equivocalSep 21, 2025
evacide

There is a lot of demand for digital privacy and security advice out there right now and lots of people are giving advice and writing guides. I beg them to do a few things:

1. Be explicit about the threat model your advice is meant for.

2. Do not give advice you haven't tried implementing yourself. Eat your own dog food.

3. Get feedback on your guide from your target audience before publication.

4. Incorporate that feedback. This is not an optional step.

Sep 21, 2025 at 1:53amWeb
Show threadevacideSep 21, 2025
If your intended audience can't understand your instructions, can't be bothered to carry out your instructions, and/or following your instructions fails to actually solve the problems that they have, you're just masturbating.
Show threadFurbland's Very Cool Mastodon™Sep 21, 2025
@evacide this was a very strange post to see in my feed without context
Show threadTroxuklomSep 21, 2025
@evacide this is great advice, like, universally
Show threadCassandrichSep 21, 2025

@evacide In that case couldn't they be called JOI?

I'll see myself out.

Show threadxyhhx Sep 21, 2025

@dalias i-

@evacide

Show threadbearbob ☭Sep 21, 2025
@evacide I saw this answer before the start of the thread and unintentionally applied it to a very different problem that I currently face. I agree with you and in addition I think it is an excellent statement that applies to many other situations.
Show threadHasufinSep 21, 2025
@evacide It is absolutely stunning how many situations to which this applies.
Show threadrun_atalanta 😷💯Sep 21, 2025
@evacide 💯 second on your list.
Show threadAdam Shostack  Sep 21, 2025
@evacide This is beautiful. Thank you.
Show threadHey GusSep 21, 2025
@evacide pragmatic advice devoid of emotion and connector. Well said.
Show threadFlipper 🐬🏳️‍🌈Sep 21, 2025

@evacide If I'm going to give instructions to someone else, I first write them out and try to follow them exactly as written. It makes mostly sure they are reproducible. Mostly.

I like the callout on threat models and their applicability. I'm going to steal that.

Show thread... and and and and ...Sep 21, 2025
@evacide Honestly, this is good technical writing advice in general. Write to your audience first and foremost. Anything else is wasting time and possibly doing harm as you make people feel stupid, embarrassed, and ashamed.
Show thread... and and and and ...Sep 21, 2025
@evacide It's embarrassing how many technical people do not know how to communicate and have no interest in doing so.
Show threadDavidSep 21, 2025

@evacide Before writing yet another guide, see if there already is a good enough guide you can share, as is or with some commentary, and/or contribute to, rather than starting from scratch.

For a starting list of existing guides, see page 5 of the full version of
https://www.turnoffyourphone.org (that guide is good too).

ObXkcd: https://xkcd.com/927/

Step One: Turn Off Your Phone

Activist Anti-Surveillance Tips from a Friendly Neighborhood Hacker

Fight for the Future
Show threadScienSep 21, 2025
@evacide I've always considered privacyguides to be pretty up to par because they use threat model labels! :P
Show threadRodrigo DiasSep 21, 2025
This is solid advice. Especially #2; you can't recommend what you haven't used.
Show threadDerrial BookSep 21, 2025

@evacide Number two is questionable.

Let's say I use Linux exclusively. Why can't I give good advice for, for example, using local users in Windows?

Show threadOwl EyesSep 21, 2025
@evacide as to 1., the burden of that specification lies with the advice solicitor