Achieving Privacy on the Internet
birbsophone
Before I begin, I will say that for most people this is more a case of damage control than absolute true privacy.
By damage control, I mean using “evil” services as little as possible and opting for better alternatives instead; and maybe still using some of these services.
Of course, I have also compiled some of the very best choices for privacy. These sacrifice convenience heavily, however.
I will begin to list with a very base level privacy, with convenience being first priority, and privacy second. As it goes on, these priorities will switch places.
Keep in mind that every piece of information might not be accurate or outdated. So don’t take everything at face value here.
Let’s begin with a base, and a low threat level.
Daily Drivers Without Sacrificing Convenience
Mobile Operating System: iOS, GrapheneOS
Desktop OS: Fedora Workstation, OpenSUSE Tumbleweed, MacOS (if already using)
Browser: Firefox + arkenfox or Librewolf (desktop), Safari on MacOS, Vanadium (Android)
E-mail Service: ProtonMail, Posteo, Tuta Mail
Social Media Services: Pixelfed (instagram), Mastodon (twitter), Revolt (discord), Lemmy (reddit), just don’t use Facebook
Messenger: Signal, Google Messages + iMessage
Cloud Service/Drive: Proton Drive
Notes and My Reasonings:
Vanadium is mainly for GrapheneOS users, but prebuilt binaries are available on their gitlab. I believe it’s unavailable on older Android versions, so if that’s the case, you can instead use Cromite or Brave (available on Play Store).
Also, for android users, I recommend using Droid-ify (available on F-Droid) and Accrescent as an alternative to Play Store. You still may need to use Play Store itself, though. I do not recommend Aurora Store for security reasons.
I personally do not recommend LineageOS, as sandboxed Google apps are a better choice and Graphene is still much more secure. MicroG is still privileged and has much more access to your system. If you do not have a Pixel, it’s probably a better idea to stay on the stock OS.
Fedora and OpenSUSE are both Linux distributions that work well out of the box.
Hardened Firefox works pretty well on desktop. On Android however, it severely lacks any sandboxing, so I recommend Chromium based browsers. Also, Firefox on Android is really, really slow.
ProtonMail is more than enough for an e-mail service. If you’re willing to pay, I recommend Posteo instead.
Google Messages’ RCS service is end-to-end encrypted, so it’s not the most private solution but it is decent, paired with iMessage.
I don’t know much about Cloud Storage, but Proton is decent.
Also, some of you might need Windows, and that’s okay. However, make sure to debloat it.
Leaning Towards Privacy
Mobile Operating System: GrapheneOS
Desktop OS: Secureblue, Void, Artix, Gentoo
Browser: Trivalent, qutebrowser, Mullvad Browser
E-mail Service: ProtonMail, Disroot, Riseup
Social Media Services: Same as above
Messenger: Signal, XMPP services, Matrix
Cloud Service/Drive: Same as above
Notes: Apple is a giant corporation that still is distrustful, so I only recommend Graphene for here. I don’t like Apple putting in hidden opt-out features every update.
Secureblue is my main recommendation for desktop. It’s as convenient as it’s secure.
I removed Posteo because it is paid. Tuta aswell, because Proton can do what it does.
Signal is arguable here, because of the requirement for a phone number. But it’s still included, so there.
You can consider using a VPN provider like Mullvad.
Maximal Privacy and Security
Mobile Operating System: GrapheneOS, and your Pixel’s camera and microphone is removed.
Desktop OS: Tails, QubesOS with Whonix
Browser: Tor Browser
E-mail Service: Riseup, or none at all
Social Media Services: None.
Messenger: Briar, Meshtastic (Android app)
Cloud Service/Drive: None.
Notes:
Briar and Meshtastic can work without an internet connection. Very cool! I think Meshtastic has better real-world usage.
While connecting to the internet, use Tor or I2P.
Conclusion
You can mix and match from what I’ve provided. I usually advocate for the first tier, as it is easier to spread for me, and easier to get started for people.
Take small steps to switch, and don’t rush it. Most people are entirely Google dependent these days, and it’s a slow process to get through.