And therein lies the problem. We on HN may have a few ideas about how to do this, but the typical user of a secure email/VPN/tor unfortunately doesn’t and realistically can’t understand the corner cases and tricks.
Realistically, even HN users would make enough mistakes.
This is why I’m dubious of these types of products marketing to average consumers
If your threat model is "utilize secure email/VPN/tor to evade organizations on the spectrum of [law enforcement...intelligence services]" you are not a typical user even of those services and saying that it's on you to understand all the corner cases and tricks to avoid persecution, prosecution, execution, etc. seems pretty reasonable.
If you’re trying to evade LE because it’s illegal to be gay in your country, and you get caught because you’d listed an Apple address in your ProtonMail account - can’t we design better products to make this less likely?
Who gets to decide which specific sorts of evasion of law enforcement are acceptable?
Should we consult your personal moral preferences for that, as applied to each of the 200+ countries on the planet? Why do your preferences overrule those jurisdictions' decisions?
I think there is a fairly straightforward answer to this question. It is always acceptable to evade law enforcement for anything related to laws restricting human rights as outlined in either the Universal Declaration of Human Rights, or the International Covenant on Civil and Political Rights.
Folks who design products that are trying to protect privacy should do their absolute best to sand down the sharp edges and make them secure-by-default wherever possible.
And therein lies the problem. We on HN may have a few ideas about how to do this, but the typical user of a secure email/VPN/tor unfortunately doesn’t and realistically can’t understand the corner cases and tricks.
Realistically, even HN users would make enough mistakes.
This is why I’m dubious of these types of products marketing to average consumers