Are internet security and internet privacy incompatible goals?

Before I read this, I wouldn’t say incompatible, but they are in tension. If there’s total anonymity, the situation can be modeled as a non-repeated game, and cheating people every time you can is game-theoretically the best option. The culture of such a space basically adapts to that reality. Look at the dark web - everything not on the markets tends to be a scam, the markets themselves periodically fold and take everyone’s money, and it’s all just kind of accepted as a cost of doing business.

On the ordinary internet, you have mixed levels of anonymity. As a user you can often trade money, know-how or connections for greater anonymity, but from the provider side that still works as long as it stays cheaper to shut down abuse than whatever profit the abusers could make.

The root of all evil here isn’t that anonymity is imperfect sometimes, it’s that often providers don’t just want to know enough to stop abuse, but to do different, totally unspecified things. People basically just can’t or won’t protect themselves from that, and we’re being preyed on uncontrollably more and more because of it.

Edit: So, this is actually about things requiring mobile 2FA, and how it’s probably an example of the latter kind of information gathering. So far I’ve managed to mostly avoid that, thankfully. Most things that bug you to set up 2FA continue working without.

At the end, they suggest going back to the old internet, but I just don’t see that happening. The new internet exists because it’s better in many ways. Online shopping is good. Having oceans of people to talk to and learn from is good.