17 votes

Future of personal security and privacy, upcoming trends.

A few years ago I got into improving my knowledgebase of personal security - theory and tools - but it didn't go much farther than reinforcing everything with 2FA and setting up a password manager, plus setting up a VPN and full disk encryption.

It seems like we're amidst a rising tide of data breaches due to, IMHO, laziness and cheapness on the part of many companies storing personal data.

So, recently I've embarked on my second journey to improve my own security via habits and software and teaching myself. Privacytools has been a super helpful resource. My main lesson this time is to take ownership/responsibility for my own data. To that end, I have switched to KeyPass with yubikey 2FA (still trying to figure out how to get 2FA with yubi on my android without NFC), moved over to Joplin for my note taking (away from Google and Evernote) and also switched to NextCloud for all of my data storage and synchronization. I'm also de-Googling myself, current due-date is end of March when Inbox is shut down.

So my question / discussion topic here, is, what are everyone's thoughts on the future of practical personal security and privacy? More decentralization and self-hosting? That's what it looks like to me. Blockchain tech would be cool for public objects like news articles, images etc. but from what I understand that has zero implication for anything personal. The other newish tech is PGP signatures, which I'm still having trouble implementing/finding use for, but surely that will change.

There is this topic but that ended up just being about encryption which I think is a no-brainer at this point. I'm more so looking for the leading edge trends.

19 comments

  1. [3]
    Comment deleted by author
    Link
    1. [2]
      JakeTheDog Link Parent
      Oh yea, I totally forgot about threat models, it's just so intuitive for me now I do it implicitly. Do you think, though, that there can be a near-universal threat model that can apply to most...

      Oh yea, I totally forgot about threat models, it's just so intuitive for me now I do it implicitly.

      Do you think, though, that there can be a near-universal threat model that can apply to most people? For example, surely all of us have embarrassing photos (not necessarily nudes) on some cloud / someone else's computer at this point, not to mention the high frequency of data breaches on many popular sites. In this manner, people don't need to really sit down and think about their own personal threat model, just the bare bones (like locking the front door of your house when you leave).

      1 vote
  2. [5]
    Grand0rbiter Link
    There's a point we reach that we can't do anything sadly because of our surroudings. I can encrypt every message i want, but what for if nobody uses encryption? What can i do if my entire country...

    There's a point we reach that we can't do anything sadly because of our surroudings. I can encrypt every message i want, but what for if nobody uses encryption?

    What can i do if my entire country is tied to WhatsApp for example? Die alone using Matrix or Signal?

    I already deGoogled myself (kinda, i still have google drive, but everything i put there is encrypted), but the next step is almost impossible to implement for me.

    4 votes
    1. [4]
      JakeTheDog Link Parent
      Yea, that's my biggest issue - having my contacts adopt secure communication. That's why I'm trying to focus on the practicality. It's a slow and steady uphill battle convincing others to use e.g....

      Yea, that's my biggest issue - having my contacts adopt secure communication. That's why I'm trying to focus on the practicality. It's a slow and steady uphill battle convincing others to use e.g. Signal.
      My hope is that tech like secure messaging becomes the norm for communication

      1 vote
      1. [3]
        meghan Link Parent
        I like the Mastodon model of approaching the platform paradox. Making self hostable software that all the power users can set up, and running a base instance that all the "regulars" can join. All...

        I like the Mastodon model of approaching the platform paradox. Making self hostable software that all the power users can set up, and running a base instance that all the "regulars" can join. All while keeping it interoperable. Some manner of centralization okay so long as the company/person running it are trustworthy.

        1. [2]
          JakeTheDog Link Parent
          Yea, I mostly agree with you there. My biggest issue is that trustworthy now doesn't mean trustworthy later. But it seems that it's possible to design safeguards into the platform so that it's not...

          Yea, I mostly agree with you there. My biggest issue is that trustworthy now doesn't mean trustworthy later. But it seems that it's possible to design safeguards into the platform so that it's not too top-heavy, as I think Mastodon does.

          1. meghan Link Parent
            It's definitely a difficult issue, as the only way to know for sure what's happening with your data is to manage it yourself, but not everyone, most people in fact, don't want to be a sysadmin.

            It's definitely a difficult issue, as the only way to know for sure what's happening with your data is to manage it yourself, but not everyone, most people in fact, don't want to be a sysadmin.

  3. [3]
    meghan Link
    I'm definitely taking my own steps towards the self hostable model in that I'm build a suite of my own. Complementary to my other comment, I believe in giving people the power to host it all if...

    I'm definitely taking my own steps towards the self hostable model in that I'm build a suite of my own. Complementary to my other comment, I believe in giving people the power to host it all if they want, while running a pre-hosted version if people just want to sign up.

    The first step in that suite is https://github.com/nektro/andesite with many more projects to come.

    3 votes
    1. [2]
      JakeTheDog Link Parent
      Wait, so what is that exactly? I'm familiar with terms but a bit naive with respect to the back-end of things.

      Wait, so what is that exactly? I'm familiar with terms but a bit naive with respect to the back-end of things.

      1 vote
      1. meghan Link Parent
        It's a custom web file server that allows site operators to whitelist access to files/folders through OAuth2 and in a readonly way. You point it at a directory of files you want to share, and then...

        It's a custom web file server that allows site operators to whitelist access to files/folders through OAuth2 and in a readonly way. You point it at a directory of files you want to share, and then people that visit the site are only given the folder listing provided to them by the site admin.

        1 vote
  4. satan Link
    I have become extremely paranoid online. I use a VPN on my phone and pc. I only message with signal and have forced my close friends to use it (lol). I create new forum accounts every so often and...

    I have become extremely paranoid online. I use a VPN on my phone and pc. I only message with signal and have forced my close friends to use it (lol). I create new forum accounts every so often and delete all data from old ones. I know a lot of people dont like lastpass but i have no problems with it and use it. I have firefox set up on my phone and pc with privacy extensions and about:config configs. I am almost done degoogling just have to finish switching all my gmail over to tutanota. I deleted my social media. I could go on and on lol.

    1 vote
  5. [2]
    Fin Link
    gmail is changing? Did they ever mention this?

    gmail is changing? Did they ever mention this?

    1. JakeTheDog Link Parent
      From what I understand, they're just taking features from Inbox and adding it to Gmail, not sure where they're at with that because I've exclusively used Inbox since it was beta a few years ago.

      From what I understand, they're just taking features from Inbox and adding it to Gmail, not sure where they're at with that because I've exclusively used Inbox since it was beta a few years ago.

      2 votes
  6. [6]
    Fin Link
    Okay going to admit I don't know a lot of about encrypting HDs. What is involved? How is it enforced? Does it slow down the drive? How do you do it? (lol), do you need a password every time you...

    Okay going to admit I don't know a lot of about encrypting HDs. What is involved? How is it enforced? Does it slow down the drive? How do you do it? (lol), do you need a password every time you use the drive?

    1. [4]
      anowlcalledjosh Link Parent
      Depending on exactly how you set it up, it might be as simple as ticking a box when you install your operating system to say "encrypt my hard drive pls". Maths. The data written to your hard drive...

      What is involved?

      Depending on exactly how you set it up, it might be as simple as ticking a box when you install your operating system to say "encrypt my hard drive pls".

      How is it enforced?

      Maths. The data written to your hard drive is encrypted before it gets written, and unless you know the encryption key (usually a passphrase, but sometimes a physical security key), you can't decrypt the data.

      Does it slow down the drive?

      Not by any noticeable amount on a computer manufactured in the last decade.

      How do you do it? (lol), do you need a password every time you use the drive?

      Depends on how it's set up; I have to enter a passphrase every time I turn on my laptop (separately to my login passphrase), but you could probably set it up so you only have to enter one passphrase.

      3 votes
      1. jackson Link Parent
        To add to this, FileVault is preinstalled on every mac-- it's super easy to set up and just slows your computer down for a few hours while it encrypts everything (that's a one-time deal). Besides...

        To add to this, FileVault is preinstalled on every mac-- it's super easy to set up and just slows your computer down for a few hours while it encrypts everything (that's a one-time deal). Besides that, it's mostly set-and-forget, and all you have to do is enter your password each time you boot your computer (so yes, there's one more signon page).

        ALSO, if you're using a Mac, please add a firmware password. Without it, anyone can boot your computer into single user mode and create another admin account. It adds zero overhead (unless you're booting into recovery or other disks often, though it's still worth it then) and greatly improves the security of your computer.

        3 votes
      2. [2]
        Fin Link Parent
        am on windows 10. How would I set it up? Is it bitlocker?

        am on windows 10. How would I set it up? Is it bitlocker?

        1. esrever Link Parent
          Bitlocker is an option, but I think most people here would advise against it (though it is better than using nothing). Look into some of the options on the PrivacyTools.io site that as linked in...

          Bitlocker is an option, but I think most people here would advise against it (though it is better than using nothing). Look into some of the options on the PrivacyTools.io site that as linked in the topic post.

          2 votes
    2. JakeTheDog Link Parent
      Check out link to another thread. Short answer is it's super easy, painless and effective.

      Check out link to another thread.
      Short answer is it's super easy, painless and effective.