I think that’s a good setup. If you must have Facebook Messenger, my advice would be to maybe use a work profile for apps that track you. Compartmentalization is the key word here. Apps like Shelter make it really easy. I have to use WhatsApp and that is an app that is in the “unsafe” profile, aka work profile.
I have a question about the work profile: would it make sense to isolate the PlayStore too, as it‘s google? Because this is the main painpoint for me, as I cannot move to a custom rom with my phone currently
If you dont root that will Not be possible. Playstore is a key Feature of most Android Roms that ship with the phones. I run grapheneos. There i have Google Services disabled im my core Profile and have a separate Profile with Gplay. I know, that due to imei and other factors Google could easily track me possible but that’s Not my worry
Thank you! uMatrix is a browser extension that makes it very easy to block any third party requests a website makes by category. For example, if example.com loads fonts from Google that is considered a third party request. Or if it tries to set a Facebook cookie. uMatrix shows a table (or a matrix) of all the request addresses and categories and you can click on them to block/allow them.
It doesn’t need to be maintained if it still works on the latest update of the browser. Also, uBlock is not a full replacement, if there will be a full replacement that is maintained, I’ll gladly switch
jitsi conference room server, or matrix chat server.
you could run an Oxen node for the Session onion messenger, or a relay for the SimpleX messenger. these are especially important things we need to reduce decentralized messenger dependence.
As the others have said, a Google (search engine) replacement will have the most “privacy returns”. Take a look at whoogle and searx, or if you can mak them switch to another search engine like duckduckgo
I don’t think the answer is that simple. I can’t access my computer at the moment to test with the websites you provided, but yesterday I wanted to find out the resolution of my browser and I went to some website that prints it. It didn’t work at first because it used some third party script for that which uMatrix blocked. I wouldn’t be surprised if most websites don’t do a lot of “first party” tracking.
I sorry if I came off confusing, I’m not a native English speaker so putting my thoughts into English writing is a bit of a barrier for me. I guess I’m just looking for people to point out flaws in my setup and have a discussion on best practices while keeping the comfort factor in mind.
As far as I understand, if you wanted to not be unique you would have to not use any special privacy tools. Use default Chrome installation and Windows 10/11. There will be millions of people using the exact same setup as you.
@Aspaldiko This is what I would’ve said. Hiding in plain sight is the solution. It gets tricky when you want to send a message and not leave a trail at all, but in essence - privacy != anonymity.
They are a search proxy, sending your query to Google, Microsoft, Yahoo and whomever else they partner with at the time. They don’t anonymize them either, which is how DDG works.
They plant trees. That was their thing. For the environment. I don’t know how they magically get lumped into privacy discussions. They don’t care about privacy at all.
I can second this. I have SearxNG running in a docker container by itself and it requires no real maintenance of any kind. I do have a cron job that updates the docker container once per day, but it ran for ages on the same version without issues.
A lot of open source software is made by enthusiasts for free. A lot more of it is made by companies like Microsoft or Google for various reasons - I believe mostly to claim “we’re open source”, but also to entice others to contribute more code that they can leverage for free, which is a valid reason too. One thing is sure: they do pay their engineers’ salaries
Free services however… That’s different: we all know why Microsoft or Google propose free services.
Now this unknown search engine you linked to: they could be funded by idealists who want to promote privacy, like the Calyx institute for example. However, looking at their website, I see no obvious reason why they propose the service they propose: they do have a Donate button that leads to a page with 4 payment links - 3 of which crypto - and their About Us button leads to a page that just says “test”. Kinda sketchy…
Therefore, I assume it’s up to no good, because that’s the reasonable thing to assume with any unknown website that looks sketchy.
when it comes to server-side software, FOSS is of little importance unless you are self hosting. there is zero way for you to verify, unlike client software.
Open-source isn’t a guarantee that whoever makes the open-source software is privacy-respecting. Android was made by Google for example, and it was made open-source for the express purpose of creating a mobile OS ecosystem that would become so dominant it would allow Google to collect data on as many people as possible. Google invested massive amounts of money developing an entire operating system for a reason: they didn’t do it out of kindness.
Conversely, closed source isn’t a guarantee that whoever makes the software is up to no good. There’s plenty of closed source software out there that’s perfectly legit. But of course it’s harder to verify the code if you have doubts.
privacy
Hot
This magazine is from a federated server and may be incomplete. Browse more on the original instance.