I don't think separate browsers is a very effective mitigation. If both browsers are running on the same machine, from the same ip address, using the same email address for logins, the same phone number for 2FA, it will be pretty clear that both browsers represent the same person. Even cross-device identity tracking is a real thing.

In general you shouldn't be logging in to any of the "fun" sites. If you do, you should create a burner email address and separate logins (and obviously separate passwords) for each site. A lot of the "fun" Internet doesn't require 2FA, but for sites that do (which is an increasing number of social media providers), I'd highly recommend getting a Google Voice number and using that. That shifts the trust boundary to Google, who is going to have all your info anyway, rather than dozens of fly-by-night websites.

IP address is covered by VPN or Tor.

If the definition of "fun" sites doesn't even include anything with a login (no youtube, no forums, no HN...), then it feels like it includes so little as to be meaningless. The "business" internet (at least most of it) needs to be anonymous if we want to have a free society and efficient markets.

> You cannot have a functioning "Business Internet" without identity verification.

Yes, you can. Just like you can have a functioning grocery store without checking the identity of each shopper that walks through the door.

What you cannot have is a free and democratic society or an efficient free market without robust protections for individual privacy. Privacy is the best shield the less powerful have from being abused and exploited by the more powerful.

> We accepted the SLA for the "Business Internet" in exchange for free, billion-dollar tools.

No, we did not accept. There was no informed consent. The full consequences of our use of these services was and is still is kept hidden from us. Tracking happens invisibly, without our knowledge or consent. This deprives us of the opportunity to express our true preference and opt out and choose an alternative. It's employing deception in order to subvert the consumer's ability to make a rational choice that represents their best interests.

> on the modern web, anonymity looks exactly like a security threat

An anonymous user who just uses the service normally and does not attempt to access sensitive information without authorization does not look like a security threat.

Most grocery stores in every place I have lived have security cameras so that if you did something illegal you'd be identified very quickly. At this point this is even true of small bodegas.

Also scammers can't waltz into my grocery store from the other side of the planet and wreak havoc.

Ultimately you can use privacy enhancing tools, just like servers can choose to block them. I wish there was a better system but that's what we've got.

A security camera, on its own, doesn't tell the grocery store who you are. There was a time when CCTV didn't even exist and yet we still had commerce.

"What we've got" isn't "the best we can do". There absolutely are better possibilities that would protect consumers. The best way to ensure we never get to experience those better systems is to shrug our shoulders and passively accept whatever treatment we receive.

Is there any effective way to signal to the users who care that your product is committed to Free/Libre Open source principles without also making it sound lame?

It has been truly frustrating when arms dealers are punished for what is essentially reckless behavior from warlords, dictators, and drug cartels.

I'm not entirely sure I follow? Most of the "arms" that people love to complain about aren't created or sold by "big tech."

Some of this is that people are rather wrong about just how much smarter some of the big consumer tech companies are.

I think the HN crowd is especially vocal about the tech industry in particular because that's the industry a lot of us have first-hand knowledge of - we know from personal observation that it is anything but airtight

> Your location is still being leaked potentially, for example, by your car. Your car also has a cellular modem which leaks your location, and you probably signed a contract allowing that data to be given to hundreds of third-parties.

Ok, fine. I'll just drive classic cars for the rest of my life. Your location is still being leaked by a global network of automated license plate reading cameras https://deflock.me/

This is long overdue. Cisco's decade-long refusal to deliver binaries, or even hashes of the binaries, over an https connection astounds me.

Developing in the open would make contributions from the community way more viable, would give the public the ability to see what's coming and prepare for it, would increase the likelihood that security vulnerabilities or other bad things are discovered and prevented early on. It would make the project more likely to serve the interests of its users.

The "details" in the article are pretty scant. Curious how this actually works.

Counterexample: TextNow offers a "free"(ad-supported) mobile phone service, yet people overwhelmingly prefer to pay for T-Mobile.

Interesting, I’d never heard of text now. I wonder if it’s an awareness thing, or is it aligned with previous conditioning? (Eg I always paid for cell service and it’s cheaper and better now than it’s ever been… whereas Google has always been free)