Yeah, but quite a few of them DO accept crypto - then it’s fine I guess?
Yeah, but quite a few of them DO accept crypto - then it’s fine I guess?
But the JS is served to the browser each time the page loads, you can’t be sure it stays the same between loads. Sure, this is the same problem as malicious updates, but still exaggerated - the opportunity to slip in altered code is “every time you open the page” rather than “every update”.
I would rather not use KYC even for low-sensitivity transactions. Because I am afraid of such sensitive info leaking. Sure, I do KYC for things like phone service already - but would avoid it at any cost where it can be done.
It asked for your phone number? That is the thing that angered me the most. I wonder why you would share this rather than ask a waiter and say you don’t have Whatsapp, for example.
You would at least be able to examine the link first.
Yeah, I fully agree! Point was different though… How does it relate to your statement of “there is no privacy on the internet”? Such awareness might help gain said privacy in each area, from different threats.
That is a completely different issue from “not having privacy at all” though.
For my current phone, I did - I chose a Pixel. But I got aware about OS privacy while in the middle of using an unsupported phone, so for a while, I treated it as a “public place”. So making a phone private may not be viable for everyone.
Plus, the supported phones may be more expensive. Even my current one was $300, which is a lot for me, in addition to not being officially sold here.
That is not “no privacy” though. Absolute privacy is probably unachievable indeed, but you can be pretty high on its spectrum.
There are indeed shades of grey. Not only the presence of encryption itself matters, but the metadata, as well as details of the implementation. For example, Signal has all the messages encrypted - but it has the capability to know the identities of everyone and to build their social graph due to centralization.
The problem I have with Signal is that it itself pushes people onto the “shitty operating systems”. It does not allow registering from desktop, at least officially. There are workarounds, but they’re cumbersome (especially for a non-technical person, whom Signal is supposed to appeal to), and the official client outright tells you go to use a phone first. And even then, apparently the desktop client is not even full-featured, and not the priority.
I know there are degoogled OSes (running Graphene myself), but you’d need to get lucky or choose a phone with this in mind, while a random given laptop is likely to be able to run Linux.
My 7a cost $300 this summer. Very expensive for me but I don’t regret. 8 is around $400 in that store now that 9 is out, maybe it would drop in price with time (or as 9a comes out?).
How do people who don’t have smartphones do it? Is there some harder roundabout way?
You can at least swap to BTC from XMR. Although I avoid that because BTC has big fees.
Yeah, point is - just how thoroughly do they check if the info is fake? Like, you reveal a realistic name and a real address somewhere.
What about putting believable but fake info there?
Yeah, but the powerful, expensive exploits are not spent on average people - they’re for the important targets.
Because your actual threat is most likely passive government surveillance rather than targeted attacks?
Also the size. My “a” was already at the edge of being usable with one hand, while Pro is even bigger. Plus - the "a"s don’t have glass backs, unlike the Pro and even the normal ones.
No, I mean not Njalla-like services, but normal registrars like Porkbun.
Fair point about credit lookups… I wonder if you could use a real person’s info like this.