I just started — What should I change/improve?

Hi all! Sorry if this question gets asked frequently; I searched through the forum and didn’t find anything that really answered this question.

I started getting serious about paying attention to my privacy/security roughly two months ago, both in a goal to prevent government surveillance and concern about targeted attacks. I think I’ve made a lot of progress since then, but I know that I still have a lot of holes, and I wanted to see what people here think, given that you all know far more about this than me. I’d like to go through what I’m using to protect my privacy and solicit feedback on what I should change to enhance my security/privacy.

Devices

iPhone — I know it’s not ideal, but it’s better than base android, and it’s what I started with.

Macbook — Again, not perfect, but better than Windows.

VPN

Windsurf — I’ve tried Mullvad and found that it was unusably slow. I then tried Proton VPN but found that it was lacking the level of kill switch that I wanted. I then have tried Windsurf and have generally been satisfied with it.

Email

I’m planning on swapping to Proton, but all the good usernames (ones with my name) are taken, so I’m still debating that. If there’s a better email service for my purposes, I haven’t found it, since the ones listed in the guide either lack features I want or, in the case of tuta, seem to lack encryption that works with most email services that use OpenPGP, which is disappointing. Also it has a terrible UI imo. I’m very open to suggestions here.

Messaging

I’m stuck using imessage right now, but I’m going to start trying to get people I talk to to use signal to interact with me. I’m also curious about matrix, but I’ve seen a lot of conflicting information on its security, so I’m not sure about it.

Browser

I use Orion currently. I’ve had a good experience with it and I generally trust its parent company. I’m disappointed in its anti-fingerprinting capabilities, however, since fingerprint.com’s playground is still able to fingerprint me just fine. I generally like webkit browsers because of the battery life benefit on macos, but again, open to change.

Search Engine

I use Kagi for this. I know that they aren’t open source, but they have better results than DDG and I trust them, though I’m worried they’re spreading themselves too thin like Proton.

AI

I was gifted a one-year subscription to Gemini Pro, which is honestly really useful. I don’t really know how to replace this as it stands currently.

Email aliasing

I plan to use SimpleLogin if I go with proton for email, but that’s also up in the air.

Calendar

As I use gmail currently, I use gcal, but would love to swap. I’ve seen bad review for proton’s calendar, but I don’t know what the alternative would really be if I use proton for email.

I would really appreciate feedback from you all. You know more about this than I do, and I would love to be more knowledgeable and prepared on this. Thank you!

Since you’re new, I recommend searching for similar posts and requests for answers harder. It’s all here and on the recommendations page on the main Privacy Guides website.

Also since you’re new, I recommend catching up on videos by Privacy Guides and Techlore. They are very easy to understand and teach you a lot about what, why, & how about the privacy space.

There are hardening guides, tips & tricks videos out there to find tune your OS for optimal privacy & security without loss of significant convenience. I suggest you continue researching, reading, watching, trying, and learning.

I suggest you also check out IVPN if you’re amenable to trying another option. Its kill switch enables before even the GUI loads on macOS (as I understand).

I think its actually better that your email/username doesn’t include any PII. Use anything you want as your email. This is a non issue so don’t think too much about it. I know this is contrarian advice but I hope you’ll come to see it as you continue in your privacy journey.

It’s not terrible but highly functional only. I know it looks boring to folks always used to shiny new UI/UXs all the time but it does its job really well. If encrypted email service is needed, Proton and Tuta are great! If encryption is not needed, I suggest checking out Fastmail. It has the UI/UX you’re likely looking for.

iMessage is not bad. You can change your settings such that you only receive and send iMessage via your email so you don’t always have to keep giving out your phone number to use iMessage.

Signal should be used as much as possible. And it also has usernames so you don’t necessarily have to share your phone number here either.

Fingerprinting is complicated and nuanced. If anti fingerprinting is what you want, Mullvad Browser is for you. Albeit, hardened Firefox or Brave browser also work really well. Follow Privacy Guides recommendations here for starters.

Brave Search is another option I suggest at-least checking out. Albeit, I am currently persoanlly using Kagi myself and am liking it. I seldom have to search Google unless I am doing a deep dive on a topic which is not often.

duck.ai and NanoGPT are the best options for Gen AI use. You should know that using AI is inherently a privacy invasive tool so be sure to never share any PII in your searches. I highly suggest NanoGPT because it is a pay as you go model, no subscriptions if you don’t want it and you can use literally any AI model you want. Plus, you can access, pay, use it as privately and anonymously as you want.

Simplelogin is great and so is what’s built in Proton Pass. That’s what I use. But there are other options you can check out to see what you like best before picking one for long term use. Duck, Addy.io, AliasVault (beta) are all decent options too.

Proton Calendar is great! And so is Tuta’s calendar. But if you want to be able to use calendar on any platform, I suggest checking out Posteo’s encrypted calendar service that you can use with CalDAV anywhere you want.

–

I have also given many similar answers on many posts here including this one recently. So, check this big thread out to learn more. Looking for a Practical Long‑Term Privacy Stack (Proton, AI, VPNs, Photos, etc.)

Hope this addresses your questions. Again, since you’re new, a lot of reading, researching, understanding, and trying is likely needed to learn what many here know.

And welcome to the forum! And feel free to ask follow up questions should you have any. That’s another way to keep learning.

Welcome to the forum!

These are really not bad options, and can fairly easily be configured to be reasonably private and quite secure. In the long term, you could consider getting a GrapheneOS device and an iPad as a MacBook replacement if it fits your use case.

I assume you mean Windscribe? I haven’t used it personally but it’s probably the next best option after the VPNs recommended by Privacy Guides. You could give IVPN a try though it’s quite expensive imo.

Matrix doesn’t have bad security by any means, and it does have proper E2EE. It’s just a very complicated protocol which is quite buggy, leaks a lot of metadata to the server, and has a fairly poor user experience. I would definitely recommend Signal above anything else; it’s the gold standard for a reason, even if it isn’t perfect.

Anti-fingerprinting doesn’t really work in practice. Some naive trackers will probably be fooled but it mostly gives a false sense of security which isn’t particularly helpful. The exception to this is the Tor browser but that has relatively poor security and is not really suited for day-to-day clearnet use.

Chrome if configured with something like GitHub - RKNF404/chromium-hardening-guide: Harden chromium (somewhat) is a good option and what I use.

Otherwise, I would use Safari since it benefits from Lockdown mode on macOS, which AFAIK Orion still lacks.

Though I would also note that uBlock Origin should be used with Safari since it is now available. Also enabling a few other filter lists than just the defaults may not be a bad idea. A good ad blocker is necessary.

It sounds like you’ve already done a lot. My personal recommended “order of operations” for most people, ranked by how much privacy/security you’ll gain vs how much work it’ll be:

1. Password Manager
2. 2FA
3. Credit Freeze (if applicable) (Note: this is a link to my own website because it doesn’t appear that PG has a page talking about this)
4. Remove unused apps from phone
5. Change phone settings
6. Switch to a private browser
7. Switch to encrypted email provider
8. Use email aliasing
9. Use payment masking tools
10. Start taking your data off People Search Sites and removing old content
11. Switch to encrypted messaging
12. Start keeping good backups/switch to encrypted cloud providers
13. Switch to VoIP for non-encrypted uses (if possible, not available in all countries) (Again, linking to my site because Privacy Guides doesn’t have a page about this)
14. VPNs

Needless to say some people will disagree, but I think the first few things are pretty universal. Your post made no mention of using a password manage or 2FA, these are critically important tools that are easy to get started with (though changing all your passwords can be a challenge).

For VPN, have you tried IVPN? It’s the other provider we recommend around here besides Proton & Mullvad.

For browsing, we have a guide about how to harden Safari, but personally I’m pretty happy with Brave’s privacy out of the box.

For AI, check out this page.

For calendar, if you don’t go with Proton, you could check out Tuta, just for the calendar.

It sounds like you have a great start and you already have an idea of what you want, it’s just a question of how to implement.

Isn’t this precisely where Tor Browser should be getting the most use to improve its effectiveness for everyone?

Gemini is available in Kagi Assistant, and there are plenty of other models.

(post deleted by author)