Hacker News new | past | comments | ask | show | jobs | submit login

> I do a pretty good job of hiding from everyone. ... it's just multiple VMs, nested VPN chains, and Tor.

This condescension is so common and petty. It's like a real-estate broker laughing at someone for overpaying for a property, or a lawyer laughing that someone missed a court deadline they didn't know about.

Experts of complex systems generally know how to get what they want out of those systems. Finding ways for non-experts to do the same should not be sneered at.




> Experts of complex systems generally know how to get what they want out of those systems. Finding ways for non-experts to do the same should not be sneered at.

There's a product/market/founder fit in there somewhere.


I'm not so sure. Seeing how popular and endemic Facebook, Google et al. are, I'd say consumers price privacy way too low for any significant amount of money to be made.


I'm starting up a privacy oriented product for non-rooted Android devices. Hope to launch it soon.

Like you say, most people I spoke to said they wouldn't pay. The folks who were serious abt privacy are happy to root their phones and use XPrivacyMod and Adguard, which are as comprehensive a solution you can get on Android short of flashing a ROM like GrapheneOS.

We do plan to charge however, a nominal fee, as low as 50ยข a year. Haven't figured out that yet, but a long way to go. The product needs to be built first.


Installing VirtualBox and Whonix is pretty simple. And just one VPN in the host machine, just so your ISP and its friends don't see you using Tor.

Arguably a lot simpler than TFA goes on about.


It's really, really not _that simple_.

The majority wouldn't know what VirtualBox and Whonix is, and that's before we start discussing what the benefits of privacy even are.

This is the disconnect we have with our peers who don't work in software/IT and why the right to privacy is being lost to jargon and technical expertise.

Privacy now is only a right to those who know how to employ it.


Hasn't that always been the case throughout the history, though? Everyone always knew everything about everyone else in the village, or neighboring villages. Only the select few knew and cared enough to keep their affairs hidden.

Except that now the technology has packed the entire world into a single "global village".


No the power dynamics has shifted. In the old days it is true that everyone pretty much knew lots about each other in a specific locality. But now a relatively small group of people (i.e. the big corps, ISPs and various 3-letter agencies) know everything about everyone in the whole world, more or less. This kind of power is unprecedented in human history.


Well, TFA is loaded with "gadgets" that I've never heard of. It could just as easily pointed to VirtualBox and Whonix. Or even running VPNs in host and VM to give a simple VPN chain.

The AirVPN and IVPN clients for Windows are pretty much leak free. And dead simple. Buy account, download client, install, and run.

And for Whonix, it's just download and install VirtualBox. And then download Whonix, import into VirtualBox, and run.


This is not realistic. Your conception of an average user is actually a power user. If I tried to imagine my mom doing this (who is highly intelligent but non-technical and not a power user), I would see her getting tripped up on:

Whonix / VM:

* Figuring out which version of virtual box is appropriate for her setup. The download page is not at all noob-friendly and there is no big "click this button to download for this OS" button. What does windows host mean? Does that mean windows? What's an SDK? Do I need the extension pack?

* Figuring out which version of Whonix is appropriate for the same reason. Download securely without verification? Is that ok? What's a signing key? Open pgp? What if she downloads the wrong one? Will it fuck something up?

* Feeling comfortable employing a VM. She has never used a VM and would have no idea what was going on when a different OS appeared within her OS. This could be very unnerving because it seems incorrect. The idea of importing an image would be so foreign that she might not be able to figure out how to do it using the virtualbox interface.

* Trivial tasks on whonix. She wouldn't know how to do trivial things on Whonix because it is has a totally different UI than Mac or Windows. Most non-technical people memorize what they have to do to accomplish tasks without actually understanding what they are doing so they can't port that knowledge to another platform.

* Troubleshootong. She would not be able to use Google for help because she can't form the queries correctly to ask what she wants.

VPN:

* Determining which VPN(s) to use and signing up. There are about 100 options and she has no way to evaluate the quality.

* Determining whether the VPN was set up correctly. Leak tests? Checking external IP? What's an IP?

* Understanding why certain things don't work anymore. Why can't she print documents anymore? Why are certain sites going to the Canadian page instead of the regular .com page? Why isn't Netflix working anymore? Why is she constantly dealing with captcha?

* Understanding why everything is so slow

She would quickly realize she is in over her head, get frustrated, and then feel embarrassed because she would have to call me for help with what you described as a "trivial task". She would probably just not do it to save herself from the embarrassment / "wasting my time".


OK, those are all good points. For several years, I've been writing about this stuff. And I have commonly gotten feedback that it's all too complicated. Even from people who clearly want more privacy.

That's what's so good about Tails. You just boot it, and have a secure Debian system with Tor. But there are some vulnerabilities. Especially because the Tor daemon and userland are not isolated.

It one point, I experimented with packing VirtualBox, a pfSense VPN gateway, and Whonix, in a LiveDVD. It required 8GB RAM, and took minutes to boot. But once it was up, it was quite snappy, because it was all in RAM.

Anyway, it would be cool if someone could pack all of that in an app.


Well I've never heard of Whonix, AirVPN or IVPN, so I guess that invalidates those too?


It's not so much that I haven't heard of them. It's more that none of them seem very effective or reliable.

And if you really haven't heard of Whonix, I find it hard to believe that you've looked seriously into privacy protection. But maybe I'm just biased.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: