Privacy walkthrough
by Antoine - categories : Privacy Security
Updated 21 December 2022
The following is not exclusively privacy oriented, but kind of security and ethical too.
Desktop
OS
You will never go wrong choosing Linux (or BSD) over Windows or even Mac OS when talking about privacy.
For server purposes, I always go with Debian stable but here, it is a matter of preferences. For the RPM (RedHat) world, Rocky Linux and Alma Linux are both successors of the dead CentOS distribution.
Windows
Microsoft Windows is never the right way when strictly talking about privacy, but it's a desktop meta often hard to bypass for many reasons, especially gaming purposes.
If you need or want to stick with Windows, do it with its LTSC (Long-Term Servicing Channel) version. It is an official stable/security oriented "distribution" of Windows, without most useless Microsoft bloatwares like Cortana. It does only receive security updates and bug fixes.
It's still Windows OS and should be hardened before use. Many scripts can automatize this task.
Using secure and privacy-conscious applications, and controlling what can or cannot send data over internet with tools like Windows Firewall Control is definitely a right step towards privacy.
Mac OS
Just like Windows, Mac OS is highly proprietary, hence user's data should generally be considered compromised. As always, disable all telemetry settings you can find, use dedicated documentation, and set up a firewall control application like Little Snitch.
Browser
For both desktop and mobile, Firefox is the way. Desktop offers many choices :
- Librewolf : Firefox desktop fork with hardened privacy is the #1 choice for desktop.
- Mozilla Firefox ESR
- Waterfox : Firefox fork
- Basilisk : More modern Firefox fork by the Palemoon author
- Palemoon : Firefox fork from older versions of Firefox with legacy user interface.
- Chromium : as an alternative choice from Gecko (Firefox) engine, Chromium is basically Chrome without the Google layer.
Browsers to avoid :
- CHROME : is the very obvious #1 browser to avoid here. Because Google is the oxymoron of any privacy concept.
- Edge : Chrome based ; difference is you data is not shared with Google but Microsoft.
- Opera : Chrome based chinese browser.
- Brave : claims to protect users' privacy coming with some extensions installed by default like uBlock. Yet their business plan is to monitor and sell their datas.
- Any preinstalled branded browsers (Samsung, Xiaomi...)
Services
- E-Mail : Tutanota, Protonmail
- Youtube : Invidious, a FOSS front-end for YT. Anyone can host his own instance of Invidious so the service is extremely resilient as you can switch from one instance to another. For example, one of the oldest one is https://yewtu.be.
- Map : OpenStreetMap
- Twitter : Nitter, a Twitter front-end like Invidious, but very limited as this moment.
- Reddit : Teddit, same as above.
Mobile
OS and stores
- GrapheneOS is often quoted as the best overall Android distribution privacy and security-wise. For some legit reasons, its phone support range is narrowed to the Google Pixel phone family. This is paradoxal but as of now the best way to get a privacy hardened smartphone is to buy Google ones.
- LineageOS, was formerly known as CyanogenMod, one of the first and popular custom open-source Android OS. It's not considered very secure since it leaves the bootloader unlocked, but this flaw is counterbalanced by an extremely long support for a wide range of phone models and brands. Based on AOSP (Android Open Source Projet, e.g. Android OS without Google layers).
- CalyxOS is a privacy focused distro, main alternative to GrapheneOS, with similar restrictions.
Stores :
- F-Droid or variants like Neo Store which comes with third-tier repositories (NewPipe...)
- Aurora Store, the Play Store alternative
Browser
Android (through F-Droid store) :
- Mull : Firefox fork with hardened privacy, #1 choice for mobile.
- Fennec : Firefox for mobile with no telemetry.
Texting
- Molly (Signal fork, uses the same protocol which makes it cross compatible with Signal users)
- Signal
Internet services
- E-Mail : Tutanota or Proton Mail, both end-to-end (E2EE) encrypted email services.
- Youtube : NewPipe. Subscriptions, favorites and lists can be exported/imported manually to/from Invidious. This app is in my opinion one of the best of what the open source community brings. It is incredibly efficient, from background playing (like YT Music) to video/audio downloading and popup player.
- Map and navigation : OSMAnd (based on OpenStreetMap), GMaps WV (Google Maps wrapper).
- Reddit : Infinity, which is actually better than the original client. A must have for redditors.
- Sport tracker : OpenTracker
- Facebook : Frost
- Twitter : Twidere X
Be the first to comment 🡮