Personal data security - How far is too far? (lemm.ee)

submitted 2 days ago by ProtozoanDusk@lemm.ee to c/privacy@lemmy.ml

12 comments fedilink hide all child comments

I was thinking about personal data security and let my mind wander. I decided that if you were exceptionally paranoid then........

When thinking about personal data it may occur to you that, once you have implemented an adequate 3 stage backup system to avoid data loss, your main risk is the exfiltration and use of that data for nefarious purposes.

Personal data, e.g. the pictures or messages on your phone or pc, can imply many different things such as religion, sexual orientation, health details, political views etc. that could potentially be used against you by a bad actor.

As such, it would seem rather inadvisable to hold any data on any device that is not encrypted in a fashion whereby only you hold the encryption key.

Further, if you are going online using the device then, even if the device has a trusted os that implements full disk encryption, then it would also seem inadvisable to hold any data on the device that isn't seperately encrypted within the operating system. The data would be protected before first unlock by the os encryption and after first unlock by the seperate encryption.

As the password for this seperate encryption would neccessarily need to be complex you would be best storing this within a trusted password manager that employs zero-knowledge encryption or even better one that does not employ cloud-based syncing. You would also probably want to pepper the password with memorised additional digits.

You might then consider that, as encrypted data, while not especially useful now, may be seen as potentially more valuable should it be exfiltrated and stored for future decryption once technology allows, it may not be the best idea to store this encrypted personal data on any device that connects to the internet or even in a zero knowledge encrypted cloud-based storage solution.

You would then presumably decide that it is best to carry all the data you may wish to access at short notice encrypted on a portable simple data storage device that you could connect to any devices you wish to access the data on. You make the assumption that whoever mugs/holds you up/pickpockets and takes the data device is less likely to hold onto the encrypted data than an online attacker.

It is possible that you would then adjust your 3 stage backup system to be based on 3 non-internet-connected simple data storage devices kept in 3 seperate locations, one of which you carry around with you.

It was at this point that I decided to stop thinking about it. Lol. As noted, this train of thought would probably only occur if you were exceptionally paranoid and it could be theorised that at that point it is debateable whether you are more at danger from data exfiltration and exploitation or the very angry rabbits that want to know why you are so far down the rabbit hole. Lol.

top 12 comments

sorted by: hot top controversial new old

[-] marauding_gibberish142@lemmy.dbzer0.com 3 points 1 day ago

I don't think you said anything unusual. I'm going to try and get to this stage myself. It's pretty normal for people interested in digital privacy

[-] scytale@lemm.ee 14 points 1 day ago

Threat Model is always the answer to these kinds of posts. Come up with your own theat model to figure out your risk tolerance. Not doing that will just keep moving the goal posts.

[-] sudoer777@lemmy.ml 5 points 1 day ago* (last edited 1 day ago)

The most important part is balancing your own safety with limited time and resources. Perfection is not achievable, getting as close as you can is not practical in most cases, and prioritizing safety a lot of times limits what you're able to do. So you need to do a cost/benefit analysis on these sort of solutions and decide whether they're worth doing, which is very contextual (and in the end, you're going to need to trust something somewhere unless you reinvent everything on your own).

For instance, in the US if you're a middle class cishet white male citizen who ignores politics, you're biggest problem is probably ads, companies knowing your financial info, and tools being more locked down, so the reasonable response would be to use an ad blocker and switch to open source/self-hosted software when it's convenient, but not to the point where you have to program all sorts of things yourself unless you really enjoy that. If you're working class, time and finances is more limited so the extent to which self-hosting, paid services, and CLI tooling becomes impractical might be sooner. If you're a minority, there's not really much that can be done that doesn't severely affect quality of life (like living in the middle of the woods with no technology if you know you're being hunted by the government, which sounds fucking terrible but probably better than being sent to a concentration camp in a remote country). If you're an activist or an immigrant or doing something illegal, compartmentalizing data that would probably get you in trouble onto devices (that you can afford) with a strong security setup that doesn't touch anything else you own and doesn't cross borders while verifying that the people you communicate with are also on a similar setup and doing other "paranoid" security/privacy measures (while being careful not to draw suspicions) is probably a good idea. If you're trying to be private for the sake of advocating for privacy, then do what you want to do.

[-] thelittleblackbird@lemmy.world 6 points 2 days ago

Your problem is that the chain of untrust has not hit the ground yet.

At some point, you need to trust some technology or system.

You can continue until you are in comfortable ground and then build you trust chain. But honestly following your line of thoughts you will probably end up in a non digital area.

In my case I followed a similar path, but I am totally aware that I can not put resistance to a well funded and well manned intelligence agency, so the high quality industrial level is probably fine for me.

I have several copies on f my backups and all of them are encrypted and signed with rsa, the so are all of them open sources and well audited versions. The only point I relaxed is my phone and I try not have sensitive information on it but vpn and proxies just in case I need them.

I almost don't use cloud services anymore and the one that I use he a nice record for keeping privacy.

My objective is not to stop Cia, but industry, scammers and all other nasty guys in the wild.

It is tiring, uncomfortable and sometimes cumbersome. But I think it is worthy

[-] ProtozoanDusk@lemm.ee 2 points 1 day ago

You are, of course, correct. Whilst my post is only semi-serious, I agree that if I seriously followed the line of thinking then the entire system becomes unusable pretty quickly.

As you can see, I am adapting my threat model to trust less and less structures as I go through the post. As such, it would only really be relevant in the event of a rapidly evolving adversary and probably not even then.

My threat model is nowhere near as tight as is suggested by the contents of the post. The post is more of a thought experiment to see how quickly you can "invent" threats to get to holding all data only on an offline hard drive in a cupboard somewhere. Lol

[-] thelittleblackbird@lemmy.world 2 points 1 day ago

Lol.

I honestly the paranoia path is something we all have walked until the descent to Dante infernos. Once you are there you realized this is not a place to live and then get a bit more practical. :)

I any case it is good mental exercise to check to what extend your threat model is not covering those situations. At least you know where your defence perimeter ends.

For everything else, selfhosting! ;)

[-] zabaaaa@lemmy.world 4 points 2 days ago

I mean, at that point, might as well live in a shed in the woods lmao

[-] ProtozoanDusk@lemm.ee 3 points 1 day ago

Exactly, but that just raises more issues. Which cabin? Where? How to stop people breaking into the cabin? Should it have a chimney to automatically incinerate the data device if anyone comes near? As people expect cabins to be in woods, would it be better if the cabin was outside the woods? And finally, is it easier just to trust Google with my data Lol

[-] JubilantJaguar@lemmy.world 2 points 2 days ago

seperately

*separately

seperate

*separate

seperate

*separate

seperate

*separate

[-] ProtozoanDusk@lemm.ee 3 points 1 day ago

Thanks. This is actually really helpful. I looked it up to check as it I didn't believe it. Unfortunately, I have no idea whether my brain accidentally or deliberately misspelled it so cannot guarantee that I will learn for next time I use the word. Thank you for your help though.

[-] sunzu2@thebrainbin.org 2 points 1 day ago

Phone keyboards and auto correct is bullshit

[-] JubilantJaguar@lemmy.world 1 points 1 day ago

Sarcasm: 9/10 for effort

this post was submitted on 30 Mar 2025

21 points (100.0% liked)

Privacy

36384 readers

871 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago

MODERATORS