> I also agree that heyjoe's posts are for the most part defeatist and
demotivating.
You should make a difference between demotivating and disagreeing to blind
faith in "free" as a synonym of "safe". Otherwise you are merely singing
Gnulellujah.
> I'm not sure what threat model he is thinking about or what he wants to
achieve.
Because you don't read in order to understand but in order to argue.
> * Every attempt at privacy, security and computer freedom is moot because
hardware is insecure.
I don't think I have ever said that. The word "moot" is not even part of my
vocabulary. Taking every possible precaution is absolutely necessary. But one
should remember that this includes also going down to the lowest level, not
merely installing a distro which is considered free. And because you cannot
control things down to the hardware level your security and freedom is always
limited by that. You can still live with that level of (in)security but if
you don't get "tracked" it is because you are lucky, not because you are
really safe. And lucky means - not specifically targeted. Once you become a
target (which is not impossible) - good luck with your "free software
recommendations".
> * We should not try to do "the best we can" because that is not a measure
of anything (?!).
No, we should always do the best we can. And yes - it cannot be measured
because there is no number which can express how close you are to expunging
all threats, especially including an unknown number of unknown ones of
unknown nature. And it is important to note that the OP is asking about a
perfect method of guarding one's communication which excludes the possibility
of any imperfection at any level. I maintain that currently this is
impossible and there are technical facts proving it.
>* Firefox is no good because a tcpdump showed that it sends packets to other
servers.
Prove me wrong. Show something, don't just "distill".
> Chromium did not send packets using that same, very limited test (as Magic
Banana has explained). Therefore Chromium is better even though it contains
obfuscated code and non-free licenses.
The obfuscated code was shown much later than the tcpdump test. I have never
said that I have complete ultimate trust in Chromium. All I am saying (or
rather - all the test is showing) is that Chromium does not chatter like
Firefox and is easier to configure so that it does not chatter. Is it a
complete test showing that Chromium never contacts Google under any
circumstances? - I have never claimed that. The tcpdump test is a simple one
(yet useful) and can be used a basis for further in-depth testing.
> * Meanwhile, heyjoe has just written on another post in this thread that he
uses Gmail, a "service" whose main function is data mining and surveillance,
made by a company whose main business model is data mining and surveillance,
and who have been shown to belong to the PRISM NSA surveillance program,
among many other possible privacy and security related red flags.
Yes, I have written that but I have also written that I am looking for better
alternative. This means: a service provide who can proof that their systems
are free from malware on firmware level (at least to the currently possible
level) and for which there is a verifiable proof that their systems don't use
any software whatsoever which may indirectly provide data to NSA. Without
that just a note on someone's site "we use only free ethical software" is
just marketing through wishful thinking.
Re. Google in particular I have also shown specific video which shows that
they do care about removing Intel ME. That of course does not excuse them for
their other mischief but be fair: Which other online service provide have you
seen working on that? Kolabnow who "learn to ride the bike"?
I also explained that switching the mail server doesn't really add any
privacy as long as on the other side of the wire you are communicating with
someone who is part of the PRISM or who uses a system with security issues
explained above.
These are all actual irrevocable facts.
> The above makes me believe that either heyjoe is just a troll, or he
refuses to think in a logical manner, or perhaps he just refuses to admit
when he is wrong.
That is your problem - you believe in things, you don't look at facts. And
you make conclusions about "logical manner" based on the illusions you
believe in.
> What I am sure about is that he does not want to contribute to anything
positive to any discussion I have so far witnessed, except by complaining and
shooting down solutions when they are given to him (as the empty github repo
and Magic Banana's unused contributions prove).
Oh really? And how do you contribute? By analyzing me? How marvelous.
> Frankly, all the threads I have seen heyjoe participate in, have become
onanistic and meaningless, including the web browser thread which included
heyjoe's interesting tcpdumps, but which he later turned into agressions
against Magic Banana to cover for his inability or unwillingness to
collaborate with others to create solutions to the problems he discovered.
Onanistic? Meaningless? You are a really wonderful person to talk to. Very
"logical" and very "contributing to a positive discussion".
> And I judge.
In case anyone didn't notice...
> wishing that this forum had more moderation.
Me too. Then people who allow themselves to comment about the person and not
about the topic would not survive.
