using them will still contribute to Amazon’s unethical empire. Unfortunately this includes popular brands like Twitch, Audible, IMDB, GoodReads, Zappos, and over 100 others. I know it’s a lot and it can be hard, but as I outlined before we can’t keep hoping someone else will reign them in. It’s going to take a collective, serious effort to hit them where it hurts (the wallet) and force them to start being a more ethical company.

Prime Day is this week. Please, avoid it. Be the change you want to see in the world. A drop of water alone isn't much, but together it can make an ocean.

You can find more recommended services and programs at TheNewOil.org, and you can find our other content across the web here or support our work in a variety of ways here. You can also leave a comment on this post here: Discuss...

2022 Review: Signal Messenger

July 3, 2022

What is Signal & Why Do You Need It?

Even if you’re not big into privacy or security, you’ve likely at least heard of Signal. The WhatsApp/Telegram competitor rose to mainstream prominence in 2021, largely thanks to Elon Musk’s timely “Use Signal” tweet that came on the heels of several unpopular WhatsApp changes. The app promptly skyrocketed to the number one spot in multiple countries’ app stores and even crashed the servers for a weekend.

Signal is an end-to-end encrypted messenger available on Linux, Mac, Windows, Android, and iOS. I have long touted the need for E2EE in your daily communications for both practical and philosophical reasons. For practical reasons, it can protect sensitive communications like financial discussions, upcoming plans, and NSFW pics/texts if that’s your thing. For philosophical reasons, I think that everyone should use encryption whenever possible to normalize it and make mass surveillance less feasible/practical/economical.

The Good

Signal has a lot to like. Let’s start at the top with installation: I like to call Signal “insultingly easy” to setup. You basically just download it and keep clicking through the prompts. The only way this gets even remotely complex is if you decide to sign up using a phone number other than your SIM card number, but even then “complex” simply means “you have to enter the number yourself instead of letting Signal read it from your messages automatically.” Side note: Signal allows you to register with a Voice-over-IP number. This is fantastic for privacy, which I’ll talk about in the next section.

Next, let’s talk about Signal’s encryption. You really can’t beat it, it’s some of the best in the world. It’s so good that allegedly even the CIA can’t crack it and companies like WhatsApp, Skype, Google, and Facebook Secret Messages all use it for encryption. Signal itself has been used by the EU Comission, numerous politicians and their cabinets, journalists, whistleblowers, and law enforcement.

Signal if fast, reliable, and as a plus Android users can set it to be their default messenger app. This means that both your encrypted Signal messages and your unencrypted SMS messages will both funnel into the same app. This has two advantages: for one, you don’t have to switch between apps (a common complaint for iOS users), and for another, if you message someone new who already has Signal, it will automatically send as an encrypted Signal message. If they don’t have Signal, it will automatically send as a regular SMS. Very convenient. Speaking of convenience, Signal also offers a huge array of mainstream features that are sure to reel in even those who don’t care about privacy, like GIPHY support, stickers, and virtually unlimited attachment sizes (I’ve heard rumors of people sending 20-minute voice messages. Horrifying, but impressive). They also offer group chat and video calls of nearly any size you could want – including up to 40 people in a video call. Oh, and Signal is audited. That’s always a plus.

The Bad

Signal is not without flaws. The biggest one for most people (myself included) is the phone number requirement. Signal must have an active phone number to work. For those of you who like to use temporary verification number services, that means “don’t.” Once your burner number goes away, Signal will likely stop working a few days after. You’ll have to find a number that you control completely and use that. I prefer to have a number dedicated only to Signal and nothing else – this can be done with MySudo or Google Voice or pretty much any VoIP service that allows you to create multiple numbers – but that’s a pain for minimalists. Signal has been promising usernames for years, but at the time of this writing there’s still no sign of it coming any time soon. I think this is where we should note that Signal is not anonymous. While they make no effort to correlate or determine your identity, the fact is that most people won’t use VoIP numbers with Signal, and even those who do can still be traced back to the provider. Signal is very private and very secure, but anonymity really depends on you and the measures you take.

My other complaint with Signal is somewhat personal, but I think understandable even if you disagree: the “MobileCoin” incident. I gave a more detailed explanation of this in last year’s review as well as this blog post I wrote for Decentralize Today, but the short version is that Signal went nearly a year without publicly updating their server source code so that they could work out the kinks and introduce a new feature of sending and receiving money to friends and family via “MobileCoin,” a Monero variant. I personally am one of the people who’s not a fan of MobileCoin, but more importantly I don’t like that Signal felt the need to be so secretive about this. I understand they wanted to surprise everyone with what they thought was good news, but I wish they hadn’t. Save the surprises parties for my friends and family, not my encrypted messenger. It was a poor decision that they never really addressed, we all just sort of moved on cause we had no choice.

Signal’s other lesser flaws include being based in the United States, which I believe doesn’t really impact the efficacy of the service itself but it does call into question the future of the service as the United States becomes increasingly anti-encryption (though in the past, Signal did say that any laws banning encryption would simply result in the organization moving overseas to an encryption-friendly country). Signal is also centralized, and many of those central servers include ones owned by Google and Amazon. Signal goes to great lengths to create a zero-trust service where the server’s compromise means nothing, but it’s still sad to see yet another place where escaping the clutches of Big Tech isn’t possible. It’d be nice to see them invest in alternative infrastructure that doesn’t enable enemies of privacy.

Conclusion

Signal is one of the best messengers on the market. It is incredibly secure, very private (remember: not anonymous, but private), easy to use, and has very wide adoption. In fact, it was even casually featured in this year’s Google IO event during a feature demonstration. For the vast majority of people, Signal is without a doubt the best messenger because of the wide array of features, adoption, and user-friendliness. However, Signal does have drawbacks that make it not right for every situation. For those who don’t want to hand out a phone number or don’t want a phone at all, Signal presents serious challenges. Still, for a daily messenger I strongly encourage readers to look into Signal. It may be the gateway app that gets your friends and family deeper into encrypted messengers down the road.

You can check out Signal here.

Let’s Talk About Roe v Wade

June 25, 2022

This week, the US Supreme Court overturned a landmark decision from 1973. “Jane Roe” had filed a lawsuit against the state of Texas, claiming that banning abortions was unconstitutional. Regardless of your opinions of abortion, this is a discussion we need to have because the Supreme Court ultimately ruled 7-2 that the 14th Amendment of the US Constitution guaranteed a right to privacy, which included privacy over a woman’s body. In fact, the exact quote was “This right of privacy….is broad enough to encompass a woman's decision whether to terminate her pregnancy.” (Source). So this isn’t just about abortion, this decision has the possibility (probability, I would argue) to impact privacy on a long-term, national level. And that’s why I want to talk about it today. So put aside your political opinions for just a moment, and let’s talk about the impact of this decision.

The Direct Privacy Connection

With the overturning of Roe v Wade, abortion decisions must now be made at the state level. This means that in about half the US, abortions are now essentially illegal unless the life of the mother is at risk (many of these states do not provide exceptions for cases of rape or incest). This has thrown much of the US into a state of panic because of mass surveillance: it’s long been no secret among groups like Privacy International, EFF, and even a horde of mainstream news outlets that “period trackers” – like pretty much every other mainstream app on earth – collect vast amounts of data (more than they actually need) and submit it back to third party advertisers and data brokers who track people. Couple this with the US government’s long standing penchant of simply buying data from third parties to circumvent the red tape of court orders and due process and we have now entered a dystopian but 100% possible (and I would argue “likely”) scenario: the weaponization of data to hunt down and persecute people.

I have long said that if the data you collect would be dangerous in the wrong hands, you shouldn’t collect it. Likewise, I have also long said that “I have nothing to hide” is an absolutely insane argument because laws change. What’s legal today is not tomorrow. Unfortunately, I was ahead of my time. The data we’re collecting today can be weaponized in the future. Data that didn’t matter last week – like where you went – matters now. The Supreme Court has decided to weaken protections, and this case isn’t just about abortion. The decision was directly predicated on privacy: “you have a right to privacy from the government.” With that decision no longer valid, privacy protections in the US have taken a hit, and every blow that weakens privacy makes room for further losses in the future. Maybe you’re anti-abortion. In this case, I don’t think that matters. You may think this case was a win, but that trophy comes with heavy strings attached. Go ahead and quote me: the reduction in privacy protections that occurred this week will go beyond reproductive rights and be used to weaken other rights in other areas, probably in some that affect you negatively. This was not what you wanted. With the rampant, obscene overcollection and sharing of sensitive data, the price will be paid in other areas, and it will be expensive.

Practical Advice

It is with this in mind that I urge us all, now more than ever, to take our data seriously regardless of if or how this ruling has directly impacted you. Last week, researching abortion for any reason didn’t matter legally, and now it might. In the future, wanting to understand a particular medical or mental health issue could cost you health insurance or certain rights. The BDSM community has long struggled with the fear of having their children taken away because of their lifestyles. I personally could easily see a future where a quick Google search to better understand depression could be used to deny you a firearms license, or where researching Russia’s narrative of the war in Ukraine could be used to restrict your travel or financial purchases. Maybe today that sounds insane. The idea that abortion rights were going to be rolled back sounded insane to most a year ago. Maybe I’m wrong, but are you willing to take that risk? Your innocent data today can be used against you tomorrow. Why risk it?

Regardless of what you’re searching or why, I have some practical tips for everyone moving forward in a world where your data can be weaponized against you at some point in the future.

1. Encrypt and erase everything. You’ve got to stop using unprotected communications like SMS and things that identify and track you like Chrome. Use the Tor Browser (or Brave/Firefox with a VPN). Use Signal, Session, or Wire to communicate. Furthermore, set your browser to never save history or cookies, and set your messenger to automatically erase messages (hence why I suggested those three specifically). You should also switch to a privacy-respecting search engine that doesn’t try to track you. I personally use Brave, but DuckDuckGo, and Startpage are popular options, as well as Whoogle and SearX. Some of these even have onion versions for Tor users that can provide additional protection.

2. Check app permissions. It’s unrealistic to ask people not to have phones at all (if you can swing that, kudos to you). However, you should absolutely check all the apps on your phone right now. First off, delete the ones you don’t actually need or use regularly. For the ones you decide to keep, be sure to check the permissions. Does Tinder need location data access all the time, or only when using it? Does that game really need access to your contacts? Disable any permissions the app doesn’t actually need. I have some additional suggestions and information here. It should also go without saying that you should probably start checking the privacy policies and look for apps that either don’t collect data, or only collect data they actually need (for example, not location data). A great place to start is AlternativeTo.

3. Ditch the phone altogether. Of course, the best option is to simply not have a phone. While this is not feasible for most 24/7, it can easily be done in specific scenarios and there are two I want to highlight. First, research. Do not research sensitive stuff on your phone. Phones are incredibly locked down for security reasons, and they are very invasive by their nature. For these reasons, it’s best to use a computer where you can restrict the data collected easier and have stronger protections from your browser and VPN. Tor browser on a hardened computer will always be more private than Tor browser on an iPhone, in my opinion. Second, travel. If you’re going somewhere sensitive, leave the phone at home. If you take it with you, there will be a record of you going to that place. Trust me, you can live without it for a few hours. I am not convinced that airplane mode is enough for this purpose, I’d leave it altogether. (Note: this applies to anyone around you. If your friend or partner gives you a ride to your appointment, they could be tracked, too.)

4. Communications. Most places require you to make an appointment. For this, I recommend using an encrypted email provider as they will not be able to disclose your email contents even with a court order. Certain sensitive, one-time appointments may warrant making a new inbox altogether.

5. Payments Digital payments – like your debit/credit card, Venmo, PayPal, Cash App, etc – all leave a trail. Instead, you should always opt for cash. If for some reason your provider accepts cryptocurrency, please also note that Bitcoin is not private by default. I recommend Monero instead. If none of these are accepted, try to buy prepaid cards using cash.

While this information – at the time of writing – may be most relevant to those seeking certain forms of healthcare, I urge you not to ignore it if this doesn’t affect you. Like I said earlier, the Roe v Wade decision is about more than abortion. Our privacy rights in America have been weakened, and right now the only thing protecting most of us from data abuse as it is are some flimsy laws and empty promises from companies who value profit above privacy. This particular decision may not impact you right now, but I’m willing to bet that in the future others stemming from this will. So again, even if you’re anti-abortion or unaffected, I encourage you to heed this as a wake-up call and start valuing your privacy. Your data may be weaponized next. Protecting yourself is easier than you think.

Upping Your Privacy Game

June 18, 2022

Lately I’ve been seeing a big trend among a lot of privacy content creators for wider acceptance of wherever people are in their privacy journeys. To be clear, this is a good trend. I think it’s vital that we accept that everyone is in a different place with different circumstances. Sometimes people just started their journey and haven’t decided to switch to Linux yet (or which distro to switch to), or maybe people are still filling in gaps in their technical knowledge before making a decision about something. Nobody is born knowing everything, and everything we do is a journey.

Having said that, pendulums can swing too far in either direction. Just as it’s possible to be too aggressive, too unforgiving, too dogmatic about forcing everyone to go to the maximum in privacy, it’s also possible to be too forgiving, too patient, and never push yourself (or those around you) to go further.

I’m a big believer in constant growth. My father once said that the day you wake up, watch TV, and go to bed without ever doing anything to grow or better yourself is the day you start to die. While I think everyone needs days off, I do believe in his overall message. You either grow or die. If your life is a chart, the general trend should be up and to the right. The day you stop trying to grow in any way, shape, or form is the day you’re just wasting air. Now before anyone thinks I’m being too harsh or discriminatory, let me be clear that growth comes in multiple forms. “Growth” doesn’t necessarily mean going to the gym, learning a language, or taking a college class. Growth could – in my opinion – mean reading a new book. Checking the news (assuming your mental health allows for that regularly). Going for a walk. Checking on a friend you haven’t chatted with in a while. “Growth” could also encompass “maintenance” – keeping your garden alive, keeping your friendship alive, keeping your mind sharp. The day you stop doing that – the day you wake and go to bed without having done anything to improve or maintain at least one thing in your life, and you make that the new norm – you may as well go lie down in the grave. Again, days off are fine. At the time of this writing, I took a day off yesterday. I watched TV, I played video games, I drank, and it was amazing. I needed that so badly. But today I’m back in action: writing, reading, running The New Oil, etc. The overall trend is upward and to the right.

I believe that our privacy journey should also be like this. For most people, privacy is not their passion. I don’t expect everyone to wake up every day and go “how can I improve my privacy and/or security?” For most people, privacy is – at best – an interest. It’s something they want to take seriously, but they also have to balance jobs, relationships, parent-teacher meetings, classes, emergencies, the usual gamut of things that we all struggle with. I accept that. But the day you say “okay, I’ve hit my privacy goal, I can quit now” is the day you start losing your privacy.

There’s two reasons I believe this. The first is the most practical: privacy is an ever-evolving field. Suppose a couple years ago I had signed up for CTemplar and said “okay, I’m good now. I’ve got privacy.” For those who don’t know, CTemplar shut down last month, which means if I wanted to stay private, I had to find a new email provider. Wickr was once a great choice for privacy – personally, Wickr was my favorite. No personal data required for signup, mobile and desktop clients, usernames. Man, Wickr had it all. But now they’re owned by Amazon, and quite frankly if you think that Amazon isn’t collecting metadata, you’re delusional.

The second reason I believe this is because our situations change. I’ve met numerous people in the privacy community who say things like “I have to use WhatsApp for class, but as soon as I graduate I’m deleting it.” I’ve mentioned myself how in the past, I had a job that required the use of Facebook to communicate schedules and other bulletins. These days I could easily find another job that doesn’t require me to use Facebook, but back then I was just starting my career and had no choice. News flash: none of us are the same person or in the same situations we were ten years ago – and frankly, if you are, that’s very concerning. I don’t mean to judge, but you should probably examine yourself and your life and make sure you aren’t stagnating. I think we should all always be striving to be better than we were yesterday.

This is why we should never settle. Maybe you’re using a Mac right now because it’s functional and you don’t have the money to justify just going out and buying a new PC to put Linux on it. That’s fine. I respect that. I’m a frugal person myself, and I would never condone discarding a perfectly good device if your threat model allows you to get the most usage out of it. But in a few years when your device gets outdated, maybe go ahead and take the leap into Linux. Maybe you can’t, perhaps your career field requires Mac-specific software. I also respect that. I’m an audio guy, and I do a lot of work in Pro Tools. But I dualboot. I run Linux for 90% of my day, and Windows only when I need to do production work (or gaming). Imagine if I had said “well I need Pro Tools, so I’ll just say with Windows full time.” I would be losing out on that privacy for 90% of my life.

In the past, I’ve mentioned threat modeling and not overloading yourself. That stuff still applies. It’s still critical that you don’t burn yourself out or run yourself into a mental hospital (no stigma intended) because you tried to emigrate to a country with better privacy laws when you didn’t have to. At the same time, however, I believe it’s critical to recognize when you can do better and do so. Suppose my partner asked me to put up a shelf as high as I could reach to store some of our lesser-used kitchen utensils. I’m 5’10” (that’s 178 cm, for my readers in literally every other country on Earth). If I put the shelf five feet off the ground, I think we can all agree that I could do better. Sure, five feet is better than three, but the goal was “as high as possible” and I can easily do more than that. We should approach privacy and security the same way. Sure, Google has good security, but we can do better. Sure, SMS 2FA is better than none at all, but we can do better.

We all have a set amount of stuff we can deal with in a day. Some people call it “spoons,” I call it “emotional bandwidth,” but at the end of the day it’s the same thing: we have a limit on what we’re capable of. This is usually a combination of decisions, physical effort, emotional attention, etc. but once we’re out, we’re out. Sometimes, taking our privacy to the next level involves waiting until we have a day when we can do more. “I don’t have the energy to set up my own Nextcloud server today, but next week is a three-day weekend and I can set aside a few hours to do it then.” That’s perfectly okay. But my point is that I believe it’s worthwhile to see where you can improve and try to. Maybe you’ll try out Nextcloud and go “wow this sucks.” But maybe Proton Calendar works for you. Or Tutanota’s calendar. If you’re still using Google or iCloud for a calendar, I believe it’s worth looking into these solutions and trying them. Maybe none of them will work. But you owe it to yourself to spot room for improvement and look for solutions. In some cases, there may not be room for improvement. But again, things change. Maybe last year there weren’t any good options for your problem, but maybe this year there’s a new service to try. If something is just too much, it’s okay to dial it back and admit that the particular service or solution isn’t right for you. But remember to circle back around when things are different, and look for other areas of improvement. It’s always important to check in regularly and see what we can do better.

Remember: never stop growing. Slow, incremental growth is still growth. Let’s all strive to always grow. A tiny sprout today could be a nearly-indestructible Redwood in the future.

Daily Driving the Pinephone Pro

June 4, 2022

by Uncover

Pine64 has been known for their affordable GNU/Linux based devices for a while now. They released a Linux based phone called the PinePhone in early 2020, complete with switches to disable the camera, microphone, radios, and other sensitive hardware. I unfortunately didn’t get one at the time, but since then the Pinephone has become pretty decently stable (depending on what operating system – or “OS” – you use on it).

In Oct of 2021, the Pinephone Pro was announced and shipped early the following year. I preordered a Developer Edition, which is only intended for developers or people with extensive Linux knowledge, since I know the software will eventually mature and the higher hardware specs will be much better then the original PinePhone and I want to be along for the journey. I received it about one month ago and have been “daily driving” it as much as possible since, though I am unable to use it full time due to required work software I need to use and being available via phone is crucial (I did use it as much as possible besides required work needs).

I mostly used the default Manjaro KDE Plasma OS that it ships with, but I also tried Manjaro Phosh (the Gnome-based distribution that the Librem 5 also uses) and PostmarketOS with Plasma briefly. I have managed to put a sim card in it and test the calls and SMS/MMS.

What I Found

Plasma

Plasma is my personal favorite in terms of look and layout. Unfortunately I had to reinstall the OS on three separate occasions because sometimes the lock screen would say the PIN was wrong which I’m sure it wasn’t. I also had some issues with the screen getting stuck when rotating where part of the screen was black.

Voice calls were mostly reliable but sounded far away and muffled. It was manageable, but clearly lower quality than what I was used to on my usual phone. SMS and MMS, on the other hand, were spotty and unreliable. I usually received them, but not always. Overall I’d give that experience an 8/10 if I had to rate it.

The overall speed was actually faster then my iPhone when it came to browsing on the Angelfish browser that is included (Firefox also ran faster than my main cellphone but not as significantly as Angelfish).

Finally, the biggest issue I had was when using Discover (the app software “store”). When updating, there was an error of “1 offline update failed” where it offers an option to repair or open Discover, but neither option solved the problem. It should be noted this has already been brought up to the developers and they are working on a solution last I checked.

Phosh

Phosh is the smoothest and least bug-filled OS I tried, likely due to Phosh being in use for a while now on other devices such as the Librem 5. Personally I didn’t care for the icons or the way it vibrates every time you swipe down on the notification bar. However, that’s personal preference. If you want the most functionality and reliability, that seems to be what Phosh offers.

Phosh’s native SMS/MMS and phone calls also suffered the same issues as Plasma (low quality, hit-or-miss reception rates) but because of the rest of the phone’s factors it was a slightly more pleasant experience, maybe a 9/10.

Overall I encountered almost no bugs except for some YouTube playback issues on Firefox, where it buffered endlessly until I restarted the browser. Thankfully a quick fix.

PostmarketOS

I wanted to love PostmarketOS so much. It has also been in development for a long time and is focused on replacing the Android-like experience with Linux on phones. Unfortunately I couldn’t manage to update it or do much of anything. I couldn’t even get native SMS or voice calls to work at all. However, it should be noted that PostmarketOS does not officially support the Pinephone Pro at the time of this writing. I was able to find a developer who was willing to build a custom image for me to try. This is almost certainly why I ran into so many issues. I’m sure that by the time it’s officially released most of these bugs will be fixed.

Conclusion

The Pinephone experience varies wildly. Some people report a smooth, daily-drivable experience while others find it nearly unusable. I think this largely comes down to your daily lifestyle and what you need it to do for you. Pine64 has made it clear on the Pinephone Pro’s page who the product is and isn’t for at this stage (see the image above). I personally got one because I love FOSS and wanted to support a great company. I’m also impatient and would rather be along for the “software maturity” ride than wait until the final product is ready. I’m willing to risk some bugs in exchange for early adoption. If this sounds interesting to you and you are knowledgeable (very knowledgeable) in Linux, then I completely recommend checking out the Pinephone Pro. If you’re more of a casual user, then you may be more interested in a custom Android ROM until the software is more stable. But once it develops a little more, I bet it will be a powerful third option for those wishing to take back control of their data.

Stay safe and stay private.

2022 Review: Mullvad VPN

May 29, 2022

What is Mullvad VPN?

A VPN is a service that creates an encrypted tunnel between the device and the provider's server, protecting all your traffic from prying eyes along the way like your ISP or whoever owns the router (think public Wi-Fi, for example). After reaching the provider's server, your traffic continues on to your desired destination like normal. Mullvad is one such service, very popular in the privacy community for their low price and lack of required data at signup.

Why Do You Need a VPN?

You may not, to be honest. I recommend you check out IVPN's site “Do I Need a VPN?” here). A lot of people really hype VPNs as one of those absolutely, must-have, life-changing things that will solve all your problems. In all honesty, while I do believe that VPNs are an essential piece of your privacy strategy, there are many other free or low-cost strategies that will give you significantly more protection. A VPN these days pretty much only has two purposes: changing your IP address and protecting your traffic from local snoops. Changing your IP address is a valuable part of avoiding tracking, but it’s just one way and a VPN won’t protect you against those others like browser fingerprinting, tracking pixels, cookies, and more. Likewise, while it can be great to protect your traffic from your Internet Service Provider or a local cybercriminal, from a security perspective you’re already pretty well covered so long as you enable your browser’s HTTPS-Only mode and make sure you’re using the correct sites and not spoofed or phishing sites. Having said all that, I do still consider a VPN to be a critical part of your privacy and security posture if you can afford one. It can bypass censorship, stop your ISP from selling your browsing data, help obscure your IP address from tracking and logging, and protect your traffic from local attackers.

Why Not Tor?

Some people prefer Tor over VPNs. Tor is definitely right in certain situations, but not all of them. For one, many essential services – like banks – block known Tor IP addresses to prevent fraud and abuse, making using those services nearly impossible. Second, Tor loses almost – if not – all of its anonymity once you login to something. If you login to your email and then your Reddit account in the same session, they’re now tied to together and you’ve lost your anonymity benefit. For this reason, I recommend reputable VPNs for any services that are tied to your real identity or sensitive and Tor for random searches or accounts that are not tied to your real identity.

The Good

Mullvad has a lot of things to like. For starters, they require absolutely no identifying information to sign up. You are assigned a randomly-generated account number, you add however many months you want to your account (or sign up for an ongoing, indefinite account), and you download the app for the device you wish to protect. That simple. When it comes to buying time, you can pay with Bitcoin, Monero, privacy.com cards, or even cash!

The price is another popular selling point for many people. Most VPN providers offer tiers that give you different features for different prices – access to more servers, better speeds, or things like P2P servers for using Bittorrent and other services, for example. Mullvad doesn't do this. They offer only a single plan at a (in my opinion) very reasonable €5/month. Most people reading this have €5/month to burn, and the fact that Mullvad is committed to offering a full-service VPN at a consistent price point is admirable. They never do sales and they don't do any kind of a. Five Euros, no matter what. I admire that level of consistency.

Mullvad is based in Sweden. This is a double-edged sword in my opinion, but let's start with the good stuff. Sweden gone out of their way to build in strong consumer privacy laws. In addition to being accountable to the GDPR, Sweden has also determined that VPNs do not count as telecommunications providers and therefore are not subject to the usual wiretapping and surveillance laws and practices. Mullvad has an entire page here outlining all the various legal protections in place that make Sweden a good thing for VPNs.

Mullvad offers servers in 38 countries, and (as far as I can tell) uses very strong, state of the art security measures (see “The technical stuff” here). In a speedtest, I saw a ping of 34ms, a download speed of 76.73 Mbps, and an upload speed of 177.98 Mbps. Your results will vary based on your harware, ISP, and plan.

The Bad

Truthfully there's not much bad to say about Mullvad. My biggest concern with the service is their base of operations: Sweden is part of the 14-Eyes intelligence sharing agreement. Even if they do have good privacy laws in place, they as a country have – by entering into that agreement – expressed a level of comfort with secret surveillance intelligence sharing at the expense of the right to privacy for their citizens. In my opinion, it's that tone that makes it a bad thing when a country is part of a surveillance agreement. I trust that Mullvad wants to protect the privacy of their users, and I hope that if Sweden ever took a more invasive turn that Mullvad would respond accordingly. The choice to stay in Sweden should not be a dealbreaker for those considering Mullvad, but it does mean you should be keeping up-to-date on current events. Though personally, I think that's true of any service. Either way, Sweden is a country who has expressed a degree of comfort with surveillance, and that can never be overlooked or forgotten, no matter how strong the laws are right now. Laws can change.

Conclusion

With all my reviews, I try to use the product personally for at least a few weeks before publication, and at this time I have nothing bad to say about Mullvad and no negative experiences. Everything worked as expected, speeds were what I'm used to (given that I always use a VPN anyways), there was no real change in my internet experience after the switch. All that to say, there's a reason Mullvad is such a darling in the privacy community. If you're looking for a VPN, you'd be remiss not to consider Mullvad. They offer a 30-day money-back guarantee, so you've got nothing to lose.

You can learn more and sign up for Mullvad VPN here. No affiliate link available.

Disinformation Part 2

May 23, 2022

If you haven't read my last post you probably should. As the title suggests, I'm going to build heavily from it. In that post, I primarily wrote about “disinformation” – how to define it, when to use it, etc. But for many, knowing what to use can be an agonizingly difficult and confusing decision. In this post, I'll share my strategies for developing effective disinformation and hopefully give you a framework on how to do so yourself.

Identifying What You Need

The best place to start is by identifying your needs. This comes in two forms: the actual information (addresses, phone numbers, etc) and the context. By “context” I mean the kind of information you need. Does the address need to be local to confirm a story, or can it just be any random address? Does the name have to be one you'll use a lot or never again?

For example, in a prior blog post, I mentioned the idea of not using your real name when dating. But in this context, your fake name is one you'll have to reuse frequently. You'll need to respond to it when people call you from across the room, or you'll eventually have to explain that it's not your real name. There's numerous ways to handle this – some of which I discussed in that post – but ultimately you'll have to think in advance about it so you know the drawbacks and how to handle them.

Consider another scenario, one I've actually encountered many times: online ordering. I'm pretty vocal about my privacy.com usage. Privacy.com is a service that offers you digital debit cards where you can put in any billing information you want, allowing you to be John Doe at 123 Main Street, Smalltown USA. The problem, I quickly discovered, is that there are three parties involved in an online transaction: you, the bank (in this case, Privacy.com), and the vendor. While Privacy.com doesn't really care what information you put in the billing form, the vendor probably does. “John Doe at 123 Main Street” raises more red flags than a Chinese Communist Party rally on most vendor anti-fraud systems. I soon found that it was much, much easier to pick a generic sounding name – like Nathan Bartram – and an actual street address. This almost never flags the anti-fraud systems anymore.

Finally, you'll need to identify what information you actually need. This is based on your lifestyle and threat model. Perhaps you only ever buy physical goods online and never really buy software or other non-tangible services. In this case, you don't need to bother coming up with a fake address because you'll always need goods delivered to your actual address (PO Box or otherwise). Or perhaps you tell people that you’re from a certain part of town, so you’ll need an address in that town as a billing address to confirm your story and hide your real address.

Ultimately it’s important to think about what kinds of disinformation you’ll need and what the context for it will be. Once you’ve figured that out, it’s time to prepare.

Preparing Your Story

If you’re not prepared in advance with disinformation, you’ll probably end up folding every time and handing over real information. It’s just human nature. Therefore it’s important to pick your cover stories now. First off, you probably won’t remember your fake information – at least not at first. So when you’re digging through your notes app looking for it, you’ll feel compelled to explain why you don’t know your phone number or address.

Let me pause right here and deliver some wonderful news: most people don’t care. If you say “hold on, let me find it” and start scrolling your phone, most people will accept that and leave it at that. I’m willing to bet that for most readers, most of the people you interact with in day-to-day life (that you’ll be giving disinformation to) are underpaid and overworked employees. They don’t get paid enough to wonder why you can’t remember your information, and frankly they’ll probably forget about you about ten seconds after you walk out of sight. A lot of people get social anxiety over the idea that if they do anything “unusual” that people will somehow be suspicious of you. Let me reassure you: nobody cares. Everyone has their own lives, their own problems, their own boss constantly reminding them to do inventory after the registers slow down or their own fight with the significant other at home. Trust me, you are the last thing on their minds. Even if they did find you suspicious, what are they going to do? Refuse to sell you that coffee? Call the cops on you for not having your phone number memorized?

All you need to say when looking up your information is “one second, let me find it.” This lets them know you’re looking for the information they’ve asked for and you’re not just ignoring them and reading your text messages. If you feel compelled to say anything to explain, then just say “I just moved and I haven’t memorized the new address yet” or “I got a new phone and I can’t remember the number.” Again, however, this is almost never an issue.

With that handled, let’s turn to actually finding the information. Names and addresses are the easiest, so I recommend starting there. For names, I prefer to use Behind the Name’s Random Name Generator because you can narrow it down by sex (including “ambiguous”), how many names you need (first only or first and middle or more), and even ethnicity. Generate several options until you find one that sounds generic that you’re okay using.

For addresses, my preferred method is to use a local hotel. They already get tons of junk mail and they are a real, valid address so you’ll encounter less resistance from places that actually verify the address. If I need something sent to me, I use my PO Box.

Email addresses are a little tricky, but not much. For starters, I strongly encourage the use of an email forwarding service. If you pay for a premium subscription with either of the two I recommend and link a custom domain to them, you’ll be able to make up “wildcard” or “on-the-fly” addresses. So for example, I could make up “petstore@mydomain.com” at the register for my e-receipt and as soon as the store emails me the receipt, the forwarding service will automatically create it and forward the email to my inbox – no work needed on my end. If you’re unable to afford one of these services, you could try generating a few “junk” email addresses and writing them down in advance to hand out if you need to on the fly. Truthfully I’m rarely in a position where I must give someone a fake email address, but it never hurts to be prepared if you think it may happen.

Phone numbers get kind of tricky. If you just need to give them any kind of number, there’s lots of options. There’s the classic “867-5309” (this is from a hit 80’s pop song, in case you’re unaware), you can find an automated phone number online – something like a tech support number that leads to a phone tree, you can use Michael Bazzell’s “619-364-0090” through “0099,” and there’s tons of prank or false numbers online. My personal favorite is “248-434-5508.” Call it if you can. If you live in other countries, just do some research online. You’ll find tons of options. But what if it’s a number where you do need someone to reach you? Voice-over-IP is going to be your best bet by a wide margin, but again options are relatively limited if you live outside the US or other certain areas. There’s also the fact that most of these services don’t work if you need to verify a phone number for an account, like Twitter for example. In this case, your simplest bet is a second SIM card you only use for this purpose. There’s actually a few options here, but that’s going to be the most direct and simple. I could write an entire blog post about phone numbers alone, but if you ask around on some forums and do your research you should come up with some options that work for you.

Finally, you may be in a situation in which you need to invent a “backstory.” I’ve been known to frequent hobby-based meetup groups in the past – the kind where you find the posting online to get together to do nerd trivia with a bunch of strangers in a bar, stuff like that. This means I don’t know if the person next to me is my new best friend or secretly plotting to wear my skin and stash my body under their crawlspace. I’ve discussed in other blogs – namely the dating one I linked earlier – the idea of being vague when you disclose information. I tell people all the time that I work in audio-video, but not the company. I tell people I grew up in another state, but I don’t always say the city. If your threat model is high enough, you may wish to lie entirely and say you grew up in a state you never did or a city you never did. My only advice here is to make sure it’s a place you’re at least somewhat familiar with. I have visited Seattle, but I haven’t spent enough time there to be familiar with it. I would have a hard time saying I grew up there because I don’t know it well enough. If I ever met anyone else from Seattle, they’d be able to poke holes in my story instantly. On the other hand, I’ve visited San Diego multiple times for various reasons, and I could reasonably say I grew up in that area and be able to pass it off.

Conclusion

It’s pretty common to see people struggle with disinformation: how to come up with it, when to use it, etc. I hope this blog post has been helpful and given you a starting point, presented the right questions to ask yourself so you know what you need, the pitfalls to watch out for, and given you some ideas on where to go to find information to use. Now get out there and start protecting your privacy on a new level.

Disinformation, Part 1

May 7, 2022

Let's do this.

Since I started blogging in 2018 (or somewhere thereabouts) I've promised to write a blog about disinformation. I keep saying “eventually” and “someday” and “in time.” Well that time is now.

You need to start lying. Or at least telling half-truths. And I'm here to give you some pointers on how to do it in a smart, sustainable, and ethical way. In this post, I'm going to give you everything you need to know about disinformation, when to use it, how to use it, why to use it, and more. So let's get into it.

What is Disinformation (and Why Should You Use It)?

Disinformation is the act of intentionally lying to mislead someone. Generally speaking, this is not good. You shouldn't lie to your spouse, your boss, or the general public ([insert snide political opinion here]). But in the context of privacy, disinformation is not only ethical (I would argue) but it's often our only choice. Surveillance capitalism thrives on knowing your true identity – on being able to link every single step, click, view, like, and comment back to the source so they can improve their profiles about you and sell you more stuff. Sometimes “more stuff” means another pair of shoes or a new band. Sometimes it means a political ideology.

At very least, a pretty non-controversial definition of privacy is “the ability to control the flow of information.” Some people may prefer a more hardcore definition, but most people can agree that at a bare minimum privacy means having choice over what you disclose and to whom. This is why I find disinformation to be ethical: many companies and corporations do not give us meaningful consent. There's this idea that “if you don't like a product/service, just don't use it.” Ignoring the fact that they track you anyways, this doesn't account for things like signing up for financial aid for college and being tracked or the DMV selling your data. If you live in a town with poor public transit (which is most American towns), that basically means you have to pick between privacy or wasting hours of your life each week getting places that would otherwise take a fraction of the time. When your hands are so aggressively tied by the people above you and the “choices” given to you more closely resemble illusions and punishments, disinformation becomes the only ethical response.

All things being equal, it's always better to not hand out a piece of information. But sometimes that’s not an option. Most online retailers won’t let you finish the purchase until you provide a phone number (even though they literally always email you rather than call you). You have to give a name at Starbuck’s (I guess you could try fighting this one, I never have but I assume they wouldn’t appreciate you coming back). You can’t always just not give out information. But not everyone deserves your true information.

The fact is that once you give out a piece of information, you’ve effectively lost control of it. Really think about that. Every single thing you share – even just venting to your closest friend – is a piece of information you lose control over. You have no say in who they share that information with, where they post it, or what they do with it. You’re trusting them to lock it up inside their head and never share it, but you can’t force them. Even if you’re able to pursue some sort of recourse – like suing them or exiling them from your life – you can’t undo the disclosure.

This goes a thousandfold for companies, who basically treat everything you tell them like it’s public record with their poor security and data handling practices. Once you disclose something, you can’t take it back, especially once a company has leaked your data and now it’s all over the internet. Therefore it’s important to decide up front if someone needs that information in the first place.

Order of Operations

Perhaps a template for decision-making is in order here before we move on so we know what constitutes a “need” and a legitimate interest.

First off, I never encourage doing anything illegal. Don’t give the cops a fake ID. Don’t put a fake name on your taxes. Don’t ever lie to the government. This extends to directly-related situations. For example, your boss has to file taxes so you need to give them a real name or else they’ll end up reporting bad information to the government who will then come after you for fraud.

Next, let’s talk about “people with a legitimate interest.” The most salient example here is your doctor. Your age is an important factor in many medical situations, so maybe don’t give the doctor a fake birthday. Do they really need the exact date of birth? Probably not, but also don’t lie to people trying to help you. I would terminate a consulting relationship with a client who was repeatedly lying to me. I’m not here to judge you, I’m here to help you, and if you won’t work with me you’re wasting both of our times. Same with doctors. If you don’t trust your doctor, request a new one.

Sometimes “legitimate interest” can be examined on a “piece by piece” basis. My employer has a legitimate interest in knowing my real name, social security number, and date of birth to verify tax records and identity comply with laws. My employer has no legitimate reason to know where I lay my head at my night, what I do on the weekends, or anything else about my personal life, really. Hence I have a strict policy about only giving employers a PO Box and VoIP phone number, never my true home address or SIM number.

In my opinion, most “legitimate interest” needs for our real data are rare and relatively obvious. In most of our day-to-day lives, there is no “legitimate interest” for any data at all. A famous joke by comedian Mitch Hedberg states: “I bought a doughnut and they gave me a receipt for the doughnut; I don't need a receipt for the doughnut. I'll just give you the money, and you give me the doughnut, end of transaction. We don't need to bring ink and paper into this. I just can't imagine a scenario where I would have to prove that I bought a doughnut.” Truthfully this is how I feel about 99% of the transactions I participate in on daily basis. Getting a soda at the corner store: “do you have a phone number for the rewards program?” No. Here’s $2 in cash, give me a soda. “Would you like to add a photo to your online profile?” You mean the one to order a new microphone at work? How about no. Here’s the company card, the company address, and the company name. Send me a microphone. The other day I called the Department of Motor Vehicles and the automated phone tree asked me for a date of birth. Why? Are you going to hang up on me and refuse to answer my questions if I’m too young to drive?

Determining a legitimate need is really that simple: just ask “why”? When in doubt, ask the person making the request. I once went to a restaurant and there was a wait, so the server as for my phone number. All I said was “why?” She replied “we can text you when you’re table’s ready.” I claimed I left my phone at home and asked her to just call my name instead, and she wrote down my first name. Sometimes I ask why and get met with a legitimate answer: “the cable guy will call you when he arrives.” Fair enough. My home can be hard to find, he might need some help finding it. But most of the time, there’s no good reason to hand out data.

Pause

Perhaps this is a good place to stop this week. I like to keep my blog posts to around 1000 words, and we’ve passed that mark already with so much still to discuss. We’ve established, I think, a good foundation for what disinformation is, why we need it, and when to use it. Next time we’ll cover some examples of disinformation and how to come up with good, plausible disinformation. Until then, stay safe out there!

CTemplar is Dead (AKA Lessons About Email Sovereignty)

April 30, 2022

Icelandic encrypted email provider CTemplar went under this week. I could list dozens of reasons this comes as no surprise to me – and another dozen ways this was poorly handled – but that’s neither here nor there. There’s no reason to kick somebody while they’re down. Instead let’s focus what we can learn from this, because there’s two important lessons.

Lesson 1: Beware the Little Guys

In the privacy space, we are very skeptical of new services, and rightfully so. There’s a lot at play here. First there’s the fact that the privacy space is rife with scams, both direct and indirect. Direct scams would be the ten thousand new “shitcoins” that pop up each day who’s only purpose is to make someone rich in a pump-and-dump scheme – or an actual, outright honeypot service like Anom. An indirect scam would be services that lull you into a false sense of security with buzzwords like “encrypted” and “private” when what they really mean is “for now” or “moreso than the other guy” (if they even mean that much).

Assuming that a new project is honest and well meaning, they can still easily make mistakes with poor implementation, poor wording, or bugs. Security and privacy are both important – and incredibly easy to screw up, sometimes badly.

Last but not least, even the honest services face the same uphill battle you’ll find in literally any market: it’s hard to compete with the name brands – Proton, Tutanota, DuckDuckGo, Mullvad, etc. These are brands who have proven themselves (whether you like them or not) time and time again. You’re new. You’re nobody. Why should anyone believe you? What do you offer that they don’t? What do you do differently and/or better? What challenges will I have to overcome to benefit from your product (such as the Network Effect)?

That said, there’s nothing wrong with supporting the new guys. I think you should, actually. I was a new guy once. I still am, in a lot of ways. Tutanota was once the new guy. Signal. Tor. Your favorite privacy or security service or tool was once new and untested. It’s good to research a product and then decide “I like this, this is good, I want to support this.” But you need to remember that we have no idea what’s going on behind the scenes. Depending on the available research and your skill level, you may not know if the product’s implementation is secure. We may not know their financial situation. We may not know if some drug kingpin is using the service and they’ll be served with some kind of legal order that forces them to fold. There’s a million things that could happen, and we just don’t know. I don’t think this counts as a reason to stay away – if you never support the projects you like, they’ll die for certain. But even if you do support them, they might die anyways through no fault of yours. So always keep backups, always keep redundancies, and always be prepared to wake up one day and find out your emails won’t send. This leads us to an even more important and easier-to-practice point.

Lesson 2: Control Your Data

Frequently when we talk about “controlling your data,” we think of things like self-hosting, reducing data transmission (via tools like firewalls, DNS, or uBlock Origin), or not using a service altogether. But sometimes it’s a bit more complex than that. This is actually a subject I’ve been wanting to discuss for quite some time. Sometimes “controlling your data” can mean controlling how it gets handled, or where it goes.

Let’s look at this through the lens of email and CTemplar. Most of my long-time readers know that I recommend the use of an email masking service like SimpleLogin or AnonAddy. There’s numerous practical reasons for this which I outline on that page, but one that I haven’t discussed in depth (and should probably add) is the ability to quickly and easily redirect your emails in a situation exactly like this one. Right now, a lot of CTemplar users are scrambling to get all their accounts moved over to a new provider. While SimpleLogin & AnonAddy don’t make this a one-click process, they do make it easier than logging into a billion websites and manually changing and verifying everything. It can all be done from one simple dashboard in just a few minutes, no verification required.

There’s another layer of protection here I strongly recommend: custom domains. The default email addresses provided by SimpleLogin and AnonAddy are fine for the small stuff, they present two issues. First, a lot of companies don’t typically like these kinds of services, so it’s usually only a matter of time before they start getting blocklisted. These two services are attempting to circumvent that by constantly adding new domains, but they can only do so much. It’s a constant cat-and-mouse. Second, what happens if one of these services go under? It’s happened before, and it can happen again. In fact, that’s why we’re talking about this right now: a company went under and now the users have to find something else. With a custom domain, if your email-forwarding solution of choice ever goes out of business, you just point the records at a new provider, whether that’s another forwarding service or an email provider directly.

A quick note: I know setting up a custom domain sounds hard, but it’s REALLY not. You buy a domain name you like from a website (common privacy recommendations include 1984, NameCheap, Orange, and PorkBun), then you go check the help page on your email forwarding service of choice for instructions on how to add your custom domain. More often than not, they have very simple, straightforward instructions and sometimes even have screenshots. Same if you decide to cut out the forwarding service and use an email provider directly.

Having your own domain is the ultimate power in controlling your email data (except for self-hosting, but I don’t recommend that for a lot of reasons). Unless the domain registrar disappears or blocks you (which, in my experience, is highly unlikely) then it doesn’t matter who goes out of business. You can always just point your emails somewhere new and keep going with almost no disruption.

Controlling your data is important and powerful. It makes you independent, it makes you resilient, and it makes your life simpler by being prepared for when things change – and in tech, things are always changing. Part of threat modeling is planning for what could go wrong and then putting systems in place to mitigate it if it happens. Maybe you weren’t affected by this CTemplar situation. That doesn’t mean you won’t be affected by the next one. Be sure to review the products and services you use and plan ahead. There’s always room to improve. Take this time to learn some lessons and apply the necessary changes to your own posture.

2022 Review: Session

April 23, 2022

What is Session & Why Do You Need It?

Session is an end-to-end encrypted messenger available on Linux, Mac, Windows, Android, and iOS. I have long touted the need for E2EE in your daily communications for both practical and philosophical reasons. For practical reasons, it can protect sensitive communications like financial discussions, upcoming plans, and NSFW pics/texts if that’s your thing. For philosophical reasons, I think that everyone should use encryption whenever possible to normalize it and make mass surveillance less feasible/practical/economical.

The Good

Session has a lot of things to like. For starters, it’s on par with Signal’s “insultingly easy” setup. Seriously. It takes less than a minute (including downloading it). Setup involves clicking the “Create Session ID” button wherein it automatically creates an ID for you, then asks you to pick a display name, a notification mode (Apple/Google push notifications or their own Apple/Google-free notifications), and you’re ready to start chatting. You pretty just click “next” the whole way through. It’s actually faster than Signal’s setup because you don’t need to enter a code that they text to you.

Speaking of, you may have noticed in my description just now that Session requires absolutely NO user information to sign up, like phone number, email, etc. It’s not even optional – there’s no fields to enter it. While most of my readers probably don’t need anonymity, less data to hand out is always better, and it doesn’t get much “less” than Session.

Next, Session is onion-routed, which – for those unaware – means that your communication goes through several nodes (sometimes called “hops”) on the way both to and from each recipient. This is good for aiding anonymity. You may already be familiar with this concept from the Tor network, and if you’re not I suggest checking out my video about Tor here to learn more.

The next big plus is that Session is decentralized. This makes it censorship resistant and also resistant to malicious activity by the Session team. Nodes are run by volunteers, therefore any attempt to shut down Session or force them to log data would be pretty ineffective. And of course, the app is open-source so even if the Session organization was shut down, any sufficiently skilled developer could simply fork the project and continue to run it.

Finally, Session is audited, which they passed rather well in my opinion. All issues were fixed – including the only “severe” vulnerability – except ones that were intentional for functionality, all of which are not technical vulnerabilities but rather recommendations (like default notification configurations).

The Bad

Let me get a quick non-issue out of the way before I continue: the Session team is based in Australia, which is pretty much the most privacy-hostile Western country on the planet. But I don’t think this really matters as I mentioned above: Session is open source and decentralized. Any attempts to compromise it will only result in a fork of the client and the servers will likely continue to run unaffected.

With that out of the way, Session’s biggest drawback in my opinion is stability. While it has come a long way and should be pretty usable 95+% of the time, it does still experience the occasional bug, usually resulting in a message not being sent, received, or synced between devices. Understandably that can be a big deal, but also it’s so rare that I find the risk relatively low personally. You might feel otherwise if you’re a journalist or fall into some other high-risk threat model, which I accept. That’s why I’m acknowledging this stuff so you can know the drawbacks. It's also a little slow, but they're constantly working to speed it up and personally I don't mind “a little slow.” If it's urgent, I'll call you.

Speaking of, the single biggest thing keeping me from making Session my daily messenger is the lack of audio/video calls. At the time of publication, these were in closed beta with the Session team teasing that they should enter a public beta any day now, so maybe by the time you read this it’ll be out. When it is, I’m going to jump straight on that train. Session solves a lot of my personal, nitpicky complaints with Signal. Sadly though, for Android users, I don’t think Session will be able to replace Signal as your default messaging app for easy integration. That may be a dealbreaker for some.

The final bit that may put some people off of Session is their use of the Oxen cryptocurrency token. For 99% of users, this means absolutely nothing and you can skip to the conclusion. Session is not a “web3” app in the sense that you get paid for your content or can send or receive payments in crypto. The cryptocurrency aspect of Oxen does not come into play in any way, shape, or form for the end user. Rather, the Session team uses Oxen as a way to pay those who host nodes. It also comes into play in the hosting of nodes itself. Session is designed to be resistant to “Sybil” attacks, which is basically where one entity (like the NSA or GCHQ) hosts a ton of nodes so they have majority control of the network and can effectively spy on all the users. Session does this by making each node cost more Oxen to host than the previous, so the price of a node is always rising exponentially. This means that the cost of controlling a node quickly rises and becomes economically unfeasible for an entity attempting to control the network – governments have a lot of money, but realistically not enough to justify this. After a certain point, they’d be better off finding new attack vectors. Non-malicious, everyday users can still pool their resources together to host a node as a group, and they get rewarded in Oxen token for doing so. This is what helps run the network and protect it against Sybil attacks while keeping it accessible. Truth be told, all of this goes way over my head but I’m going to share some resources in the next section that you can listen to and get more information yourself. The reason I’m listing this as a con is because a lot of people feel very strongly about cryptocurrency, and knowing that Session is hosted off a centralized, home-brewed altcoin is definitely not something most cryptocurrency enthusiasts are happy about. At best, most crypto people seem to regard this as a necessary minor annoyance while others rage about how this could’ve easily been accomplished with an existing coin and no need to reinvent the wheel. Personally I don’t know who’s right, and I don’t care. Session works, it’s been audited, and I don’t have to deal with the crypto side as an end-user. I just want you to be aware in case you feel differently.

Conclusion

Session, in my opinion, is one of the best choices you can make for an encrypted messenger. They’re audited, they’re metadata– and censorship-resistant, and they make it easy to be totally anonymous (as always, if done right). Session is still young, but they’re growing fast and I don’t think it’ll take long at all before they can punch against some of the rockstars of the encrypted messaging community. Fortunately, if you still want more information to make up your own mind (or get more insight into the Oxen/cryptocurrency thing I mentioned earlier), I have two resources. First is my own interview with Kee Jeffrys, the Chief Technology Officer for Session, from about a year ago. The second is Seth For Privacy’s more recent interview, also with Kee. Both of these should give you more than enough information to decide if Session is right for you and if you want to try it out. I’d recommend at least giving it a shot. You have nothing to lose.

You can check out Session here.