Common misconceptions
Completion requirements
View
There's a lot of advice floating around the privacy and security space, but how much of it is true? Watch out for these potential pitfalls when you're evaluating claims!
4. "Complicated is better"
We often see people describing privacy threat models that are overly complex. Often, these solutions include problems like many different email accounts or complicated setups with lots of moving parts and conditions. The replies are usually answers to "What is the best way to do X?"
Finding the "best" solution for yourself doesn't necessarily mean you are after an infallible solution with dozens of conditions—these solutions are often difficult to work with realistically. As we discussed previously, security often comes at the cost of convenience. Consider these tips:
- Actions need to serve a particular purpose: think about how to do what you want with the fewest actions.
- Remove human failure points: We fail, get tired, and forget things. To maintain security, avoid relying on manual conditions and processes that you have to remember.
- Use the right level of protection for what you intend. We often see recommendations of so-called law-enforcement or subpoena-proof solutions. These often require specialist knowledge and generally aren't what people want. There's no point in building an intricate threat model for anonymity if you can be easily de-anonymized by a simple oversight.