Naivety has layers. You either die a normie who doesn't care about privacy, or you live long enough to become a schizo who knows how bad things really are. Try bringing up at the dinner table the NSA dragnet or always-on backdoors embedded in consumer routers and CPUs.

Everything is tracked, everything is logged, its been this way for a long time and there's nothing you can do about it. You have zero privacy in the internet and you're an idiot if you think otherwise.

Google has been around since 1998 with people putting every dark secret and worry into search queries. Not once has someones searches been leaked by employees, despite highly political people working at these companies with a lot to gain by leaking to a journalist or similar.

Likewise with private messages on Facebook, order history on Amazon.

Big Tech has way more to lose than the small "privacy focused" alternatives, and clearly for them to go this long with this many employees its through design not luck.

There is a lot of discussion here about the motivation of companies and what they can share or remain private in relation to their objectives and making a profit. But, I think to provide a much better argument is what are their actual motivations to have privacy in all of the systems to begin with.

Apple and Amazon will at minimum compromise your privacy to improve their products. And since they have no extra motivation since they don't make more or less money (because Siri and Alexa are loss leaders) they will have no extra considerations of privacy regardless.

Comparing Signal to protonmail is a much more interesting problem and you can go on to what has been subpoena from Signal and protonmail. Since there was one actually disclosed we can see the information (or really lack of) that was given by Signal [1] . We have a statement by proton mail on what can be subpoena [2] but there have been arguments against it.

[1] https://signal.org/bigbrother/cd-california-grand-jury/ [2] https://proton.me/legal/law-enforcement [3] https://protos.com/protonmail-hands-info-to-government-but-s...

> The quokka, like the rationalist, is a creature marked by profound innocence. The quokka can't imagine you might eat it, and the rationalist can't imagine you might deceive him. As long they stay on their islands, they survive, but both species have problems if a human shows up

> In theory, rationalists like game theory, in practice, they need to adjust their priors. Real-life exchanges can be modeled as a prisoner's dilemma. In the classic version, the prisoners can't communicate, so they have to guess whether the other player will defect or cooperate.

> The game changes when we realize that life is not a single dilemma, but a series of them, and that we can remember the behavior of other agents. Now we need to cooperate, and the best strategy is "tit for two tats", wherein we cooperate until our opponent defects twice

> The problem is, this is where rationalists hit a mental stop sign. Because in the real world, there is one more strategy that the game doesn't model: lying. See, the real best strategy is "be good at lying so that you always convince your opponent to cooperate, then defect"

> And rationalists, bless their hearts, are REALLY easy to lie to. It's not like taking candy from a baby; babies actually try to hang onto their candy. The rationalists just limply let go and mutter, "I notice I am confused". This is also why they are poly.

Having better priors can be useful, but they're no substitute for evidence. These assertions about how naive you supposedly should have been about some company are less useful than sharing evidence about what the company actually did.

I agree so far, but:

>But was is happening in your inbox, really? >Most spam is not "black hat spam". It is what I call "white-collar spam": perfectly legitimate company, sending you emails from legitimate address. You slept in a hotel during a business trip?

This is pure survivor paradox. This is true for your Gmail account, because all "black hat spam" was already filtered! I own two unfiltered email accounts that were sadly scraped from the internet, and the spam is - by far - almost completely malspam, romance scam, cryptocurrency spam, scam attempts, spoofs, phishings.

There’s actually a meta-naivety in geeks where they write stuff like this and then get on the soapbox to shill some random project that is somehow better and that we can actually trust some random service for reasons that fall apart if you apply the exact same scrutiny to them. Really, they’re just smug about being smarter.

Let’s take the two advertisements that the author has. I call them advertisements because, despite being sure neither Signal or Protonmail paid this guy, he fell into the obvious trap of “xyz sucks, here’s what to use instead”.

Amazon is bad, Apple is bad, Kagi is bad because they all take your money. But Protonmail is good because they…take your money? They take your money and if they did something bad you wouldn’t pay them. Ok? And this obviously has happened to all the secure apps that people continue to use despite them being hacked, or the companies that rebrand after it’s found out they were leaking your information? If Protonmail was found out tomorrow to be a front for the CIA, who suffers? What’s stopping the people running it from just making Electronmail tomorrow and claiming that they aren’t a front for the CIA?

Meanwhile Signal is an open source project and that means everyone has reviewed the code and trusts it. What happened to giving companies money so that they suffer when they violate your privacy? If Signal makes it so that you don’t want to use it, what harm do they suffer? If they add new code that backdoors the app or sells ads or harvests your contacts, what are you going to do about it? Will you publish a blog post explaining how you were the geek who got conned this time?

I actually have nothing against these specific projects, just as I generally don’t have specific vendettas against the other dozen things these blog posts tend to shill (DuckDuckGo, Brave, Quebes, GrapheneOS, Firefox, whatever). My point is that the geek is perpetually vulnerable to thinking his choices are good because of some technical reasons, when in reality we choose what we associate with based on trust and human factors. You probably choose your software because your buddy from IRC told you it is good. A lot of people choose their software because they saw an advertisement showing that this company actually cares about their privacy. Neither of you is dumber than the other and making people feel bad for not keeping up with the evolving landscape of privacy is generally not productive.

Guy on a good soapbox, but heavy on assertions and high emotion. Those damn trade-offs!

the "Naivety" of Geeks has less to do with "trusting the marketing" and more to do with having to navigate a society increasingly indifferent to the issues brought up.

A decade ago I ranted about Facebook to my technical friends. They all agreed that it was a terrible privacy nightmare, that eventually it would start selling that data to generate a profit, that we really ought to use something else, but in the end I had no alternative. As one of them said "If you don't have anything to hide, you have nothing to fear". I was ready with the counter, but before I could even get to the counter point he retorted "Yeah that's obviously not true, but it is the argument". At the time I didn't understand, but now I do. Fighting against these systems is meaningless for the individual. I can't stop Facebook from gobbling up all my data any more than I can dictate that the petrol in my car must be ethically sourced from Sweden.

You can't distrust your way out of Google, Amazon, and Apple storing your voice.

It was a lot easier to be a counterculture rebel when what you were counter cultural about was the driver for the printer at your research institution. When I want to pay my taxes (which I can do electronically, imagine that) I need my phone and browser and weird authentication app to work. I need them to be the ones that everybody else uses, because if I'm using some niche application, nobody is going to help me when it breaks. When an important email doesn't arrive in my mailbox, the sender isn't going to be understanding that I want my mail on protonmail that for some reason has a technical problem that day. He's going to ask me why I'm being difficult.

The cognitive dissonance in the article when it comes to Signal and Protonmail is the same thing the author is deriding with people trusting Apple et al.

Apple has far more to lose monetarily than protonmail if it comes out that Apple sells off iMessage contents or similar.

I agree with the ideal of the article and the plight, but the shilling of Signal and Protonmail absolutely destroy the message because it goes right back to who you decide to trust to run a closed source service for you.

A corporation betraying a relationship with a customer is not a magic property of a corporation. It can happen just as easily with non-profits, coops, and any other org structure.

They are all groups of people in the end who you don’t know and fundamentally cannot trust to be acting as an agent of your interests.

100% we need more of Stallman or someone pushing actual open source.

Signal and Protonmail are not that. They are just other SaaS providers that you have to trust the marketing of.

As a tech employee who has worked on software privacy controls for consumer devices at amazon I have a couple thoughts. First, let me clarify that I am still highly skeptical about any tech companies privacy promises. That being said, the privacy control I worked on for one of Amazon's devices was a pita. It was a hardware switch which completely powered down all sensors, and modifying code related to it required extensive testing to preserve customer privacy. Amazon at least emphasizes to employees earning and retaining customer trust. The real reason I actually semi trust tech companies privacy policies is the ethics of individual employees. Maybe I'm projecting my disgust at privacy infringements onto my coworkers, but I generally believe these large corps can't hire sufficient teams of devs to build privacy compromising systems without at least one person whistleblowing.

My $.02

> But most importantly, Signal sole existence is to protect privacy of its users. It’s not even a corporation and, yes, this is important.

"Not a corporation" means little if there's no transparency to how the nonprofit's board members are appointed or elected.

See the controversy that is the WordPress Foundation, which is also a 501(c)(3): https://www.pluginvulnerabilities.com/2024/09/24/who-is-on-t...

I guess geeks should be sceptical of legal structures that might get passed off as "feel good" marketing too. :)

People still giving credit to Apple even when THEY HAVE GOTTEN CAUGHT of listening all of the people's conversation in order to train Siri back in 2019[1] are a really good illustration that you can't have a working democracy when gigantic corporation have such a control over what people will think about them no matter what they do.

[1]: https://www.francetvinfo.fr/internet/apple/entretien-on-parl...

Thought the title said greeks and was very confused when I started reading about amazon. Very good article though.

My jump to conclusions mat says "The author doesn't understand tech!"

I worked on on-device speech at Google, both frontend and backend. Unless there was a secret cabal mirror team that did all the evil stuff and made us think we were writing the code that was shipping, it doesn't come close to describing how things actually were worked through internally.

Most trivially, and narrowly, Most Evil Amazon would be just as happy with a transcript of what you said that was recognized locally. There's 0 reason they need the audio. I'd also hazard a guess they're not streaming audio to the server, no one would create a hotword detector that would rely on that, due to the latency and bandwidth demand alone.

He's not wrong, but he's also not right. I suppose it mostly comes close to screaming into the void and not helping with anything.

The way things are is also a mirror of large society. It takes a lot to keep it all going, combined with nobody has time or wants to care about the technology in their life. At best there are some negative events that makes people think about it for a little while, and for some there will be a bad memory, but in the end it just fades out of focus to the same place where oil changes and filter changes go.

The Candid Naivety of Geeks

> Did you really think that "marketing" is telling the truth? Are you a freshly debarked Thermian? (In case you missed it, this is a Galaxy Quest reference.)

Did you really think that an article humiliating your readers is going to change anything?

Yes, we the people, are stupid. No, we the people, are not keen on being called stupid. We might accept that from people we admire but not from someone we have to look up on the interwebz. Someone who has to point out that there is a page on him - in, for god's sake, the FRENCH wikipedia! And yes, I missed it, because Galaxy Quest is nice popcorn TV but nothing I would commit to long-term memory.

No matter how justified the cause, badly voiced anger just sounds like something between bad impulse control and idiocy.

I get the points the author is trying to make, I sympathize with them, but I would never send that text to anyone I try to convince.

yeah it sucks that a lot of the rust ecosystem is pushing permissive licenses over copyleft

“spammers are more consistent at making SPF, DKIM, and DMARC correct than are legitimate senders.”

LOL!

Ok this is a little frustrating for me. Not because there aren't bad actors (there are, and LOTS of them, basically anything ad-supported.)

But we're in a capitalist system, right? We want companies to compete on features that have value to users. And privacy is definitely a thing of value.

And god help me, I never wanted to be an Apple apologist, they're a giant capitalist organization. But they're also the ONLY one that is attempting to compete on the basis of privacy.

And so they have e2e encryption on iMessages, most of iCloud, are the only people doing meaningful things with homomorphic encryption and AI, etc. They recently, very publicly, turned off these features in the UK due to recent legislation.

But if I look at what they're doing, and the audits they're admitting, and the political hits they're taking, and if I dismiss all that I'm supposed to be "candidly naive"?

Do you want us to choose our platforms on the basis of privacy, or not?

And I'm not just "trusting" Apple, I'm looking at their financial incentives. Which are focused around selling extremely overpriced, decent quality hardware. Not ad targeting. For me to believe that Apple is wantonly and deliberately harvesting my data would require that I believe they have an entire secondary advertising business that has remained completely under the radar.

Again, fuck you for making me defend Apple. They have so many issues. But also if we just go pure nihilist and don't even allow companies to compete on the basis of proper security, what's left, unless we go offline entirely?

principal naivety here seems to be by the author

Ploum's Doctorow-adjacent nuance-free condescending nerd-rants always makes me want to channel n-gate.

[dead]

Funny read.

> And that’s why I see Apple as a cult: most tech people cannot be reasoned about it.

After presenting zero actual reasons to believe they are not taking privacy seriously. Just.. beliefs.

> Corporations are lying. You must treat every corporate word as a straight lie until proved otherwise.

> I don’t say that Signal is perfect: I say I trust them to believe themselves what they announce.

I share the distrust in corporations, but there is zero technical reason to believe Signal apps are more secure than Apple's unless you reviewed the code yourself, entirely, and built it from source.

Pot, meet kettle.

Pedantic, but the naivete of spelling it as "naivety" (diacritics dropped when anglicized, for those even more pedantic)? I'm pretty sure that (mis)spelling did not exist (or was certainly not commonly used) 10 years ago.