I guess a lot of us do some form of privacy/security theatre. I’m at least doing it quite a lot of it, and it’s difficult to stop thinking of new things that could (but probably never will) go wrong.
So instead of hearing how safe and cool your setup is, I’d like to hear how you simplified things and stopped the (hopefully 🤔) needless overthinking.
The only way to have total privacy is no internet and no phone.
The ones who rant the loudest about priavy are always people who don’t have the technical skills to configure a network to fully know how it all works. It actually is possible to have a setup that has so much privacy it is either unusable, or it show a level of grandiose narcissism. What people can do is a lot of little things, and accept what can never be change.
As a starting point, if a person wants to have extremely strict priacy, use GrapheneOS and in F-Droid settings turn off all of the anti-features so no apps are listed with any anti-features. Do not use cell service, and yes that means no data for going out, use a web-based VoIP. On computer/laptop, install OpenBSD, and build a router to run a OpenBSD firewall. All of those steps will instantly have a massive impact on protecting privacy and will have a lot more real world skills to utilize.
The first step to stop worrying is to know what you’re up against and define the problem exactly. Once you know, you can do something about it, which gives you control. Once you have control, you stop fretting.
First, know you threat model.
Then figure out what your requirements are in terms of security and privacy (not the same things) according to your threat model: what you absolutely cannot accept, what you can compromise with, what you can do to hurt the adversary if you can’t fully avoid them.
Then research countermeasures you’re happy to live with that meet your requirements.
Then implement the countermeasures.
Then simply make it a habit to regularly assess the effectiveness of your countermeasures, learn about new threats and assess how they might affect you. Rinse, repeat.
If you do all that, you’ll be on top of the problem and you’ll stop worrying.
That’s the neat part: you don’t.
I’d like to hear how you simplified things
I quit social media and use YouTube through a proxy (invidious).
On Firefox, I compartmentalize accounts in their own container, and only log into websites using an account if it’s required for me to make a purchase, pay a bill, etc.
I also try to use websites over apps, and always with an adblocker with strong ad/tracker filters.
I’ve switched most of my apps over to FOSS, which often don’t have trackers in them, and are generally more privacy-friendly.
And I also self-host a lot of stuff that would otherwise require a data-mining corporation to
hold my data hostage,host.On browser extensions, uBlock Origin has come a long way that it basically also does what other privacy extensions provide. Simplifying your content/tracking blockers can actually make your browsing more secure, as well as make your fingerprint less unique. I’m still a bit of a sucker and have Privacy Badger installed, but will probably let go of it as well once I’m comfortable enough. Over the years I’ve had Disconnect, ClearURLs, and Decentraleyes alongside uBO.
Same here. I’ve stripped my browser of most extensions, uBO with a VERY strict Pi-hole subnet router works for me
Amazing question. A few years ago I started joining degoogle reddit communities and watching privacy youtubers and decided to embark on the journey of privacy and security.
Initially, all this is daunting at first but I feel way more peace of mind now. Now I can live peace of mind knowing nobody can snoop in on my messages, emails, or calls. I know there’s no mic in my phone phoning to google. My computers don’t ping to Microsoft. The thing is you never stop worrying, with the way technology changes and your setup might change. But you know that it has been worth it because you don’t get any scam calls or have your sensitive information posted online.
You do what you can and as much as you can live with/without and you get on with your life.
I use foss exclusively where possible but sure there are binary blobs, I have to sumbit my Id to banks and various government institutions etc. I also use WhatsApp in addition to signal because I need it for family.
Signal, linux, Firefox with ublock / no script, a VPN or Tor and using a password manager like keepass xc and 2FA app like free OTP+ will go a lot further in the long run than becoming hyperparanoid and shutting yourself off from the world. No need for 7 layers of encryption and thermite trip switches 😄
Just keep a low profile and dont sign up for lots of bs services with real info. Just be a Gray man / woman and blend in.
Life is what you make it and it is short
I don’t use apps, I disable JavaScript when I can, and I use non-megacorp web browsers that have granular security settings.
That’s not a complete solution on its own, but it’s a start.
And an ad blocker. Always an ad blocker.
Like someone else said here - I do what I can and go on with my day. Wouldn’t assume soneone who cares/proactive about privacy is “overthinking”.
As with everything in life, there’s a tradeoff for everything. I just recently downloaded LineageOS MicroG fork because ride share apps simply won’t launch without Google play services.