✨ Feature Suggestion | What are security, privacy and anonymity? How are they different?

[Zenithium]

Description

Differences between security, privacy and anonymity should be explained somewhere on the site, possibly on the homepage near the top. Preferably there would be brief and simple examples of each that convey the differences alongside the definitions.

[5a384507-18ce-417c-bb55-d4dfcc8883fe]

I am against it, or at least not on the home page, and I can't think anywhere else where it could fit, maybe just a little mention on some section if necessary (I can't think of one), or the wiki.

[GintokiHub]

wiki page wouldn't hurt right?

[Thorin-Oakenpants]

FWIW:

I often give lectures/talks to various groups about privacy, and the first thing I do is explain the differences between the three - and I like to draw a venn diagram and get the class interacted, giving examples of what happens with various apps, or websites etc.

I have done a lot of these talks, and the simplest way I found for any of my audiences to understand is the following: in theory (not one is saying anything is foolproof: e.g the secret admirer might leave his DNA on the valentines card - this is just a simplification)

Anonymity

• The sender and/or recipient's real ID is unknown
• example: physical world: a secret admirer sending a valentines day card
• example: internet: the ip (or fp/opsec) footprints cannot lead back to the poster: e.g. Tor

Privacy

• The contents of the message can only be seen/heard by the intended recipient(s)
• example: real world: quiet/whispered conversation between two people in the middle of Siberia
• example: internet: a signal message is end-to-end encrypted and only the recipient & sender can read the contents

Security (in the context of privacy/anonymity)

• The parties involved are who they say they are
• example: real world: something unique and verifiable such as a passport / fingerprints. Old timey or ancient stuff like royal seals/signets
• example: internet: certs etc

All of these overlap, and you can have anonymity but not privacy, or security but not privacy, or privacy but not anonymity, etc. And the sweet spot is when you get all three - see exhibit A: the Venn diagram ... and queue the class/audience giving examples of how they use the internet

... and that's when all the exceptions/flaws start to show up: e.g. MitM encrypted messages - i.e not end-to-end, cert reliability, or how do you know the recipient hasn't been compromised, etc.

But once I explain the simple differences between privacy, anonymity, security as above - everyone suddenly clicks and they all get it, which makes the subsequent discussions so much easier. It's never failed (and some of the people in these classes are really not internet savvy / knowledable at all - but they still get it).

Just my 2cents if you feel like doing anything and approaching it this way

[dngray]

I believe this would also close #297 or at least could be coupled with on the same page.

[dngray]

Going to assign you @blacklight447-ptio as I believe this could be integrated with

Closes: #297

[lrq3000]

I agree, it's important to give some definition for the interested reader because knowing the difference is very crucial for the user to assess what software corresponds to their needs. The explanation doesn't need to be very deep in details (at least not on PTIO), but use links to redirect users who want more than just the big idea. I agree a Venn diagram can be a good way to summarize.

[dngray]

I've been having a think about this, and I think it might be more appropriate as a blog post.

[freddy-m]

What are security, privacy, and anonymity?

[tjhietala]

What is referred to as "privacy" here is usually called "confidentiality": https://en.wikipedia.org/wiki/Information_security#Confidentiality

Privacy is a broader concept which is not so easily defined.