On Privacy and Control
Key topics
The debate around "privacy" versus "control" is heating up, with some arguing that "control" is the more pressing concern, as it implies ownership and agency over one's digital life. Commenters are divided on whether the average person cares about exerting this control, with some pointing out that people often prefer convenience over self-directed digital sovereignty. Meanwhile, others are inspired to take action, like ditching Gmail, and a nuanced discussion emerges around the interplay between privacy and control, with some noting that they're related but distinct concerns. As the conversation unfolds, a consensus forms around the idea that individual choices, no matter how niche, are valid and worth making.
Snapshot generated from the HN discussion
Discussion Activity
Very active discussionFirst comment
1h
Peak period
67
0-6h
Avg / period
11.4
Based on 125 loaded comments
Key moments
- 01Story posted
Dec 31, 2025 at 1:39 PM EST
11 days ago
Step 01 - 02First comment
Dec 31, 2025 at 2:45 PM EST
1h after posting
Step 02 - 03Peak activity
67 comments in 0-6h
Hottest window of the conversation
Step 03 - 04Latest activity
Jan 3, 2026 at 3:19 AM EST
9 days ago
Step 04
Generating AI Summary...
Analyzing up to 500 comments to identify key contributors and discussion patterns
Want the full context?
Jump to the original sources
Read the primary article or dive into the live Hacker News thread when you're ready.
Fantastic. This is what I have been shifting towards these past couple years. Hardly anyone likes to be controlled, right?
Until they've been burned by unspoken realities of not owning some piece of their own digital lives, most people will continue to prefer being tenants, rather than owners.
Technology is only the most recent domain in which we can observe the human tendency to prefer the short term, incurious ease and license not to think that tenancy provides over the long term, ongoing work and thorough understanding that ownership demands. To become an owner you need some deeper intrinsically cultivated reason to desire it.
Or as someone put it: "You can't make people care".
Most western countries are democracies because people in the past got burned by dictatorships (including monarchies). Many of them died because of the dictators (whether they were forced to fight a war of conquest or imprisoned for saying the wrong thing). Many of them died to remove (kill, execute, make flee) the dictators.
There are 2 domains remaining where we still have dictatorships:
- Corporations. Not only do workers usually not have any way make decisions but they produce much more wealth than they actually capture. Cory Doctorow said that an average programmer makes $1M in profits for the company - how much does actually go into his pocket and to whom does the rest go? This is the core of rising economic inequality.
- Technology. This is what OP's article is about. There's not a clean hierarchical power structure you can point to but it's obvious companies have a huge power advantage over users.
Apple gives you some privacy, better than most Android by default. But it gives you no control. If they decide you don't deserve privacy a year down the line, well, too bad.
side note, your link to Tuta is broken - think it's an internal link by accident
The other is that once a tech choice becomes too niche, it stops being supported:
- Technically anyone can run their own email server but from what I hear if you do, some providers will treat you as spam.
- Niche features get removed from products.
- Some niche usecases depend on legal support. Running programs on a device you own without going through a gatekeeper ("sideloading") may be required in some jurisdictions (EU, any others?) but there's nothing stopping the almost-monopolies from making it impossible elsewhere.
It reached the level of being usable for general population and it improves rapidly due to gained momentum.
You could also run Google Maps web through Tor if needed. Tor is easy to use on Android.
Came here to say the same thing, post was interesting until I got to that point.
> nuisance captchas
Try using the internet outside of the western world and major hubs. Cloudflare make it so painful with captchas and browser integrity checks
I 100% agree, any entity with a significantly large control of the internet cannot be trusted. And the lower in the stack the smaller the control portion needed for distrust.
I added a disclaimer to the DNS section along with a list of other DNS providers folks can choose to use instead.
I made these choices before I was employed by Cloudflare and personally like how transparently they operate as a company. They have earned my trust but I don't expect others to feel the same way.
Not even this. If you do what OP says on the firefox, and turn on ResistFingerprinting, you'd be seeing many Cloudflare captchas a day. In effect it directly punishes you having any privacy or control. I wonder if they have an internal whitelist for employees? /s
I took a look at this curated list of bank apps[1] supported on Graphene OS and I'm glad that a large majority of them work on Graphene. However, just my luck that one of the banks I use on this list isn't supported.
In my country, the state is enforcing a lot of essential workflows to be digital-first (and in extreme cases digital-exclusive) and I dread to think needing these services at a crticial moment and the choice of my OS making it impossible for me. This is more of a commentary on my government's choices but it's a reality for me.
In any case, I don't think it's practical to go cold turkey and switch to a privacy focused phone without testing waters first to see which of your of workflows break and then reason about the tradeoffs/workarounds.
I do admire folks who use GrapheneOS as a daily driver, I'd like to chat them up if I find them in the wild.
https://privsec.dev/posts/android/banking-applications-compa...
Things like Apple/Google Wallet aren’t significantly superior to a contactless credit/debit card.
About the only bank thing I can think of that actually requires an app is check deposit, which is super rare.
Note that I don't use banking or government apps. If I bank online it's via the web.
A) These apps have implemented only the check so far, and will eventually refuse to run or limit functionality at some point in the future.
B) These apps have noted the failure and certain functionality, especially communicating with servers to load "protected" content, will fail even if the app otherwise continues to run.
The Play Integrity shenanigans is mostly on app developers.
That said, good thing GrapheneOS will launch its own Android phone: https://discuss.grapheneos.org/d/27687-new-manufacturer-theo... / https://piunikaweb.com/2025/10/13/grapheneos-ending-pixel-ex... / https://www.androidauthority.com/grapheneos-phone-wait-or-bu...
I completely agree, but as a user I'm the victim of the developers choice.
Use aegis https://f-droid.org/packages/com.beemdevelopment.aegis/
Thanks for the link, I'll take a look. I might just move it to a secondary device first.
I do have older Android devices that I have run banking apps on, that I can revert to if necessary, but there's a fair bit of inconvenience I would be happy to endure to avoid being forced into that final option.
What I would recommend is a slow transition, and just start using it at home. If you have GrapheneOS on it's most paranoid settings (exploit protections) there will be exceptions you'll need to allow for a few apps.
It's worth noting GrapheneOS with the locked bootloader will meet basic integrity, and that's what most apps need anyway. Strong integrity requires a whitelisted OS by Google and hardware to support it, but there are many older devices that do not meet it, so it will likely inconvenience too many people to be enforced for now.
That being said I haven't had issues with using them.
The issues with GrapheneOS for me are:
1. They don't support rooting the OS. This is such a basic requirement for me.
2. They only support Google Pixel phones that don't have kill switches for the microphone, camera, radio and so on, as far as I know.
So right now I'm waiting for a Linux phone that's priced normally. I tried the PinePhone a couple of years ago, but it was an awful experience. Hopefully something comes soon. If not - I'll use my dumb phone.
2. They have implemented kill switches for these on the software level. Afaik there's nothing up dispute these working just as well as hardware switches assuming proper verified install of GOS.
2. Software kill switches are prone to software attacks, aren't they? They can't be as secure as hardware kill switches unless we can prove the software kill switches can't be attacked by software. I doubt anyone can prove this.
Mobile OSes are notoriously more secure than desktop ones, precisel because of the security model.
Access control is also more advanced, e.g. apps need to request permissions to the user. Not saying that desktop OSes are not making progress, but they are behind.
I don't know if Qubes qualifies here. Qubes runs Linux instances in VMs to compartmentalise them, but then each Linux instance has the Linux security model.
I think Qubes qualifies from a practical point of view, as modern hardware is powerful enough for it, so it's viable to run Qubes on desktop instead of a baremetal OS. I'd even go further and say there's no excuse not to run Qubes if you're familiar with Linux and can afford a compatible desktop or laptop.
Per-app sandboxing or per-OS compartmentalization is pretty similar with regards to security. There are some security and usability trade-offs, but I like the per-OS isolation model, as it's easier for several apps to share everything within a VM - that way you isolate a whole "project" more easily, as everything inside a VM is only related to that project and you assume all the apps would need access, anyway.
That's the security model. Giving users root breaks both of those assumptions, hence it breaks the security model.
Notice that it is clearly in the best interests of users to at least have this option. But modern BigTech operating systems are designed around corporate interests, not yours. And security professionals seem to prefer to ignore inconvenient things like user freedom.
So not having root (somehow?) prevents phishing and tricking? That doesn't seem bad for people who know what they're doing. If I'm wrong, please elaborate.
> They also can't access internal app files which gives app authors tight control over how their software is used.
I read that in the security model and I don't care for it. App authors shouldn't have any control over how their software is used. In my opinion, of course, but for my computers my opinion is what matters.
> trick them [ into granting root ]
Apologies for the ambiguity.
There is one banking app that stopped working, and you know what? I dont use it now. I'm not about to let a bank dictate how I use my most personal device. I use a desktop if I need to access that info, and it forces me to be deliberate about it too.
I'm not sure why one banking app not working would be a deal breaker (Can you not live without that specific banking app?) or why things being "digital-first" would be an issue (Are you talking about a government app not working?). The only people I think that it isn't practical for are those that need a specific dual factor authentication app for their job that doesn't work on it or someone that uses there phone for their business as a payment processor that requires an app that doesn't work on it. Otherwise it's kinda install it and forget about it, which is how I wish more privacy focused software worked.
I added a disclaimer to the DNS section along with a list of other DNS providers folks can choose to use instead.
I made these choices before I was employed by Cloudflare and personally like how transparently they operate as a company. They have earned my trust but I don't expect others to feel the same way.
> Tech enthusiasts: My entire house is smart.
> Tech workers: The only piece of technology in my house is a printer and I keep a gun next to it so I can shoot it if it makes a noise I don't recognize.
I thought there was only a couple of us.
This one is pretty easy to counter. Just ask the person to hand you their phone and go through their messages and photos. There's no one that wouldn't feel restless about it.
Or, why do you get your mail in an envelope? I can see that it is your financial statements.
Why do you have curtains on your home? I can go to Zillow and see the interior of your house from years ago.
Ask them for their children's names and the school they go to.
Ask them their mothers maiden name, their first pets name, and they street name they lived on as a child.
Ask to film them going about their job (if they're law enforcement).
Ask them for a copy of their bank statement.
Ask to see their browsing history.
Ask for a key to their house.
In the past I dropped off privacy when it was too unconvenient. For example I dropped protonmail because of bad search, left Linux desktop for Windows due to missing software, etc, I still haven't found the sweet spot for LLMs yet.
For the rest, I'm currently running the full macOS, iOS, safari, Apple passwords and I'm decently happy with this middle ground.
- WhatsApp is an exception
For others
- Google is an exception
The author fails to mention that they are currently working at Cloudflare, I think that should be made clear otherwise I see it as misleading to the reader, like so many pointed it out, Cloudflare is just a corporation like any other corporation out there...
I had the disclaimer in the Domain section but also added it to the DNS section, along with a list of other DNS providers folks can choose to use instead.
It's a very naive way of thinking about some businesses. What did Cloudflare do to earn this trust? It's just another VC-backed company and 1.1.1.1 is a free service. So Cloudflare is going to lose money just to protect my privacy? I don't think so.
dude who wrote the article works for Cloudflare. I'd say receiving a paycheck is a pretty good way to earn trust
It's just DNS. I'd say using cloudflare DNS is a step up from whatever the ISP's default DNS is. But if you're hawkish on Cloudflare, just use something else. There are plenty of good options
Never host your own email. It’s a nightmare if legacy systems, edge cases, layered on trust systems, malicious actors, and endless spam. It’s a good way to spend a bunch of time and effort making sure most of your mail never gets delivered.
I host a few of my own domain emails using mailu (a system of docker containers), but not my primary (so I'm slightly hypocritical). It's a certain amount of hassle, but as long as you do the SPF and DKIM things, it seems to work pretty well for me (in the limited amount that I use these domains for email).
Yes, the only solution is self-hosting and yes it requires being your own sysadmin and it’s hard and not convenient. That’s why I’m building https://github.com/ibizaman/selfhostblocks. It’s a NixOS collection of modules that sets up services that fit well together and have declarative setup for LDAP and SSO. They have integrated backups, https and other features required for self-hosting. I’m hoping to lower the bar to self-hosting significantly.
Gave it up a while ago, for:
Librefox on the linux device.
Waterfox on the android device.
Orion on the APP£ device.
Librefox hasn't been updated since 2019:
https://github.com/intika/Librefox/commits/master
I've used it as a 2nd browser for past 2 years although on Speedometer benchmark it constantly gets a much lower score than Firefox. You can feel LibreWolf slower it on heavy sites like YouTube.
https://browserbench.org/Speedometer3.1/
"Control" would not be a better argument with them. Everything is already controlled. What amazon, google, youtube, facebook, instagram, tiktok, netflix, spotify, recommend to you is all controlled. Various insurance (health, car, etc) is relatively controlled. Through an employeer you usually get health insurance. If you're self or un-employed they require, or did require, extensive health info before they would let you sign up.
And, I'm not entirely sure I disgree with that. Why should my premiums be higher because someone else wants to participate in risky behavior?
Like many here I go though lots of trouble to stay anon. VPNs, multiple unrelated browser profiles, multiple browsers, never use the same email address twice, differnt passwords, etc.... But I can't really think of a truely compelling reason to to give to my family why they should do anything similar.
I can mention things like the girl who's parents discovered she was pregnent when advertisers started sending her baby care ads. But, that's just not relevant to them.
People often say they have nothing to hide, but they don’t get to decide, the powers that be will make that determination. Law enforcement, civil judgements, corporate penalties, etc.
On the other hand, it's likely the traffic violations will go down as self driving car usage increased. Though of course, that will increase the surveillance
They also know when you’re having sex in the car, but I didn’t mention it out of politeness.
But that still wouldn't convince my family. None of them are having sex in cars.
It's arguable that without control there can be no "privacy and security", including relief from data collection, surveillance and ads. The so-called "tech" companies that profit from data collection, surveillance and ad services are going to protect their own interests first, and if the the ad target (computer user) delegates "control" to these people, then he will also sacrifice some "privacy and security" as a result. When there is a conflict between the company's interest in profiting from data collection, surveillance and ad services and his interest in "privacy", his interests will be subjugated to theirs. He has sacrificed control
Personally I'm not really interested in "convenience" at the cost of control. For example, delegating control to a third party. I want control
Like "privacy", "control" could mean different things to different people
To me, it means control over a computer (via software)
For example, let's say a student at Harvard in the 1970's later becomes a hacker at MIT's AI lab in the 80's and dislikes not having the ability to study and modify the software he is forced to use
He writes a compiler and attempts to create an operating system
Arguably one could say he wanted "control"
Or let's say a student at University of Helsinki in the early 90s is using an operating system installed on the university's computers and wants to run the same type of system (UNIX) on his i386 PC at home
He writes an operating system kernel
Arguably, one could say he too wanted "control"
Let's say a www user in 2025 dislikes using software that automatically downloads, installs and runs code on his computer without his input or consent and automatically sends DNS, HTTP and other requests to allow so-called "tech" companies to perform data collection, surveillance and ad services^1
Arguably, one could say he also wants "control"
He compiles his own operating system from source and writes some simple programs to prevent the remote access installs and intercept the attempted automatic remote requests
1. Thanks to the work of the folks in the first two examples and others like them, source code for UNIX-like OS is readily available including a free compiler to produce software for it
Perhaps "control" in this context must involve some element of "DIY". The folks in the first two examples did not wait for or plead with third parties, e.g., so-called "tech" companies, to give them "control"
If one accepts that there can be no "privacy and security" without "control", then it stands to reason that delegating control to so-called "tech" companies is not going to produce "privacy and security"; it will always be compromised by the companies' own interests which include profiting from data collection, surveillance and ads services at the expense of "privacy and security"
For example, can a "Big Tech" company attain "privacy and security" if it does not have control over its computers. What if it delegates control to someone else such as an individual home internet subscriber
For another example, can an individual home internet subscriber attain "privacy and security" if he does not have control over his computers. What if the subscriber delegates control to a "Big Tech" company
on one hand its being relative to a list of specific threat actors you avoid. on the other, its maintaining a role with leverage vs your devices and services.
privacy doesnt catch on as product because you have to navigate an inferior relationship to those threat actors first, and nobody aspires to that unless they already have a kind of alt cyberpunk underdog mentality and attitude.
the non-punk or normal, leveraged position is like a business or first class lounge for tech. calm, negotiable, amenable, hidden and exclusive power, craft, affiliation and signalling.
most privacy tech and apps are still in the mall ninja cyberpunk mentality, with some slightly self important NGO/public sector affilation signalling with Signal. The aesthetics of privacy need to evolve to drive more meaningful tech imo.
The newest release of bitwarden absolutely sucks. The images that they're using look AI-generated (specifically, there's some weird stuff around line thickness, colour and shading that, as the spawn of two artists, I do not believe a competent artist/designer would make), but also the images are just pixellated and grainy on my 1080p screen. The design has gone from "clean and usable" to "utterly dogshit", and the response time has gone down the pan.
For domain registration I recommend netim, as they neatly reduced the price that I pay from £30 down to £5, which made a huge difference personally.
Well, they don't today.
Speaking of "control", it is bad form to keep both the nameservers and registrar with the same company (think takedown requests / account lockout / etc).
One counter is "since I've done nothing wrong, you have not need to care about what I hide". Both make assumptions, the difference is about who is trusted. Why should it be the authorities.
The future is suckless philosophy.
I wished the author elaborated more on why.
I'm looking for a nice tool that would give me that "control" over my home network -- at the very least, proper observability. Like "little snitch / open snitch" but running on my home router... and I haven't found anything like that yet.
I really dislike that this is always the argument that's being attacked. It's not even what most people are thinking when they respond.
It's clear that the exchange is privacy for effort. If I want to self host, I need to pay time and money to get it all working, then continue to maintain it forever.