I was listening to a news radio story about a woman who tried to
divorce herself completely from the big five tech companies (you can
guess which ones), which did not go well. She found it was
effectively impossible, given the hold these companies have on the
internet. Many of us here in the gopher underground or on the small
internet have done the same, but really how effective is it?
Looking at it from the perspective of simple email communications,
once you start communicating with anyone on the mainstream internet,
you run afoul of network infrastructure from one of the big five.
Take Google - if you don't mind the pain of letting your friends and
family know that you have switched email addresses, you can dump
gmail for any number of privacy-conscious providers. So far so
good. Now, remember when, a short time after gmail first rolled out,
Google released "Google apps" - which at that time was free for
small businesses and personal users? As a result many thousands
(millions?) of people, small businesses and schools moved their
email service to Google's platform. It was free, after all, and
people were already comfortable with gmail's web interface, so why
not? Fast forward to 2019, and try to send email to anyone else on
the internet, and there is a _very_ good chance you will have to
transit one of Google's MX hosts. So your brother's vanity domain is
really hosted on gmail, as is your kid's school, and you go to work
and process all your email in gmail because your company is using
gapps. Your perfectly private email provider is only private if you
email only people who also use it. Send an email to your brother?
Google has it. Send an email to your kid's math teacher? Google has
it. And they also probably have your name and phone number, and the
IP address and device you routinely send email from. And they know
a lot of your email contacts and what you talk about. Even if you
never had a Google account, you can bet Google has a record for you
somewhere. And it's not just Google that has your social network
graph and personal details. After the Snowden revelations, we
learned that none of us were paranoid enough.
And that sad state of affairs is just email - think about server
hosting, public DNS (where I work we still find odd servers that
resolve using 8.8.8.8 because a lazy admin set that up as a quick
hack when a server was installed and never changed it to the proper
internal nameservers), text messaging, instant messaging, and
VOIP. The big five have a huge chunk of market share for those
technologies.
So what is the alternative? You can try to convince your friends and
family to stop using these services. Many of us have tried and
failed. They have become an essential part of life for many, and
they are not changing now. Unless you are in a position of
authority or a business owner, your business won't move away from
gapps. The company I work for uses gapps and also holds company
meetings using Facebook ("Workbook"). For users of the walled
gardens and associated apps, like Facebook messenger and Instagram,
the social pressure to conform and use these services is enormous,
and (in the case of an employer) often mandatory.
You can try to encrypt email or IM or text chats or phone calls. But
the other end has to also do the same, and you have to be confident
that the recipient's hardware or software is not compromised in some
way. Just by virtue of them using a stock Android phone means they
are not trustworthy. All of this is an almost impossible barrier to
overcome, and I suspect many of us have given up. Sure, we can use
LineageOS on our smartphones, or read mail using mutt over SSH on a
VPS in the Netherlands, but at some point we'll have to hop out of
our protective bubble and communicate with the greater internet.
And when we do, we're owned.
