With rising concern about privacy violations and security issues of computer technology giants like Big Tech, companies and products are now advertising for themselves using the term end-to-end encryption to mislead users.

I’ve always said that end-to-end encryption only works if you’re in control of the encryption secret/public keys, not the product/company. Sadly, many fall into the false claims of tech giants about privacy.

This week, Texas Attorney General filed a lawsuit [PDF] against Google in which it explains that Google has accesses encrypted messages sent and received by WhatsApp, The Register has reported.

End-to-end encryption supposed to eliminate the ability of middle-man or messaging servers/companies to read the message. Now, if we don’t control our encryption keys and rely on keys that are controlled by the company (messenger provider), there’s no difference with no encryption at all.

Messengers like Facebook Messenger, WhatsApp, Google stuff, etc. are not safe, even with encryption because the company is controlling the keys, thus can read and share our messages, encrypted or not.

I always have suggested libre decentralized messaging software like Matrix and XMPP which can be self-hosted and secured with true end-to-end encryption.

Various Google products, including Gmail, YouTube, Google Maps, and Google Calendar are facing global outage. Any service that requires a Google Account to enable features is currently down.

This is a good reason to get away from Google and move to a decentralized libre service such as Nextcloud. Using a libre decentralized platform prevents this kind of outages.

A decentralized service can be down too but unlike Google stuff (and similar products), if an instance goes down, only people on that instance will be affected, not the whole network.

For example, more than 2 billion people use G Suite, which includes Google Calendar, Google Drive, Google Docs, Hangouts, etc. and with this outage, all of them are unable to use these products.

But a decentralized service doesn’t affect 2 billion people at once. People use different instances on different servers and many of them can continue using their services.

And also, a decentralized libre service gives you ability to choose the server you want to run the service on, along with the option to use instances running by other people. This way, you can make sure the server won’t surprise you or put you in trouble.

One thing that drives me crazy is that it is assumed that everyone has one of those surveillance machines named mobile phone. Many online products or even offline ones are asking for a mobile phone number that receives text messages and can be used for digital communication therefore surveillance.

And most of those services, products, or places don’t work or compute when one does not have that machine.

In a result of that, now many people have a mobile phone carrying around. Simply because life is now dependent on this machine, people are facing this kind of surveillance.

We worry about Big Tech and their friends putting us under their surveillance domain but many don’t even think about surveillance using sim cards or cellular data.

Many of us simply don’t have a choice. You see, if we don’t carry a mobile phone with us, life becomes almost impossible so we decide (or forced) to have one. Now, the bigger injustice, the bigger problem is that many companies are now selling a small computer as a mobile phone and they name it smart phones.

Smart phones are simply computers in a smaller form. Our desktop computer can do many things but this kind of computers, named smart phones, give us ability to do our computing and at the same time have a cellular connection and use it as a phone.

What makes it not good is that almost all of these smart phones are running nonfree software. A free (as in freedom) software (or software libre) lets you to be in control of your own computing. A libre program does what you want, however, a nonfree program forces you to do what it wants.

Being forced to have a mobile phone to be able to live your normal life is injustice and being forced to own a so-called smart phone makes it worse. One should be able to live one’s life without being forced to be under surveillance. One should be able to receive services without one’s privacy and freedom (both digital and non-digital) being violated. One should be able to live without this injustice being forced to one.

This Friday, December 04, is International Day Against DRM (IDAD). I’ve talked about DRM before and explained how it’s a violation of our rights over freedom, computing, and privacy.

Sadly, there are thousands (if not millions) of products and devices that impose DRM on us and there’s not much we can do about it. However, we’re not defenseless.

Our biggest weapon, which all those products and companies are fearful of, is not using them. By cancelling our subscriptions and not buying/using their products, we defend ourselves, empower people against DRM companies, and tell them that we don’t let them violate our rights.

As a matter of fact, almost all of those companies are highly dependent on people, so we ourselves are our biggest weapon and shot against them.

Many, like Netflix, our getting paid by our money and data but they don’t deserve it. When we pay for something, and purchase it, we should be the owner of that copy/distribution and have full control over it; that is what DRM companies like Netflix are afraid of.

This year, the Free Software Foundation, the one behind the Defective by Design campaign, is focusing on Netflix.

Please join us on defending our rights and fighting Digital Restriction Managements. This is a fight for our future, not only about computers, but about everything.

I’ve talked about Apple’s definition of privacy before and explained how horrible it is but they took this to the next level. Apparently the new version of Apple macOS informs Apple every time a user runs a program on its machine.

Many Apple fans and/or developers including Apple Inc. itself have tried to justify this privacy violation by explaining how it is secure or is not a big deal but sadly they are wrong.

Apple is not a privacy hero. They are not keeping all data to themselves and even if they were, it does not justify stealing our data and sneaking in our machines and collecting our very personal data.

What they did is stealing. Exactly like a thief who sneaks into our homes and collects/steals our belongings.

I have explained about the ridiculous “data protection” and how companies are misleading people about their privacy by using this word. This is exactly how Apple is doing it. Apple claims that it doesn’t share data with others while we know for a fact that it’s a lie. Now with that claim, they suddenly decided to consider themselves entitled to control everything.

It’s a disaster. Imagine how insecure and horrible this is. Apple doesn’t even follow the terms of stupid data protection. Jeffrey Paul, a security expert who reported this, wrote:

1. These OCSP requests are transmitted unencrypted. Everyone who can see the network can see these, including your ISP and anyone who has tapped their cables.
2. These requests go to a third-party CDN run by another company, Akamai.
3. Since October of 2012, Apple is a partner in the US military intelligence community’s PRISM spying program, which grants the US federal pigs and military unfettered access to this data without a warrant, any time they ask for it. In the first half of 2019 they did this over 18,000 times, and another 17,500+ times in the second half of 2019.

Often when companies and some authorities talk about privacy, they start bringing “data protection” in discussion which means nothing than violating people’s privacy in a nicer way.

Data protection means the company or authority can actually collect data and use them but it can’t share or sell it to others, well at least publicly. This is exactly the way Apple advertises about its privacy policies.

Even many privacy activists are promoting Apple because of its privacy policies while Apple is in fact one of the biggest violators of people’s privacy. For example, it wasn’t a long ago that we found out Apple was (or maybe still is) letting contractors (actual humans, not even bots) to listen to people’s conversations with Siri.

Privacy comes when there’s no identifiable personal data involved. A company promising that it won’t jeopardize our privacy is not enough for people. We need mechanisms and products that will protect our privacy and it comes only when they don’t collect our data.

Well of course some products only work with our data. For example, a mobile phone map application for routing only works when we give it our location. Well, as far as I know, data can be purged or even be collected in a way that no personally identifiable data would be stored or transmitted.

We have a lot of services like EteSync that provide what they intend to provide and they actually work with very personal data. EteSync for example is a service that syncs your contacts and calendar but encrypts all data in a way that nobody except you yourself can see them.

This is what we want as a privacy service/product. If a corporation like Google follow policies like ‘data protection’, they would still violate our privacy while deceiving us about how they value our rights.

We need privacy, not data protection. Nobody should have access to our data to whether they want to protect it or not.