Neither did he last administration and neither will the next.

That’s like saying that neither tepid bath water nor boiling tea water are “cold.”

Saying it again here: The only infrastructure we can trust is our own.

Even if there are still a number of services that are strongly above average trustworthy, they are ALL under attack in multiple “free” countries.

It’s Trump-proofish

• I approve of Matrix and Nextcloud.
• Proton unfortunately is probably the easiest option for now. We need better self hosted / anonymous email servers, but spammers and scammers have probably ruined that for everybody forever and fuck them all to hell for that. Best option is to just abandon email for anything sensitive.
• All the alternative social media is better, but they can still absolutely feed the lot of it into an LLM and then ask the LLM to print out a list of “likely dissidents.” I would be shocked if this isn’t coming soon to a United States near you - then again, I’m one to talk posting this on Lemmy, using a username I’ve used for close to two decades, from an instance that runs on a server I rent from a corporate cloud host.
• OS should be Whonix, Tails or Qubes.
• Browser should be Tor Browser (or at least get a mention). PRACTICALLY, for most people, I would recommend Brave over LibreWolf (for reasons of stability, compatibility, more frequent security patches and the fact that the Mozilla project has been unfortunately going to shit lately). Yes the company sucks, but the browser consistently scores top marks on real world privacy and security tests.
• No mention of FDE or post quantum crypto. Quantum chips are coming effing fast, if they’re not already here. I have reason to believe both the US and China can currently make practical use of Shor’s algorithm, although only in a targeted and VERY expensive way… but Moore’s Law man, plus I can’t prove it and I can’t say more. Post quantum doesn’t seem to be on most people’s radar (most troublingly, the Tor project).
• Anything to do with phones is literally fucked, like “This is fine” dog level fucked. If you MUST be mobile (like basically everybody trying to do basically anything), you must accept you’re probably NOT really fascist proof, unless you go to some pretty extreme lengths and REALLY know what you’re doing.

As far as your average normie (or even above average competence tech saavy user) goes, this is close to as Trump proof as you’re likely to get right now without help and support. So great, but it has holes in it a fascist regime could drive a brigade of tanks through, and unless you EITHER have that help and support OR really know what you’re doing, you should be thinking about that REALLY hard, every day.

We collectively decided decades ago that centralized services are more convenient and better able to connect us to the people and content we want to be connected to (although we were very deliberately herded in that direction by oligarchs). Now we will pay the price.

tl:dr; The only infrastructure we can trust is our own. Not liking that, and not having the skills or resources to do anything practical about it (tragically, terrifyingly) doesn’t make it not true. Plus needing to stay connected to the people and resources we can ONLY access through third party services and infrastructure, continues to make us reliant on those services and infrastructure, unto our own ruin.

deleted by creator

I know a guy who worked on Unix in the '80s and he is very clear that Linux / MacOS are just Unix.

I host servers both out of my home, out my wife’s office and I also have some cloud servers at Digital Ocean.

If you’re worried about data loss (and you should be) you need offsite backups. I have actually lost data to a fire (in 2009) and to a hard disk crash when I didn’t learn my lesson the first time (in 2014). Never again.

I have backup servers at both my house and my wife’s office. If you don’t have a wife with a convenient office for this purpose, you could probably find a self host buddy to host your backup server (and maybe you could host your buddy’s back up server, a friend and I used to do this years ago). You could also encrypt everything and then back the encrypted files up to the cloud, secure that the fascists almost certainly can’t decrypt them, even if they get their hands on the raw data.

You can automate this. There are tools that can help. I’m kind of a power user and I just use rsync, scp, minio and database replication to automate my various backups, so I’m a bad person to ask about the easier to use tools that can do this. However, either of those communities I posted are full of people with better answers and I know that less DIY back up tools exist.

Whilst I’ll agree with your statement some people prefer a service to use rather than self hosted.

Great! They can prefer that. Lots of people (most people probably) even need services, because they lack the skills and / or equipment.

That doesn’t change the simple truth of “the only infrastructure we can trust is our own.” My goal with that statement is to educate people as much as possible NOT to trust the third party services they’re using, even if those services supposedly care about privacy and security.

I’ve also seen a huge outpouring in recent weeks of people who are suddenly very eager to learn about and use self hosted infrastructure (or get access to someone else’s self hosted infrastructure). For some reason, I wonder what that could be. I’ve never seen anything like it in my life. I for one intend to encourage the shit out of it.

The barrier to entry to get Self Hosted Matrix working is unfortunately pretty high. Matrix is a great tool, but getting it working requires advanced skills and (in my limited experience) hours of troubleshooting.

That being said, I’m associated with an organization that wants to help activist groups self host matrix. If you know a group with need, check out https://rmfuni.org/.

Given everything going on in the world, I can’t say this often enough:

The only infrastructure we can trust is our own.

https://lemmy.ml/c/selfhost@lemmy.ml

https://lemmy.world/c/selfhosted@lemmy.world

Who says they aren’t? Elon has zero problems with double standards.

I’m actually doing two classes on alternating weeks, but they’re both

“Here’s basic opsec principles and now we’ll talk about a bunch of tools that are useful specifically for activism in (against) the current political climate.”

I’m doing a basic class where we’ll just try to help people organize in safer ways (Telegram is like the number one organizational platform right now). One of our goals there is to try to set specific projects / organizations up with dedicated Matrix servers and help them get non-technical people to use them.

We’re also doing a more advanced class where we want to help people set up their own hardened laptops and (for those able to secure the hardware) GrapheneOS phones. That will probably be like Unit 2 of that class. We want to start with threat modeling and help people figure out the tools they specifically need to do their work.

UPDATE:

I’ve had a chance to read through it.

• It’s short, to the point, an easy read, covers a lot of bases. I think that makes it an excellent starting point for people at the beginning of their journey.
• It doesn’t contain a lot of specific information, but I think it’s a good thing to have literature that’s just a general overview as a starting point.
• Stylometry is far from an exact science (https://pmc.ncbi.nlm.nih.gov/articles/PMC11707938/). However, I bet this won’t stop the current administration from using it (and possibly falsely accusing people because of it), so it’s good to know about.
• This will be extremely useful as I’m creating my lesson plan and I will probably pop it out to the class on day one as suggested reading.

Overall: Great resource and very timely. Thank you.

I would add, that if you’re planning to make a lot of use of tor, and run tor hidden services locally, syncing the Monero block chain over tor (possibly to multiple local machines) and solo mining on old slow computers is a great way to generate a bunch of random tor traffic.

I’ll read through this. I’m teaching a free class on cybersec / opsec to members of local activist organizations starting next month, so resources like this are potentially really useful.

Mint.

It’s extremely stable Linux for your grandma, that comes with every tool that she will ever use and on the cinnamon interface all those tools are exactly where she will expect them to be if she is used to using Windows.

I’ve gotten three boomers to use it and they hardly ever ask for tech support because it’s so stable.

I’ve managed to ditch every single one of those except LinkedIn. We simply CANNOT get new clients without it. The lockin to that platform is truly terrifying. LinkedIn is a crime against humanity.

Having worked on a couple of Matrix deployments over the last year, that shit needs to be simpler and easier, yo? Once the Matrix server exists, it’s easy enough to get people to use it.

Contrast it’s ease of deployment with Mumble for example.

This comment has been flagged and removed. Reason:

This comment may be aiding in the creation or sharing of malicious software.

Scratch under the surface of every for profit privacy / anonymity service, you find shitty libertarian cryptobros who probably post racist memes on 4chan while whining about feminism in the man-o-sphere. That doesn’t speak to the nature of people who care about privacy, it speaks to the nature of people who care about privacy and also want to do capitalism.

LinkedIn is a crime against humanity.