Premium Privacy Services: are they really that private ?

64bithero@lemmy.world · 16 hours ago

Premium Privacy Services: are they really that private ?

FoundFootFootage78@lemmy.ml · edit-2 7 hours ago

Currently Google takes all your data, bundles it up, and sells it to the US government (and basically anyone else willing to pay). The goal of these paid privacy services is not necessarily to prevent the government from getting your information, but rather to make sure the government at least needs to ask for it first.

There are few services that offer both anonymity and privacy, they do exist but nobody really needs that level of privacy unless they’re journalists, whistleblowers, activists, or criminals.

There’s also security reasons, having your messages out in the open unencrypted is a security risk.

Steve@communick.news · 13 hours ago

Is this more of an argument of privacy vs anonymity?

Exactly!
Privacy and anonymity are two seperate things. You can be post things publicly and be anonymous. You can post things privately to people who know you.

Having your credit card would prevent anonymity, not privacy.

hersh@literature.cafe · 11 hours ago

There are services that allow anonymous payments. I think Proton, Mailbox.org, and Posteo all accept cash payments.

Kagi has a “privacy pass” feature, which uses some fancy ephemeral authentication tokens that are not traceable to your specific account. You lose personalized settings, naturally (like site rankings) but you can do searches that aren’t directly tied to your account.

For email, there’s no one-size-fits-all risk model. I mean, my email address is my full name, @ a domain that I own and is itself traceable to me. I have no need for anonymity, but I DO need privacy and security.

doodoo_wizard@lemmy.ml · 15 hours ago

The real question is what you’re trying to accomplish and why.

That informs your choices.

Privacy, security and anonymity are different things.

wizardbeard@lemmy.dbzer0.com · 14 hours ago

Man, every privacy comm on lemmy could use a sticky about this sort of stuff.

What is your actual risk profile? What are your goals and why? Basics of privacy vs security vs anonymity, practicality, trust.

birdwing@lemmy.blahaj.zone · edit-2 13 hours ago

The way I like to think of it is this example. For clarity of explanation, let’s assume these ones are mutually exclusive. (IRL, they may overlap but need not be). Let’s assume the user wanting to increase privacy/security/anonymity is the ‘sender’, and the receiver is your threat model.

Privacy - you receive an unlabelled box. Upon opening the box, you can’t exactly tell what is in there, only something. There’s a receipt, but you can’t read it.

Security - you receive a box from a sex toys store. You try to open it, but it takes way too much effort, so you don’t bother.

Anonymity - you receive a box from a sex toy store. Upon opening it, you only find a sex toy, but don’t find a receipt.

Bad practice would be to receive a box, clearly labelled as from a sex toys store (and it also is a sex toy). It’s easily opened and you find a receipt telling you who ordered it.

Good practice is that you receive an unlabelled box, can’t open it, and if you somehow managed to open it, you don’t find a receipt. At most, you’d find there’s something in there, but what?

Would that be a good illustration?

doodoo_wizard@lemmy.ml · 13 hours ago

I found that very confusing but I’m not very smart so that’s not a judgement to set your watch by.

Privacy is who can see or hear you, security is how protected from an adversary you are, anonymity is if people know who you are when you’re being seen or heard.

Open bathroom window facing the street is a privacy issue. Unlocked front door is a security issue. Uncovered face or tattoos or whatever when out in public is an anonymity issue.

lyralycan@sh.itjust.works · edit-2 14 hours ago

bitcoin isn’t cheap

Well, you dont have to buy whole digit BTC (or any other cryptocurrency), you can convert like €50 into the wild and sketchy world of unstable currency which will be around 0.0026436362 BTC, but is enough to cover the cost of the transaction. I’m not sure I recommend it, only that it’s technically not expensive because you’re still using the equivalent of your currency, with a transitional currency.

things like search that limits options

And you can self host SearXNG, metasearch engines are much easier to handle than search engines, and I believe they are private enough – no tracking or sign in data is communicated through each search API – but I do not know all there is to know.

ropatrick@lemmy.world · 15 hours ago

I guess when you pay with a credit card, theres limited information being shared. Taking things at face value, you are paying for a service that wont track you, see your data, give away your data etc.

Looking at it in terms of privacy vs. anon is a good way to look at it. If you want anonymity, you won’t be using a credit card I assume, unless it’s a throwaway you can top up. I imagine people who want full anonymity would be using stuff that’s more specialised and niche than the likes of Proton etc., likely FOSS stuff, home servers, services without login/registration.

Privacy is like a step away from anonymity in that regard I think.

bad_news@lemmy.billiam.net · 15 hours ago

I think the primary use of a paid Proton or similar situation is to deprive the advertising panopticon of that data, not the state beyond the point of even an executive warrant, much less judicial. Your confirmation email from your dentist inherently deanonymizes the recipient as you, so you wouldn’t want that to go somewhere anonymous, but you also probably don’t want to feed the ad data beast by sending that to Google. It’s no protection against the state, but the state can probably lean on your dentist if they care too much about when that appointment is, but using a Proton Mail combined with their aliases can deprive the private data brokers (who are the main source for low level ambient government surveillance) of a lot of information about you.