It’s been a while since I made this post, so I think it’s time for an update.

Items in italics are subsequent additions.

Remember these rules:

  • Be respectful! Some people are early on in their privacy journey, or have a lax threat model. Just because it doesn’t align with yours, or uses some anti-privacy software, doesn’t mean you can downvote them! Help them improve by giving suggestions on alternatives.
  • Don’t promote proprietary software! Proprietary software, no matter how good it may seem, is against the community rules, and generally frowned upon. If you aren’t sure, you can always ask! This is a place to learn. Don’t downvote people just because they don’t know!
  • Don’t focus solely on me! Since this happened in one of @Charger8232@lemmy.ml’s posts, I want to mention that this thread is not designed to pick apart only my setup. The point is to contribute your own and help others. That doesn’t mean you can’t still give suggestions for mine, but don’t prioritize mine over another.
  • Be polite! This falls under “Be respectful”, but be kind to everyone! Say please, thank you, and sorry. Lemmy is really good about this, but there will always be someone.

Here is my setup:

Web browsing

  • I use Mullvad Browser for general browsing, with uBlock Origin and NoScript.
  • I use FoxyProxy to route my connection over Tor or I2P when accessing a hidden service or eepsite.
  • I use Librewolf for general browsing on on my Raspberry Pi, as Mullvad has not yet been ported to aarch64.
  • I use a self-hosted SearXNG instance for web searches, though it isn’t quite as reliable as MetaGer used to be.
  • I use Mullvad VPN at all times.
    • I only use their owned servers; not their rented ones.
    • I usually enable multihop, but it does cause issues.
    • I use their Shadowsocks proxy to connect while on eduroam.
  • I use NextDNS and Mullvad DNS interchangeably for extra content blocking.
  • I use Libredirect and UntrackMe to redirect me to alternative frontends for popular services (e.g. YouTube -> Invidious)
  • I use Vivaldi for society stuff, where the stupid web apps don’t play nice with adblockers.

Desktop

  • I use several trusted Linux distributions on my PCs; currently:
    • Arch Linux
    • Debian
    • Raspbian
    • Alpine (pending installation)
    • Slackware
  • Apart from my Raspberry Pi, the UEFI/BIOS is password-protected on all of my machines.
  • I have enabled secure boot on my ThinkPad T480s (the only device I own that supports it).
  • I always carry a Tails USB, but I haven’t yet had cause to use it.
  • I use full disk encryption (LUKS) on everything, and I have a VeraCrypted pen drive for special cases.
  • I cover most of my webcams with Blu-Tac or electrical tape.
    • My ThinkPad T480s supports disabling the webcams and microphone in the UEFI.
    • I trust the security in GrapheneOS enough not to to this on my phone, which would be inconvenient (although a case with camera covers would be nice once my Otterbox wears out).

Mobile

  • I use a Pixel 8 with GrapheneOS.
  • Again, I am always connected to Mullvad VPN.
  • I currently use Cromite, but I often switch between several private options. Suggestions with reasoning are most welcome.
    • Cromite is hardened according to PrivacyGuides.
  • I have Tor Browser installed, for when I need more protection or if I need to access a .onion
  • My passcode is simply the longest string of digits I can remember.
    • I used to use an alphanumeric passphrase, but it became rather inconvenient when I disabled biometric unlock.
  • Radios (i.e. WiFi, Bluetooth) are automatically disabled when they are not in use.

Messaging

  • I have managed to get my family and a few friends to use Signal, and I have one friend who I speak to over Tox (I am aware of why this isn’t the most secure; he’s had difficulty with other options)
  • I am forced to use Discord, sadly, as all three of my societies use it as their only form of communication (other than social media), as do several societies from other universities and as does one of my close friends.
  • With the exceptions of my grandma and my old high school group chat, I no-longer use WhatsApp.
  • Now that I’m out of student accommodation, I have been able to delete Snapchat (my old flatmates insisted on using it for the flat group chat). Good riddance.

Online accounts

  • I use KeePass to manage my passwords, which are synchronised between devices using Syncthing.
    • KeePassXC is the client I use on desktop.
    • On Android, I use KeePassDX.
  • I use Aegis and OTPClient to generate TOTPs. I also have a graphing calculator that can generate these, but it doesn’t seem to work very well these days.
  • I have anonymised all of my social media accounts apart from my LinkedIn (I wish I didn’t have this in the first place; something something capitalism) and an old Mastodon account I lost access to.

Video streaming

  • I use Invidious, yt-dlp, and mpv to watch YouTube videos.
  • I use PeerTube when possible (mainly to watch Veronica Explains, New Ellijay TV, Techlore, and The Linux Experiment).

AI

  • I played around with ChatGPT and DALL-E in the early '20s, but those days are behind me now.
  • I occasionally use Duck.ai for help with server stuff, but only when I’m desperate and out of options.

Social Media

  • The only non-FOSS social media I use is Tumblr, which is ranked B by ToS;DR.
  • I have a LinkedIn, but I don’t really use it.
  • I am the media officer for one of my societies, but I have all of those nasty proprietary apps in a separate profile.

Email

  • I use Posteo as my main provider.
  • I have DuckDuckGo Email Protection as an alias service, which I use through Quacky.
  • I use my uni email (Outlook 365) and my society email (Gmail) through privacy-respecting clients; namely Evolution, KMail (if I’m running KDE), and FairEmail.

Shopping/Finance

  • I rarely make online purchases. I am certainly being tracked, but I’m simply not producing enough data in the first place for this to be a big problem.
  • For physical purchases, I am trying to use cash more often, but it makes my budget harder to manage.
  • The only recurring payment I make is to OVH, who provide my VPS and are known to be one of the better hosting providers from a privacy standpoint (though I imagine not the best).
  • I would use Monero for things like Mullvad, but I’ve had a hard time acquiring any.
  • I have joined several loyalty schemes, but I rarely use them as I shop at Aldi (specifically Aldi Süd), which doesn’t have one.
    • The data collected by supermarkets when I use my loyalty cards is, in my opinion, a fair trade. They get some analytics, and I get discounted products. I am comfortable with this.

Music

  • I occasionally stream music on Bandcamp, but virtually everything I listen to is either on CD or a local file.
  • I occasionally use an MP3 stream to listen to KERRANG! Radio, Radio 4, Classic FM (for DanTDM’s show), or my university’s student radio station.
  • I give Last.fm my listening data intentionally.
  • I use Libre.fm and ListenBrainz to track my listening habits.

TV shows

  • I use DVDs for most of my viewing, but I have sailed the high seas in the past
  • Some shows I enjoy (i.e. Helluva Boss) are released officially for free on YouTube (watched via Invidious).
  • My flat does have a smart TV, but its one of the older ones (sans bullshit) and not connected to the internet.
  • One of my flatmates is trying to set up a media server, which is nice.

Gaming

  • I generally don’t game.
  • When playing Minecraft, I use PrismLauncher and I’m always sure to install the Anti-Telemetry mod.

Programming

  • I code using Micro. I also sometimes use Kate, but only if I’m running Plasma.
  • I use sourcehut and Codeberg to host my projects.

Productivity

  • I normally just use Markdown for note-taking and documents.
  • Next time I make a presentation, I will probably use Markdown slides (LibreOffice Impress isn’t great, in my experience).
  • Spreadsheets are edited with LibreOffice Calc, but I tend to just use a text editor to write a CSV or TSV unless I need formulae.
  • One of my societies uses Trello and Google Docs for their stuff. However, I use these in their own profile on my phone, and in their own browser on desktop.
  • If there’s anything really sensitive or really private I need to write, I just use a pen and paper. I also own a typewriter.

Misc

  • I use FreshRSS for news.
    • I use Capy Reader on my phone and Newsboat on desktop.
  • My local timezone just happens to be the same as UTC most of the time.
  • I use a non-smart, analogue watch (RIP PineTime).
  • I don’t have a car, as I’m skint.
  • I use Bluetooth earbuds out of necessity. I’m still salty about Apple removing the headphone jack and then every other phone company (in this case, Google) following suit. However, they are basic earbuds which do not require an app, and so they should be more private than other similar models.
  • I will never use Amazon Echo or Google Home.

To-Do

  • Use cash more often
  • Try to get family to ditch Meta
  • Get grandparents to use Signal
  • Audit all systems with Lynis
  • Selectively clear cookies and site data every so often in Vivaldi (automate, if possible)

Thanks for reading!

  • CodenameDarlen@lemmy.world
    link
    fedilink
    arrow-up
    7
    ·
    edit-2
    2 days ago

    I don’t like the idea of paying too much for privacy, I fear this might be one more of capitalism ideas, creating the problem and offering you the solution.

    So my privacy journey is limited:

    • Listen to all songs downloaded offline
    • Use VSCodium for coding (VSCode without telemetry)
    • Lineage on Android
    • Arch on PC, Windows 10 IoT LTSC (with debloat scripts, no linked account) for games
    • LibreWolf on PC and IronFox on Android, both with LibRedirect enabled for all sites and uBO
    • DNSNet on Android to block trackers system-wide, I also like to see which url is trying to track me
    • All apps are mostly Lineage or AOSP native, Files, Calculator, Messages, Contacts etc…
    • Use pCloud for backup with encrypted files (using GPG, not pCloud encryption, I send them encrypted)
    • I use Lemmy and Invidious for entertainment
    • Tuta as primary email and Proton as secondary

    I think this is the main stuff, as I said, I try to avoid making new accounts, accessing new websites frequently, I’m going the opposite way and trying to de-tech as much as possible. Less digital accounts, less things to worry about.

    I became less dependent of fancy things, a few time ago I couldn’t use YouTube without the app installed, which is very convenient, now I just use Invidious in browser.

  • Libb@piefed.social
    link
    fedilink
    English
    arrow-up
    3
    ·
    edit-2
    2 days ago

    I do as much as I can offline and/or the analog way:

    **Analog **

    • I shop local and offline as much as it is still doable. I had been a customer of Amazon for 20+ years when I became realized I should be… less of their customer. A radical change, really, but it’s OK ;)
    • no note-taking app, good old (and highly practical) pen and paper. I will write longhand and only after I draft the whole thing I will transcribe it on a computer (running Mint). When it’s a very long document I’m drafting I will use a… typewriter (one day, we will realize how many of us there are) ;)
    • No digital calendar (back to using a paper one), I use a dedicated camera (the rare time I still take pictures, I prefer sketching… using good old and privacy respecting pen, paper and watercolors).
    • No digital journaling app, a paper journal.
    • I use one of those 90s digital voice recorder from Olympus or Philips (can’t remember) not the voice memo app on the phone.
    • Books: I quit reading ebooks a few years ago and moved back to print-only (I started to read ebooks somewhere in the early 00s, reading on my Palm Pilot) because of privacy and ownership concerns.
    • Music: offline, CD and files I own. I quit all streaming services.
    • Movies: the same as with CD, just with DVD. Meaning that if something can’t be purchased on disc and is by subscription only we won’t be watching it. No big deal since the main reason why we so easily decided to ditch Netflix and the likes was that most of what they produced was of very, very little interest to us. Like, really.
    • TV: We have not owned a TV since the early 00s. And we certainly have zero desire to own one of the spyware riddled smart TVs.
    • We don’t order food or deliveries either using those online services, ever. We seldom order anything (and when we do we just call the shop) as we like to cook or going to one of the many restaurants around here (real restaurants serving real hand made fresh food I mean, not fast-food serving over-processed junk food), and for errands, well, we walk to nearby shops like we have always been doing. We, being my spouse and I.

    Digital

    • Web: Waterfox + uBO is my default browser
    • Web: Vivaldi, for anything requiring chromium.
    • Web: Brave, for work related activities and exclusively for those.
    • Computer OS: Mint.
    • VPN, when I need one: Mullvad or Proton -since I also have a paid account there).
    • Mail: my own domain, Proton when needed, and Infomaniak’s email (Swiss) for publicly shared address.
    • Cloud: Filen.io (Germany) for E2EE encryted storage (no subscription, a one time purchase they offer yearly around Blackfriday). Infomaniak (subscription, the same I use for my email) for not E2EE cloud storage.
    • Social: beside Piefed, I don’t use social media anymore. I still own the various accounts I created along the years, I simply don’t use them anymore.
    • RSS: newsboat (cli RSS reader)
    • yt-dlp + mpv for online video (and even some podcasts, the ones I could not get to work I stopped listening to them)
    • Phone: iPhone. For me, it’s real simple: I know I cannot trust that phone (Apple or Android), therefore I don’t trust it. Still, I’m expected to have a phone and to have access to a few selected apps. So, I have a phone that contains only those apps I need (security, 2FA, banks, and stuff like that) and no apps I may like, or may want to use. The two exceptions being Uber that I very seldom use but do use from time to time, and the Filen cloud app (see Photo, below). But that’s about it, there is no social media, no games, no personal whatever and I also quit listening to music and podcast on it. Not ebooks. Not even email. Heck, even SMS: people have quickly learned to not use those to try (and fail) to reach me. The only SMS I still receive are those stupid shit for security purpose.
    • Photo: most of the time, I will not take a picture and will do a sketch instead. But I may use the camera on the phone from time to time if and when I don’t have my dedicated camera nearby. The photos are not synced to Apple, they are synced to Filen E2EE cloud, then to my computer. Since I barely take any picture anymore it’s all I need (younger, I was much into photography).

    Varia

    • BT earbuds: Airpods. They are working fine with Mint, I used to but I don’t use them with my iPhone anymore (since I stopped listening to stuff on it)
    • Car: we have not owned a car since the early 00s. And if I’m ok with renting a (spyware-riddled) car we do our best to never need to do so (for everyday tasks, I just walk a lot and I will even reduce as much as possible my use of public transportation since it’s getting real difficult to get non-nominative or non-traceable tickets).
    • CCTV: not much I can do against those. Heck even doorbells have turned into spying device… thx to so many of us being ok to spend money in order to get those terrifying tools on our own doors.
    • Watch: no smart watch. I used to use my granddad’s mechanical watch and for a few years I mostly have been using a Chinese one. It’s not a ‘Chinese copy’ of some other brand it’s an official Chinese brand called Seagull (I have their ‘Seagull 1963’ model), they purchased the tooling from a Swiss watch maker somewhere in the late 50s, early 60s and have been making watches since then. It’s nice and cheap. An , being mechanical, requires no battery at all, no charging and no updates.

    Beside the law here in France, making it so that we’re legally being tracked by our ISPs, my main digital weakness is that I still own and use an iPad.

    That iPad is my go to PDF reader when I’m not working at my desk (I can’t find any more convenient tool for that). But I use it just as a reader and don’t take notes on it anymore, like I used to. To get that PDF file on the iPad, I rely on Infomaniak’s cloud KDrive (Swiss-made) and use a free reading app. I also use that iPad as an Internet radio, through the ‘Audial’ app. Both those apps and infomaniak’s cloud are not Libre/Free so by default I consider my every moves using the apps are being tracked. Infomniak is insisting on them respecting our privacy, and I’m willing to believe they are sincere here but they still can access our content if they ever decide to, or are required to. So I don’t trust them with anything important and they’re more than welcome to look at the (legally) scanned PDF of centuries old books, or to look at the (boring) pictures I may take of random shit (never of people, strangers or that I know) and the occasional flower :p

    Thanks for reading!

    Thx for sharing ;)

  • turtl@lemmy.ml
    link
    fedilink
    arrow-up
    3
    ·
    2 days ago

    Nice writeup - thanks for sharing (was also gonna suggest listenbrainz over lastfm lol)

  • Apollo2323@lemmy.dbzer0.com
    link
    fedilink
    arrow-up
    1
    ·
    2 days ago

    For mullvad I will suggest you mullvad gift cards. They can be purchased in Amazon, also what is your experience with posteo as email provider?

    • theskyisfalling@lemmy.dbzer0.com
      link
      fedilink
      arrow-up
      8
      ·
      2 days ago

      What? No one should be using Amazon but especially not if you are at all privacy conscious, on top of that OP said they buy as little online as possible. Mullvad you can shove cash in an envelope and send it to them, why would you purposefully shit on your own privacy to buy a gift card through Amazon?

    • Hellfire103@lemmy.caOP
      link
      fedilink
      English
      arrow-up
      2
      ·
      2 days ago

      I trust Mullvad with my card number a lot more than Amazon, and I did mention that I would have paid with Monero if only I had any.

      As for Posteo, great experiences all around. It mostly just gets out of your way and, unlike more popular providers, isn’t always telling you about how great it is. However, the SPAM filter could be better.