1984

Tags: English, politics, technology, opinions, essays, life
Created on Tue, 22 Mar 2022

Oceania was at war with Eurasia: therefore Oceania had always been at war with Eurasia.

I think of this blog sometimes as Winston's diary. One day I will probably pay the price of having it and pouring my thoughts here. I can hide it but should I?

I censor myself to think thoughts that may matter. I don't talk about ideas with people around me, other than some very close circle of people that I trust are not the secret police. I'm not paranoid (yet). I enjoy and must be thankful of the freedoms I have in "THE WEST". I must feel the privilege of being a young white male. Some days I do actually feel it now.

I'm a member of the Outer party, working for one of the Biggest Brothers humanity has known. As such, I get almost daily reminder what I should support and what I should oppose. Today I must support Ukraine and hate Russia. Yesterday I shouted that people should get vaccines and raged that the ones who don't are why we still don't have our freedoms. It was so sad indeed (as Mr Gates said) that Omicron provided better protection. Now it's time for another terrible war. We were always at that war. I must hate Russian music, Russian culture, I must not use кирилица for it's now forbidden. Unless I use it for support of Україна which I love.

But it's not the people that I must care about - it's the ideas of certain nations. One is an angel, the other is the devil. I can now post hate and call for violence on Russia. And I must do it, it's my privilege so I must! I must become an expert in military operations with a 24/7 bombardment of "news" that are real and must resist the propaganda of the other side. Our news are definitely true, they are fact-checked by us, of course. The other news are certainly propaganda. The world is black and white, there is no gray. Some days I do actually believe it now.

Doublethink means the power of holding two contradictory beliefs in one’s mind simultaneously, and accepting both of them.

We all love Ukraine. We also all love the gender equality. And then again - Ukraine is allowing women and children to leave the country but men have to stay and fight.

Can you picture the opposite? Can you imagine the outcry "The West" would have if women had to stay in the country by mandate, to have to fight and be killed while men can leave? The patriarchy! The oppression! But now - it's okay. We don't talk about this. What matters is that women get equal representation in IT and we are still not there! Not in mining, construction or war. Not in the dangerous positions. But why am I even mentioning this?! Am I crazy? This is not the point now! I must repeat the narrative, don't distract the message with whataboutisms!

Zelensky is a hero, anything that he is doing, anything that he has ever done or will do will always be the best. He can't be wrong. Even when sending men to die, it must be an honor to protect the glorious nation of Ukraine! Putin is wrong. Putin is crazy. There is nothing that can change my mind about this. Moreover, I will go and will convince other people that this is the case. Some days I actually do it now.

And when memory failed and written records were falsified—when that happened, the claim of the Party to have improved the conditions of human life had got to be accepted, because there did not exist, and never again could exist, any standard against which it could be tested.

We've always known that COVID could've been engineered. We have always allowed free thought and research to flourish. We've always mandated masks. Masks have been here since at least Roman times, perhaps even egyptians wore them. Haven't you seen drawings in the pyramids? What an uncultured swine you are. They are useful. They are effective even if worn for 6 months. They protect us. Don't you want to be protected? Besides - why are we even discussing this now? There is a WAR now. You care about a mask!? Oh, poor you - people are DYING, support that!

WAR IS PEACE FREEDOM IS SLAVERY IGNORANCE IS STRENGT

This is the most important conflict. There may or may not be other conflicts in the world. There may or may have not been other conflicts in the world inflicted by our Party. Our Party has never committed war crimes. Our Party does not support military conflicts or benefits financially from them - we want peace. Don't you see? Don't you believe now that 2 + 2 is indeed, and has always been: 5

The choice for mankind lies between freedom and happiness and for the great bulk of mankind, happiness is better.

Oh, I don't care. It may be 5 or 6 or even 40. Give me my soma. Let me drown the bliss of love, in travels and adventures now while it's allowed. Summer is coming. Winter is somewhere else. Restrictions are out. The Party will protect me. Truth is irrelevant anyways. Let me buy amulets that will protect me from the evil energies. Let me enjoy the days of sun, let me be thankful I'm not in Eurasia, where the only terrible war is. Let it not spread. Oh, Party, let it not spread! Let it not destroy this wonderful world. I will cry when needed. I will empathize with the tragedies. I will say the words that you tell me and I will actually believe them. I will not think thoughts I shouldn't. I don't want to be drafted in a conflict. You are my master... Sorry, we don't use this anymore (because of certain histories in certain parts of the Party which you must know now)- You are my primary. I'm your secondary.

Stupidity was as necessary as intelligence, and as difficult to attain.

The eyes of the Internet

Tags: English, technology, essays
Created on Tue, 14 Dec 2021

Note: I'm not going to talk about these eyes today. I need more pandemic to get there.

We don't know what the Internet really is. Not really. We don't have the intuition or senses to recognize it anymore. It's not like how we know what a human is.

And we don't have laws and rights at the Internet. Not really. We don't really know what is where and what can and shouldn't be done. We don't know it like we know not to poke a human in the eyes.

So when one day someone discoveres the Internet has something like an eye, a weak, soft spot - we take all the toothpicks and nails, we take all the pins and needles, all the sharp sticks and every tool around us and we try to poke it.

And then the people making the Internet scramble to "patch it", to make glasses or lenses or more accurately - to put duct tape on the eyes in the hope it protects them.

But the duct tape is also made of Internet - we don't really know it. Not really. Some duct tape is actually made of nails. So you put it on the Internet eyes and the eyes bleed.

We don't know where the Internet begins and ends anymore. It doesn't have these sharp boundaries a physical object might have. The Internet used to be at your desk. Now it's in your pocket. On your wrist. It's in your home and even if the devices themselves could work, when you get a cardiac arrest your hair may also stop growing for a minute.

You can't escape the Internet even if you try. And I'm not even talking about the crazy stuff - I'm talking about reality - which is crazier than the half-baked conspiracy theories that were insanely on the rise this year, at least in my bubble. Actually: I think if conspiracists really knew what's in their pockets, hands and in every corner of the "western" world, every second of their life - they would say that that is crazy and impossible.

And the Internet is fragile. It has millions of eyes and other soft spots hidden between the wires. Not a month goes by without a major outage now despite the insane effort of thousands of engineers and millions (if not billions) of servers in thousands of data centers all around the planet to provide redundancy and a feeling of "security". A single configuration change (as we call it in the bizz) is often enough to put out all of the biggest names - the Gs, the As, the Fs, the Ns, the Ms and a lot of the other latin letters - out for hours.

We don't know what the Internet really is. It used to be some Universities (and military) connected 50 years ago in a better way than a telegraph or a phone. The web used to be a single machine with a label "This machine is a server. DO NOT POWER DOWN!!" merely 30 years ago.

This weekend we became aware of a weak eye - a piece of software that most people will never care or know what is for is making every sysadmin sweat bullets and this will continue for a while.

Needles are coming from everywhere. Duct tapes are being rolled out. Everyone is holding their breaths and hopes it's over before the holidays. For some - it won't be. For the fortunate - it may be.

Until we see the next eye.

Народе?????

Tags: Български, политика, мнения, лични, живот
Created on Wed, 27 Oct 2021

Левски и Ботев днес са футболни отбори. Все още ги изучаваме, но вече от надрасканите фасади на сгради, обикновено предходени с разни пълни членове. Аз самият понякога се гордея колко малко помня от часовете по литература или история. Чалгата пък си я слушам, 'щото туп--та-тупцъ ритъма ми харесва повече от западния туп-тцъ-туп-тцъ поп и рок. Но съм и част от израсналото, а и почти закърмено с така наречената вече "ретро-чалга" поколение.

Всяка държава си има история. Всяка държава си има общество, икономика от някакъв род и управляващи от някакъв вид. Всяка държава си има и език - един или няколко, култура, обичаи, традиции, религия - една или повече.

Но каква е тази нация, в която явно близо 80% от хората смятат, че са експерти по микробиология и епидемиология, а в същото време смятат, че ракията ще ги спаси? Как ние сме единствените, които имат уникален поглед върху истинските световни конспирации? Какво - чакаме българите да оцелеем като не се ваксинираме и да се смеем над гробовете на всички останали европейци?! България на три океана? Как искаме хем свобода и равенство, хем се гордеем, че си бием жените? Объркани от всякакви божества и врачки, всеки се гордее, че си познава тялото най-добре и въпреки това сме 4ти по смъртност В СВЕТА (а сме стигали не веднъж и челното място в последните две години). Къде се навъдиха толкова експерти по статистика и интерпретиране на вероятности и числа, а получаваме най-ниските заплати в ЕС?

Как да се гордея с народа си? За какво да се хвана? Кого да избера да ни води след по-малко от месец? Човека, който всява страх, че ни боцкат с развалени ваксини? Или шоумена допринесъл толкова много за "ретро-чалгата", изпращащ македонци в космоса - когато и двамата не могат да разберат разликата между процент "от нещо" и число, означаващо пари.

Когато се питаме в училище "кога ще ми потрябва това" или се гордеем като мен след него, че не помним основни дати, факти или какво е корен квадратен - нека се огледаме точно сега. Когато се хвалим, че не ходим на лекари, защото си се лекуваме с червени конци и Бог ни пази - нека се огледаме. Лекарите ще понесат и тази вълна - тези, които са останали. Ще има държава и народ и след няколко месеца - вероятно. Не е толкова смъртоностна тази пандемия - и може би всяко добро за зло. Ако беше, може би щяхме да я вземем по-насериозно. Ако наистина виждахме с очите си смъртността по улиците, може би щяхме да се поокопитим и боязливия български народ да си сложи иглата. Но само лекарите я виждат вече втора година. В медиите се говорят някакви "анти-рекордни" числа, заради които българинът превключва канала да си гледа "Пей с лотария, лесно вкусно брадър 3 на съдбата", боцка си салатката, кашля и си казва, че я "съсипаа таа държава" - някакви там, гадни лъжливи политици. "Народни представители" ми били - ами може би са. Какво по-точно представителство от тези двамата? Кой е "по-среден" българин?

Навсякъде в света в момента е огромен проблем дезинформацията. Скролването на фейсбука и там другите "младежки" платформи води бавно до неосъзнатото вярване на информация, която е предоставена често точно с идеята "Разделяй и владей". Спами на хората, които вече вярват, че ваксината е полезна, че са прави. Спами и на хората, които вярват в обратното, че са прави.

Всеки е прав.

Има гравитация и няма гравитация. Земята е сферична и земята е плоска. И когато тези групи застанат едни срещи други след месеци или години зомбиране в малките черни огледала, всеки с промит мозък, че е прав започва едно крещене, едно обиждане на животни (а животните вероятно пък не искат да имат нищо общо с хората) и закопаване в собствената си истина. Защото ако след месеци натякване, че ти си прав изведнъж осъзнаеш, че не си… сега трябва да предадеш групата.

Трябва да станеш привърженик на Левски, а не на Ботев.

Твоята група ще те линчува, но по-лошо - твоят собствен мозък ще ти каже, че не струваш, щом предаваш "истината", която си тръбял месеци наред на всеки познат и непознат. Пускал си ядосани личица на Министерството на здравеопазването и си се хвалил с това - как сега да обърнеш вярата си? Дори да ти покажат нещата черно на бяло, как да пуснеш пост, че си си променил мнението? Ами нали си си създал приятелства и си цъкал, че харесваш страници и групи именно с това, че си против това "да ти слагат неща в тялото, които не знаеш какво точно са" докато преспокойно си ядеш чипса и кренвиршите.

Знам какво е инат. Израстнах с моя си, част от който се изразяваше да не ям месо. Обръщайки се назад, вероятно психолозите биха казали, че съм харесвал вниманието на възрастните. "Как може да не ядеш месо?!" - "Не го обичам!" - "Ама как не го обичаш, като дори не си пробвал?!" - "Няма пък!!". И колкото повече ядосвах родители, лелки, баби и дядовци, толкова повече се закопавах във вярата си. Чувствах се специален, че не ям месо - това беше много преди вегетарианството да е хита на сезона. Още повече ги дразнех, защото избирателно си ядях салами, гореизписаните кренвирши и кебапчета. Но не и на манджа, изпечено или в супа. Подлудявах тъпите възрастни - бях специален! И ината е яко нещо - когато си на 5. Като започнеш малко да порастваш твоя си инат може от да се вижда все още като яко нещо. Но започваш да виждаш, че ината на другите е понякога глупав и чрез магията на човешкото съзнание осъзнаваш, че може би и твоя се вижда като глупав от другите. Явно не всеки стига този етап.

Не можеш да избереш коя е истината. Всеки ти казва нещо и всеки те хейти, от която и страна да застанеш. Затова избираш третото - игнорираш проблема. Вакснал си се или не, решаваш че няма да отваряш тая тема пред хората. Искаш всеки да те харесва и да не се караш, защото цената е само истината - това не е толкова ценно. Пък и в крайна сметка - откъде да знаеш какво е истина, когато има хора, които ти казват, че понякога 2+2 си е 5 отвсякъде. Някои твърдят, че е 4, ама ти не си математик - ти си имаш твоята експертиза и ако в инстаграма от утре почнат да се появяват постове, че е 5 понякога - що пък да не е. Няма да завземам страна я, няма да си правя труда да проуча или разбера проблема, няма да се пробвам да помисля и да си изграда мнение. Или ще си изградя мнение базирано на математиката на древните египтяни или на медицината от средновековието - я ги виж колко са направили, остави нашия прогрес с небостъргачи, космически ракети или сателити - все пак някои са носили тежки камъни и са ги слагали един върху друг - трябва да са знаели нещо Тайно.

И когато това се комбинира с недоверие на хората един към друг, защото в съзнанието на ретро-чалга поколението са само лъжи от последните 30 "демократични" години, а в тези на родителите и пра-родителите - от комунизЪма - си е доста перфектна буря. Креташ си ден за ден, използваш сравнително новите си права на протест и израз на мнение като се събираш на протести против разни мерки, защото в главата ти държиш двете понякога противоположни, народо-психологични твърдения базирани на нашата история - "всички сме равни" и "всеки може да е експертно недоволен".

Или пък правиш като мен. Бягаш от страната си, пишеш хейтърски постове и ги пускаш в гадната синя мрежа дет спамиш, че за нищо не става, 'щото иначе и петимата човека 'дет ти цъкат на линкчетата няма да цъкнат.

Понякога си се чудя защо продължавам да чета и пиша. Не мисля че променям мнението, на когото и да е. Ама като гледам, че пиша от десетина години вече, май просто това е начина за мен да си вентвам. Пък който ми прочете поста, да ми драсне един-два реда на лично ако иска - постовете в синята мрежа ги трия и с тях и публичните коментари си отиват. Нямам и коментари в блога със същата цел - не искам да помагам за разделението, но искам да си имам моето място в мрежата, с моите си мнения. Ако видите историята и старите постове - ще видите, че въобще не съм бил винаги За ваксините и това лято също се лутах. Не мисля че е лошо да се полуташ малко - но е добре да се намериш след това. Дано и моят народ се намери, било то и с мотивацията за моловете.

Със здраве! Дано!

I change my mind all the time

Tags: English, Български, политика, politics, мнения, opinions, лични, personal, life, живот
Created on Thu, 21 Oct 2021

I believe you should have the freedom to change your mind as often as you would like, especially when new facts come your way. But also if you would like to experiment with something, even if you think it's bad or wrong. That's part of the reason I now have an instagram.

Yesterday I wrote a blog post in Bulgarian that I deleted less than an hour after publishing. It regarded the situation around the certificates of vaccination becoming a requirement for certain amenities in my home country. It was quite emotional and I decided that it's not worth it to put more fuel in the already fiery situation (although IRL I usually like doing that).

But I also removed it because I realized I disagree with my statements. More accurately - I was pointed out by a friend that my argument may require a bit more thought about some aspects that my monkey brain didn't remember when initially writing the post. I usually don't delete my posts - in fact, I still have about 20 or so that I want to transfer from my old Blogger platform to this self-built one. Even though I disagree with a lot of them now, I like them to be out there to show myself that I change, that opinions I hold can be discarded when better facts appear. I will put below the one from yesterday, making this post probably the first in both English and Bulgarian.

What did I disagree with?

As I said the situation in Bulgaria regarding the coronavirus is bad - barely 20% of the population is vaccinated as of October 2021. The wave that is currently hitting us is very deadly, hospitals are hitting capacity, trust in population is low - e.g. there will be third elections in less than a month for a government, failing to form twice already just this year and the prospects of the next one don't look so great.

In that environment the caretaker-minister for health announced that so called "green certificates" will be required going forward for access to malls, restaurants and other amenities. This measure went into effect merely 2 days later - i.e. today. Naturally a lot of people got shocked and many edge case scenarios were (and are not) clear enough for the population to follow. The minister had an interview in a popular Bulgarian morning show where the hosts asked him if the validators of the certificates will require the app to check it and also if it will require showing them the ID card of the certificate holder.

The minister said that they won't be required to do so. That was my grunt - the certificate is useless without the authentication part.

Security sidenote

Part of the reason I got frustrated maybe because I just transitioned to a new position at work - Security Engineer. I've been in the fields for maybe 3 years now and I spent the last 6 months intensively preparing for a potential internal transfer, which happened.

So that this post has some educational value, let me clear some confusing terms as well:

We have laws in Bulgaria regarding processing of personal data. My post, as I said, was pretty emotional, jumping on the perceived incompetence of the minister that he wasn't informed that without an ID card, the hard work done by the "IT professionals" (my tribe) would be useless. I started defending my tribe that I recently became sort-of officially part of and also surely - I feel some impostor syndrome. I have way too quick reactions without thinking that (most probably) the minister is surrounded by some smart people and lawyers that almost necessarily have raised these concerns with even more details than I can possibly understand.

As my friend pointed out - showing your ID card to random people, multiple times a day can be somewhat dangerous because of potential identity fraud - meaning these people can remember your personal identification number, address or other details.

It's a valid concern. Maybe. Let's remember that alchohol cannot be sold to children (under 18), they usually cannot be allowed to bars and night clubs and as such people who are around the age of 18 and cannot be visually identified, are required to show a proof of age. Not give the ID card for scanning, but just show it.

Let's say that the scope is much larger now however - it's not just for some ammenities and only for people around ages 15-25 (or so) but for a lot of places and for everyone (above 18). This can be massive checks of identity documents which can be argued that could be ethically bad.

I still think that some workarounds can be had - e.g. show your ID card with the thumb covering everything but the name and your picture - this should be almost enough to authenticate you since the certificate shows the name and date of birth. On the Bulgarian ID card it's not easy to cover the personal identification number only (which I can argue is probably the most sensitive piece of data) without covering the date of birth. Also - the validators do not scan and copy your ID card, they look at it. So it would take a really dedicated or eidetic (photographic) memory person to be able to remember your details, together of hundreds of others passing by today.

And the minister talks about the issue briefly in the interview. In his situation, given the constraints of the pressing wave with now more than hundreds of deaths per day, knowing the vaccine is the only long-term out of the situation - that was probably the best decision he (and the administration) could have taken. Of course, maybe it would've been better to be taken months ago and not in the middle of the wave. We can't fix the past. We can blame him if that's what we want - we can say it was untimely and it should've been done earlier. But as the saying goes - "The best time to plant a tree was 20 years ago. The next best time is today".

So I applaud him. And I apologize for my rash judgement.

Still: it was probably too rash. People weren't ready. But then again - how much time should've been given? Give a month warning? Probably would've been better. However it's in our culture to wait until the last possible moment to do something so the month in advance would've been mostly wasted. Also remember that usually two jabs are required (unless with the J&J) and the certificate is not officially valid until 2 weeks later. So if you get your first jab today, wait 6 weeks, get your second and then get the certificate, it would be a month and a half until you will be able to get all the benefits. With the J&J you get it in two weeks. Ironically had officially a few more risks but now Bulgarians are exclusively looking for it despite that, cause we want the pubs more than our "concerns about the safety or testing".

The situation is still somehow interesting to me now from a psychological or societal perspective. I still hold my opinion regarding my last sentence's frustration as to how my nation values the pubs more than our health. How did we end up with such a value system!? How come we applaud and believe in woo healing powers of a cross or an icon but not in medicine? How come all the "vaccine is dangerous" opinions started disappearing from our minds once the malls would be closed unless we got the jabs? Did our fear of death suddenly disappear in the face of the inconvenience we may experience if we can't go to the gym tomorrow? Surely the "vaccine is not safe" is a pretense to something deeper, some trust issues within the nation - there is no way we stop being afraid for our life if youwereally thought that these vaccines are not tested enough etc. only because now we won't be able to go to a concert.

I ain't no psychologist or sociologist. But this vaccine situation has created so many interesting cases within our society. As I've shown in this post, when judging other people, I don't exclude myself - I am part of the society. I am as dumb, irrational and emotional as the next person. I've postpones my own second jab for a couple of weeks this summer, partly because of digging into conspiracies, partly because of my girlfriend at the time (which prompted me to dig into them). I write blog posts rashely without considering all the angles. So I'm trying not to stay too morally high. And I fail sometimes. Mia culpa.

As promised, here is my post from yesterday.

===

КонспЕрация за сЕгурността

Оф, не исках да пиша повече за коронката. Ама не мога, уиндоуса в двата чипа на ръката ми пощурява като чуе зверската некомпетенция на определени хора...

В интервюто по бТВ за Тази Сутрин министърът на здравеопазването се опита да разясни ситуацията със зелените сертификати. Интересният въпрос започва от около 10:40-та минута:

Репортер: "А контролът става само и единствено с това приложение, което отчита дали сертификата е реален?"

мин. Кацаров: "Може и визуално, може и да не е с приложение, аз мога да видя вашия сертификат и визуално... Това не изисква специално умение да провериш дали някой има зелен сертификат"

И после, веднага след това:

Репортер: "Как може да удостоверим дали сертификатът е автентичен и имаме ли право ние да изискваме лична карта, за да удостоверим, че човекът който ни предоставя сертификата и чието име фигурира там е същия?"

мин. Кацаров: "Не, те не са разследващи органи... Те трябва да осигурят, че има такъв сертификат. Държавните контролни органи са тези, които могат да установят дали сертификатът е автентичен, те могат да му изискат. Но това е нарушение и този, който извършва това нарушение ще си понесе последиците. Не е работа на културните институти да установяват това нещо"

Какво означава това?

Всеки може да си генерира и принтира QR код на каквото и да е и да го покаже. Ковид сертификата, по идея, е едно от най-добре разработените по последни стандарти за дигитална сигурност приложения - ето например техническата дефиниция за Швейцарското приложение. QR-кодът е просто бърз механизъм за трансфер на тази информация, която може да се ползва от приложение. По дизайн, сървърите имат само списък от ключове за дигитални подписи, които удостоверяват истинността на данните пренесени от QR кода, а цялата лична информация е кодирана в самия код. Въобще, използват се истински крипто и прайвъси технологии, а факта, че дори веднъж не се споменава блокчейн го прави класи над много други идиотски крипто-неща, които съм виждал в последните години.

Но язък за всичкия труд на стотици специалисти работили по тези идеи, ако министърът на здравеопазването не е информиран, че всичко зависи от последната стъпка - от правилното имплементиране на целия протокол, което включва правилната проверка от реални, джвакащи хора. А тя е ясна - инсталиране на официалното приложение за проверка, сканиране на кода и проверка с личния документ на държателя, че данните съвпадат. Язък за всички сървъри и код писан за приложенията, които ще го проверяват. Взимаш си най-мощната кола на света, но вместо да използваш ключа, за да я запалиш използваш огнехвъргачка.

Дори не ни трябват хакери, които да "разбият" сигурността на сървърите, приложението, Гугъл или Бил Гейтс. Трябва ни министър на здравеопазването.

Не казвам, че трябва някой да злоупотребява или лъже. Министърът на здравеопазването го казва. Защото ако провериш личната карта на човека е "нарушение и този, който извършва това нарушение ще си понесе последиците".

Нека да се опитам да съм обективен - после министърът говори, че ако някой си направи фалшив документ и бъде хванат от "контролните органи" (Това би било... полиция? Не става ясно) ще си носи наказателната отговорност - която може да стигне и до затвор или солени глоби. Разбирам, че има Закон за защита на личните данни. Вероятно това е юридическата спънка, която спира барманът да ти провери, че личната карта и сертификатът са на едно и също лице. И тъй като нямаме парламент да ъпдейтне закона, това е положението. Имаме рънтайм правителство, нямаме дивелопъри (които в момента се интервюират от българския народ и ще бъдат назначени след месец, компетентни или не) и така беклога се трупа.

Иначе, радвам се, че българинът се събужда и забравя за всякакви конспЕрации, чипирания и контрол, щом има шанс да не може да ходи в кварталната кръчма. Е, тва е, баце!

Наздраве!

Online security

Tags: English, technology, hacks
Created on Wed, 20 Oct 2021

Last week I wrote about a hypothetical Facebook messenger and Whatsapp breach which would give the world access to everyone's chats - including yours, your friends', your parents, everyone you know or don't - indexable, searchable by everyone. A truly privacy is over type of situation. I argued that this is what people really cared about - a personal hit, not bombs and terrorists or some unknown John in a three-letter agency reading your chats. Someone you know - or everyone you know - reading your personal communications with other people.

Scale it down

Alright, maybe leaking all of Facebook's chat would require literal trucks and months of unmonitored leakage due to the sheer amount of data. Text is not so big - the whole of English Wikipedia is merely 20 GB which can be stored in a 32GB ~10$ microSD card with storage to spare. More difficult would be the multimedia - images, audio, clips. If we are talking just about the content of text messages (which would be a non-trivial amount of communication, except maybe the more and more frequent voice-messages on many platforms) with the right tools and access, these can be exfiltrated compressed similarly to how Ed Snowden did it with the NSA.

But let's scale it down from "worldwide breach" - say it just happens to you. Who could target you? Ex-boy/girl-friends frequently have access to your password or physical phone(s) and computer(s) for some critical time right after the limbo separation. Roommates or party invitees, some of whom may not like you. Forgotten phones in a bar. What if all your chats get exported and shared publicly, easily searchable? Do you have anything to hide then?

Parents tech support

A few paragraphs one the side - I want to explain that these stuff may be technical but to implement them and use them you don't have to be tech savvy. It will be a little inconvenience (few minutes to an hour) while you set them up but then not much will change for your day to day life.

Last time I visited my parents I did the normal tech support games. I'm proud that since I left Bulgaria about 10 years ago my parents have been running a Xubuntu flavor of Linux without almost any issues on multiple different laptops that they changed over the years. Never dealt with anti-viruses or viruses, random slow-downs or driver updates. Almost any screw ups have been my own. One time after a remote access support I was able to screw up the update on the machine and resulted in the bootloader not being able to find the OS. My parents are not too tech-savvy but this resulted in my biggest achievement to date: be able to get my mom through a grub rescue console over a video chat. So I don't know - maybe they are secret hackers after all :)

So I checked everything with the OS is all right, update packages, no randomly installed software (although with Linux that would be super difficult - yet, just to be sure) and was fairly happy. But while doing that there were tons of annoying notifications from Facebook and news websites that kept popping up on the right. I asked my parents and they said they don't pay attention but decided to be a good citizen and remove all those XXI-st century toolbars.

But the bulk of the support was on passwords. Chrome has become more and more aggressive towards password management - which is good. (It has also become extremely easy to allow all websites to run service workers and so random notifications were popping up so I had to remove all of them and dissalow new ones). It reds-out passwords on non-https websites but almost none of them are anymore on non-https - which is also nice, yey let's encrypt. It also prompts you to use the password manager. I took the leap - but I wanted to lock it a lot. So I set them up with pretty much best practices these days. If my parents can do it, you can do it! What are these?

What can be done?

There are many more ways to stay secure and protect your privacy these days, depending on your use case. There is no absolute security without usability, it's always a tradeoff but following the above 3-4 things should greatly help you stay safe online these days.

Pobody is nerfect, it can happen to all of us. That's why best these days is so called defense in depth - even if some part gets breached, there should be other controls that stop it. In a similar way to multiple physical doors for security. For example, I (almost) got pwnd by a friend that used my computer at home, logged in one of my firefox profiles which I used for some websites and thus synced some of mine and all of her passwords for months before realizing it.

That's a scenario that is too concrete, yet I implemented some more guards for similar situations. You don't have to go that far - using these simple rules above will get you a long way to being pwnd by someone who doesn't like. In this increasingly (some may say distopic) electronic world, a little privacy can go a long way. Do it if you can, it doesn't cost much!