Due to some functionalities that my family and I are not willing to give up, we are on Samsung/Pixel OS and Windows on most of our devices, for better or for worse. I do have some Linux machines, but they cannot run some of the software we need for work/personal use.
My question is, if I’m using these operating systems, does using things like Mullvad Browser and Proton Mail actually work? Is Microsoft just harvesting my keystrokes and sending them off anyways?
Yes! Having some privacy respecting services is still much better then nothing. Most people have to sacrifice some privacy in some part of their life. The world just does not have enough privacy respecting laws or political will to avoid it without living a very extraordinary lifestyle.
Google, Samsung, and Microsoft are probably getting a good amount of data from you, especially if you have not taken the time to do any sort of privacy hardening on those devices but, that does not make things like E2EE email or hiding your browsing traffic from your ISP any less valuable. It probably makes it more valuable, as the benefits from some privacy respecting services vs zero privacy respecting services is such a large leap in protection.
I’ve taken a few steps on them…a bit less than on other devices, mostly because the inconveniences are a lot harder to work around. I’ve always ran Firefox on them though, since it’s the only mobile browser that has functioning sync. It’s hard because the main recommendation on the site is “buy a Pixel, throw Graphene on it.” There are some other things I could do, but just not enough to justify what I would gain out of it.
I’ve certainly been enjoying Proton on all my devices though. It’s still a ways off from Gmail levels of functionality, but it’s much closer than I thought it would be, so hopefully it’s helping with that area.
This is interesting. I guess my question here is what do you think you would gain and why is that not worth it? I interpreted this as you saying its not worth the benefits instead of it being a budget issue (which is a common, and understandable, complaint about the recommendation of getting an expensive phone).
Oh, I was mainly referring to the other steps on hardening the phone. My family has a really wonderful Google Photos library that is all shared with each other. We like how it works and how easy it makes it to search photos. One of the recommendations, Secure Camera, would mess that up. There are several areas where we trade off a bit of privacy for functionality. Obsidian Notes is another good example of this.
I also prefer Samsung phones in general, simply due to the superior battery life, processing power, screens, etc. The only thing I like about my Pixel 6a are the cameras, so I was going to replace it with an S24 Ultra soon. It’s not so much a budget issue as a convenience issue. Google Fi (my cell provider) sells the S24 Ultra for $650.
I think the best approach for you is not to change to privacy tools when they aren’t compatible with your usage/workflow. Do not force yourself and the others (especially the others) on a privacy spree if it simply doesn’t work.
For example, if your family already have a wonderful Google Photos library, this would be hard to replicate (if you rely a lot on face and pet detection). I haven’t seen the same level of Google Photos’ features and quality anywhere else. Privacy is just not one of its selling points. I don’t see an alternative for Google Photos.
But if you don’t use any face/pet detection feature, I would recommend moving your photos and videos (and other files on Google Drive) to Storj. It’s a lot cheaper, more secure, and don’t mess with your privacy. If you want more than the web client has offered, you can use it with S3Drive, Photos+, or just the open source Rclone, depends on your needs.
I don’t use Mullvad Browser as it’s based on Firefox rather than Chromium that’s more secure, especially, on Android. I don’t feel like I would want to trade security for privacy, as any privacy would crumble fast enough with a lossy security. I use Brave that’s more secure and works everywhere.
I also have a free Proton Mail account. But I use Skiff Mail, as it’s as secure and has more features.
If you mean the broken history sync in Chrome/Chromium without the #history-journeys-include-synced-visits flag, then it’s true. But Brave doesn’t use Chromium sync, so it’s another browser that’s able to sync history correctly.
Lastly, don’t have your family use a buggy privacy app. You have to test it throughout every feature before making the change. Otherwise, it would be a bad first impression, and they will never want to use the app again.
And about Mullvad browser, I forgot that it’s based on Tor Browser, which in turn based on Firefox ESR, not the latest Firefox stable release. Therefore, the security is the worst aspect of the browser, since Firefox ESR doesn’t back port most of the security fixes from the stable release, even when they were classified as high impact. See:
I heard this reason a lot. I don’t want you to do/think otherwise, but monopoly has nothing to do with Chromium, since the license doesn’t let anyone own Chromium. That’s why Chrome exist for Google. And that’s why any Chromium forks can and will do however they want.
A lot of people seem to have concern for Chromium domination, but they wouldn’t concern about Linux domination, just because Linux doesn’t have any ground on desktop PC market, but dominated other markets like there’s no tomorrow See: Linux Statistics 2024 By Usage, Share, Trend and Users
Linux kernel is not the property of the Linux foundation, the same way that Chromium is not the property of Google. Therefore, the company/organization status, business behavior, etc. are not relevant to neither of the projects, unless you deny the projects’ license.
Moreover, most of the Linux kernel and Chromium contributors, even Firefox’s contributors, are not indies who do code out of their passion, but they are from big-tech companies who are doing this for their benefits/profits one way or another. Nevertheless, we should be glad that they’re doing this under the open licenses, not behind the usual proprietary paywall.
Maybe, if you see that discussion, which you also participated, as a waste of time, you shouldn’t share/advertise a link to that discussion
At least stick to Google Pixels for your next devices. This also leaves the door open for installing GrapheneOS. With Samsung devices, not only Google, but also other privacy invasive companies like Samsung and some of the privileged third-party crap like Facebook get your data.
Preferably upgrade to Enterprise or Education, but at least to Pro. Put some effort into configuring it, because by default it is very privacy invasive.
For the most part, yes.
With wrong Windows settings, yes. If you choose the right settings, no.
Privacy often comes with a bit of inconvenience or effort you need to put in. Would recommend to get used to it, if you value your privacy.
At least stick to Google Pixels for your next devices.
I’d like to, but my family’s experience with them since they switched to Tensor has been nothing but garbage on every single phone. Dropped calls, bad fingerprint sensor, bad battery…It’s getting to the point where I might as well just not have a smartphone at all, simply because so much of the phone just doesn’t work, especially in the areas I live in.
Put some effort into configuring it, because by default it is very privacy invasive.
I wish that there was more documentation on this on the privacyguides site. Is there a way to reach out to them to suggest adding some of this? Right now it’s more of a “throw Linux on there or else” type of suggestion. It’s hard to mix all the advice around the internet around hardening Windows as well because so much of it can break things like basic driver functionality. I have all the data sharing stuff turned off of course, but just like Apple and Google, I don’t trust that that actually does a single thing.
No worries, I’m already well familiar with the Brave fanboys out there on the internet. They run pretty rampant in the same circles that I’m in like the LTT community, who has an unfortunate overlap with all things crypto and Elon. I’m aware of Brave’s scandals and lies as a company already, I was just trying to help him understand a bit…but based on that link, that’s not going to happen lol.
Just gonna pitch in here on the photos, have you looked into ente? They have great sharing functionality, and fairly powerful search with their new updates. I was able to move my family over to it from google photos, so perhaps you may be able to do the same if that’s something you want to move away from?
Yeah, I’ve given Ente a solid shot…it just didn’t have anywhere near the search and sharing abilities that Google Photos had. I’ve given a lot of things on this site a try, and I ended up just picking and choosing the ones that worked the best without completely wrecking the things that are important to my family. It’s mainly just using DuckDuckGo, Linux (as much as I can), and switching EVERYTHING over to Proton Mail, Drive, etc.
Nowhere near as much as many people do on here, but certain things like family location sharing, photo library sharing and searching, etc. just cannot be replaced yet.
Yeah, those definitely all good steps. You don’t have to go to the extremes to achieve a good level of privacy. At the end of the day, it all comes down to threat modeling: figuring out what you want to achieve, and what you’re willing to do to achieve it.
As for ente, in case it was a while ago that you tried it, they’ve recently released their magic search on all platforms, which should be a major upgrade. Once you give it the time to index your photos initially (you may have to manually enable it), you’ll be able to search by countless things from animals to photo type, to even objects that are in the photo. Personally the only thing I’m missing is recognizing individuals by face, but I’m able to make do just fine without. In my experience with shared albums and sharing to non-ente users as well, things haven’t been bad at all either.
It’s no google photos, but I absolutely think it’s going on the right direction. In case one of those things were what you missed, perhaps it’s worth another try.