It’s not that simple. The user has to hold the key. And with cloud you want it to all be accessible from all of a users devices. And with a public service you can’t count on the user to be savvy enough to use their certificates.
Of course the fix to that is that the key is stored in the account.
But then Google has the key and can decrypt it.
So then the key itself has to be encrypted. And with what? The users weak ass-password?
All encryption has to begin with something that’s known, and the weaker that initial secret, the weaker the entire system below it.
I take out a pad and pen, “what’s your bank credentials? Also, your [social media] credentials? I won’t use it against you. Promise. … No? I thought you have nothing to hide?” I put the pad away, and hold out my hand, “let me see you phone. I want to look through your pictures and internet history. … No again? Huh. I guess you do care about privacy.”
If you listen to X and there is another guy listening to X and Y, one could recommend Y to you. Not only that, you actually have an influence which artist is at the top. You get a database of your listens and anyone, including you, can have a look at mass audio scrobble data.
But when I log in via my Musicbrainz account it just loads indefinitely. Seems to be a bug with some server cache on their side at least someone said so in the forum. Maybe it works with another account.
Pretty much. Do your thing, talk to people about it if they seem genuinely interested but definitely don’t go around trying to convince people that they need to take their digital privacy more seriously. They will view you as annoying and/or a lunatic and become permanently turned off to the concept. The hard sell isn’t anywhere near as effective as some people think.
My 2 cents: I have a similar relation with smartphones as yours.
In my case, what I fear the most is some app getting my contact list and using it to send some kind of “XXX has joined YYY service” notification to all of them. Also, I didn’t like that Google had all the data they wanted, so I ended with 2 smartphones:
One de-googled (LineageOS without Google Apps) that I use for calls and trusted apps. This one has my contacts list.
One default Android-Google without simcard for those apps that require oficial-Android (mainly banks apps) and any app I’m afraid could mess with the contact list.
AFAIK I’ve only had one incident because I trusted Telegram too much. There is always non-zero risk, but this works for me.
Similar setup here, for same reasons. But I go further: my contact list is empty. Not a problem if your contacts are all on Signal or Telegram rather than SMS or Whatsapp. IMO contact lists are privacy scourge #1. They allow everyone to grass on their friends with zero consent.
If your concern is whether your cellphone carrier has the ability to see who you are calling and for how long, this is true whether you have a smartphone or a “regular” phone.
With a regular phone they can also fairly accurately tell where you are, and read your texts. The main difference is the information goes to the carrier but not straight to Google or Apple.
They can do so with a smartphone too, they both use the same cellular network, so same voice calls, same plain-text text messages (SMS is a feature of the cellular network management, messages are injected into the cell management frames).
Even worse, smartphones use AGPS, so download from AGPS servers (providing another point of location data) and using that ephemeris data to improve location update times.
privacy
Oldest
This magazine is from a federated server and may be incomplete. Browse more on the original instance.