What are your 2026 privacy and security resolutions?

Is Pop with Cosmic final and stable now?

Yes! Other distros have already started implementing COSMIC for their distros. But yes, stable on PopOS.

Feature parity is by far the best on/for Mullvad VPN. It really is the best on Linux. Though I would still use it via WireGuard set up with the CLI (personal preference).

I can see why. Mullvadvpn’s cli commands are far more extensive than those of Proton. Thanks for the suggestion.

I dumped Windows and switched to Zorin on 14 October. Daily drived it for ~1 month before switching to CachyOS. I’ve used GNOME for a few days and tried bunch of DEs and WMs before finally settling on KDE. I would like to try Hyprland again as I have only used end4’s dotfiles. Perhaps I could try out Secureblue or other upcoming distros such as AerynOS and KDE Linux. I also want to tinker with self-hosting and create backups on a separate hard drive. That’s all for me in the 2026.

One of my resolutions was just done by locking down my network (I posted about it here on PG).

Waiting for OpenWRT Two router to show up if it ever does to further explore security and privacy.

The big one is dumping Windows completely on one of my computers. I’m already using Apple computers and have a laptop that’s running Linux. I’m not a gamer and have tried many distros but my favorite that I keep coming back to is Fedora. Specifically KDE Plasma for customization but I also love the new Cosmic. For Atomic it would be Kinoite and Cosmic. Fedora because it’s stable and as close to bleeding edge as possible.

Why so much distro hoping? By this point you must know what you like. I’d just get Arch (via archinstall) and customize it with what you like. That’s what I do and I strongly think that KDE Plasma is the best DE that Linux has to offer although it has its own problems. Distros like KDE Linux don’t offer anything interesting, they’re just just another opinionated Arch wrapper. The main point of KDE Linux is for their upcoming OEM push.

Why do you think/feel so? Aren’t DEs highly preference based? Or are you evaluating it against objective metrics?

big community, great Wayland support, stable project, full (enough) feature set

My main requirement is great Wayland support which only leaves KDE or GNOME. Willingly using a DE with X11 in 2026 is crazy to me.

I just love trying new things

not necessarily a bad thing and by this context it really isn’t

wow tbh ive never really thought about goals and stuff, ones I can think of are:

• Move company I work in to Nextcloud (please let the AI bubble burst so ram prices go down)
• Finish up my project which I am still awaiting developer approval and get it out to masses and hope it is popular enough to attract privacy conscious people and stuff like that… but until then @staff
• Dabble with bridges using Matrix to bridge platforms, Beeper put out a bounty for others including Viber which is popular in my country so hopefully that comes out it makes me wanna dabble more at it (source: Build a Beeper Bridge – Beeper Blog)
  • I think in general I should dabble with self hosting and getting friends and family (and maybe others) to use it

I think thats about all.

You can always stay on the same distro and install an alternative DE environment. You don’t need to hop 10 times just to figure out if you prefer apt, dnf or pacman more to install your desktop signal.

A different distro would mostly just come down to:

• how it looks
• preinstalled packages
• release cycle
• (potential politics/mindset shifts around their license/drivers)

Some distros are very unique, like NixOS, Arch and Qubes OS.
But if you try a flavor of Arch or Debian, then there is no benefit to hop from X to Y but probably better to spend the time and understand how you can customize X so that it looks and feels like Y because those skills will be evergren.

There is also just a limited amount of ways when it comes down to a desktop OS, I’m not sure that you can innovate a lot when it comes down to “let me open this GUI app” or “let me move my windows around”. Most of this stuff is beyond the scope of a distro and mostly a personal configuration kind of situation.

A very good example of such small added value is when people do chose between Ubuntu, Xubuntu, Lubuntu or Whateverbuntu. They are 99% the same at its core.
Maybe you can squeeze 20min of setup if you’re a Linux admin needing to install it on 200 machines but again, there are better tools if you need to do such work (like Ansible or just regular homemade bash scripts).

Yes, agreed with @lone-cloud objective metrics here. True that “best” might not be what you prefer but it’s probably manageable to customize it enough so that it fits within your taste.
Borders, colors and themes are all things that you can change to your liking while Wayland/stability/etc is a yes/no kind of situation where you can’t just make it better with a better config file.

Since 2025 I am finally free of Google and Microsoft, it took some time to switch all devices to GrapheneOS after Linux had been in use for a long time.

For 2026, I would like to deal even more with passkeys, and also try out how the self-hosting of Nextcloud and Mohzi works. Finally, I would like to buy an OpenWrt router and play with AdGuard Home and WireGuard.

For now, my goal is to create:

2 anonymous Google accounts
2 anonymous Twitter accounts
Have anonymous loyalty cards for all the grocery stores where I live.

I was recently shopping and told that one of my anonymous loyalty cards is not activated, and hence I can’t be given the discount. To activate the card, not only does it need to have a name attached to it, which is easy to fake, but it also needs a phone number to verify. I live in a place where SIM cards require ID registration, so I cannot do that. I also suspect, that the loyalty cards for where I live only accept local numbers, but I hope I am wrong.

I also intend to raise issues with my local data protection agency as well as various local non-profits. So far I have failed, but I hope this year will be different.

The place where I live, I can get a random loyalty every time I visit the store.
Don’t ask me how or why (it doesn’t make sense) but it is indeed quite practical.
Still, I feel that the habits and things I’m constantly buying are making it easy to know that it’s me. In an ideal world, I would share the loyalty card with 20 other people by sharing the QR code of it.

SMS pool.net does not work for validating the phone number? I doubt the devs took the time to care about making it match a local number only (also because it is probably not that easy to implement well). While sending an SMS code is probably very much doable for cheap.

This is something I am worried about too. That even if my loyalty card has a fake name and number, by making payments with my credit card I am linking my name to it.

I could be wrong, but I am not convinced that grocery stores link your credit card to your loyalty card. First because your credit card details change every couple of years. Moreover, even if they do link your credit card, it’s unclear if the grocery store registers the name linked to the credit cards. I am doubtful that they do, and suspect they only register the number.

Plus, I have used my family’s loyalty cards, and they have used mine, so that credit cards with various names and numbers associated to purchase. I guess if you want to be 100% safe, you can always pay with cash.

But IMO, if they want you to provide your name, number, and sometimes social security number, it’s because your credit card doesn’t provide enough info.

Your concern is valid, though, and I share it.

In a big country like the United States, you could share your loyalty card details with friends and family members across different cities and states.

If I was a YouTuber with a significant following, I would share my anonymous loyalty card details with all my followers. It would be a great way to protect myself and everyone else who uses it.

In fact, now that I think about it, I am surprised no one has launched such an online service. I think it should be either free, accept donations, or a one time lifetime purchase that gives you access to all the loyalty cards in your country, and you can get a new one if the grocery store cancels it.

One of the other challenges with having one loyalty card for many people, is that it is probably not worth it if the discounts are based on points you accumulate. Because that means other people would be able to use your points to get discounts. Most of the loyalty cards I use are not point based. You get the discount if you simply have a registered card. One of the grocery store I use used to have a points based system, but they got rid of it.

SMSPool most likely works. I just haven’t tried it yet. I want to try with a virtual number first to see if it works.

Oh I wasn’t even talking about payments but more of:

• exact list of things I’m buying
• quantity of it
• what time/day I buy them
• various combinations for possible recipes

Given enough variables, you can really narrow down my grocery list to probably 5 people in that city without too much issue given 2 weeks of purchases.
But also I pay with a bank card so it’s even easier yes (yet, I could pay with cash but it doesn’t make a real difference tbh).

In France, you need to provide a huge list of stuff before having one yes.

It am not sure of the benefit it would bring. What are you protecting yourself from?
Given the amount of cameras in a store, it’s very easy to know that “the guy with the red hoodie that paid at the counter 4” is the owner of the loyalty card with the ID: 130282039. And that this ID is shared with Mr X and Mr Y.

As a reminder, a grocery store is probably as secure as a bank when it comes down to surveillance/tracking given shoplifters etc. Some countries are also more intense about those topics than others but they definitely have the tech to track you out.
Some of those store, probably also (semi automatically) prompt for a manual check if you’re used to self-checkout your groceries with a portable store’s scanner. Hence you’re very much with a privacy of 0 at a grocery store, even if you never use a loyalty card ever.
It is a lost battle. Only thing that keeps me using one is just the ease of use to checkout faster and obviously, the deals of paying quite less in case of discounts.

Billion dollar startup idea for 2026 here you go.

Same, no points needed for my current one but I had the other variant in the past too.
Also it depends on the stores you go to indeed.

Sorry, I am not sure to understand what you mean by “virtual number”.
Isn’t SMSpool a one-time SMS code already, what would be considered virtual here? (I do get that for a bank card tho)

SMSPool offers both one time only and extendable
though extendable is not chesp with it costing 19 dollars per 28 days, I’m still open to cheaper options

Got it.

You think it’s that easy to identify you based on your purchases alone? You don’t think a lot of people buy the same things as you. I would like to think that without a name, it’s quite difficult to narrow down to a single person.

I don’t just buy stuff for myself, and I also use my family’s cards too. IMO, at best they could guess if you’re male or female, maybe narrow down age, but even then, I would think a lot of people fall into your category.

That sucks. I don’t like the idea of having to provide a lot of personal info about myself for very little benefits. For example, pharmacies sell a lot of products, like shampoo, soap, snacks, etc. One of my pharmacies has a loyalty card. I made the assumption that the discounts you get through them also apply to prescriptions.

Hence, I understood that I had to identify myself to get my prescription. But then I found out that the points you accumulate cannot be used to get discounts on prescription drugs, so I stopped using my loyalty card, and got a new one that is not linked to any name for all the non-prescription stuff I buy at the pharmacy.

I could be wrong, but unless less they have AI cameras, I don’t think a grocery store would go through the trouble of identifying people who deliberately avoid having their name linked to a loyalty card.

Also, if 1000 people all use the same loyalty card, even if you know their names, I am doubtful that the information is useful, unless you could identify who purchased what, which again, I am not convinced grocery stores would go through the trouble for. But if they embrace AI, I guess it is a possibility, as it becomes much easier.

I still think it’s useful to hide your identity by using fake details, and letting lots of people use your card. And regardless of if it’s effective or not, I think it’s worth fighting this problem collectively. By this I mean reporting the issue to your local data protection agency, and demanding a regulation change, so that by default, stores cannot ask for personal details like your social security number unless it is absolutely necessary.

If I am buying a pair of jeans. You don’t need my SSN. Same if I’m buying toothpaste. I would also argue that you don’t need it when I buy prescription drugs. My name is on the prescription. I can present you my ID, and you can see that it’s actually for me. The UK doesn’t have ID numbers, and people are able to purchase prescriptions just fine.

Again, unless you are using AI, and I know some stores are, especially in the UK, I don’t think grocery stores would go through the trouble of identifying law-abiding customers with cameras to monetize their info.

I also believe that there needs to be regulation to isolate what cameras are used for. Identifying a thief is one thing, identifying a law-abiding citizen to find out about their purchases is another. And even a thief has rights.

This where I disagree. We are losing, yes, but we can still fight back. Not just on an individual level, but on a collective level by demanding the system changes. I know the latter is hard, but it’s worth fighting for.

Indeed. My local movie theater has a loyalty card. I registered mine with a fake name, fake address, and fake number. Not once did an employee ask to verify my identity when I purchased discounted tickets. The loyalty card is free. You don’t need to know my name.

What I mean is, SMSPool uses real phone numbers linked to real SIM cards. They just communicate the text messages to you virtually. However, apps like Hushed do not use real numbers. They used completely virtual numbers, which are often detectable by services like Google.

I have used Hushed in the past to create a Telegram account. My Telegram account is linked to a virtual number that I lost access to years ago. I don’t know if Hushed still works with Telegram today, but I intend to try it with my local grocery stores, because I am not convinced they care to have a system sophisticated enough to recognize and block virtual numbers. Though I could be wrong.