this post was submitted on 15 Jul 2025
75 points (100.0% liked)
Privacy
3219 readers
9 users here now
Welcome! This is a community for all those who are interested in protecting their privacy.
Rules
PS: Don't be a smartass and try to game the system, we'll know if you're breaking the rules when we see it!
- Be civil and no prejudice
- Don't promote big-tech software
- No apathy and defeatism for privacy (i.e. "They already have my data, why bother?")
- No reposting of news that was already posted
- No crypto, blockchain, NFTs
- No Xitter links (if absolutely necessary, use xcancel)
Related communities:
Some of these are only vaguely related, but great communities.
founded 8 months ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
First give an example of online use case that you'd think is safe and private, and I'll list ways that it probably isn't.
Bitmessage
I don't know what that is, nor have I used it, but I'm assuming it requires an internet connection, operating system, and browser at the very least. If so, there are multiple ways in which your ISP, browser (and any plug-ins you use in the browser), as well as the method of connecting to the internet (i.e. DNS server, wifi/router, mobile data connection, etc.) that could be used to collect data or metadata to build a profile. The device you are using, or even the screen-size could be useful to an attacker (or marketer).
That doesn't mean that the contents of whatever is being transferred to/from "bitmessage" can be read, but "someone" would know that you're using Bitmessage at the very least, the times you use it, perhaps the location you use it from, the device, OS, what plug-ins you might use. DNS records could build an even clearer picture of your activities. If Bitmessage requires an account or other form of verifying who you are (or how someone can contact you), then those could be collected and used against you.
That's not to say you can't protect yourself from some of the snooping. But apparently, the more you do, the more unique your online fingerprint is, which ironically, makes you more vulnerable.
Because the internet isn't truly P2P (there's always a third-party in the mix, either to deliver the data service or to relay data), you have to assume there are third-parties who can (and probably do) collect data from your activities.
But... your threat model also influences whether these "risks" are even worth worrying about. If you're a regular teen on Reddit, you probably don't give a shit at all. But if you're a public figure, perhaps one who would be a target for governments or bad actors, then every link in the chain of interactions you have with the internet could expose you.
It doesn't use a browser, nor DNS https://en.wikipedia.org/wiki/Bitmessage.
It broadcasts all messages, but only the intended recipient can read the message with their private key. So in terms of metadata, they can't even see who is contacting who. All the third parties know, afaik, is that you use it. They don't even know when and to or from whom messages are send.
How do you "connect" to it? Via standard internet?
Tcp/ip yes, p2p like bittorrent. You need the address of one peer, who then sends you a list of peers they know, etc.