There's
a great old tweet
from
Matthew Green:
I'm not a Tor expert, or even a Tor user, so I wouldn't trust my interpretation
here to match Green's intent. But the dramatic stakes are preserved if I go
with something like, "Tor saves you the risk that normies are snooping on your
network activity secrets, but incurs the new risk that your shadowy,
sophisticated
exit node operator
can compromise it instead."
I think about the tweet a lot because I made a similar trade when my first kid
was born:
- We wanted a way to share baby pictures,
- with extended family,
- without just posting the pictures for the whole world to see,
- so we set up a private group on Facebook.
On Facebook! We wanted to preserve our privacy, so we turned to Facebook.
This Facebook.
And it's worked, as far as I can tell. It was very easy to get my extended
family set up see baby photos: they all had Facebook accounts. And normie
snoops can't pull up photos of my kids, the way you can pull up
photos of me.
Anything I built myself for this purpose would have been worse on both counts.
I wouldn't have been able to get my grandparents, aunts/uncles, etc., all
a way to prove their identity to my hand-rolled access control system. And I
would be much more likely to have screwed something up in the hobby-level-effort
implementation vs. Facebook's professional engineering, rendering it all
normie-snoopable.
But the as far as I can tell part, that part two paragraphs ago, is the
Nazghûl part. I am not sharing my baby photos with you, the normie reading this
blog. But I am sharing them with Facebook.
I doubt they're doing anything too-too diabolical with them. Probably they've
pieced together how many kids I have, of what basic ages and genders, to show
me the right ads. Less likely, but more much offensive to me: maybe they've set
up
shadow profiles
for the kids themselves, so that they can someday show them the right ads.
I am just left stewing in the irony, wishing there were an obvious and easy way
for a comfortable-building-a-website guy like me to not rely on Facebook for
access control lists.