It’s been a while since I made this post, so I think it’s time for an update.

Items in italics are subsequent additions.

Remember these rules:

  • Be respectful! Some people are early on in their privacy journey, or have a lax threat model. Just because it doesn’t align with yours, or uses some anti-privacy software, doesn’t mean you can downvote them! Help them improve by giving suggestions on alternatives.
  • Don’t promote proprietary software! Proprietary software, no matter how good it may seem, is against the community rules, and generally frowned upon. If you aren’t sure, you can always ask! This is a place to learn. Don’t downvote people just because they don’t know!
  • Don’t focus solely on me! Since this happened in one of @Charger8232@lemmy.ml’s posts, I want to mention that this thread is not designed to pick apart only my setup. The point is to contribute your own and help others. That doesn’t mean you can’t still give suggestions for mine, but don’t prioritize mine over another.
  • Be polite! This falls under “Be respectful”, but be kind to everyone! Say please, thank you, and sorry. Lemmy is really good about this, but there will always be someone.

Here is my setup:

Web browsing

  • I use Mullvad Browser for general browsing, with uBlock Origin and NoScript.
  • I use FoxyProxy to route my connection over Tor or I2P when accessing a hidden service or eepsite.
  • I use Librewolf for general browsing on on my Raspberry Pi, as Mullvad has not yet been ported to aarch64.
  • I use a self-hosted SearXNG instance for web searches, though it isn’t quite as reliable as MetaGer used to be.
  • I use Mullvad VPN at all times.
    • I only use their owned servers; not their rented ones.
    • I usually enable multihop, but it does cause issues.
    • I use their Shadowsocks proxy to connect while on eduroam.
  • I use NextDNS and Mullvad DNS interchangeably for extra content blocking.
  • I use Libredirect and UntrackMe to redirect me to alternative frontends for popular services (e.g. YouTube -> Invidious)
  • I use Vivaldi for society stuff, where the stupid web apps don’t play nice with adblockers.

Desktop

  • I use several trusted Linux distributions on my PCs; currently:
    • Arch Linux
    • Debian
    • Raspbian
    • Alpine (pending installation)
    • Slackware
  • Apart from my Raspberry Pi, the UEFI/BIOS is password-protected on all of my machines.
  • I have enabled secure boot on my ThinkPad T480s (the only device I own that supports it).
  • I always carry a Tails USB, but I haven’t yet had cause to use it.
  • I use full disk encryption (LUKS) on everything, and I have a VeraCrypted pen drive for special cases.
  • I cover most of my webcams with Blu-Tac or electrical tape.
    • My ThinkPad T480s supports disabling the webcams and microphone in the UEFI.
    • I trust the security in GrapheneOS enough not to to this on my phone, which would be inconvenient (although a case with camera covers would be nice once my Otterbox wears out).

Mobile

  • I use a Pixel 8 with GrapheneOS.
  • Again, I am always connected to Mullvad VPN.
  • I currently use Cromite, but I often switch between several private options. Suggestions with reasoning are most welcome.
    • Cromite is hardened according to PrivacyGuides.
  • I have Tor Browser installed, for when I need more protection or if I need to access a .onion
  • My passcode is simply the longest string of digits I can remember.
    • I used to use an alphanumeric passphrase, but it became rather inconvenient when I disabled biometric unlock.
  • Radios (i.e. WiFi, Bluetooth) are automatically disabled when they are not in use.

Messaging

  • I have managed to get my family and a few friends to use Signal, and I have one friend who I speak to over Tox (I am aware of why this isn’t the most secure; he’s had difficulty with other options)
  • I am forced to use Discord, sadly, as all three of my societies use it as their only form of communication (other than social media), as do several societies from other universities and as does one of my close friends.
  • With the exceptions of my grandma and my old high school group chat, I no-longer use WhatsApp.
  • Now that I’m out of student accommodation, I have been able to delete Snapchat (my old flatmates insisted on using it for the flat group chat). Good riddance.

Online accounts

  • I use KeePass to manage my passwords, which are synchronised between devices using Syncthing.
    • KeePassXC is the client I use on desktop.
    • On Android, I use KeePassDX.
  • I use Aegis and OTPClient to generate TOTPs. I also have a graphing calculator that can generate these, but it doesn’t seem to work very well these days.
  • I have anonymised all of my social media accounts apart from my LinkedIn (I wish I didn’t have this in the first place; something something capitalism) and an old Mastodon account I lost access to.

Video streaming

  • I use Invidious, yt-dlp, and mpv to watch YouTube videos.
  • I use PeerTube when possible (mainly to watch Veronica Explains, New Ellijay TV, Techlore, and The Linux Experiment).

AI

  • I played around with ChatGPT and DALL-E in the early '20s, but those days are behind me now.
  • I occasionally use Duck.ai for help with server stuff, but only when I’m desperate and out of options.

Social Media

  • The only non-FOSS social media I use is Tumblr, which is ranked B by ToS;DR.
  • I have a LinkedIn, but I don’t really use it.
  • I am the media officer for one of my societies, but I have all of those nasty proprietary apps in a separate profile.

Email

  • I use Posteo as my main provider.
  • I have DuckDuckGo Email Protection as an alias service, which I use through Quacky.
  • I use my uni email (Outlook 365) and my society email (Gmail) through privacy-respecting clients; namely Evolution, KMail (if I’m running KDE), and FairEmail.

Shopping/Finance

  • I rarely make online purchases. I am certainly being tracked, but I’m simply not producing enough data in the first place for this to be a big problem.
  • For physical purchases, I am trying to use cash more often, but it makes my budget harder to manage.
  • The only recurring payment I make is to OVH, who provide my VPS and are known to be one of the better hosting providers from a privacy standpoint (though I imagine not the best).
  • I would use Monero for things like Mullvad, but I’ve had a hard time acquiring any.
  • I have joined several loyalty schemes, but I rarely use them as I shop at Aldi (specifically Aldi Süd), which doesn’t have one.
    • The data collected by supermarkets when I use my loyalty cards is, in my opinion, a fair trade. They get some analytics, and I get discounted products. I am comfortable with this.

Music

  • I occasionally stream music on Bandcamp, but virtually everything I listen to is either on CD or a local file.
  • I occasionally use an MP3 stream to listen to KERRANG! Radio, Radio 4, Classic FM (for DanTDM’s show), or my university’s student radio station.
  • I give Last.fm my listening data intentionally.
  • I use Libre.fm and ListenBrainz to track my listening habits.

TV shows

  • I use DVDs for most of my viewing, but I have sailed the high seas in the past
  • Some shows I enjoy (i.e. Helluva Boss) are released officially for free on YouTube (watched via Invidious).
  • My flat does have a smart TV, but its one of the older ones (sans bullshit) and not connected to the internet.
  • One of my flatmates is trying to set up a media server, which is nice.

Gaming

  • I generally don’t game.
  • When playing Minecraft, I use PrismLauncher and I’m always sure to install the Anti-Telemetry mod.

Programming

  • I code using Micro. I also sometimes use Kate, but only if I’m running Plasma.
  • I use sourcehut and Codeberg to host my projects.

Productivity

  • I normally just use Markdown for note-taking and documents.
  • Next time I make a presentation, I will probably use Markdown slides (LibreOffice Impress isn’t great, in my experience).
  • Spreadsheets are edited with LibreOffice Calc, but I tend to just use a text editor to write a CSV or TSV unless I need formulae.
  • One of my societies uses Trello and Google Docs for their stuff. However, I use these in their own profile on my phone, and in their own browser on desktop.
  • If there’s anything really sensitive or really private I need to write, I just use a pen and paper. I also own a typewriter.

Misc

  • I use FreshRSS for news.
    • I use Capy Reader on my phone and Newsboat on desktop.
  • My local timezone just happens to be the same as UTC most of the time.
  • I use a non-smart, analogue watch (RIP PineTime).
  • I don’t have a car, as I’m skint.
  • I use Bluetooth earbuds out of necessity. I’m still salty about Apple removing the headphone jack and then every other phone company (in this case, Google) following suit. However, they are basic earbuds which do not require an app, and so they should be more private than other similar models.
  • I will never use Amazon Echo or Google Home.

To-Do

  • Use cash more often
  • Try to get family to ditch Meta
  • Get grandparents to use Signal
  • Audit all systems with Lynis
  • Selectively clear cookies and site data every so often in Vivaldi (automate, if possible)

Thanks for reading!

  • turtl@lemmy.ml
    link
    fedilink
    arrow-up
    4
    ·
    1 day ago

    Nice writeup - thanks for sharing (was also gonna suggest listenbrainz over lastfm lol)