Achieving Privacy on the Internet
birbsophone
Before I begin, I will say that for most people this is more a case of damage control than absolute true privacy. Aside from that, I will also not cover threat modeling in this post as there already exist two blogposts 1 2 which explain what it is in detail. Please do read it if you do not know what “threat modeling” means. As a TL;DR, threat modeling is defining what you want privacy against.
By damage control, I mean using “evil” services as little as possible and opting for better alternatives instead; and maybe still using some of these services.
Of course, I have also compiled some of the very best choices for privacy. These sacrifice convenience heavily, however.
I will begin to list with a very base level privacy, with convenience being first priority, and privacy second. As it goes on, these priorities will switch places.
Keep in mind that every piece of information might not be accurate, may be outdated, and/or non-comprehensive. So don’t take everything at face value here.
Let’s begin with a base, and a low threat level.
Daily Drivers Without Sacrificing Convenience
Mobile Operating System: iOS, GrapheneOS
Desktop OS: Fedora Workstation or Fedora KDE Plasma Desktop Edition, OpenSUSE Tumbleweed, MacOS
Browser: Trivalent, Firefox + arkenfox or Librewolf (desktop), Safari on iOS (optional for MacOS), Vanadium (Android), Brave Browser if you cannot install Vanadium
E-mail Service: ProtonMail, Posteo, Tuta Mail
Social Media Services: Pixelfed (instagram), Mastodon (twitter), Revolt (discord), Lemmy (reddit), just don’t use Facebook
Messenger: Signal, Google Messages + iMessage
Cloud Service/Drive: Proton Drive
Notes and My Reasonings:
Vanadium is mainly for GrapheneOS users, but prebuilt binaries are available on their gitlab. I believe it’s unavailable on older Android versions, so if that’s the case, you can instead use Cromite or Brave (available on Play Store).
If you have to use Google Chrome, you can follow this hardening guide.
Also, for android users, I recommend using F-Droid Basic (available on F-Droid) and Accrescent as an alternative to Play Store. You still may need to use Play Store itself, though. I do not recommend Aurora Store for security reasons.
I personally cannot recommend LineageOS because it comes with userdebug builds which expose root over ADB, and cannot recommend other custom ROMs as well, as sandboxed Google apps are a better choice for security, and this is only implemented on GrapheneOS so far. MicroG has security issues compared to sandboxed Google services. If you do not have a Pixel, it may be a better idea to stay on the stock OS, depending on the vendor, your threat model, and more importantly your personal preference. There needs to be a balance between privacy and security.
Fedora and OpenSUSE are both Linux distributions that work well out of the box.
Hardened Firefox works pretty well on desktop. On Android however, it severely lacks any sandboxing, so I recommend Chromium based browsers. Also, Firefox on Android is really, really slow.
ProtonMail is more than enough for an e-mail service. If you’re willing to pay, I recommend Posteo instead.
Google Messages’ RCS service is end-to-end encrypted, so it’s not the most private solution but it is decent, paired with iMessage.
I don’t know much about cloud storage, but Proton is decent.
Also, some of you might need Windows, and that’s okay. However, make sure to activate your Windows with an Enterprise license, as you will need it to disable all telemetry. You will also want to debloat it. Ideally you shouldn’t use third-party software for this, but it may be too inconvenient to manually configure everything for some.
To disable all telemetry on Windows, press Win+R, type “gpedit.msc”, go to “Computer Configuration > Administrative Templates > Windows Components > Data Collection and Preview Builds > Allow Telemetry > Activate the policy, and then choose ‘Diagnostic data off’.”
Update: Removed Droid-ify in favour of F-Droid Basic; as Droid-ify hasn’t implemented index-v2 yet
F-Droid security model, and index-v2
Less Focus on Convenience
Mobile Operating System: GrapheneOS
Desktop OS: Secureblue, Void, Gentoo (You need to harden; manually configure the last two yourself)
Browser: Trivalent, or hardened Google Chrome as mentioned above, Firefox paired with arkenfox user.js if you don’t want to use Chromium
E-mail Service: ProtonMail, Disroot, Riseup, Posteo, Tuta Mail
Social Media Services: Same as above
Messenger: Signal, XMPP services, Matrix
Cloud Service/Drive: Same as above
Notes:
Apple is a giant corporation that still cannot be trusted and has gotten caught spying [1] [2], so they are not present relative to the previous tier. I also don’t like Apple introducing opt-out privacy breaching features in updates.
Secureblue is my main recommendation for desktop. It’s as convenient as it’s secure.
At this point, you should consider using a VPN provider like Mullvad.
Update: I removed Qutebrowser, as it is not up to date with upstream Chromium.
Maximal Privacy and Security
Mobile Operating System: GrapheneOS, and your Pixel’s cameras and its microphone are removed.
“Desktop” OS: GrapheneOS Desktop Mode, or none. Read note.
Browser: Tor Browser (less security), or Vanadium (less anonymity)
E-mail Service: Riseup, or none at all
Social Media Services: None.
Messenger: Briar, Meshtastic (Android app)
Cloud Service/Drive: None.
Notes:
*Desktop mode on GrapheneOS is just hooking up your GrapheneOS phone to a monitor. The reason as to why I cannot recommend a real desktop OS, is because they are considered insecure, as they had never been designed with security first in mind to begin with.
It’s completely fine to use Signal, especially thanks to its excellent encryption protocol, but you need a burner phone number.
Briar and Meshtastic can work without an internet connection. Very cool! I think Meshtastic has better real-world usage.
While connecting to the internet, use Tor or I2P.
Conclusion
You can mix and match from what I’ve provided. I usually advocate for the first tier, as it is easier to spread for me, and easier to get started for people.
Take small steps to switch, and don’t rush it. Most people are entirely Google dependent these days, and it’s a slow process to get through.