Neko

My Privacy Journey

In today’s world, maintaining privacy and security is not just a choice; it’s a necessity. But why care about privacy if you have nothing to hide?

It’s simple: control and choice. While I agree that “having nothing to hide” is a common sentiment, for me, it’s about having the autonomy to decide what stays private and what doesn’t. Plus, I’m not keen on the idea of being a constant target for monetization and tracking.

But there’s more to it than just controlling personal data. Consider how entities like Google, Facebook, and even vehicles collect information that can influence everything from insurance fees to job prospects. What we share online could either open doors or lead to unwarranted scrutiny, sometimes even from government agencies.

And this journey isn’t just about safeguarding my data. It’s also about protecting those around me. For instance, using apps like WhatsApp means inadvertently exposing my contacts to tracking as well.

And while companies like Apple tout privacy, they are far from being as private as they promote themselfes to be (as highlighted in this Proton article here).

Also what is legal and what not may change with chaning political systems. But the data that is collected on you stays. Given that someone like Donald Trump announced he would be a dictator for “one day” the comfort of democracy might be short.

So getting started with privacy is an important step to regaining more sovereignty over your life.

My Starting Point

I first tweaked some settings in the Apps I already use. Especially some privacy-invasive apps like Instagram, Snapchat, WhatsApp and Google needed to change. My starting point were some resources by Tactical Tech - their resources are a treasure trove of information, like the project: Data Detox Kit

Also instrumental has been the Surveillance Self-Deffence (SSD) by the EFF (a privacy non-profit), which laid a solid foundation for my privacy education.

Developing My Threat Model

To progress further, I needed to define my threats and assess my vulnerabilities. The SSD’s framework was immensely helpful. I answered the following questions:

  1. Identify Assets: What am I protecting?
  2. Identify Threats: Who am I protecting it from? (list of common threats)
  3. Assess Vulnerabilities: What are my weaknesses?
  4. Assess Risk: How likely is it that I need to protect it?
  5. Consequences of Failure: What are the consequences if I fail to protect it?
  6. How far am I willing to go? How much time am I willing to invest?
  7. Mitigate Risks: What to do to improve?

What mattered for me was enhancing my privacy without compromising on security. Transitioning from MacOS to more privacy respecting operating systems like Linux had its privacy perks, but I needed to balance it with robust security measures.

Streamlining Communication and Apps

My use of iCloud, necessitated by family commitments, is a privacy challenge. Proton has emerged as a viable alternative for me, offering a comprehensive suite of encrypted services. I try to switch to it as my daily mail driver and I deleted my iCloud calendar and use Protons, which works just fine.

Realizing I had nearly a hundred apps on my phone was a wake-up call.
Another step was choosing privacy preserving alternatives for necessary apps. A very helpful tool for this is AlternativeTo.net.

I now got this down to around 50 apps, which is still probably more than I would need.

Besides that, I still rely on services like WhatsApp, Instagram, Discord and Snapchat for social connections. Yet I try to tighten their privacy settings. And I don't use Instagram as a normal App, but as a Web App, that I saved to my homescreen.

An easy win was hardening Firefox with Betterfox. It's a simple process - just a file to copy and paste. And alternatives like Brave support good privacy out of the box (though I am not such a big fan of Brave Browser).

Rethinking My Linux Choice

While I use MacOS as my daily driver, I also love Linux and it’s open source and community-driven ethos.

Arch Linux encorperates everything I like about Linux. You are in control over everything you install, it is community driven and super costimizable. It is definitly one of the best Linux distros out there. I used Arch for some time now, and though I still love the distro its demanding maintenance, didn’t align with my need for a ‘just works’ system.

Fedora became my new choice, thanks to its user-friendly setup and pretty guide security out of the box. I’ll probably use Arch Linux again sometime but for now I need more time for other things than my operating system.

Looking Ahead

There’s always room for improvement. My next phone might feature a more private OS. A big privacy concern for me ofcourse is this personal blog. I try to be carefull what I share here as well as trying to provide links to privacy-respecting sites like Invidious instead of YouTube. I also added PGP encryption to my email using ProtonMail so you can write me encrpyted (see about)

While moving away from iCloud isn’t feasible right now, minimizing its usage is a step in the right direction. The most critical part of this journey has been educating myself and staying informed. Especially the resources below helped me achieve that, so check them out!

Resources