freedom.press, also the firstlook/intercept...
Lodewijk andré de la porte
l at odewijk.nl
Sat Oct 3 15:24:15 PDT 2015
2015-10-03 0:01 GMT+02:00 Shelley <shelley at misanthropia.org>:
> Using one of those file hosting sites provides a greater level of
>> convenience. Perhaps so much greater that without that level of
>> convenience
>> it would hardly be possible at all.
>>
>
> I'm surprised to hear that come from you. I've never used a cloud backup
> and the most I've ever lost is a day or two's worth of data/ media. I have
> redundant backups. It's not difficult (it truly isn't, I'm not trying to
> be snotty.)
*possible at all *for them*
I'm trying to argue we need more convenient + secure
services/applications/workflows/etc. because apparently security wasn't
worth it for the reporters.
I'm also aware of the exceedingly detrimental effect copyright law has had
on general filesharing. Somehow information controls, huge dangers to
freedom of speech, are permissible because ideas aren't free but instead
licensable at owner's whims.
Reg backups - I think you have a far better way of managing things than I
do. It was actually on my mind to fix within the week (earlier if I'd have
found a client-side-crypto-cloud-backup-thing). There's no excuse really -
I just kept delaying it because I never /actually/ lost data before (I
always had a backup somewhere). I've never been very systematic about it
and it feels totally off that it isn't already automated in our operating
systems. (/vent... losing data hurts)
> The consumers don't care to invest in
>> security very much, in fact, hardly at all.
>>
>
> Do you mean the same lusers who broadcast the fact that they're on
> vacation all over Failbook, post photos with GPS enabled and are then
> surprised when their home is burglarized?
I mean so many of them that we do not have much security now. (btw:
geotagging is cool, it's bad for security, but so are all pictures)
> * full disk crypto is not a thing in androidland ;(
>>
>
> Sadly, it's not a "thing" anywhere right now. Not when EC has been
> intentionally weakened, etc. Hell, even if crApple did have true full disc
> encryption, I wouldn't use their closed source crapware.
I actually lost (a test server's) data before because I crypted it and
locked it up - and forgot the horrendously complicated extra-long passkeys.
Since then I opt for something easier to remember/derive, because
everything else is detrimental to security. Making physical notes means
"import sec.physical" which is a foolhardy proposition.
> tl;dr: javascript could be fine if we'd have secure software - as it is
>> HTML/CSS/images/videos/etc are all also dangerous. Top level security
>> seems
>> (and often is) useless - therefore we don't really have it (even when we'd
>> like it so very much) unless we keep ourselves from essential features.
>>
>
> "Essential" is very much a subjective term. I don't mind most of my web
> browsing experience looking like plaintext (in fact, I much prefer it.)
> However, I understand most people do not want to use the web in that way.
> We all make concessions we consider acceptable, sacrificing
> privacy/security for convenience. I'm guilty of it, too. Anyone with a
> smartphone and a credit/debit card is as well.
It makes you slower. Incompatibility makes you slower. Slowness makes you
irrelevant. Slowness equals failure. (depending on how much slower you'll
be, of course) I say this because it sometimes seems strategically so.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 4976 bytes
Desc: not available
URL: <http://lists.cpunks.org/pipermail/cypherpunks/attachments/20151004/724c5992/attachment-0002.txt>
More information about the cypherpunks
mailing list