[HN Gopher] Escaping surveillance capitalism, at scale
___________________________________________________________________
Escaping surveillance capitalism, at scale
Author : thibaultamartin
Score : 192 points
Date : 2024-01-18 16:14 UTC (6 hours ago)
(HTM) web link (ergaster.org)
(TXT) w3m dump (ergaster.org)
| martinbaun wrote:
| This is so true and one of the reasons why (shameless plug coming
| in) I made our project management tool Goleko.com able to self-
| host without any connection to our main servers.
| stcredzero wrote:
| It seems to me, that the Starlink 10GBit connection is almost
| designed for someone to put a server farm aboard a ship that only
| sails in international waters.
|
| Re: Escaping Capitalism
|
| I've encountered the communal experience which feels magical,
| like "everything is made out of love." Here's the thing about
| that. Scale matters. Alignment of incentives matter. The communal
| experience is going to start breaking down at around 450 members
| or so.
|
| The old Inca empire was an example of a large scale political
| organization which apparently worked. However, it also seems
| likely this also involved the killing of those who didn't
| cooperate.
|
| Perhaps superintelligent AI will enable an alternative to
| Capitalism, as envisioned in Ian M. Bank's _Culture_ books?
| robertlagrant wrote:
| As soon as we are post scarcity, we don't need capitalism any
| more, as capitalism is just a resource allocation mechanism.
| Til then, we probably do!
| ta1243 wrote:
| We've been post scarcity for "IP" for decades. The cost of
| making 1 copy of Barbie the Movie is the same as 1 billion
| copies.
| robertlagrant wrote:
| Well, copying and pasting has been made easy. But making it
| is still hard - lots of resources to allocate there.
| ta1243 wrote:
| Making the first requires resources. Making a billion
| copies doesn't.
|
| Same in a world with a star trek replicator. Making the
| first steak dinner requires resources, making the next
| billion doesn't
| robertlagrant wrote:
| As I say, copying and pasting has been made easy.
| persnickety wrote:
| We're post-scarcity regardig digital goods. It seems we might
| not need capitalism for those goods any more, but it's still
| sticking there.
| margalabargala wrote:
| We aren't, not yet, because those digital goods still have
| an initial creation cost. Digital goods that people consume
| are made by people.
|
| Yes, they can be copied infinitely for free, but we're only
| "post scarcity" if we never make anything else new.
|
| With the advent of generative AI, we might just barely be
| starting to be post scarcity in a couple narrow fields.
| persnickety wrote:
| I'll bite: we're post-scarcity for a lot of digital items
| that are useful tools. Goods we need but don't have
| exist, but I'm not even sure if they are the majority.
| Existing music, videos, books cover a whole lot of what
| humans might want - originals are the outcome of research
| needs (niche) and trends (not niche). Existing software
| tools are similar: new ones are needed to push boundaries
| (niche) or mostly as a response to a changing legal
| landscape (less niche).
|
| On top of that, significant amounts of stuff are created
| out of an internal need, and would get created
| regardless.
|
| One thing I'm sure about is that we're post-scarcity in
| historical items, and we're nowhere past capitalism
| there. Indeed, preservationists are hitting roadblocks
| all the time.
| margalabargala wrote:
| You know, that's a fair point. I think there's a great
| argument to be made that FOSS software in particular is
| essentially post scarcity.
|
| I'm not sure I'd say we're "post scarcity" for books and
| other digital goods though. Sure, we have all the books
| written until now, but I think there's an argument to be
| made that a huge part of the utility of books is that
| they are produced in near-real-time to discuss, address,
| and reflect thecurrent state of society. As our society
| grows and changes, books featuring the issues of the days
| will always be desired. This falls into the "trends"
| category you mentioned, but my point is more that I think
| it's larger than you described.
| robertlagrant wrote:
| Volunteerism isn't "post-scarcity". If you're fed and
| watered by providing value in a capitalist system, and
| choose to spend your spare time volunteering, that's
| great, but it's nothing utopian. Volunteerism is a free
| choice of work in exchange for a price of PS0. That's
| regular old capitalism at work.
|
| If you could just generate energy out of the ether and
| use it to materialise food and anything else you might
| want, for example, that would be post-scarcity.
| persnickety wrote:
| I insist that it still is post-scarcity if you would
| provide the same or greater (equivalent) value regardless
| of the system.
|
| While your definition might be elegant, it's too strict
| to foster a useful conversation.
| nightski wrote:
| You can't look at one area of the economy in isolation.
| It's all intertwined. The people creating digital goods
| still need food, shelter, and housing. Things that are not
| post-scarcity.
| stcredzero wrote:
| _As soon as we are post scarcity, we don 't need capitalism
| any more_
|
| If you compare agriculture 1000 years ago with agriculture
| today, we're already in post scarcity. I suspect the game
| theoretic mechanisms will keep it going for awhile yet.
| skeeter2020 wrote:
| As society levels-up, the definition of scarce will
| continually expand as we confound wants with needs. I'm not
| sure how in a world of infinite wants you can "out-
| technology" resource demands.
| orthecreedence wrote:
| I don't know if we are post-scarcity. Our inputs to
| agriculture (lots and lots of fossil fuels) are not post-
| scarcity in any sense. Multiply by the scale of humanity
| and it's difficult to argue we're post-scarcity in
| agriculture. We might have more food than people to feed,
| but that doesn't mean if nothing changed we'd be able to
| sustain our level of production.
| stcredzero wrote:
| _Our inputs to agriculture (lots and lots of fossil
| fuels) are not post-scarcity in any sense._
|
| Yes, but our levels of productivity per-farmer would look
| like utter Sci-fi to a medieval peasant, if they had a
| notion of Sci-fi.
|
| Also, by these standards, 1st world societies are fantasy
| lands, where the even the poor are fat, and have magical
| machines to keep food fresh, deliver music and
| entertainment, wash clothes and dishes. (Not all, but
| still.)
|
| What we posit today as post-scarcity, will likely just
| move the goal posts for scarcity.
| bluescrn wrote:
| Post-scarcity can't really happen on a very finite planet
| with a huge and growing population.
|
| Even if we had fully-automated systems providing plentify
| food and water, we'd need some ssytem, likely capitalism, to
| distribute still-scarce luxuries (e.g. beachfront property)
|
| And if we had total post-scarcity (effectively infinite
| energy and Star Trek style energy-to-matter replicators),
| we'd just be fighting over scarce land as everyone fills up
| all the space with replicated junk.
| orthecreedence wrote:
| Post-scarcity just means the rate of use is less than the
| rate of renewal for all used resources. In a sense, hunter-
| gatherers were "post-scarcity." The challenge is supporting
| our modern quality of life at our scale of population. I
| think enormous strides would need to be made (fusion energy
| + matter synthesis, ie Star Trek replicators) in order to
| achieve post-scarcity on a long enough timeline without
| changing any of the other parameters.
| robertlagrant wrote:
| Well, not just that. Not everyone can have a house on the
| beach. How do you allocate that resource?
| orthecreedence wrote:
| Ehhh, that one's self-regulating. Have you seen what
| happens to houses next to the beach? They disintegrate at
| alarming rates. Maintenance is a nightmare.
|
| That said, removed from market forces, there a lot of
| ways to allocate housing, such as some form of segmented
| lottery or waitlist.
| robertlagrant wrote:
| Maintenance isn't a nightmare in a post-scarcity world.
| r14c wrote:
| More accurately, Capitalism is an ownership model. People
| like to retcon all forms of market-based commerce as a kind
| of "proto-capitalism", but that makes it hard to talk about
| Capitalism as a distinct economic system. The main defining
| feature of capital markets is their use of private property
| as a tool for extracting profit from a market system. There
| are useful and socially positive applications for capital,
| but Capitalism places profit above all other concerns because
| extracting profit is its function. Capitalism was born in
| feudal Europe, and grew up during the colonial period and is,
| factually, only 500 years old or so at most. Markets have
| existed all over the world for literal thousands of years.
| Capitalism tries really hard to pretend like they invented
| something, but there's far more choice and affordability in
| the free markets around the world than anything that has been
| enclosed by the american financial system.
|
| Then again, I don't subscribe to the notion of capitalist
| realism. Aside from the exported violence used to impose and
| sustain it, the model is flimsy and constantly in crisis.
| failbuffer wrote:
| We'll never be post-scarcity because humans can never reach a
| state of sustained satisfaction.
| ineptech wrote:
| > a server farm aboard a ship that only sails in international
| waters.
|
| How would this help? If the server software is actually
| trustworthy and the connection to it is e2ee then it really
| doesn't matter where it runs. And if it isn't, this kind of
| setup protects whoever owns it more than whoever rents space on
| it.
| chatmasta wrote:
| There's something really cool about adding servers to a borg by
| tossing them into the ocean. Imagine a solar powered buoy with
| some compute and storage, with full connectivity to the
| internet, just floating around in the ocean. And then imagine
| millions of them all collectively forming a decentralized
| cluster.
|
| Maybe it's just me, but I think that'd be awesome! The limiting
| factor is power efficiency and battery tech. Of course
| maintenance would be a problem, but not with fault tolerant
| clustering designs. And there's the ecological issues of
| tossing hardware into the ocean, but at least there's no need
| for a cooling system...
| CYR1X wrote:
| Wait, the paid tier of a service that has a free tier almost
| never means they're stopping data collection at the free tier of
| users. This article seems to confuse that with switch to a
| different service provider that is paid only.
|
| It then goes into self-hosted, but wait why don't you just pay
| someone to self-host for you?
|
| Bad article.
| dangus wrote:
| Yeah, there's a huge difference between (e.g.) ProtonMail and
| "the new" Outlook.
|
| Some companies sell their privacy policies as a feature. The
| issue is that a lot of customers don't really care about that
| feature and there's no strong regulation to protect them.
| AJ007 wrote:
| The problem is avoiding "surveillance capitalism" or even
| generally "privacy" isn't a selling point for the mass
| market.
|
| Things which matter to people:
|
| - Do you like moderators in a foreign country being paid $2
| an hour reviewing your personal photos?
|
| - Do you agree that your personal messages to a friend can be
| retroactively edited if you sent something that was
| "disinformation"?
|
| - Would you like files on your computer's personal hard drive
| copied in to a commercial cloud service and deleted locally
| because you accidentally mis-read or mis-read on a single
| pop-up message?
|
| - Would you like to read advertisements and news articles
| when launching your favorite application?
|
| - Would you like those ads and news articles to become more
| invasive over time based on which ones you looked at last
| time?
|
| - Would you like the owners of the app store you purchased
| your favorite app from make more net profit from the sale
| than the developer who built it?
|
| - Would you like your favorite app to run differently than it
| did yesterday, without choice or warning?
|
| - Would you like your favorite app to no longer be usable or
| downloadable because development ceased?
|
| Even someone who broadcasts their personal life publicly,
| with strong signals of their wealth and where they will be to
| rob or kidnap them, will have issues with things in this
| list.
| pmontra wrote:
| All of those points are unknown unknowns or minor
| inconveniences to all of my non technical friends except
| these two:
|
| > - Would you like files on your computer's personal hard
| drive copied in to a commercial cloud service and deleted
| locally because you accidentally mis-read or mis-read on a
| single pop-up message?
|
| A friend of mine was bitten by this and One Drive (is that
| the subject, right?) is really difficult to understand and
| get right. I had to configure it on a server of a customer.
| We needed a remote share and it does not behaves like that.
| Nobody expects it to work in the way it works. There is
| something wrong in all of its design and UX.
|
| > Would you like your favorite app to no longer be usable
| or downloadable because development ceased?
|
| Another friend of mine is keeping her very old phone alive
| because it's the only way to operate I don't remember what
| (heating?) The app does not work with both new Android and
| new iOS (she has both) so she has that old phone at home in
| a drawer. I just refuse to buy anything that requires an
| app to work. I want physical switches, knobs and displays
| built into the device.
| AJ007 wrote:
| They are unknowns until they encounter them directly. As
| Apple and Microsoft receive their revenue growth from
| advertising and subscription services, they will all get
| worse and encountered more frequently by more users.
|
| I got a few 'what the fuck' messages from distant
| contacts when they discovered that Facebook modified or
| deleted messages, which they believed to be private. This
| drove significant growth in Signal (which probably was
| under or not reported.) I'm not sure if people don't
| actually care about privacy/security, or rather they
| don't really comprehend how this stuff works.
| JohnFen wrote:
| > The issue is that a lot of customers don't really care
| about that feature
|
| Another issue is that a lot of people simply don't believe
| what companies say in privacy policies, with some
| justification.
| gumballindie wrote:
| > Self-hosting, but as a service
|
| This is the way. As more and more ai is adopted, company and
| private data becomes more exposed. Businesses' intelligence
| getting stolen and shared with others is a no go for many
| rational business people. Self hosting is the way if you wish to
| keep your secrets. People too - you don't want your personal
| pictures, emails, and messages leaking into someone's prompt.
| JohnFen wrote:
| It's not the way for me. If I'm being hosted on someone else's
| machine, then I'm still at the mercy of some company somewhere.
| It's not "self-hosting" in any sense that has value to me.
| hnthrowaway0328 wrote:
| I wonder what if people start to send 10x garbage data.
| autoexec wrote:
| Surveillance capitalism doesn't care at all about the accuracy
| of the data that they have. There is literally no such thing as
| "garbage data" to data brokers. It's all just data, and all of
| it is valuable.
|
| That's why projects that claim to "pollute" your browsing
| history like RuinMyHistory, noiszy, adnauseam, and TrackMeNot
| are not only pointless but also dangerous.
|
| The data being collected about you will always be used against
| you, no matter if it is accurate or not. If your browser
| randomly browses to webpages that gets "this person is a
| muslim" or "this person is gay" added to your dossier it
| doesn't matter if it's true or not, when your next would-be
| employer or would-be landlord who hates muslims or gay people
| uses a data broker for "background checking" and sees that,
| you're not getting the job/apartment. They won't tell you why,
| you'll just be rejected/ghosted.
|
| If you're a 40 year old man, but your browser add-on convinces
| a data broker that you're a 34 year old woman seeking an
| abortion, that data can still cause you end up the target of a
| lawsuit in Texas and it will take a non-zero amount of time and
| money to clear that up.
|
| If someone in your zip code kills someone using a certain type
| of plant, or household cleaner/chemical, or medication and your
| add-on has been browsing sites about that thing, you can end up
| on the police's suspect list.
|
| If you only make $30,000 a year but your add-on searches for
| yachts and expensive jewelry often enough to convince a data
| broker that you've got tons of money then it doesn't matter
| that the data is wrong, the next time you try to book a hotel
| or order something online you can still be charged a lot more
| than you would have been charged otherwise.
|
| Handing extra fake data to people whose only goal is to use
| data against you is just handing them more ammunition. It
| doesn't matter if it's "garbage" to you, it's still something
| they can and will eventually use against you. You cannot know
| what will prejudice someone against you. The more data is in
| your dossier, the more opportunity there is that you'll meet
| the right (or wrong) criteria.
|
| No data broker is going to look over your dossier and see that
| there's inconsistencies and go "Damn it! This genius has ruined
| my data! Now I have to throw all this data away as it is now
| worthless!" They aren't even going to look over your dossier.
| They're going to get paid to hand over a list of people flagged
| as being 'X' and your name/address/identity will show up along
| with everyone else flagged as being 'X' even if your name gets
| pulled up again when someone else pays that same data broker
| for 'Y' which is the opposite of 'X'. The data broker gets paid
| either way.
| l33t7332273 wrote:
| > Surveillance capitalism doesn't care at all about the
| accuracy of the data that they have
|
| It's clear and obvious that they do. If the data was made up,
| they wouldn't be able to serve effective ads.
|
| > If you're a 40 year old man, but your browser add-on
| convinces a data broker that you're a 34 year old woman
| seeking an abortion, that data can still cause you end up the
| target of a lawsuit in Texas and it will take a non-zero
| amount of time and money to clear that up
|
| This situation would absolutely never happen, and I think
| it's blatant fear mongering.
| margalabargala wrote:
| > This situation would absolutely never happen, and I think
| it's blatant fear mongering.
|
| On the contrary, Texas in particular has gone out if its
| way to incentivize its citizens reporting other citizens
| for getting abortions. The law in that state creates an
| incentive for someone with the ability to do this, to do
| so.
|
| What's special about the situation in Texas right now where
| humans at large will not follow the incentives placed in
| front of them for the first time in human history?
| l33t7332273 wrote:
| > Texas in particular has gone out if its way to
| incentivize its citizens reporting other citizens for
| getting abortions
|
| That's true, but if you, a biological man, were sued for
| having an abortion, this would be immediately thrown out.
| Indeed, even civil suits with their lower standard of
| evidence require more than a simple search history from
| data brokers.
| Sponge5 wrote:
| Could you please specify the incentives you speak of? Are
| they material?
| ncallaway wrote:
| Texas has created a private right of action to sue for
| damages of $10,000.
|
| That is, if I know my neighbor performed an abortion, I
| can personally sue them, and get $10,000 (plus attorneys
| fees).
|
| So, the answer to your question depends on if you define
| $10,000 as material or not.
| autoexec wrote:
| > If the data was made up, they wouldn't be able to serve
| effective ads.
|
| The data being collected about you isn't about advertising.
| It's used for an ever increasing number of things that
| impact your real life including things like how much you
| get charged when you buy things, what services you're told
| exist or are eligible for, how long you get left on hold,
| what policies a company will tell you they have, and who
| will hire you. The data being collected about you can be
| used against you by police, or in courtrooms, and in
| custody/divorce hearings.
|
| Even when the data is used for advertising (along with scam
| attempts, the manipulation of your opinion, and political
| propaganda) "effectiveness" is a very uncertain thing. No
| one expects that everyone they target with a campaign will
| bite. The effectiveness and accuracy of targeted ads isn't
| exactly certain to begin with.
|
| > With just one parameter - gender - the data is only 42%
| accurate. That is less accurate than if you just did "spray
| and pray" with no targeting at all -- i.e. you would have
| still hit the right gender 50% of the time. With two
| parameters - gender plus age - the accuracy is down to an
| average of 24%. Some data brokers were far worse, with
| single digit percent accuracy. Third party profiling of
| audiences is so inaccurate, it's better to save your money
| and do "spray and pray" instead.
| (https://www.forbes.com/sites/augustinefou/2021/04/19/ad-
| rele...)
| lcnPylGDnU4H9OF wrote:
| All of these -- barring illegal discrimination -- are actual
| problems that will come to light when it turns out the
| information is incorrect.
|
| > If you're a 40 year old man, but your browser add-on
| convinces a data broker that you're a 34 year old woman
| seeking an abortion, that data can still cause you end up the
| target of a lawsuit in Texas and it will take a non-zero
| amount of time and money to clear that up.
|
| It will make the data broker look bad when the prosecutor
| finds out that they fabricated my abortion. It might be
| annoying and stressful for me but I'm sure I'll get through
| it. It seems like I would have the same response to
| everything except the illegal discrimination as mentioned. If
| this is the result of me running the extension, I only see
| upsides.
| timmytokyo wrote:
| Good luck trying to figure out why your rental or
| employment application was denied.
| autoexec wrote:
| > All of these -- barring illegal discrimination -- are
| actual problems that will come to light when it turns out
| the information is incorrect.
|
| If I need a hotel and the place I'm booking decides to
| change me more than they would have otherwise because
| they're mistaken about my finances, I'm still getting
| charged more. None of that comes to light.
|
| When a store tells me that their return policy is "next day
| only, with receipt" but they tell the next person in line
| it's "30 days no questions asked" all because their
| "consumer reputation service" told them I was unreliable
| when I'm not, I'm still stuck with their shitty return
| policy for "bad" customers. None of that will ever come to
| light.
|
| When my health insurance company jacks up my premiums
| because a data broker told them that I've been spending
| more time at fast food restaurants, I'm never told that's
| what happened, I just get a bigger bill. Nothing ever comes
| to light.
|
| When the police arrest me and question me because of my
| search history, _maybe_ the truth comes to light, but not
| without significant costs to me.
|
| Most of the time when people use the data that's been
| collected about you as a result of surveillance capitalism
| you have no idea that it even happened or why. You're just
| charged more money than you would have been, or you aren't
| offered opportunities you would have been given, or you're
| just rejected for something you wanted, etc. Nobody tells
| you why. There's not an investigation into how it happened.
| There is no transparency and there is zero accountability
| for errors.
|
| > It will make the data broker look bad when the prosecutor
| finds out that they fabricated my abortion.
|
| When have you _ever_ heard of a data broker taking a huge
| hit to their reputation because they have inaccurate data?
| It doesn 't happen. What data broker has a great reputation
| in the first place? Everyone using data brokers knows that
| the data is not 100% reliable. It doesn't matter. It's
| usually just a numbers game. Even when it's only for an
| advertisement, they know that not everyone they're
| targeting is going to buy something. That doesn't matter to
| them as long as some percentage does.
| ryandrake wrote:
| Do we know whether any of this stuff is actually
| happening, in reality, to actual people, based on some IP
| address's history of clicking ads? Any concrete examples
| you can link to?
| autoexec wrote:
| Data brokers get their information from all kinds of
| sources. There is no complete breakdown on where it all
| comes from in every instance that the data is used, part
| of the problem with surveillance capitalism is that there
| is zero transparency and near zero accountability, but
| yes, data brokers do collect your browsing history and
| that includes what ads you view/click
|
| As for examples of that data being used "in reality, to
| actual people" you might find some good info in these
| links:
|
| Employers and landlords using data brokers for
| hiring/rental decisions:
|
| https://nypost.com/2022/12/20/how-employers-spy-on-your-
| sear...
|
| https://privacy.com/blog/what-are-data-brokers
|
| https://www.ftc.gov/news-events/news/press-
| releases/2014/04/...
|
| https://www.fastcompany.com/90269688/high-tech-redlining-
| ai-...
|
| Health insurance companies:
|
| https://www.npr.org/sections/health-
| shots/2018/07/17/6294415...
|
| https://www.cbsnews.com/news/the-data-brokers-selling-
| your-p...
|
| Police:
|
| https://www.newamerica.org/oti/articles/how-data-brokers-
| and...
|
| https://www.nbcnews.com/news/us-news/google-tracked-his-
| bike...
|
| https://cdt.org/wp-
| content/uploads/2021/12/2021-12-08-Legal-...
|
| https://www.eff.org/pages/atlas-surveillance
|
| Store prices, return policies, and hold times:
|
| https://www.cnet.com/tech/services-and-software/mac-
| users-pa...
|
| https://www.nytimes.com/2019/11/04/business/secret-
| consumer-...
|
| Keep in mind that this is a rapidly growing space. Travel
| sites, retailers, even grocery stores have been looking
| into how to use this kind of data to set the prices of
| their goods on an individual basis to make sure that they
| can squeeze as much money out of you as possible. The
| main thing holding them back so far is that consumers
| view discriminatory pricing as unfair, but they've been
| working hard for a long time to change that view. If you
| happen to find a place that requires you to scan a QR
| code to see prices or get a menu, you might want to check
| with the people around you to make sure everyone is
| paying the same price.
|
| https://link.springer.com/article/10.1057/s41272-019-0022
| 4-3
| irq-1 wrote:
| > when your next would-be employer or would-be landlord ...
| uses a data broker for "background checking"
|
| Knowing an SSN (US Social Security Number) was used like a
| password by banks and all kinds of organizations, but not
| anymore. Things change, albeit slowly, when society
| acknowledges mistakes. All of your examples rely on the data
| buyer trusting its accuracy. If enough people pollute the
| data, then it'll have no value. The data brokers won't be
| able to sell it because society will know that its garbage.
| autoexec wrote:
| > All of your examples rely on the data buyer trusting its
| accuracy.
|
| Pretty much everyone knows that the data is filled with
| inaccurate information. As much as 40% of it may be wrong
| (see https://joindeleteme.com/blog/incognito-
| september-2023-data-... for more info).
|
| The vast majority of the time, the people buying the data
| know it isn't 100% accurate and they also don't care.
| They're usually not looking at individuals, they're looking
| at large groups of people who (probably) meet whatever
| criteria they've set. If they get it wrong a bunch of times
| who cares as long as the other times it works. Better than
| chance is good enough for them.
|
| Data brokers can always count on there being some people
| who are misled into thinking that their data is far more
| accurate than it is. They're trying to convince everyone
| right now that AI is the golden solution that makes them
| super trustworthy compared to their previous failings.
| Tomorrow it'll probably be "quantum something" or "super
| surveillance" or some other gimmick. They really don't have
| to care. They'll always be able to sell their stuff.
|
| Data brokers will always have the police and the government
| buying up their data too because the government is happy to
| just suck up everything they can and will figure it all out
| later. They aren't concerned with accuracy either. That's
| how people get arrested for just riding their bike past
| houses that got robbed. They can make all the mistakes they
| want and it doesn't hurt them any, even when it's a huge
| problem for the people caught up by lazy policing.
|
| I promise you that no browser add-on is going to collapse
| the targeted ad industry or bring an end to surveillance
| capitalism. Giving people more data to use against you is a
| bad idea.
| teeray wrote:
| If the accuracy of the data are not intrinsic to their value,
| then data brokers could literally just manufacture data. "Is
| this person X?" _flips coin_ "yes!" Who are you to say
| otherwise? We have a vast network of blah blah data sources
| and advanced AI inferencing. They would absolutely do this if
| they could get away with it because it is _dramatically_
| cheaper.
|
| Targeted ads exist. People find them "creepy," which implies
| that they are targeted based on factual data. Therefore, we
| know that data brokers are taking the more expensive route
| and collecting factual data (or striving to). They would not
| do this without a profit motive. Perhaps their data are being
| compared with a competitor's to enforce quality... we don't
| really know. But we know that they value the quality of their
| data because their customers do. Consequently, it must be the
| case that deliberately polluting their data devalues their
| product and erodes their business model over time.
| autoexec wrote:
| > If the accuracy of the data are not intrinsic to their
| value, then data brokers could literally just manufacture
| data. "Is this person X?" flips coin "yes!" Who are you to
| say otherwise? We have a vast network of blah blah data
| sources and advanced AI inferencing. They would absolutely
| do this if they could get away with it because it is
| dramatically cheaper.
|
| Yes they could, and I suspect that some actually do stuff
| dossiers with total fabrications. The accuracy of the data
| being collected and the targeting itself is known to be
| very questionable(see
| https://joindeleteme.com/blog/incognito-
| september-2023-data-... and
| https://www.forbes.com/sites/augustinefou/2021/04/19/ad-
| rele... and https://news.ncsu.edu/2022/03/new-study-
| reveals-why-facebook... and
| https://www.forbes.com/sites/augustinefou/2021/05/05/why-
| is-...) and I don't know a single person who feels like
| every ad they see is relevant to them.
|
| Measuring the effectiveness of advertising has always been
| difficult. Targeted ads can be very effective at times, and
| at others do no better (or worse) than chance. The many
| clear failures of targeted advertising hasn't hurt the
| industry though and it isn't likely to either. Now
| companies are advertising AI as the new thing to increase
| their accuracy. How well that works for them remains to be
| seen.
| smeej wrote:
| I really thought this article was going to offer a _solution,_
| not just enumerate the problems. I 'm already all too familiar
| with the problems.
|
| I like what Umbrel[0] is doing. They're essentially expecting
| that just like computing was able to move from centralized
| mainframes to homes, servers are poised to make the same
| migration.
|
| I think they really need to solve redundancy, though. If I'm to
| self-host anything important on a home server, I need to know
| I'll have some way to use it even if my home server fails,
| especially if I'm not at home when it happens.
|
| I'd love to see some kind of system where I could partner up with
| other Umbrel users for backups/the ability to restore
| connectivity. If I knew that in an emergency, I could call my
| friend in town or my brother out of state and there was _some_
| procedure that would allow me to connect to an encrypted backup
| of what I 'm needing, I would feel a lot better about taking
| responsibility for my own system.
|
| [0] https://umbrel.com
| pcstl wrote:
| Is Umbrel just actually usable Urbit? [0]
|
| [0] https://urbit.org/
| smeej wrote:
| No, I don't think so. I think it's closer to "a plug-and-play
| computer for self-hostable apps, running locally, with most
| things configured so you're reasonably secure and you don't
| have to guess about everything."
| cabalamat wrote:
| > I think they really need to solve redundancy
|
| They could offer a service that backs up your local Umbrel
| server to their central servers. This would provide reassurance
| that your data is backed up, and give them a revenue stream.
| cl3misch wrote:
| Or an append-only, E2EE backup to another Umbrel at e.g. your
| parents house?
| pants2 wrote:
| Running servers at home is surprisingly easy, especially if you
| have a good ISP. With AT&T Fiber, you can get 5Gbps symmetric
| internet with dedicated IPs at $3/mo each. With a few
| threadripper servers and a basic UPS and you have the setup for
| a real serious home datacenter. I just haven't solved the off-
| site data backup part of it, yet.
| ebb_earl_co wrote:
| Where are you that that level of connectivity is available!?
| agilob wrote:
| My take on it: It doesn't really matter at that level tbh.
| I used to chase that level of connectivity until covid
| happened. I was working from home on am ADSL with 37mbps
| download, 10mbps upload. I didn't use much internet at home
| before 2023 so I always had the cheapest broadband plan.
| Then I started WFH and the same for my partner and I had a
| homelab. My ISP offered me 150mbps for just PS3 more per
| month, and then I realised... I don't really need it? I was
| just fine with the same broadband plan from 2015. I changed
| my location a few times, taking my homelab with me, I moved
| cities and countries, I'm still using the same DDNS service
| and as long as my 80 and 443 ports are open, I can transfer
| anything at any time to and from my network. It's 2023 and
| I'm still using the cheapest plan my ISP offers, the same
| hardware since ~2018 and I'm just fine with that. I run
| k3s, a few docker services, network-wide adblocker,
| monitoring in grafana and many more etc. Everything works
| just fine.
|
| Don't fall into the meme that you need IBM or HP server
| class hardware and 5Gbps fibre to run a homelab. I used to
| have IBM 3650x with +200Gb of RAM that I sold and bought 3x
| RPi4. I'm currently backing up 600Gib from my other
| servers, and it's completely fine that it will take a few
| days and nights -\\(tsu)/- It's a hobby, I'm not paid for
| it, I'm not paid to maintain 99.999%, it's OK if it's not
| the best shit on /r/homelab
| BrianHenryIE wrote:
| I just looked it up and it's available for me in Sacramento
| for $225/month
|
| > Single-device wired speed maximum 4.7Gbps.
|
| https://www.att.com/buy/broadband/availability.html?product
| _...
| agilob wrote:
| Two things I want to try this month are:
|
| https://mastodon.social/@chromakode/110936177254839251
|
| https://rsnapshot.org/
| gumballindie wrote:
| If your ISP is not reliable then a VPS or dedicated (budget
| permitted) are good alternatives. Install docker, and an
| office suite, file manager, pihole, and you're good to go.
| Takes minutes. No need for thread rippers either. Mine's a
| low spec nuc alternative. Does wonders.
| l33t7332273 wrote:
| Minutes is a big stretch if it's your first time.
| gumballindie wrote:
| All it takes is docker compose up -d. But yes, it can
| take even hours if there's no prior experience. Worth the
| cost I reckon.
|
| Edit: turns out umbrel is even easier to install. Suppose
| that and a trusted remote webdav install will serve most
| storage and file management needs.
| l33t7332273 wrote:
| I agree that the steps themselves are quick, but figuring
| out what all needs done is the tricky bit.
| baby_souffle wrote:
| > especially if you have a good ISP.
|
| So almost nobody in the US or Canada then... I get 800/20 for
| ~140/month, including the $30/month fee for "unlimited" data.
| My other choices are starlink or DSL which are a fraction of
| the bandwith or speed.
|
| I self-host everything that's "home-only" at home but use
| syncthing, rsync and a few other thing to replicate important
| data to a mix of S3, backblaze, google drive and some PVs
| attached to a hosted k8s cluster.
|
| It works well enough.
| doubled112 wrote:
| Canada is vast, and it definitely causes pain, not that I'm
| excusing it for the ISPs.
|
| A Bell 1.5Gbps/940Mbps FTTH connection is $120 without a
| deal if you're in an area it is available, but then you go
| three blocks down the road and all you can get is a 300/30
| cable connection for $90.
|
| A little further down that road, and maybe only DSL or
| Starlink is available.
| JohnFen wrote:
| > I just haven't solved the off-site data backup part of it,
| yet.
|
| My solution to this is to partner up with a couple of good
| friends who also run their own servers. We all hold backups
| for each other.
| pmontra wrote:
| The real solution is in the last section "Beyond tech". Don't
| hold your breath though.
|
| The only viable solutions today are true self host or what they
| call self hosting as a service, by selecting a trusted
| provider. However all the big names in tech were trusted
| providers at some point of their history, so good luck with
| that.
| RussianCow wrote:
| > I'd love to see some kind of system where I could partner up
| with other Umbrel users for backups/the ability to restore
| connectivity. If I knew that in an emergency, I could call my
| friend in town or my brother out of state and there was some
| procedure that would allow me to connect to an encrypted backup
| of what I'm needing, I would feel a lot better about taking
| responsibility for my own system.
|
| I'm working on self-hosting my own "personal cloud" (NextCloud
| with a few other services), and I strongly debated just getting
| an Umbrel, but this is what kept me from doing so. Instead, I'm
| going the DIY route with two machines, one in my house and one
| at my parents', and we're each going to have data replicated
| across both machines and encrypted at rest.
|
| If Umbrel offered this out of the box, I would probably just
| use that to save me the time.
| Helmut10001 wrote:
| Doing this for the last 7 years, too. One server at my
| parents, one at my home. Connected via IPSEC. I just migrated
| to ZFS on my offsite backup, too - this is just perfect with
| syncoid/sanoid atomatic backups and zfs-pull of dataset. Fine
| grained security but robust at the same time. It is the first
| time I feel reasonable safe regarding the "worst" that can
| happen.
| _a_a_a_ wrote:
| How close geographically are you and your parents - are you
| fed off the same electricity supply?
| Terr_ wrote:
| Thinking of EMPs or Carrington events?
| _a_a_a_ wrote:
| More like an electricity area-distribution fail. If it
| were EMP or a really major solar event, you probably have
| bigger concerns.
| wmf wrote:
| The solution in the article is self-hosting as a service. You
| rent a VM in a data center, where servers belong, to host your
| stuff.
|
| Backups also seem like a mostly solved problem; there's plenty
| of software that can back up a server to your own cloud storage
| account.
| RussianCow wrote:
| > You rent a VM in a data center, where servers belong, to
| host your stuff.
|
| If you rent from an actual data center, you pay for a ton of
| stuff you don't really need for personal backups. If your
| home internet goes out and you can't access your personal
| cloud for a bit, it's likely not a big deal, so you don't
| need the level of redundancy that a data center gives you. On
| the flip side, the premium you pay for professionally hosted
| storage is enormous compared to buying a hard drive.
| wmf wrote:
| IMO the solution is cheaper, crappier data centers. OVH and
| Hetzner are most of the way there but there's probably more
| savings possible.
|
| Local storage is free or cheap with VMs so I don't see that
| as a problem.
| RussianCow wrote:
| I priced this out somewhat recently, and the lowest price
| I could get renting a server with >=2TB of storage is
| $11/month using the OVH Eco line, and that's without ECC
| (which I consider to be non-negotiable), FS-level
| compression (IIRC you can't change file systems with
| OVH), or redundancy in case the server/disk fails. I'm
| currently working on a DIY setup with two nodes equipped
| with 8GB ECC memory, 2TB of storage (with Btrfs
| compression to get even more storage out of it), and
| considerably more processing power than the OVH servers.
| My total up front cost is going to be about $400, with an
| estimated $25/year in electricity. The most comparable
| OVH offering would cost $403 in the first year (with RAID
| but without a second node), so my DIY solution basically
| pays for itself after that, and I can upgrade the
| hardware anytime I want.
|
| Of course, there is an obvious argument to be made that
| my time is worth more than the cost savings, but I've
| been learning a lot so I instead consider it a free
| education. :)
| smeej wrote:
| Oh I thought they were talking about SHaaS as a "solution"
| that _doesn 't_ really solve the problems, because you're
| either trusting the hosts not to decrypt and use your data,
| or you're encrypting it, which has all the drawbacks of key
| management.
|
| I hope we'll eventually be able to use some of the key
| storage/backup solutions being developed mostly in the
| cryptocurrency sphere. Like, multiparty computation (MPC) is
| agnostic to the type of key being created, and some of the
| social recovery methods being tested could be applied to
| parts of the key. Being able to protect your key from loss
| but also from theft is a hard problem they're highly
| incentivized to solve (and other people are highly
| incentivized to test/break).
| wmf wrote:
| These concerns are overblown. Unless you're a criminal,
| nobody's looking inside your VM. Heck, AWS can't access VMs
| (of course it's Internet cool to not believe this).
| thinkmassive wrote:
| > Unless you're a criminal, nobody's looking inside your
| VM.
|
| > Heck, AWS can't access VMs (of course it's Internet
| cool to not believe this).
|
| Do the VMs only let someone in if they're running a
| criminal workload, or how does it work?
| smeej wrote:
| Nobody's a criminal, until they are.
|
| I wonder what it would be like to hold no opinions that
| you could ever imagine becoming controversial enough to
| get you flagged for investigation of some kind. I live in
| an intensely polarized country (U.S.), so it's actually
| hard for me to imagine caring about _anything_ with any
| level of passion that one party or the other (heck, or
| both) wouldn 't eventually want to put me on a watchlist
| for.
|
| What's it like to have that much trust in the ongoing
| goodwill of other people?
| bawana wrote:
| synology has this with their NASes. Makes spinning up your own
| private cloud simple.
| FloatArtifact wrote:
| Unfortunately I see nothing about backing up and restoring apps
| data
| SushiHippie wrote:
| My 2cts about Nextcloud and why *I* think it's not viable as an
| alternative for the average user:
|
| I host my own nextcloud since a few years.
|
| I mostly use it as an alternative for google photos/icloud
| photos, basically backing up all the images from my smartphone.
|
| Hosting the instance is one thing, but setting up the automatic
| upload on your phone is another thing.
|
| The automatic photo upload feature in the official nextcloud app
| is most of the time broken and slow. And on iOS you need to keep
| the nextcloud app open and the screen unlocked, otherwise it
| won't upload.
|
| That's why I use FolderSync on Android, but I don't think the
| average user wouldn't want to set this up and might even
| misconfigure it, which could just delete all images.
|
| And Nextcloud itself is just very slow. With google photos you
| can just scroll through thousands of images and easily find the
| image you took 3 years ago.
|
| If i do this in nextcloud, I already had the following stuff
| happen:
|
| - Your browser freezes
|
| - The Nextcloud server (php-fpm in my case) OOMs (it used around
| 15-20G of RAM)
|
| (The OOMs also often happen when syncing with FolderSync.)
|
| I definitely wouldn't recommend it as a google photos
| alternative.
|
| I'm not complaining as I didn't pay a penny for nextcloud itself
| (only the cost for the dedicated server I rent). And I still use
| it, as there is no better alternative.
|
| But for the "mass" there is no convenient and comparable
| alternative to the "surveillance capitalism" services.
|
| Nextcloud is good enough for me, as its the only viabke option,
| but IMO it doesn't cut it for leaving the other services at
| scale.
| pricechild wrote:
| You're not wrong.
|
| Have you tried https://apps.nextcloud.com/apps/memories - it
| solves all of my issues with photo management in nextcloud.
| (Together with the recognise app) I don't see why they haven't
| replaced the default photos app with this already...
|
| I think improving the photos experience would have the biggest
| impact on home users, but nextcloud certainly seems to be
| chasing the enterprise/gov market in the EU? I'm not
| complaining!
| SushiHippie wrote:
| Yes, this makes it at least usable, without it it is even
| worse.
|
| But it is still worse compared to google photos/icloud
| photos/etc.
|
| The issues I described above also happened with memories.
|
| I think improving performance and memory usage in their
| webdav implementation would, by far, have the biggest impact.
|
| Nextcloud is a fork of Owncloud, and Owncloud did the right
| thing to move away from php for the webdav implementation,
| though they are now rewriting it once again, which I don't
| really like, as they store the files and all information in
| some binary format.
| the_pwner224 wrote:
| I switched from Nextcloud to Syncthing a while ago. ST is a
| plain file syncing program, like Dropbox, but distributed P2P
| (you can have a server running it as an always-on node). I sync
| the Camera & Screenshots folder on my phone to my computer &
| server. If you have multiple phones add the folder on each
| phone. It's bidirectional so photos you take or files you add
| will show up on all devices. It works much better than
| Nextcloud, and admin/maintenance/setup are all much easier.
|
| For calendar & contacts sync I use Radicale. Syncthing with a
| regular shared folder + camera folder + screenshots folder
| combined with Radicale covers everything that I used Nextcloud
| for.
|
| However this is all on your devices, there's no web interface
| to access your files from other devices.
| SushiHippie wrote:
| > However this is all on your devices, there's no web
| interface to access your files from other devices.
|
| I tried Syncthing and it worked really well and it was fast.
| But I definitely want to have a webui, like Nextcloud, that's
| why this is sadly not an alternative for me.
|
| (Though I use syncthing now for other stuff, where I don't
| need web access)
| jw_cook wrote:
| If your main use case for a web UI is browsing photos, have
| you considered a self-hosted photo gallery like PhotoPrism,
| Immich, or Lychee?
|
| I'm in a similar boat, where I use NextCloud but really
| wish there was a better option (especially for mobile photo
| sync). Syncthing + Photoprism is currently at the top of my
| list of possible viable alternatives.
| sureglymop wrote:
| Since this is about privacy, do note that syncthing relies on
| a discovery server to find peers on the internet. You should
| probably run your own public discovery server if you care
| about privacy and want to seriously use it outside of your
| home network.
| vishnumohandas wrote:
| > there is no better alternative
|
| If your primary device is Android, please check out Ente[1].
|
| We are an E2EE alternative to Google Photos. We had launched on
| HN[2] a while ago, and have been working towards feature
| parity. We aren't "there" yet, but hope to soon be.
|
| If you've any feedback, please share it with vishnu@ente.io,
| I'd be grateful!
|
| [1]: https://ente.io
|
| [2]: https://news.ycombinator.com/item?id=28347439
| eks391 wrote:
| I currently use nextcloud, but while I was deciding my
| infrastructure, I also tried syncthing. I'd recommend trying it
| out since your preferences make me think it may be a better fit
| for you. Its pretty painless to set up, auto syncs based on
| your preferences. I dont know how fast it is, since I only used
| it for trivial testing purposes while deciding which to use,
| but I'd say worth comparing.
| adolph wrote:
| I think anything done "at Scale" eventually resembles
| "Surveillance Capitalism" since most of the advantage of what is
| often referred to as "Capitalism" is people finding valuable uses
| for the refuse of others.
|
| An alternative more practical guide is Derek Siver's "Tech
| Independence" which as other's have noted has many dependencies.
|
| https://sive.rs/ti
| tomxor wrote:
| > Data can become irrecoverable
|
| This seems to be becoming less and less of a drawback when
| compared to Google where exactly the same things can happen when
| people seem to get arbitrarily banned from their account with no
| recourse. Not to mention the recent push for passwordless keys
| that can be lost with the device.
|
| Sounds like it would be better if anything because at least you
| have to pay for the data hosting, and so being encrypted there's
| no way for them to block you for entirely opaque policies or
| decide one day that their abuse heuristics don't like you any
| more.
|
| In reality the primary friction to adoption with any of this
| entirely plausible tech is inertia. It's going to take something
| colossal fuck up to convince even a large minority to bother
| using non-free alternatives.
| siliconc0w wrote:
| As a possible solution we can decouple data storage from data
| services. For data that doesn't need expensive computation, we
| can further decouple key owners from data storage. Users always
| own their data, they can choose which data services, storage, or
| key manager to use and they should all interoperate.
|
| This is already a pretty common pattern in the cloud, just the
| same business entity owns all three. You basically need
| legislation that says business entities must interoperate with
| different data storage or key providers.
|
| So you can subscribe to gmail from google and they store your
| data in Amazon or maybe EFF's data storage provider. You can then
| get fine-grained audit trail of how and when your data is
| accessed.
|
| We can then come up with standard rules like maybe your data is
| only accessible without your end-user credential (i.e your
| computer+password) for law enforcement or limited operational
| activities described by the provider and approved by you(or your
| delegate).
| caseysoftware wrote:
| I've used https://adnauseam.io/ for years. It's great.
|
| First, it hides (most of) the ads making the internet more
| tolerable. Then it "opens" them in memory and clicks on ALL of
| them making your profile worthless.
|
| The last time I pulled up my Google profile, it said I was a
| 18-99yo, both male and female, and was interested in EVERY topic
| they listed.
|
| It works in both Brave and Chrome but isn't available in the
| Chrome Extension Store for some reason.. ;)
| guilamu wrote:
| More importantly it's available for Firefox.
| gear54rus wrote:
| Can you share the link where you've seen your profile. I wanna
| see if AdNauseam is as effective on my side.
| caseysoftware wrote:
| https://myadcenter.google.com/ and
| https://myaccount.google.com/data-and-privacy will show the
| stuff they share
| daed wrote:
| I'd love to use this but is there any risk that this will get
| Google to flag me as a bot/malicious? I wanna make sure I can
| still pass captchas and don't screw anything up for testing on
| my dev machine.
| caseysoftware wrote:
| I have not experienced this in any form and I build security,
| bot detection, and similar products.
| lcnPylGDnU4H9OF wrote:
| > isn't available in the Chrome Extension Store for some reason
|
| Obviously it's because "An extension should have a single
| purpose that is clear to users..."[0]. Given how "questionable"
| the reason is, I can't really think of a better endorsement.
|
| 0: https://adnauseam.io/free-adnauseam.html
| kyrofa wrote:
| I hadn't heard of this, thank you! I'm giving it a shot now.
| autoexec wrote:
| > I've used https://adnauseam.io/ for years. It's great.
|
| No it isn't great. It's stupid and dangerous. It does _nothing_
| to make your data "worthless". You're only giving data brokers
| and the people who use them more highly valuable data to use
| against you. Please see my comment here:
| https://news.ycombinator.com/item?id=39043547#39044239
| l33t7332273 wrote:
| Making the data inaccurate absolutely makes it worthless;
| it's worth is in its accuracy.
| autoexec wrote:
| Data brokers do not care about how accurate their data is.
| At all. Not even a little. It's highly valuable to them no
| matter how inaccurate it is, and that data will be used
| against you even if it's _entirely_ inaccurate.
| beanjuice wrote:
| Can you elaborate about what you define as "used against
| you" even if it is entirely inaccurate? What is the use
| case of inaccurate data with which you are concerned?
| lcnPylGDnU4H9OF wrote:
| It's in the comment they linked to. Good points, to be
| fair.
| baby_souffle wrote:
| > Can you elaborate about what you define as "used
| against you" even if it is entirely inaccurate?
|
| Hypothetical: $company you're trying to use needs to
| "verify" you using $inaccurateData from $vendor.
|
| You're absolutely screwed if the verification questions
| you're asked are relying on the "polluted" answers
|
| Similar vein: if the "polluted" data indicates you might
| be gay or replublican or musilim or into some seriously
| unhealthy lifestyle choices like smoking and $someCompany
| decides that you're a smoker and therefore your too risky
| to insure.
|
| no data >>> polluted data.
| pixl97 wrote:
| Or, if state level actors are looking at your data they
| are buying from companies, the appearance of
| intentionally corrupted data could invite more scrutiny.
| eindiran wrote:
| If state-level actors are looking into your data with any
| amount of individual scrutiny you are already fucked,
| this is a ridiculous reason to not use ad nauseum.
| pixl97 wrote:
| You're looking at this backwards...
|
| Imagine being in China where they tend to watch you and
| make profiles on you. Then suddenly the profile of who
| you are goes completely random. Is it possible this gets
| the attention of state-level actors where you had none
| before?
| l33t7332273 wrote:
| Isn't the alternative in the verification case just that
| you don't get your account because they can't verify you?
| caseysoftware wrote:
| Verification questions are based on credit history -
| addresses, vehicles, family members, etc - not browsing
| history so this is a non-issue.
| RussianCow wrote:
| Serious question: Who is using browser data for
| verification?! It's alarming to me that this is even a
| hypothetical scenario. All identity verification systems
| I have ever used in the US have been through a credit
| agency or something similar. I can't imagine any use case
| that would use your browser history or ad data for these
| purposes. Do you have a real-world example?
| BlackjackCF wrote:
| Another example that I think captures the spirit of
| autoexec's point is credit fraud.
|
| Are you the one taking out credit cards and potentially
| tanking your credit score? No.
|
| Does it still negatively impact your life? Yes, because
| the information landlords/banks receive from credit
| unions only shows the low credit score.
|
| Do the banks/landlords care about the fact that it's
| fraud? No.
|
| It's ultimately YOU who has to do all the leg work to
| report the fraud, make sure that your credit history is
| fixed, and that your credit is frozen as a deterrent to
| for future fraud issues.
| 0x457 wrote:
| > The last time I pulled up my Google profile, it said I
| was a 18-99yo, both male and female, and was interested
| in EVERY topic they listed.
|
| So you see how data-brokers having this data on you is
| equal to not having any data on you if their data is
| garbage?
| blahyawnblah wrote:
| Isn't this kind of unethical? There are plenty of
| people/companies running ads that are just trying to get some
| traffic and you're costing them money.
| bradford wrote:
| I'm of the opinion that 'surveillance capitalism', as described
| in this article, is a problem of policy/legality, not technology.
|
| Technology minded individuals keep looking for a technical
| solution to this problem. I'm hesitant that a technical solution
| exists.
|
| Unfortunately, I also don't expect Congress to promptly pass new
| legislation that competently addresses the problem. (I am more
| optimistic about the efforts by the EU and individual US states.)
| closeparen wrote:
| Probably the most material privacy issue for most people is
| that very basic operations like establishing your identity,
| providing a contact method, and making a payment all involve
| giving your counterparty a long-lived identifier which they
| must keep secret and which anyone they leak it to
| (intentionally or not) can harm you by abusing. These
| identifiers are necessarily given out to hundreds of
| unsophisticated and often trashy operations like supermarkets,
| car dealers, e-commerce retailers, and soon (sadly) app
| developers. Unlike the FAANGs of the world, these people have
| never heard of cryptography and don't blink twice about selling
| Excel spreadsheets for a few extra pennies. But the need to
| share secrets with them is a technological problem -- public
| key cryptography could serve these used cases without giving
| the counterparty something to leak.
| bradford wrote:
| I may have interpreted the problems addressed in the article
| differently.
|
| Certainly, privacy incidents can occur due to mishandling of
| sensitive information (i.e., secrets, identifiers).
| Addressing these are a no-brainer and something that
| technology can and should address.
|
| I interpret the article as addressing a second kind of
| privacy issue that isn't due to mishandling. Instead, it's
| part of the profit model for many major tech companies:
| advertising. In this case, the privacy issue isn't a
| mishandling, it's by design and explicitly disclosed in the
| Terms of Service.
|
| (I can't say which one is a bigger issue at large, but I
| believe policy is needed to address the second issue).
| loughnane wrote:
| I think for self-hosting as a service to take off you need to
| persuade people that it's 10x better for non-privacy reasons.
| That's hard to do because the biggest value prop for most folks
| would be media, but unless you already have a collection it's
| hard to legally get your hands on DRM-free digital media.
|
| When I look at the things I self-host it's mostly media
| (beets/navidrome/jellyfin/etc) and privacy/longevity-focused
| alternatives (photoprism/miniflux)
|
| Only a few (huginn/archivebox/rmfakecloud/llamacpp) are for
| general usefulness, but the applications are pretty tech-heavy
| and not for the average person.
|
| I wonder what applications would knock the socks off a non-
| technical person.
| rglullis wrote:
| > unless you already have a collection it's hard to legally get
| your hands on DRM-free digital media.
|
| Sneakernet meets the fediverse: https://funkwhale.audio
| MeltedVoltage wrote:
| I think self-hosting could be viable for more people if two
| things would happen:
|
| - ISP's need to give a permanent IP's and more upload bandwidth
| in "regular", low-cost internet plans or at least a "self-
| hoster" addition
|
| - There needs to be a protocol standard to communicate with
| home routers for auto-configuring the network in a safe way to
| be able to access services and applications on certain devices
| outside of the local network. I don't think it currently is
| possible in a robust enough way
|
| With those two things I can imagine dedicated appliances that
| are accessible enough for non-technical users. But the
| experience has to be as seamless as video game consoles in
| order to reach "the masses"
| loughnane wrote:
| That's a good point. Last I checked I pay $15 for a static
| IP.
|
| For access, i feel something UX-friendly powered by wireguard
| could do the trick. My own use is to just flip the "connect
| to my home server" button in wireguard and then I have access
| to everything. I leave it on most of the time but still have
| to toggle it if things get weird. Seems like that ought to be
| able to be wrapped in something prettier.
|
| I def think a "box you set up" is the right way to do it.
| cherryteastain wrote:
| > it's hard to legally get your hands on DRM-free digital media
|
| Time to hoist the jolly roger and plunder the high seas, friend
| loughnane wrote:
| I'm sure most folks on this forum are capable of doing that,
| but if the question is mass-adoption I think illegal copying
| of other files---even if the law is bad---is a bar.
| dukeofdoom wrote:
| The problem is government. Even Trumps private twitter messages
| had been seized. If a former president can't protect his
| privacy...who can? Should you expect to have your personal
| communications just taken by a government bureaucrat any time
| they want. I think the problem id deeper than technical, it's a
| political and moral problem. Companies will cave and do what
| government tells them to comply.
| kredd wrote:
| Might be a tangential question, but does trying to escape
| surveillance matter? I somehow made myself believe that even if I
| self-host everything, avoid all the tracking, yada yada, unless
| everyone I hang out with does the same, the data brokers
| technically will get some information about me.
|
| Realistically, you have to be very tech-savvy to properly avoid
| tracking, and pretty much avoid any modern social life. That
| already excludes most of the people in this world. And I, for
| sure, don't want to live a bunker-basement family life, with no
| outside fun. In the end, I'm not sure how to solve it, and
| probably making it worse with my pessimism. But is this actually
| a winnable battle?
| l33t7332273 wrote:
| The amount that you "win" is inversely proportional to your
| participation in modern life.
|
| Personally I don't consider privacy important enough to worry
| if the McDonald's app harvests my data in exchange for the free
| coffee.
| JohnFen wrote:
| > The amount that you "win" is inversely proportional to your
| participation in modern life
|
| This is true, but I think that reducing participation in a
| dystopia isn't necessarily a bad thing.
| AJ007 wrote:
| You don't need to/probably can't avoid the data brokers, you
| just have to inject enough noise in to their data to make it
| worthless. The data brokers are probably the most benign of all
| of the parties that expose you to security risks.
|
| If you live in a high risk area (like Mexico), and are middle
| class or above, then you need to do some advanced stuff because
| cartels have access to things such as your live phone location
| data.
|
| Ultimately you can't escape surveillance in the general sense.
| You have a face (probably) and face tracking is ubiquitous and
| continuous. Google, Bing, and so on crippled their reverse
| image search for faces, but that misrepresents how good it is.
| JohnFen wrote:
| > does trying to escape surveillance matter?
|
| It certainly does to me. I can't plug all of the data leaks to
| these companies, of course, but this isn't an all-or-nothing
| sort of thing. Reducing the amount of leaking is still
| valuable.
| pphysch wrote:
| > As Molly White said, "there are never purely technological
| solutions to societal problems".
|
| I agree. It's Conway's Law on a national scale. In our advanced
| capitalist society, most governance is done by corporate hegemons
| (finance, insurance, real estate, marketing, etc), sometimes
| using the de jure government as a proxy. Our digital organization
| reflects exactly that!
|
| It is revealing that the best form of digital identification for
| each person are (secret) profiles created+sold by digital
| surveillance companies, rather than a robust + transparent
| digital citizenship that is managed strictly by a public entity
| and the subject themself.
|
| Some people react to the status quo by "running into the
| wilderness", either literally, or metaphorically by self-hosting
| everything. Either way, they often become digitally isolated and
| maintaining their personal kingdom becomes a lifelong task. It's
| not fixing the underlying societal dysfunction, just avoiding it.
| JohnFen wrote:
| > It's not fixing the underlying societal dysfunction, just
| avoiding it.
|
| Absolutely true. But as one of the people who do this, my
| response is: self-protection first. Then continue doing
| whatever you can do to make things better in the larger
| picture.
| pphysch wrote:
| I concur that individuality / individual sovereignty is a
| prerequisite a healthy society, but some people think its the
| ultimate goal rather than a first, limited step.
| acd wrote:
| You cant escape data fusion and browser finger printing via
| canavas, fonts, plugins.
| wmf wrote:
| You can escape fingerprinting if you use open source software
| that doesn't fingerprint you.
| say_it_as_it_is wrote:
| My current understanding is that the cost of "surveillance
| capitalism" has been more personalized advertising, but maybe I
| was under a rock for the last 20 years and missed this
| sensational story. Have people been discriminated against based
| on surveillance data? Are vehicle insurance companies going to be
| allowed to adjust insurance policies based on smart car
| surveillance, or health insurance companies adjusting policies
| based on consumption and behaviors? Are employers discriminating
| against people based on surveillance data describing their
| political ideologies? What's the big picture for 2023 in terms of
| what surveillance data is being used and how it's being used?
| from-nibly wrote:
| Anyone ever thought of creating a drop in "cloud" machine that
| could host self hosted services with minimal technical knowhow?
| The biggest technical achievement that would make this intriguing
| for me would be family distributed backups. If I could buy like 3
| or 4 of these and have it magically do multi site clustering and
| backups and have some sort of app store it might solve most of
| the issues.
|
| The provider of such a machine could also provide technical
| assistance in the form of: - DNS / domain registration - Host OS
| Updates - Encrypted cloud backups - Specialized router/firewalls
| to make it even easier to expose on the internet safely -
| Accessories like media archival equipment - Hardware upgrade kits
|
| I mean really just https://oxide.computer/ but for consumers.
| wmf wrote:
| It was called Helm (no relation to the devops tool of the same
| name):
| http://web.archive.org/web/20220924051052/https://www.thehel...
| from-nibly wrote:
| Bummer that they weren't able to make it work.
| spaced-out wrote:
| I've yet to read a clear explanation of how "surveillance
| capitalism" is any different than regular capitalism with
| computers. As long as people are trying to make money they're
| going to try and crunch data to do it better. The only way I see
| to effect a real change in how companies collect and use data is
| with regulation.
| cherryteastain wrote:
| I agree with the author's assessment that we have a societal
| problem first and foremost. However, a key component of that
| societal problem is that most (99%+) do not care about
| surveillance to the degree that they would change their behavior.
|
| Almost all my friends who use social media are aware the apps spy
| on them. They all have an anecdote like they were talking about X
| with their friend and when they scrolled Instagram/Tiktok an ad
| for X showed up, and they all say (unprompted) that it's creepy.
| When I suggest to them that maybe they should stop using
| Instagram etc, or at the very least use it on the website, to
| prevent this, the reaction invariably an excuse to keep using it.
| You can't tell these people to use Nextcloud or whatever over
| iCloud. They would never do it. The only thing that'd get them to
| switch is to offer more convenience/greater network events.
|
| Benjamin Franklin's famous quote goes "Those who would give up
| essential liberty, to purchase a little temporary safety, deserve
| neither liberty nor safety.". With tech, the same maxim applies,
| if you replace safety with convenience.
| splaca wrote:
| Ben Franklin's phrase seems to be quoted often in this kind of
| discussion but I haven't seen anyone explain (1) why one thinks
| he's right; and (2) why that would translate to tech and
| surveillance.
|
| Or, to be more upfront: I simply don't think blaming individual
| people (and deciding whether they "deserve" whatever) is very
| fair or productive.
| WhackyIdeas wrote:
| A slight change of subject but not too much.
|
| An hour ago I walked into a Post Office somewhere in Scotland. I
| was immediately greeted with a screen hanging down from the
| ceiling.
|
| Onn the left 75% portion of the screen a bunch of different
| camera feeds and on the right portion, running vertically - still
| photos of my face and other customers faces who were currently in
| the shop.
|
| ...And next to these still photos were things like:
|
| Age: Middle aged male Emotion: ... Glasses: No Etc.
|
| I asked the shop keeper why they were showing this, and I was met
| with arguments like 'these are everywhere', 'airports have them
| too'.
|
| I replied that an airport is understandably doing this, due to
| being a terrorism threat. But this was a small Post Office in a
| tiny village town in the countryside. So like comparing apples to
| toilet paper.
|
| I asked why the camera was trying to guess my emotion. To which I
| was replied to 'if you are doing nothing wrong, you have nothing
| to worry about'.
|
| Society has been so conditioned into the assumption that what we
| have today we will have tomorrow. Except in a world of potential
| Trumps, Xi Jinping, Putin and more... we are setting ourselves up
| for the complete unknown of tomorrow.
|
| This 1984 Scotland is now a place I feel like the reason to live
| has been dwindled down to just pure existence. I don't think I
| had ever felt quite like this before this trip to the Post Office
| today. Life doesn't feel like ours anymore. It's someone else's.
| The people behind the surveillance and the conditioned people who
| normalise it.
|
| Just because the technology exists, shouldn't mean it needs to be
| used. When will people ever start respecting other's privacy? And
| when will people ever give a damn about it.
|
| If this is already where we're at in 2024, where are we all going
| to be by 2030? Is life as full of the same point today than what
| it was 10 years ago. And will it be less full of point by 2030.
|
| Edit: typos
| 1vuio0pswjnm7 wrote:
| "We used to rely on software installed locally on our computers,
| and are now shifting towards a model based on services and
| companion apps, sometimes with free tiers and subscriptions."
|
| Everything I rely on is local. No reliance on remote services or
| companion apps.
|
| It is not like I haven't tried.
|
| I tried apps. But I failed to become addicted.
|
| I always end up accessing the endpoints from a laptop instead of
| a phone because it's easier and more flexible.
|
| I find a UNIX-like OS I can modify, compile and control paired
| with full-size keyboard and display to be more versatile. I still
| use offline storage.
|
| When it comes to the prognostication of so-called "tech"
| bloggers/journalists, "we" is not me.
|
| There was a story yesterday on HN about a school that does not
| allow smartphones. It described a multi-day school trip where no
| phones could be brought. After a short time, the article
| suggested none of the students missed their phones.
|
| This is how I see "services" and "companion apps". After a
| relatively short time without, people would forget about them.
|
| Whereas I am not going to forget about a UNIX-like OS that I can
| control and jump on to some new trend where I cede control to
| someone else. I rely on being able to control the computers I
| own. Giving away control is not an appealing proposition. The
| people marketing these "solutions" are certainly not ceding away
| any control. Instead they are gaining it over other peoples'
| computers in spades.
___________________________________________________________________
(page generated 2024-01-18 23:01 UTC)