Right? It’s kinda nuts how much this quixotic prepper-style power fantasy permeates some parts of the Internet. Hell, even that strip is conceding the basic point that there will be a cabal of evil people digging for all their super-important secret files at some point.
Kinda makes you wonder what’s on their drive that they’re so concerned about being uncovered. I’m all for privacy as a right, but people don’t usually go balls to the wall on their computer security just to protect cat memes or tax documents. People won’t even assume just regular porn stuff. People will assume terrorist plots or sex crimes or stolen classified stuff. Idk, if my NSA agent cares enough to break basic security just to find out my porn search history, then I’m just thinking that that’s wasted tax dollars. I’m not that interesting.
Edit: I’m not saying don’t do simple encryption, I’m saying that putting up ten barriers and having paid services and using multiple vpns has drawbacks of cost and performance, so what are the odds that somebody would go to all the trouble for data that nobody would care about. If you saw a giant vault in somebody’s basement, you would assume there’s something interesting in there.
That was a long walk for a short drink of “I’ve got nothing to hide.”
I’ve got stuff I don’t want to be public, but at the same time I’m not going to spend thousands and thousands of dollars on security measures to protect it because it’ll probably never be required, and it probably won’t work anyway.
Having a pin code longer than four digits is probably more than enough to effectively deter the average cop, and they are all I am ever really anticipating interacting with, if at all. If I decide to take up terrorism as a hobby I may reconsider.
What is this setup that requires thousands and thousands of dollars to achieve encryption? It’s just typing ‘y’ and hitting enter during my install, if anything. It’s good general practice and the highest cost involved is a totally negligible effort to type an additional password in at boot. It’s not like we were talking about rigging up some crazy kill switch that somehow physically destroy your drives at a keystroke if you think the feds have shown up.
Anything that easy isn’t going to do anything. If you want actual security you would have to spend a lot of money for very little chance it would work
Uh, no. Almost everything you can do for logical security only requires free software. Something as easy as ticking the box “encrypt my drive” and putting in a good password when installing Ubuntu or whatever is about as easy as it gets and is LUKS2 (“actual security”, as far as at-rest data encryption is concerned).
Why did you feel the need to come into this thread and broadcast your opinion on something you know nothing about? Encryption is not made any less effective just because people made free tools to implement it easily.
It’s just math. It’s not a finite resource, and there isn’t “premium math” you have to go buy at the math store to make your encryption stronger.
I think what you’re driving at is partially true: for perfect security, it takes a lot of effort and you never know when there’s a zero day for your particular practice.
However, like the other commenter is saying, it’s easy to have better security than most. Heck, it don’t even require extra ongoing maintenance to have a healthy security coverage.
But not doing anything to increase your security is a bad choice. To me, it’s kind of like eating vegetables, if the average person would just do it a little more, we would all benefit.
Yeah I think those of us who go to extra lengths for security mostly do it because we can. Like any other enthusiast.
Kinda makes you wonder what’s in their bedroom they’re so concerned about being uncovered. I’m all for privacy as a right,but people don’t usually go balls to the wall on their bedroom privacy just to not be seen changing. People wont even assume just regular sex stuff. People will assume terrorist plots or a murder dungeon or your mom.
Privacy is privacy is privacy. There’s no need to justify it. Desiring it isn’t an indicator of any wrongdoing. The second you are okay with literally every aspect of your existence being completely public, and I mean all of it, is the second your statement holds any ground.
I get your example, and agree with the premise that “if you have nothing to hide…” is never a good argument, but if someone had security cameras surrounding/within their house, and 4 different locks on their bedroom door, and then a high quality safe in the bedroom, I would absolutely think there’s something more than sex toys in there. That’s still never a valid basis to search their stuff, but if there was nothing significant in there, that would feel odd.
I completely disagree. It may feel excessive, but my only thought would be “there’s someone who cares about privacy.” We only assume this stuff is weird because we’ve indirectly encouraged only weirdos to do these things. If we instead normalize it as just part of home security, like locking your doors, then it’s just another thing careful people do.
What if I find enjoyment in cryptography and privacy as a hobby?
fuck, he found out about my sex-toy safe
This is what we call Bias.
Great point and I agree. That’s why my door is locked, but not locked with 8 deadbolts, a security camera, and booby traps.
Climate activists are currently prosecuted as domestic terrorists in the US.
Encryption is there for protection against the state (who can’t easily drug you and beat you up for giving out a password).
Your false assumption is that basic security isn’t broken constantly and automatically for them to just browse the results of on a whim.
I explicitly go balls to the wall to protect my tax documents and cat memes, for a couple of reasons:
-
I am very passionate about the concept of “You shouldn’t have to have anything to hide to deserve the right to privacy.”
-
People should’t “poop with the door open” (to use a metaphor), so I keep my door shut.
-
Opinions and ideals can get people hurt if made public, and I want to protect both mine and those of the people i talk to (even if i don’t agree with them).
-
If everyone took their security and privacy this seriously, nobody would have to worry about some nonce assuming they were committing crimes just because they were protecting their right to privacy. I’m being just one more drop in the bucket.
-
Everything I use is encrypted as hell. What do I have inside? To be honest nothing. Just your usual stuff. But why the heck should I let someone to get into my fucking harddrive? No, let’s make it as difficult as possible for those assholes.
Having said that, I’m stuck multiple times by my own encryption. Lost the keys, etc. And in case something happens to me, no one can access my legacy or docs. That’s my only doubts. Moreover, I’m aware that it only protects my data at rest, while the PC is on, there are probably a zillion zero-days I’m not aware of.
if my NSA agent cares enough to break basic security just to find out my porn search history,
Police have regularly used their inappropriate levels of access to stalk and harass women they like. You may not be interesting to the government, but you could easily be interesting to a malicious actor who works for the government.
or Boeing QA report
Rubberhose (file system) Deniable encryption
https://en.m.wikipedia.org/wiki/Deniable_encryption
The notion of “deniable encryption” was used by Julian Assange and Ralf Weinmann in the Rubberhose filesystem (…) In cryptography, rubber-hose cryptanalysis is a euphemism for the extraction of cryptographic secrets (e.g. the password to an encrypted file) from a person by coercion or torture—such as beating that person with a rubber hose, hence the name—in contrast to a mathematical or technical cryptanalytic attack. (…)Encrypted stenography
Cwster
this is exactly the sort of thing you imagine in the shower to feel good about yourself
I imagine other things in the shower when I want to feel good ;)
Like compiling a kernel? Same!
Imagining that they’re hide&seek world champions because they’ve always won… when playing with imaginary friends.
If you guys don’t think the CIA can hack a Linux computer I’ve got a nice bridge you might want to purchase.
Whoa I love bridges. Which one? Where is it?
It’s br0
Someone told me there was a bridge sale going on, am I late?
Is it in balmore?
Arizona actually
Nah I bought that bridge last week.
I don’t want to buy the bridge, but I’m willing to donate to make the bridge open source, does that count?
Is this just taxes with extra steps?
what color is the bridge?
Transparent?
deleted by creator
There are two things you could be confused on, which is it? That the CIA can hack Linux or the bridge for sale?
Blob free capable computers are so old though. After trying one I don’t know how I survived that era without even using ssds. Before that how the hell did live with Pentium 2, 3, and 4?
Some of us had to install Windows XP SP2 and 4 on these machines. I made money just sitting in a room watching progress bars.
There was a lot less data to grind through.
Still faster than the 286 with math co-processor that I started with at home.
Can someone explain blob to me?
I’ll butcher the explanation so here’s the Wikipedia link: https://en.m.wikipedia.org/wiki/Binary_blob
Usually its the uefi/bios where its hardest to avoid
Ooohhh that! I just didn’t realize that’s what they meant.
doing it the right way
Like the feds would care about raiding the house because it was actually his parents’ lmao
“He lives with his family, so make sure you pack the dog gun.”
Buy a thinkpad x230 and install heads. Write protect the flash chip. Put nail polish on the screws and take high resolution pictures to ensure signs of tampering. Do NOT use a HDD or SSD. They have DMA so a malicious firmware could do a lot of damage, use of USB is preferred since they do not have DMA. Completely remove the microphone, sound card, webcam and the WWAN card from the laptop. Remove the fan to prevent binary acoustic data transmission. Replace the default wifi card with a supported atheros card. Disable wifi when not in use, preferably by physically removing the card. Make your own independent Linux distro from scratch. Most Linux distros value convenience over security and will thus never have good security. Your only option is to make your own. Use musl instead of glibc, Libressl instead of openssl, sinit instead of systemd, oksh instead of bash, toybox instead of gnu coreutils to reduce attack surface. Enable as little kernel modules as possible. Use a hardened memory allocator. Apply strong SELinux and sandboxing policies. Restrict the root account heavily to make sure it never gets compromised. Disable JavaScript and CSS in your browser. Block all FAGMAN domains in your hosts file. Monitor all network requests. Do not use a phone. Never speak near anyone who owns a phone, they are always listening. Never use any non-corebooted technology made after 2006. Never leave your devices unattended. Tape triple layer aluminum foil all around your room as tempest shielding. Type really quietly as defense against audio keylogging. Use ecc ram to minimize rowhammer and rambleed. Encrypt everything multiple times with various different encryption implementations. Compile everything from source. Use hardened compilation flags. Always read through the source before installing something if possible. Only use the internet when absolutely necessary.
