Am I doing privacy (too) wrong?

Going straight to the point: I’m trying to reduce my dependency on big tech companies that make money from their user’s personal data. I read the “PrivacyGuides” and I see that not every step I took so far is included in the guides, so I want to verify whether there are big concerns I’m missing. This is what I’m doing different from the guides:

1Password as my 2FA Authenticator

I store my OTP secrets, alongside the passwords, in 1Password. Of course I understand the risk here, I just don’t understand how separating them would make me significantly more protected when I’d still need both apps installed on the same device. Given 1Password is recommended in the guides as a password manager, but not as a MFA Authentication tool, either there’s something really wrong with it, OR storing passwords and OTP secrets together is much worse than I think it is. What am I missing?

Cloudflare DNS via WARP

I use Cloudflare DNS via WARP (was previously using Google DNS). They promise privacy. Are there significant privacy concerns that make them not a recommendation? Besides being a big company.

PIA VPN

I don’t often turn on VPN; but when I do, I use PIA. I’ve been using it for almost a decade. It’s cheap, it works well, they promise they don’t keep logs, and their servers are fast and stable.

Here’s why I’m hesitant to try a different VPN: I bought 2 years of NordVPN when it was sponsoring every big youtuber out there and most reviews were putting it as the best VPN service, with 5 stars. It was just a big waste of money. I’m not sure how anyone can recommend them. I was playing a game hosted in a different country, and with PIA it’d never disconnect, while with NordVPN I’d get disconnected every 2-10 minutes, regardless of the VPN server I chose. So I renewed my PIA subscription, even though I still had almost 2 full years on my NordVPN subscription. I’m hesitant to try yet another VPN service when the one I’m using works so well.

What’s wrong with PIA?

Brave Tor

I don’t often use Tor; when I do, I use Brave. What are the privacy concerns that make Brave recommended as a browser, but not as a tor browser?

Brave Shields

Before switching to Brave, I used Chrome with uBlock Origin. After switching, Brave Shields seemed to work more than well enough. I didn’t see any need to use uBlock Origin anymore. What’s so bad about Brave Shields that make it not recommended?

1 Like
  1. If they’re both installed on the same device then you might as well use 1Passward as your MFA as well. The idea behind separate apps is that you have it on a separate device.
  2. Nothing wrong with cloudflare. The other options on the site have content blocking options and have a good privacy reputation but cloud flare is just fine.
  3. PIA is a pretty standard VPN, main thing with VPNs is you have to trust them a lot so the ones on the site are independent so less theoretically have access to your data, but at the end of the day if you trust them then it’s fine I suppose.
  4. The main argument against braves tor feature is that you won’t blend in with tor browser users. But it’s fine if you want to access a .onion link or just want some extra protection, you really lose nothing privacy wise.
  5. Brave shields is recommended and there’s some configuration recommendations as well.
3 Likes

Got it, thanks!

Regarding MFA, I’d think most people just use both apps together. Usually the 2FA app goes on the phone (not desktop). But then if you want to log into websites and other apps on your phone, you also need the password, so you also install your password manager there. I have never met someone who uses a password manager and doesn’t have it installed in the same device as the MFA app. If someone is going that far, maybe they should consider buying a YubiKey…

I didn’t get the impression that Brave Shields is recommended when reading the guide because I was looking mostly in the privacy tools page, which only provides a summary. After reading your reply, I searched for “Brave Shields” and it’s indeed there in the Browser Extensions page.

1 Like

Personally I don’t bother with the whole separate MFA app, especially since there have been cases in the past of the app borking your TOTP codes and locking you out of your accounts. These days passkeys exist which offer a much better and more secure way of logging in anyway.

PIA got bought out by Kape, who spread adware a while ago. I don’t trust them, but if you do nothing wrong with that.

And for DNS, doesn’t really matter. If you care so much about it, use DoT/DoH.

Is DoT/DoH better than DNS over WARP? I’d expect WARP to be as secure as TLS, but I don’t really understand how it differs…

I don’t know Kape, but they don’t sound like a great company. When it’s time to renew PIA, I will try other VPN options.