Why you should care about privacy

While we are making decision to contribute to privacy tools like Enigmail/GnuPG, the idea comes from our enthusiasts but not from common people, who are possibly ignoring their privacy safety, or even their privacy’s value.

Common sense

Ask yourself the reason for caring about privacy. I’ve come up with several items which may fit most people.

  1. I’m doing secret things, which I don’t want you to know.
  2. I’m sending out messages to someone, which I don’t want others to spy on.
  3. I’m trusted by others as who I am, so I don’t want others to steal my identity.

Conflicts

And ask yourself the reason for making a thing public, then you can find something conflict.

  1. I’m doing public things, but I don’t want people to know who did it.
  2. I’m sending out messages to someone, which also want others authorized to read if necessary.
  3. I’m trusted by others as who I am, but my actions can be delegated by trusted agencies.

Extra thoughts

There are extra thoughts we may miss above, don’t be selfish.

  1. I’m not alone, so the value of privacy to us isn’t primarily about our privacy but about those who play a more active role in the operation of a democratic system of government.
  2. If you can bring a better world which I prefer, I don’t care whether you’re tracking my privacy or protecting it. But don’t make me feel uncomfortable before enjoying the compensation.

What’s the current situation about privacy

You are tracked in a bunch of channels, some you may know, some you may not realize.

Advertising

No matter where you go on the Internet you will see advertisements. Thanks to companies like Google, the internet is flourishing as it is, though the Advertising is the biggest benefit to business world, it also helps people to get wanted information of goods, sometimes. Persona is a word more and more popular around Internet companies. But it’s definitely an open violation of the anonymous principle of privacy. And you may never know how much they have. Maybe enough to clone another yourself biologically.

Things are better since more and more browser are implementing the “do not track” function which can get rid of some cookie based tracking

Great Firewall

For people in China, when it comes to our proud GFW, problems are really apparent, everyone on the internet may realize its existence, people are blocked from several websites in a black list, and the primary circuit router will always tracking several sensitive words, and judge the accessibility of your request. In this case people still can reach those stuff via VPN tools. And https will in most cases protect your data in transmission, except when Man-in-middle and TLS certificates spoofing attack happens.

This is a privacy domain problem which fits for all the three ideas we mentioned above.

NSA PRISM

What about NSA? NSA will be tracking your communication through different ways, people were not realizing it when they don’t make anything attracting NSA’s attention. Only after Snowden publish the PRISM, common people start to realize the problem. One of the consequences of the Edward Snowden story is a heightened discussion about the importance of privacy - in particular when or if privacy should be traded off in order to combat terrorism.

This happens not meeting any of the three common sense for most people but will definitely affect Journalists and Activists. Without good journalists people can’t understand what is really happening and thus can’t cast a meaningful vote. Activists who seem fringe now, may lead us to changes that are self-evident in a few generations.

Security Crisis

After the stories came into people’s horizon, there have been a lot of activities taken around the world. Though privacy awareness and technology are growing, the way of tracking is also growing. TLS/SSL, OpenPGP and RTP are the most common seen techs,which are used to protect privacy and also regular security in business. OWASP is providing a way to audit a web system. And Threat Modeling is now becoming most popular tool to analyze security stuff.

Though these techs and tools are helping us in different perspective, there can still be weak points. Besides, the performance of system will usually be influenced by cryptography and more consuming protocols. Complexity is another enemy to security. Fatal issues like heartbleed and logjam are kept discovered these years, And thus, such kind of security problem will surely lead to big privacy issue one day if it’s not fixed quickly.