This is original content. AI was not used anywhere except for the bottom right image, simply because I could not find one similar enough to what I needed. This took around 6 hours to make.
Transcription (for the visually impaired)
(I tried my best)
The background is an iceberg with 6 levels, denoting 6 different levels of privacy.
The tip of the iceberg is titled “The Brainwashed” with a quote beside it that says “I have nothing to hide”. The logos depicted in this section are:
- Apple
- TikTok
- PayPal
- Google Chrome
- CashApp
- Samsung
- Steam
- Microsoft Windows
- Ring (Security Camera)
- YouTube
- Amazon
- Discord
- Gmail
- ChatGPT
The surface section of the iceberg is titled “As seen on TV” with a quote beside it that says “This video is sponsored by…”. The logos depicted in this section are:
An underwater section of the iceberg is titled “The Beginner” with a quote beside it that says “I don’t like hackers and spying”. The logos depicted in this section are:
- Telegram
- Authy
- Brave Browser
- Privacy.com (Virtual Cards)
- DuckDuckGo
- iMessage
- Proton Mail
- AdBlock (Browser Extension)
A lower section of the iceberg is titled “The Privacy Enthusiast” with a quote beside it that says “I have nothing I want to show”. The logos depicted in this section are:
An even lower section of the iceberg is titled “The Privacy Activist” with a quote beside it that says “Privacy is a human right”. The logos depicted in this section are:
- Monero
- GrapheneOS
- Vanadium (Web Browser)
- KeePassDX
- SimpleX Chat
- Accrescent
- SearXNG
- Aegis Authenticator
- OpenWrt
- Mullvad VPN
- An illustration of physical cash
The lowest portion of the iceberg is titled “The Ghost”. There is a quote beside it that has been intentionally redacted. The images depicted in this section are:
- A cancel sign over a mobile phone, symbolizing “no electronics”
- An illustration of a log cabin, symbolizing “living in a log cabin in the woods”
- A picture of gold bars, symbolizing “paying only in gold”
- A picture of a death certificate, symbolizing “faking your own death”
- An AI generated picture of a person wearing a black hoodie, a baseball cap, a face mask, and reflective sunglasses, symbolizing “hiding ones identity in public”
End of transcription.
I am precisely in the middle of this chart.
Enthusiast level. Not bad. Not bad. Also where would you put librewolf?
Android missing?
Hi from near the top of the iceberg. I have five from the top and two from the next level down, plus two from level four. A balanced diet?
Depends what they are, I think a fair amount of people might be in the same boat, with a few services from different tiers.
Android missing?
I wasn’t able to fit everything, but I specifically excluded Android, because it isn’t inherently bad. GrapheneOS is based on the Android Open Source Project (AOSP), for example, so I didn’t want to give the wrong idea.
I’d put Android/iOS on top layer then AOSP on the 2nd layer then deGoogled Androids on 3rd layer then PostMarketOS on 4th or 5th layer.
Is it easy to implement Openwrt?
Using basic things like Graphene OS and keepass shouldn’t be considered privacy activist
Funny how you need more and more technical knowledge to go deeper into privacy, until the last level, which is basically giving up on technology itself.
The last level is living in a cabin in the woods and writing manifestos about industrial society and the ills of technology O_o
Hey, it’s my house! How’d you get a picture of it?!
Any Chromium-based browser in anything but the top-most panel is a non-starter with their abandonment of Manifest v2. Manifest v3 seriously cripples any Chromium-based browser’s ability to be secure, as extensions like uBlock Origin are no longer compatible by design.
Google has it’s ad business to protect, after all.
Not all Chromium-based browsers are bad. Browsers such as Vanadium or Trivalent are very secure, and discourage the use of extensions altogether due to privacy and security risks. These browsers come with ad blocking preinstalled.
Vanadium is purely for GrapheneOS, and Trivalent is purely for Linux. Both of which also appear (looking at this on mobile) to require compiling by the user.
Soooo… an appropriate pair of tools for, what, 0.5% of all computer users in aggregate?
Really appropriate suggestions, there. /s
Show me something Windows based that can be as secure as LibreWolf along with the appropriate extensions for blocking ads, fingerprinting, CDNs, and other spyware-like content.
Because Chromium in any variation, it ain’t.
Both of which also appear (looking at this on mobile) to require compiling by the user.
Vanadium comes preinstalled on GrapheneOS, and Trivalent comes preinstalled on Trivalent. Compatible Linux distros can add the Trivalent repo to install it without building.
Show me something Windows based that can be as secure as LibreWolf along with the appropriate extensions for blocking ads, fingerprinting, CDNs, and other spyware-like content.
LibreWolf is far from secure, as it is based on Firefox and so comes with the same security issues. If you meant to say privacy and not security, the reason nobody makes high threat model browsers for Windows is because Windows itself is not private and it would be a losing battle.
I am pretty sure that Vanadium does not have an adblocker in it.
Not outright stated. Closest I could tell on a skim of their site is third party blocked by default
Iceberg of the year! Btw I would place tiktok the 1st over all softwares in layer 1.
Thank you so, so much for the transcription, appreciated!
I give workshops oj privacy. I always tell them that if they get nothing else out of my presentation, its that they should use a password manager.
Honestly I think keepass should be beginner. That comes first before everything else.
Also I think Tor Browser should come before VPNs. Its free and easier to use than VPNs (for when you want to google something secret and don’t want to be tracked. Most beginners would be selective like that)
Why keepass and not Bitwarden? Wouldn’t bitwarden be more user friendly for trying to ease people into secure technologies?
Bitwarden had some security issues historically. I generally recommend using software for password managers that isn’t internet connected.
My keepass trainings involve generating a veracrypt encrypted USB drive (for windows and Mac users) for storing a backups of their keepass file. I also recommend they upload it to whatever cloud storage they use (google drive or iCloud usually)
Bitwarden had some security issues historically.
What security issues? If you mean potential security vulnerabilities researcher found that they’ve patched, I don’t understand how that would be different from Keepass and their previous security vulnerabilities. Bitwarden has never had a security issues historically that I know of. Lastpass, on the other hand…
I generally recommend using software for password managers that isn’t internet connected.
I also recommend they upload it to whatever cloud storage they use
I also really don’t get these two. They seem to contradict each other.
I usually recommend bitwarden, where they can use the browser extension and mobile phone app. It gives them autofill features on all their sites. Getting someone to change their passwords and use a password manager is already difficult enough. Giving them the most convenient option is going to make it more like they stick with it.
I’m like a mix of the three tiers above ghost and in not really trying to be which is odd
Was going to say links or it never happened but you provided them! And categorized by level! Excelsior!
Thanks also to the comments giving more information.
So grateful for this platform. For the most part.
I guess I’m in the privacy enthusiast section. Although I do use searxng. And I will admit I do use some things from the top layer, like YouTube and steam. Also i don’t like how proton is a section above tuta aside from quantum safe encryption which is meaningless at the current state of technology (I agree that could change soon) aside from that proton mail is just as good as tuta.
I use everything from the privacy enthusiast section on a daily basis except for addy.io and tuta since i use proton for email and email aliasing.
Maybe I am wrong, but I think proton doesn’t encrypt headers and some metadata, Tuta encrypts everything or almost everything. Also, proton mail is not available in F-Droid
Personally, I don’t like proto, it doesn’t follow the separation of powers principle, what happens if proton suddenly changes their policy? That is why true free and open software tend to be decentralized, for example mastodon vs bluesky, the only way I can really trust you it is if you can’t “betray” me, even if you really wantYou might be right I searched it up and found that protonmail doesn’t encrypt header lines which isn’t great. The f-droid point is also valid. But unfortunately there is no decentralised email providers, even tuta is still centralised. I would be interested if there are any options for decentralised mail.
On another note regardless of whether I’m using proton or tuta it’s hardly ever end to end encrypted since everyone I’m sending the mail to uses Gmail.
Tuta is located in Germany which has more power to look into your data than the Swiss government, but it’s mhe.
Also what separation of power do you mean? Proton is also owned by a non profit and Tuta is just a Gmbh which is owned by two individuals it seems. Changing something regarding the non profit or the structure is pretty hard to do
Tuta is however more open with that you can find their annual report or at least part of it if you want.
Sorry, I took for granted that you had to buy a pack with vpn, cloud storage, etc. That would have means that you would have to change a lot of services again in the case the proton company let you down. I still think that Tuta is a little more private for the reasons I mentioned
monero
Yeah this invalidates the whole chart. Fuck crypto spam.
I don’t like hackers and spying
brave
lol. lmao, even.
