💾 Archived View for hellfirehost.flounder.online › gemlog › 2024-03-22.gmi captured on 2024-08-18 at 18:29:41. Gemini links have been rewritten to link to archived content

View Raw

More Information

-=-=-=-=-=-=-

Guide: My Privacy Toolkit

.__           .__  .__   _____.__               ___________  ________/\       
|  |__   ____ |  | |  |_/ ____\__|______   ____/_   \   _  \ \_____  )/ ______
|  |  \_/ __ \|  | |  |\   __\|  \_  __ \_/ __ \|   /  /_\  \  _(__  < /  ___/
|   Y  \  ___/|  |_|  |_|  |  |  ||  | \/\  ___/|   \  \_/   \/       \\___ \ 
|___|  /\___  >____/____/__|  |__||__|    \___  >___|\_____  /______  /____  >
     \/     \/                                \/           \/       \/     \/ 
                                 .__                                          
  ____ _____  ______  ________ __|  |   ____                                  
_/ ___\\__  \ \____ \/  ___/  |  \  | _/ __ \                                 
\  \___ / __ \|  |_> >___ \|  |  /  |_\  ___/                                 
 \___  >____  /   __/____  >____/|____/\___  >                                
     \/     \/|__|       \/                \/

Just by looking at the construction of this website and my choices of social media, it should come as no surprise that I take my digital privacy and security very seriously. So, now that I have an appropriate platform on which to share it, here is my "privacy toolkit"!

Web Browsing

• I use Mullvad Browser for general browsing.
• I use Tor Browser for extra protection, when necessary.
• I use Firefox + Arkenfox User.js for general browsing on FreeBSD, as Mullvad has not yet been ported, the Tor Browser port crashes frequently, and the LibreWolf port has room for improvement.
• I use Brave for general browsing on my Raspberry Pi.
• I use self-hosted SearXNG for web searches.
• I always use Mullvad VPN.
• I use NextDNS for extra content blocking.
• I use Redirector (by Einar Egilsson) to redirect me to alternative frontends for popular services (e.g. YouTube -> CloudTube).

Desktop

• I use several trusted Linux distributions, as well as FreeBSD, on my PCs and MacBook.
• I have set BIOS and UEFI passwords where possible.
• I recently installed Tails, but I haven’t yet had cause to use it.
• I use full disk encryption on everything, and I have a VeraCrypted pen drive for special cases.
• I cover all of my webcams with Blu-Tac or electrical tape.
• Many of my laptops are too old for this, but I am trying to make the switch from X11 to Wayland (as recommended by PrivacyGuides).

Mobile

iOS

• I currently use hardened iOS until my iPhone burns out or gets obsoleted. Once this happens, I’ll be using DivestOS.
• Again, I constantly use Mullvad VPN.
• I use Safari + AdGuard, as the EFF’s Cover Your Tracks tool reported that it was less fingerprintable than Brave. It also means * I can use Vinegar. I use this browser in private mode.
• I have also bought a copy of JavaSnipt, which functions like a quick-and-dirty NoScript.
• I have Onion Browser installed, for when I need more protection or if I need to access an Onion site.
• I use a freakishly long numeric passcode.
• I disable radios (i.e. WiFi, Bluetooth) when they are not in use.
• I don’t use a privacy screen protector, but I will buy one for my next phone.

Android

• I have a four-year-old tablet running LineageOS.
• I am between browsers, but my main options are Cromite, Mulch, Mull, and Tor Browser.
• Mullvad VPN, yet again!

Messenger

• I am forced to use WhatsApp, sadly, as none of my friends or family will even humour me by trying Signal. It's better than SMS, I suppose.

Online Accounts

• I use Bitwarden to store and securely generate passwords, and to manage passkeys. My vault is encrypted as securely as possible while still being usable on mobile.
• I use ente Auth, Aegis, and OTPClient to generate TOTPs. I also have a graphing calculator that can generate these.
• I am in the process of partially anonymising my online accounts.
• I use ente to store my photos (and my vast collection of memes and random screenshots).

Video Streaming

• I use Invidious to watch YouTube videos.
• I use FreeTube on desktop and Android.
• I use PeerTube when possible (mainly to watch Techlore and The Linux Experiment).
• Sometimes, I like to watch talks on media.ccc.de.
• Pretty much all of my other video is on DVD, so I don't generally use Netflix or any other streaming services.

AI

• I played around with ChatGPT and DALL-E last year, but those days are behind me now.
• I signed the NoML open letter, and I have used robots.txt to shut out LLM scrapers from my websites.

Social Media

• The only non-FOSS social media I use are Tumblr - which is ranked B by ToS;DR - and cohost!.
• I only use my real name on ActivityPub, and even then I will probably change to my usual username when and if I next decide to change servers.

Email

• I use Posteo as my main email provider.
• I have DuckDuckGo Email Protection as an alias service.

Shopping/Finance

• I rarely make online purchases. I am certainly being tracked, but I’m simply not producing enough data in the first place for this to be a big problem.
• For physical purchases, I try to use cash.
• I like to use cryptocurrency to support open-source projects, but most of them (so far) only accept PayPal, Stripe, and bank transfers.

Music

• I occasionally stream music from Bandcamp, but virtually everything I listen to is either on CD or a local file.
• I like to listen to KERRANG! Radio using an MP3 stream, and BBC Radio 4 over FM.
• I use Last.fm to track my music, but this is the only service where I am more than happy to provide my data. Worst case scenario, big tech gets a better taste in music.

Television

• I use DVDs for most of my viewing, but I have sailed the high seas in the past.
• Some shows I enjoy (i.e. Helluva Boss) are released officially for free on YouTube (watched via a frontend).
• I do not own a smart TV.

Gaming

• I generally don’t game.
• When playing Minecraft, I use PrismLauncher and I’m always sure to install the No Telemetry mod.

Programming

• I code in Python using Micro. I also sometimes use Kate, but only if I’m running Plasma.
• I use Codeberg to host my projects.

Productivity

• I normally use LibreOffice.
• I’m trialling a new workflow, using Markdown and Pandoc for text documents and presentations, and Gnumeric for spreadsheets.

Misc.

• I use Miniflux for news.
• My local timezone just happens to be the same as UTC (except during BST).
• I use a privacy-respecting smartwatch: the PineTime (from PINE64).
• I don’t have a car.
• I use Bluetooth headphones out of necessity. I’m still salty about Apple removing the headphone jack and then every other phone company following suit. However, they are basic headphones which do not require an app, and so they should be more private than other similar models.
• I will never use Amazon Echo or Google Home.

To-Do

• ✅ Look into further hardening of iOS
• ✅ Start using multiple browsers
• ✅ Use cash more often
• ✅ Anonymise social media
• Try to get family to ditch Meta
• ✅ Look into BIOS and UEFI hardening
• Buy a privacy screen protector and faraday equipment
• ✅ Audit all systems with Lynis

First Published 2024-03-22 23:02 GMT

Last Edited 2024-07-09 20:31 BST