In case you want to help me raise awareness about institutional corruption on birdsite (repost, updated link):
A big thank you to Google and Facebook for protecting our data & democracy & sponsoring @CPDPconferences (Data Protection & Democracy) alongside other similar organisations like @apple, @bitsoffreedom, @EPICprivacy, @mozilla, @privacy_salon & @accessnow.
@aral I suspect the lack of tone of voice would cause the sarcasm be lost on anyone who doesn't notice the source. :)
@ricardojmendez Good. Let’s see how those organisations feel about how they are lending legitimacy to surveillance capitalists (some know of course, some do it on purpose… would be interesting to see which, if any, object and which, if any, take it up with the conference or drop their “moral” sponsorship).
@aral Not sure I explained myself. I'm not sure that if I merely re-tweet your bits, people will get the sarcasm intended. At least not without knowing both you and the conference.
@ricardojmendez Right and that’s the problem. But I just saw on your bio that you do privacy at Samsung so that’s really no different. Samsung is also a surveillance capitalist. I see that your team is throwing money at legitimate projects right now to associate yourselves but I also saw the sewer of surveillance that my S9+ was with its stock OS.
I don’t know you so I don’t know whether you really care about privacy or if this is just a job but Samsung is no different to Google, etc.
I really don't want to get into this "bashing company A", "defending company B", etc game. But recently I saw a blog from you where you defended Apple of being better then Google because they are mainly selling "real products" and not our data. Shouldn't be Samsung in the same category then? Or do I miss something?
@bjoern @ricardojmendez Yep, you’re missing the fact that you can sell products and engage in surveillance at the same time, which is what Samsung does and what Microsoft does. Samsung _could_ do what Apple does but it doesn’t. Also, it’s a very different type of company. Afaik, Apple was never making killing machines.
* Buy an iPhone
* Buy a Samsung phone
See the difference.
it is true Samsung has chosen to move closer to Google and surveillance tech, but they did sell off the military division in 2014, whereas Apple has joined a partnership with the Pentagon since 2015!
AFAIK none of the tech companies will turn down a lucrative military contract, although they might not shout too loud that they have got it
(mobile phones themselves are a development from 1980s battlefield radios)
I would probably suggest a refurbished iphone as that gets away from the price premiums of the new ones, but even then I wouldn't trust the thing 100%.
OTOH Samsung is likely no worse or no better than any other Android hardware manufacturer.
I've noticed a consistent pattern of devices (phones, computers etc) with more privacy friendly OS being €100-€200 more expensive than others.
I guess this is the market price of a persons data..
@aral I'm still not convinced that this justifies calling Samsung a "surveillance capitalist". I think you over simplify it here. First they have way more products then their smartphones and second it is quite likely that they didn't chose Android because they want to spy on users for Google or for themselves. Anyway...
I’m very confused how you’re on the board of FSFE and a co-founder of @nextcloud and you’re defending Samsung.
I just can’t understand it.
But yes, let’s leave it be. I must have been mistaken about certain things. (Happens all too often.)
@aral @bjoern @ricardojmendez I'm sorry but if you're going to have this discussion: Apple is no better than Samsung or even Google. The argument that "Apple sells products, not data" is old. To follow-up on your test: At least the Samsung phone gives you the choice of app store & firmware (theoretically) - Apple does not.
@noorul a proprietary platform that seamlessly forces you to use in-house services? No. Half of iOS functionality depends on Apple's Cloud.
@aral @noorul you either failed to read/understand my comments or are blinded by Apple's marketing. So, if it's up to you, we'll all go out to buy $1200 iPhone's and $3000 iMac's and instead, store all our data on iCloud. Fantastic. Have you ever bothered to check, what your MacOS is doing in the background? I guess not.
"Sheikh Tamim, senior Turkish official and activists among hundreds whose iPhones were hacked, Reuters reports." https://www.aljazeera.com/news/2019/01/uae-spying-tool-target-qatar-emir-rivals-190130110759231.html
Maybe we should have another look at Nokia phones?
@noorul @aral Apple used to make fantastic hardware and I've been using (and recommending) Macs as long as I can remember. However, at the same time, I make no secret of the significant shortcomings and issues with Apple-made products.
Security & Privacy is definitely not something, I'd recommend an Apple for.
@aral @noorul @franz
OOTB, Android is extremely insecure by design, and Apple wins hands-down. But LineageOS is a version of Android that's been modified heavily to solve that problem. It's Android without spyware and bloatware. OOTB, it doesn't even come with any Google apps or services. Then there's Micro-G, an open-source and privacy-respecting version of a good chunk of that stuff. With LineageOS and Micro-G, you can have a pretty complete replacement for Android.
@ASIC that iOS is more secure than Android is an illusion. Ask all those young people and journalists, that are now sitting in jail, or have been tortured because their iPhone 'betrayed' them. The danger is, that people / journalists actually believe that iOS is more secure. Your phone, any phone, is an open book.
@franz @ASIC @noorul What’s dangerous is perpetuating a false equivalency between two very different systems without reference to any sort of threat model. There is no such thing as secure or insecure. There is secure according to your threat model. And different products, made by different teams, with different business goals and corporate cultures have different privacy and security characteristics.
Perhaps the most dangerous privacy/security myth is “they’re all the same.”
@chidgey @aral @noorul @franz
Unfortunately, most folks don't give a damn about their privacy anymore.They generally fall into one of two camps: A) They believe the lie that "there's no privacy anymore" - so they figure it's just a waste of time and effort to try to avoid what they view as inevitable, or B) Think it's too much work to maintain any kind of privacy.
@chidgey @aral @noorul @franz
Just look at what you have to go through with LineageOS. For starters, you have to scour the wiki for hours to find out which phones are the most recent and then choose from them. And if that wasn't enough, you have to go through what to most people seems like a lot of technical work to get it installed by yourself - not at the carrier's store by someone there.Most folks want to be able to just go down to the carrier's store, pick a phone and be done with it.
@chidgey @aral @noorul @franz
And when they look at the selection of phones available for Replicant, they're really not going to be interested, since Replicant mostly just supports phones that are around 10 years old. Fortunately, LineageOS supports phones as recent as last year - sure, not super-recent, but better than Replicant. Sure, LineageOS uses proprietary drivers, but I think it's worth it to have a more recent phone.
@albert @franz @ASIC @noorul @chidgey Oh, that’s awesome, had never heard of Fairphone before. Can you please send me a link to where I can order the phone with LineageOS or Ubuntu Touch + privacy-respected services pre-installed?
(And yay, I hadn’t realised the problem had been solved. Woohoo! We can all retire now.)
Sensing some sarcasm there...but going to ignore it for the time being. I am using Android (LineageOS ATM) for a few reasons. A big one is that it doesn't force me to use either Windows or buy an MacOS device. I can use Debian and sync all my stuff (mainly music) easily. Although I assume Android does have multiple phone-home "features" included, I am using it without GApps, I assume a minimum on data is captured by Google - 1/4
a few years ago in USA Apple had independent repairers in USA busted by ICE officers because of "intellectual property violations", they have also worked with the predecessor of ICE in the 1980s to stop Apple II clones reaching the market..
@aral @ASIC @noorul thread model, marshmallow butter. The west really loves buzzwords. We're all at risk - you don't have to be a journalist, activist or politician, to become a target. Whatever you say today, could be reason for your tomorrow's execution.
So if your "thread model" is a 5 year old, trying to "hack" your iPhone - you're safe. Maybe.
@franz @ASIC @noorul There’s no use having a discussion about security if you’re going to poo poo the core tenet of good security (threat modeling). Yes, we’re all targets. But we’re not targeted by the same adversaries. And yes, some of those adversaries have overlapping interests. But that doesn’t make them identical.
We use a threat model precisely because it tells us what a system doesn’t protect you against as much as what it does.
This is my personal Mastodon.