• MudMan@fedia.io
      link
      fedilink
      arrow-up
      107
      arrow-down
      6
      ·
      8 months ago

      Right? It’s kinda nuts how much this quixotic prepper-style power fantasy permeates some parts of the Internet. Hell, even that strip is conceding the basic point that there will be a cabal of evil people digging for all their super-important secret files at some point.

      • MrVilliam@lemmy.world
        link
        fedilink
        arrow-up
        11
        arrow-down
        107
        ·
        edit-2
        8 months ago

        Kinda makes you wonder what’s on their drive that they’re so concerned about being uncovered. I’m all for privacy as a right, but people don’t usually go balls to the wall on their computer security just to protect cat memes or tax documents. People won’t even assume just regular porn stuff. People will assume terrorist plots or sex crimes or stolen classified stuff. Idk, if my NSA agent cares enough to break basic security just to find out my porn search history, then I’m just thinking that that’s wasted tax dollars. I’m not that interesting.

        Edit: I’m not saying don’t do simple encryption, I’m saying that putting up ten barriers and having paid services and using multiple vpns has drawbacks of cost and performance, so what are the odds that somebody would go to all the trouble for data that nobody would care about. If you saw a giant vault in somebody’s basement, you would assume there’s something interesting in there.

          • Echo Dot@feddit.uk
            link
            fedilink
            arrow-up
            5
            arrow-down
            44
            ·
            edit-2
            8 months ago

            I’ve got stuff I don’t want to be public, but at the same time I’m not going to spend thousands and thousands of dollars on security measures to protect it because it’ll probably never be required, and it probably won’t work anyway.

            Having a pin code longer than four digits is probably more than enough to effectively deter the average cop, and they are all I am ever really anticipating interacting with, if at all. If I decide to take up terrorism as a hobby I may reconsider.

            • shikitohno@lemm.ee
              link
              fedilink
              arrow-up
              34
              ·
              8 months ago

              What is this setup that requires thousands and thousands of dollars to achieve encryption? It’s just typing ‘y’ and hitting enter during my install, if anything. It’s good general practice and the highest cost involved is a totally negligible effort to type an additional password in at boot. It’s not like we were talking about rigging up some crazy kill switch that somehow physically destroy your drives at a keystroke if you think the feds have shown up.

              • Echo Dot@feddit.uk
                link
                fedilink
                arrow-up
                1
                arrow-down
                37
                ·
                8 months ago

                Anything that easy isn’t going to do anything. If you want actual security you would have to spend a lot of money for very little chance it would work

                • akakunai
                  link
                  fedilink
                  arrow-up
                  18
                  arrow-down
                  1
                  ·
                  8 months ago

                  Uh, no. Almost everything you can do for logical security only requires free software. Something as easy as ticking the box “encrypt my drive” and putting in a good password when installing Ubuntu or whatever is about as easy as it gets and is LUKS2 (“actual security”, as far as at-rest data encryption is concerned).

                • gaylord_fartmaster@lemmy.world
                  link
                  fedilink
                  arrow-up
                  18
                  arrow-down
                  1
                  ·
                  8 months ago

                  Why did you feel the need to come into this thread and broadcast your opinion on something you know nothing about? Encryption is not made any less effective just because people made free tools to implement it easily.

                  It’s just math. It’s not a finite resource, and there isn’t “premium math” you have to go buy at the math store to make your encryption stronger.

                • RagnarokOnline@programming.dev
                  cake
                  link
                  fedilink
                  arrow-up
                  8
                  ·
                  8 months ago

                  I think what you’re driving at is partially true: for perfect security, it takes a lot of effort and you never know when there’s a zero day for your particular practice.

                  However, like the other commenter is saying, it’s easy to have better security than most. Heck, it don’t even require extra ongoing maintenance to have a healthy security coverage.

                  But not doing anything to increase your security is a bad choice. To me, it’s kind of like eating vegetables, if the average person would just do it a little more, we would all benefit.

            • rob64@startrek.website
              link
              fedilink
              arrow-up
              8
              ·
              8 months ago

              Yeah I think those of us who go to extra lengths for security mostly do it because we can. Like any other enthusiast.

              • MudMan@fedia.io
                link
                fedilink
                arrow-up
                2
                arrow-down
                1
                ·
                8 months ago

                For the record, that’s as fine as any other hobby, as far as I’m concerned. Just as I don’t have any issues with… you know, survivalism as a hobby.

                On the aggregate, though, there IS a bit of a prepper power fantasy at play, I stand by that. Hey, I have tons of hobbies myself where I find the collective average lands in a super creepy place. If anything I think it’s a relief to acknowledge it. Gives you plausible deniability.

        • Ookami38@sh.itjust.works
          link
          fedilink
          arrow-up
          42
          arrow-down
          2
          ·
          8 months ago

          Kinda makes you wonder what’s in their bedroom they’re so concerned about being uncovered. I’m all for privacy as a right,but people don’t usually go balls to the wall on their bedroom privacy just to not be seen changing. People wont even assume just regular sex stuff. People will assume terrorist plots or a murder dungeon or your mom.

          Privacy is privacy is privacy. There’s no need to justify it. Desiring it isn’t an indicator of any wrongdoing. The second you are okay with literally every aspect of your existence being completely public, and I mean all of it, is the second your statement holds any ground.

          • NounsAndWords@lemmy.world
            link
            fedilink
            arrow-up
            9
            arrow-down
            5
            ·
            8 months ago

            I get your example, and agree with the premise that “if you have nothing to hide…” is never a good argument, but if someone had security cameras surrounding/within their house, and 4 different locks on their bedroom door, and then a high quality safe in the bedroom, I would absolutely think there’s something more than sex toys in there. That’s still never a valid basis to search their stuff, but if there was nothing significant in there, that would feel odd.

            • Ookami38@sh.itjust.works
              link
              fedilink
              arrow-up
              17
              arrow-down
              1
              ·
              8 months ago

              I completely disagree. It may feel excessive, but my only thought would be “there’s someone who cares about privacy.” We only assume this stuff is weird because we’ve indirectly encouraged only weirdos to do these things. If we instead normalize it as just part of home security, like locking your doors, then it’s just another thing careful people do.

          • MrVilliam@lemmy.world
            link
            fedilink
            arrow-up
            3
            arrow-down
            3
            ·
            8 months ago

            Great point and I agree. That’s why my door is locked, but not locked with 8 deadbolts, a security camera, and booby traps.

        • Prunebutt@slrpnk.net
          link
          fedilink
          arrow-up
          27
          ·
          8 months ago

          Climate activists are currently prosecuted as domestic terrorists in the US.

          Encryption is there for protection against the state (who can’t easily drug you and beat you up for giving out a password).

        • Semperverus@lemmy.world
          link
          fedilink
          arrow-up
          27
          ·
          edit-2
          8 months ago

          I explicitly go balls to the wall to protect my tax documents and cat memes, for a couple of reasons:

          1. I am very passionate about the concept of “You shouldn’t have to have anything to hide to deserve the right to privacy.”

          2. People should’t “poop with the door open” (to use a metaphor), so I keep my door shut.

          3. Opinions and ideals can get people hurt if made public, and I want to protect both mine and those of the people i talk to (even if i don’t agree with them).

          4. If everyone took their security and privacy this seriously, nobody would have to worry about some nonce assuming they were committing crimes just because they were protecting their right to privacy. I’m being just one more drop in the bucket.

        • 4am@lemm.ee
          link
          fedilink
          arrow-up
          17
          ·
          8 months ago

          Your false assumption is that basic security isn’t broken constantly and automatically for them to just browse the results of on a whim.

        • AWildMimicAppears@lemmy.dbzer0.com
          link
          fedilink
          arrow-up
          14
          ·
          8 months ago

          The issue is that you don’t have any say in what it is to be concerned about being uncovered. Regimes change, and so do the things that are dangerous to uncover. Today it might be ok showing support for LGBTIA+ rights where you live, but that might change at a votes/coups notice. Damn, supporting trans rights might get you in physical altercations in some areas in the US if you are found out, or might make it impossible to land a job.

          The Nazis used data that was accumulated by prior administrations to choose their victims.

        • meiti@lemmy.world
          link
          fedilink
          arrow-up
          10
          ·
          8 months ago

          Everything I use is encrypted as hell. What do I have inside? To be honest nothing. Just your usual stuff. But why the heck should I let someone to get into my fucking harddrive? No, let’s make it as difficult as possible for those assholes.

          Having said that, I’m stuck multiple times by my own encryption. Lost the keys, etc. And in case something happens to me, no one can access my legacy or docs. That’s my only doubts. Moreover, I’m aware that it only protects my data at rest, while the PC is on, there are probably a zillion zero-days I’m not aware of.

        • surewhynotlem@lemmy.world
          link
          fedilink
          arrow-up
          10
          arrow-down
          1
          ·
          8 months ago

          if my NSA agent cares enough to break basic security just to find out my porn search history,

          Police have regularly used their inappropriate levels of access to stalk and harass women they like. You may not be interesting to the government, but you could easily be interesting to a malicious actor who works for the government.

        • Hanrahan@slrpnk.net
          link
          fedilink
          arrow-up
          2
          ·
          8 months ago

          Sure but if they’re looking it’s like them peeking through the window while you’re having sex. Will you get jailed for havingnsex, no (unless it’s gay sex and you’re in Russia, then yes) , but it still makes people feel uncomfortable. Or if they find correspondence between you and your gf organizing an abortion and you’re in Texas and they “pass it on”, or any number or things.

    • A_A@lemmy.world
      link
      fedilink
      arrow-up
      38
      ·
      edit-2
      8 months ago

      Rubberhose (file system) Deniable encryption
      https://en.m.wikipedia.org/wiki/Deniable_encryption
      The notion of “deniable encryption” was used by Julian Assange and Ralf Weinmann in the Rubberhose filesystem (…) In cryptography, rubber-hose cryptanalysis is a euphemism for the extraction of cryptographic secrets (e.g. the password to an encrypted file) from a person by coercion or torture—such as beating that person with a rubber hose, hence the name—in contrast to a mathematical or technical cryptanalytic attack. (…)

      • UnderpantsWeevil@lemmy.world
        link
        fedilink
        arrow-up
        3
        ·
        8 months ago

        That’s all very clever and good, but Assange has been cooling his heels in Belmarsh Prison since 2019 awaiting extradition to the US and Ralf Weinmann only escaped the same fate by dropping off the face of the earth.

        Wikileaks has been a dead letter for over a decade and the western public is now so thoroughly poisoned against big intel leaks that its doubtful an effort to reinvent the site would have any benefit.

        So we’re still back to a guy with a wrench being an effective means of dealing with entrepreneurial hackers.

        • A_A@lemmy.world
          link
          fedilink
          arrow-up
          2
          ·
          8 months ago

          Unfortunately you are absolutely right and I would say that computing work on an international scale always tend to be a type of war : it was so from the start ( that is to say with the decryption of Enigma machine mesages by the UK and the USA )

  • shneancy@lemmy.world
    link
    fedilink
    arrow-up
    191
    arrow-down
    3
    ·
    edit-2
    8 months ago

    this is exactly the sort of thing you imagine in the shower to feel good about yourself

  • Echo Dot@feddit.uk
    link
    fedilink
    arrow-up
    123
    arrow-down
    6
    ·
    edit-2
    8 months ago

    If you guys don’t think the CIA can hack a Linux computer I’ve got a nice bridge you might want to purchase.

  • OozingPositron@feddit.cl
    link
    fedilink
    arrow-up
    77
    arrow-down
    1
    ·
    8 months ago

    Buy a thinkpad x230 and install heads. Write protect the flash chip. Put nail polish on the screws and take high resolution pictures to ensure signs of tampering. Do NOT use a HDD or SSD. They have DMA so a malicious firmware could do a lot of damage, use of USB is preferred since they do not have DMA. Completely remove the microphone, sound card, webcam and the WWAN card from the laptop. Remove the fan to prevent binary acoustic data transmission. Replace the default wifi card with a supported atheros card. Disable wifi when not in use, preferably by physically removing the card. Make your own independent Linux distro from scratch. Most Linux distros value convenience over security and will thus never have good security. Your only option is to make your own. Use musl instead of glibc, Libressl instead of openssl, sinit instead of systemd, oksh instead of bash, toybox instead of gnu coreutils to reduce attack surface. Enable as little kernel modules as possible. Use a hardened memory allocator. Apply strong SELinux and sandboxing policies. Restrict the root account heavily to make sure it never gets compromised. Disable JavaScript and CSS in your browser. Block all FAGMAN domains in your hosts file. Monitor all network requests. Do not use a phone. Never speak near anyone who owns a phone, they are always listening. Never use any non-corebooted technology made after 2006. Never leave your devices unattended. Tape triple layer aluminum foil all around your room as tempest shielding. Type really quietly as defense against audio keylogging. Use ecc ram to minimize rowhammer and rambleed. Encrypt everything multiple times with various different encryption implementations. Compile everything from source. Use hardened compilation flags. Always read through the source before installing something if possible. Only use the internet when absolutely necessary.

    • UnderpantsWeevil@lemmy.world
      link
      fedilink
      arrow-up
      21
      ·
      edit-2
      8 months ago

      There are two kinds of people obsessed with their internet security.

      • Computer hobbyists with an inflated opinion of their own importance and a touch of autism

      • IT Security Professionals

      You’ll notice I left out pedophiles. That is because pedophiles are dumb and regularly get caught.

      • rufus@discuss.tchncs.de
        link
        fedilink
        arrow-up
        6
        ·
        8 months ago

        That is kind of the problem. Everyone else is getting scammed, their data stolen and tried to be manipulated by targeted advertising, algorithms and addictive, yet unhealthy social media platforms.

        I wish it were more than the nerds who cared…

      • NegativeInf@lemmy.world
        link
        fedilink
        arrow-up
        6
        ·
        8 months ago

        Pedophiles are dumb enough to bring their phone in for an upgrade at T-Mobile with an SD card full of CP. That was a fun call with the cops.

      • themeatbridge@lemmy.world
        link
        fedilink
        arrow-up
        5
        ·
        8 months ago

        I mean, the scary part of that thought is acknowledging availability heuristics. The pedophiles dumb enough to regularly get caught are the pedophiles we know about.

      • OozingPositron@feddit.cl
        link
        fedilink
        arrow-up
        1
        ·
        7 months ago

        >That is because pedophiles are dumb and regularly get caught.

        The ones with bad opsec that you habe heard about. This kind of underestimation is what fucks feds in the ass, this is how Mr swirl went so many years free.

  • adj16@lemmy.world
    link
    fedilink
    arrow-up
    47
    ·
    edit-2
    8 months ago

    Like the feds would care about raiding the house because it was actually his parents’ lmao

    • bitwaba@lemmy.world
      link
      fedilink
      arrow-up
      24
      ·
      8 months ago

      I don’t know why but I read raiding, I thought He's RAIDing his house. So, like, one hard drive on a computer in this house, another hardrive in another computer in another house, as a RAID 0, so there is no point in raiding the house.

      It’s late okay. Give me a break.

  • Grass@sh.itjust.works
    link
    fedilink
    arrow-up
    15
    ·
    8 months ago

    Blob free capable computers are so old though. After trying one I don’t know how I survived that era without even using ssds. Before that how the hell did live with Pentium 2, 3, and 4?

    • Frisbeedude@sopuli.xyz
      link
      fedilink
      arrow-up
      18
      ·
      8 months ago

      Some of us had to install Windows XP SP2 and 4 on these machines. I made money just sitting in a room watching progress bars.

    • bluewing@lemm.ee
      link
      fedilink
      arrow-up
      5
      ·
      8 months ago

      Still faster than the 286 with math co-processor that I started with at home.

    • psmgx@lemmy.world
      link
      fedilink
      arrow-up
      3
      ·
      8 months ago

      how the hell did live with Pentium 2, 3, and 4?

      Pentium 4s and later the Pentium D ran so hot I could use them to heat my dorm room. Miss that.

      • JoeBigelow
        link
        fedilink
        arrow-up
        3
        ·
        8 months ago

        Right? I was told a custom PC was good as a space heater. Stupid modern hardware

        • drathvedro@lemm.ee
          link
          fedilink
          arrow-up
          1
          ·
          8 months ago

          Nah, modern hardware is bonkers on thermals again. A 4090 with i9-12900K is going to net you 700 watts of TDP in stock. That’s like half of what you can even pull from the wall. Even at the low end for the latest generations, you’re looking at around 200W combined TDP. And then as if that wasn’t enough, they squeeze that shit in laptops! Laptops! This is absolutely nuts.

      • Zink@programming.dev
        link
        fedilink
        arrow-up
        2
        ·
        8 months ago

        I literally did this. My senior year in college I had a single dorm room and I’m guessing some overlocked Celeron CPUs in a dual-socket motherboard. I never once turned on the heat. I’d often come home and open my window when it was snowing outside.

  • FiniteBanjo@lemmy.today
    link
    fedilink
    arrow-up
    14
    arrow-down
    2
    ·
    8 months ago

    I don’t think the NSA or CIA has ever had any interests in my specific online activity, purely because the manpower is never that well utilized in our world, but in the age of automation that could all change soon.