I recently tried to clean up my digital life. I switched to Linux and switched to GrapheneOS and made more use of my proton subscription to replace google. But I have a few questions :
I tried https://coveryourtracks.eff.org/ on Librewolf on my PC and Vanadium on my phone and it say I have a nearly unique fingerprint. Is the benefit of using a privacy focused browser neglected by the low userbase and unique fingerprint ?
I did not have a great digital hygiene before so I have a google account, meta… How do I clean this up ? Are services like Incogni any good or is it just marketing ?
Finally I wanted to use tails with persistent storage to use as a live system if I ever need to use a PC that is not my own to connect to my accounts. However, I don’t want the ISP to know I use Tor. I see it as a big “I have something to hide” flag for the ISP. But my understanding is if I install a VPN on tails it will be Tor over VPN (bad if I understand correctly) instead of VPN over Tor. Should I use something else than tails since I only want/need always on VPN with kill switch.
Thanks a lot for your help. I want to say the journey is much easier than what I anticipated. The hardest part is making people switch around me. The lobbying has started.
Firefox Nightly + arkenfox userjs + uBlock Origin + Bitwarden as my daily driver.
Been a couple years since I checked up on arkenfox still being good. I get flagged as a bot all the time and constantly get popups about WebGL (GPU fingerprinting) so I assume its working as intended for my threat model.
Tails when I really care.
Mullvad VPN as my regular VPN with ProtonVPN for torrents.
GrapheneOS / NixOS as my OS.
Proton Visionary for most cloud services except passwords and I don’t really use Proton Drive. I do use ProtonPass for unique emails to every provider.
Kagi for searches / AI.
Etesync for contacts because Proton didn’t sync with the OS last I checked.
Backblaze B2 for cloud storage with my own encryption via rclone (Round Sync on GrapheneOS)
Keypass for a few things like my XMR wallets and master passwords I don’t even trust in Bitwarden.
https://jmp.chat/ for my mobile provider.
Pihole with encrypted DNS to Quad9.
https://onlykey.io/ for the second half of my sensitive passwords (Bitwarden, LUKS, Keypass, OS login). First half memorized.
Its a lot. I burned myself out a couple years ago keeping up with optimizing privacy and this setup has served me well for 2 years without really changing anything. The cloud services are grey areas in terms of privacy but the few ads that leak through uBlock have zero relevance to anything about me.
Thank you for laying all this out. This is really helpful.