Try out Proton Mail, the secure email that protects your privacy: https://proton.me/mail/TheLinuxEXP Download Safing's Portmaster and take control of your network traffic: https://safing.io 👏 SUPPORT THE CHANNEL: Get access to a weekly podcast, vote on the next topics I cover, and get your name in the credits: YouTube: https://www.youtube.com/@thelinuxexp/join Patreon: https://www.patreon.com/thelinuxexperiment Liberapay: https://liberapay.com/TheLinuxExperiment/ Or, you can donate whatever you want: https://paypal.me/thelinuxexp 👕 GET TLE MERCH Support the channel AND get cool new gear: https://the-linux-experiment.creator-spring.com/ 🎙️ LINUX AND OPEN SOURCE NEWS PODCAST: Listen to the latest Linux and open source news, with more in depth coverage, and ad-free! https://podcast.thelinuxexp.com 🏆 FOLLOW ME ELSEWHERE: Website: https://thelinuxexp.com Mastodon: https://mastodon.social/web/@thelinuxEXP Pixelfed: https://pixelfed.social/TLENick PeerTube: https://tilvids.com/c/thelinuxexperiment_channel/videos Discord: https://discord.gg/XMuQrcYd #privacy #security #mythbusting 00:00 Intro 00:27 Security = Privacy 01:51 Sponsor: Private and secure email with Proton Mail 02:52 Telemetry is evil 05:18 Tor is a honeypot 06:52 Big Companies are more secure 08:58 Incognito mode is private 09:55 VPNs are the only tool you need 11:02 Privacy is impossible 12:07 I have nothing to hide 13:27 Always research yourself 14:09 Sponsor: Get a PC made to run Linux Security = privacy This one is obviously not true. Security and privacy aren't linked in any way. The general best practice is to find the services you need that have a good reputation for security, and among these services, try and find one that is private enough for your needs. Telemetry is always bad This is simply not true. Telemetry isn't always bad. The image we have of telemetry is that of Windows or macOS, but there are plenty of other ways to do telemetry. In itself telemetry is a very useful thing: it lets projects or companies identify what is important, what they should fix first. It doesn't mean this data is used to profile you, or being sold to anyone. If the company or project is something you trust, and that has no current business in data collection, or advertising, then it's probably not a problem. Tor is an NSA honeypot TOR is regularly accused of being a honeypot for the NSA. Something that is completely false, as far as anyone knows** Yes, TOR is based on code developed by the US Navy. Funding for Tor also came from the US government, mostly. The code, however, is open source, and audited. Is Tor entirely safe? Of course not. It's not a silver bullet, nothing is, and it can be vulnerable to man in the middle attacks or to specific types of monitoring, but it's not an NSA project that's designed to trap you. Big companies are more secure This statement is debatable. It's true in some cases. A recent report shows that smaller firms are 3 times more likely to be attacked than big businesses. 60% of cyberattacks seem to target smaller companies. But that's likelihood to be attacked, not necessarily successful attacks. What is also true is that not all big tech companies are very good on the security front. So, while yes, bigger companies can be more secure than smaller ones, it's not a one size fits all thing, and what you need to look for is what kind of security the company you're interested in for a specific service or app has put in place. Incognito mode is private It isn't. What incognito mode does, is make you private locally, on your device, as it doesn't store data on what you've visited, your credentials, and the like. Incognito mode doesn't, however, prevent websites from tracking you, or fingerprinting you. VPNs are the only privacy tool you need VPNs aren't a magical thing that instantly makes you private. Using a VPN will change your IP address and make you harder to track online, that's true. They're a good tool, but you need to make sure that the company that provides the VPN service doesn't log everything you do, and doesn't give these logs to various other actors. If you log into a service or website while using a VPN, it still knows it's you, obviously. Privacy is impossible This one has to be the most nefarious myth ever. Privacy is NOT impossible. It's not easy, but it's not impossible. Generally, this statement just betrays a lack of motivation. It will never be 100% perfect, but you can limit immensely what is known or collected about you. I have nothing to hide This is complete bogus. First, if you think you have nothing to hide, you're wrong. Everyone has something that might not be illegal, but might be deemed immoral or unacceptable by someone else. Second, you might feel this way now, but circumstances change, and the data collected about you doesn't go away. By leaving all these tidbits of data stored everywhere, you're basically giving ammunition to the future.