My previous question about how to run a VM and VPN on Windows 11 Pro assumes that the best solution for isolating data tracking apps is through VM and VPN but maybe my question should be, what is the best safeguard if I have to use Google? With recent concerns popping up in the forum about the use of VPN and how that might flag you for accusations of criminal activity just for using it got me worried that I am barking up the wrong tree. So I will back up and present the problem instead of assuming I know the best solution.
I need to use Google suite for work type activity on my laptop and this work doesn’t get to choose alternatives to Google. I will need to access the full google suite of apps to collaborate with people on my team as well as use social media platforms and I will need to use Zoom meetings. I know these apps track my personal data and I’m hesitant to log in to these apps without some kind of safeguard.
What is the best solution to protect my personal information on my laptop assuming that I cannot create a physical separation at this time (ie. separate devices)?
Not sure what you’re referring to here nor don’t I know why you believe this.
Look, if you need to use Google and its products for work stuff, then you have to. There’s no expectation of privacy at work or with your work. Keeping this in mind, you’ll have to do what’s needed to get your work done. The best option here is to use a VPN, create a new browser profile in which you only do your work stuff and anything else can be on another profile or browser altogether.
When you say safeguard, it implies you’re scared of it as malware or from a security POV. But Google is very secure and is indeed not malware. It is absolutely horrendous for privacy and from a privacy perspective however. So, perhaps that’s how you should look at it too.
Compartmentalize your work stuff and your personal stuff with different browser profiles or different browsers. Firefox for one and Brave for another for example. You can also use the ProtonVPN extension with different settings and locations set in the two to further compartmentalize things but a systemwide VPN would be best still if you ask me.
I don’t necessarily believe this, I am just unsure. This is all new to me. I thought I had seen multiple posts, but maybe I was just reading from this post where the author stated “If you are located in a civilized, human rights respecting country in the western hemisphere, you should probably not be using a VPN” and in the comments someone said that some countries have made “VPN usage illegal”. The author also commented that “VPN servers are valid targets for warrants”.
Apologies, maybe that was just one person’s opinion. I’ve been sifting through so much information it all gets confusing. I am certainly not doing anything illegal, I just don’t want to draw unnecessary attention to myself.
I will be logging into “work” google accounts on my personal computer. I am not concerned about being monitored by an employer.
Is a VM required to run the VPN or do you think that is overkill?
I am not scared of malware or confusing Google as malware, I just don’t want the work I do in Google to be at all associated with my personal life in any way so my concern is with Google’s privacy practices and data tracking.
I’ve been on the internet for a long time and was not concerned about privacy in any way prior to recently so this is just an experiment to see how I can setup a new computer. I am new to this whole privacy thing so I am starting with the strictest of privacy/security protocols for educational purposes. Just for funsies.
I would not trust that post and OP’s opinion there. VPNs are a legitimate piece of tech that has value for all that it can do. Just choose the right provider. PG has recommendations. Mullvad is my favorite.
No. Don’t complicate your set up. Just maintain a separate folder or even a Proton Drive or Cryptomator folder on your computer and compartmentalize your browser and its activities.
If this is the primary concern, then make a new Google account under a different name if you don’t plan to pay for any of its services in anyway. You’re already compartmentalizing your browsing activity so that would help. Unless you’re being targeted for anything specific, this is not a big concern if this is for work stuff. But I understand why you’re asking. Seems like you’re new to privacy and security. Just know that not all solutions are meant for all people. Do what you can and mitigate what you cannot for whatever level or privacy and security you want to achieve.
That’s a bad idea. You’ll overdo it and end may end up making a mistake or worse, end up giving up on this privacy journey when you become overwhelmed. It’s like a person who just learned to swim wanting to swim in the ocean with no bottom or no direction to know which way to go. Bad idea. There’s a reason why all learning have a process.
This is a process. Read, learn, try, understand, experiment, and repeat. Only then you’ll understand what’s what and how more and better.
That’s wholesome the way you said it. But that’s why I said all I said, I don’t want you making a mistake. Just take it easy is my point, is all.
Can you explain why I might not want to complicate my set up? Would you be concerned about user error or is it just unnecessary? Just out of curiosity, I want to understand your reasoning.
I am not being specifically targeted but I do want to be cautious for reasons I’d rather not get into. I am new to privacy and security. I want to experiment with different solutions to learn.
What mistakes might I make? If I start with the highest privacy/security, isn’t it easier to roll back then up the ante? If I do make a mistake, can’t I just reinstall Windows and start again? Are you concerned that I might expose my computer to harmful spyware/malware? Just want to understand why you think it might be a bad idea.
I can’t see why I would give up on my privacy journey, I have nothing to lose being that I’ve already been all out there. I’ve got nothing better to do with my time right now. Like you said, this is a process and my experiment. I can try and try again as many times as I want.
Thanks for answering my questions, you’ve been very patient!
I don’t know. You’re a beginner. It could be anything. Not setting up something properly, using the wrong tool for the job/purpose, using the command line and entering commands willy nilly not knowing or unable to verify the source of the info for what it will do on your OS, etc. Beginners can make any mistake. I said that thinking you’re also not as tech savvy. But if you are, then this is largely not an issue.
Well, it appears to be complicated to me for what you’re going to be using your computer and your tools. It’s an unnecessary step if you ask me. Setting up a system wide VPN or even using a different user account on your computer with a VPN is far better. Plus VMs don’t always give you native performance for any app you’re using, even if its just the browser.
Great. In this case, I would not consider your threat model high but medium at best where you want to do all you can without sacrificing almost all of the computing and usability inconveniences. So, I recommend learning and trying things out before settling on anything for good - is kinda how I meant it.
Not always. Depending on what you might do, you risk being unable to turn back the dial from the highest levels of privacy & security. It’s possible but not guaranteed.
Yes, you can. It’s just a pain in the ass to install it in the most privacy respecting manner each time and setting it all up again. Not worth going all in to the highest levels of things on WIndows since you never know what you might break or risk breaking depending on what you do and what changes you make and how.
Not too much of this but I would double check any command line tool you may be tempted to use that does not have a GUI in your hardening processes.
Like I said, since you’re a beginner, you may do something not knowing if something is even needed for what you’re trying to achieve or if that’s the best way to go about it either. It’s hard for me to be specific here but what’s the best I can describe or explain it.
Losing your interest in privacy and adopting better tech habits and products and services is what you’ll lose because you don’t know you need it in the first place. You should need it. You should want it. It safeguards you against big tech and surveillance capitalism. That’s what you’ll be losing if you give up. Please don’t. And that’s why I said, take it easy and not risk overwhelming yourself to a point where you call it quits.
VPNs are a good solution (if they dont keep logs)
But if your Google account is not anonymous then a VPN wont change that after you allready used it with your real IP.
I would recommend that you just use Google for all your work stuff, where its required, and don’t use it for other stuff.
Besides creating a work profile on your browser for any Google Suite-related tasks, you can also try dedicating a virtual machine (think Virtualbox) and run a VPN on the host computer.
I don’t know about the specific requirements of your job, but this can help in cases where you want further compartmentalization without configuring a dedicated work laptop or installing Qubes OS.
Ahhh thanks for explaining. I am new to the topic of privacy but I have a tech background so I would describe myself as an advanced computer user.
I do not mind setting it up all over again. I literally have nothing better to do with my time. Last week I learned how to configure my system and run maintenance tasks in powershell so I can export a system audit and backup snapshots of my harddrive to an external drive. This will make it easy to rollback if I break something. I have the Windows installer on USB ready to go and all of the downloads I might need to begin the installation if I need to start fresh.
I won’t give up, I find the topic fascinating! Thanks so much for explaining, I have a better understanding of your reasoning now.
Then I am not worried about you diving into the deep end. Enjoy. I guess I have nothing more to “warn” you about. Have fun!
I also recommend reading some of the privacy books since you have the time. You’ll learn a lot more. Start with Surveillance Capitalism. Privacy is Power is also excellent.
Got it. I will investigate to see if the VPN keeps logs, is that a setting or does it depend on which VPN I’m using?
What do you mean by an anonymous Google account? I have logged into my gmail account in the past on a different computer using my real IP, so is my home address now permanently connected to any gmail accounts I’ve accessed at home? I’m just trying to understand how this all works.
Usually a thing VPNs brag about. But only trust open source ones with great reputation and audit reports. Hence why trusting PG recommendations directly is the best option if you want the answer right away. But you can always research more.
WHat that really means is Google knows your residence’s IP and your ISP. But this likely the only PII they may have. Again, this is not a real concern for you given your threat model. But yes, Google has your real IP. But not sure how permanent the attribution will be.
I think I am getting confused. I thought the purpose of creating a virtual machine on my host computer would be to run a VPN within the virtual machine. Why would I run a VPN on the host?
When I refer to work, I am not talking about a job but I do engage in community activities when I’m able to that involve activism and I prefer my involvement to remain private and confidential for safety reasons. I would be using Google and Meta and Zoom meetings for those purposes. I just want to maintain as much privacy and separation as I can between my private life and those other activities.
Eventually, I will setup my home computer for personal use and this laptop as a dedicated “work” laptop, but for now I will be using this laptop for both. Is Qubes OS a virtual machine operating system?
Because your VM will take your network info/connection from your host. If you don’t want it so, that may require several extra steps that even I am not sure how to do, if that’s even possible.
I highly advise that you use alternative tools. They all will gather enough data about you (that may or may not also include your voice and some of your content) so your privacy is shot. Any steps you’re taking in mitigating your privacy will be negated. That’s why we discuss a lot of alternatives and find the best solutions that fit our use case that’s not big tech. Please find other alternatives. Signal is ideal for now. Wait for Proton Meet to release to all and then you can use that.
Qubes is a Linux based OS. Very finicky OS at that. Difficult to set up and find hardware on which it can work well. Best to read its website to learn more.
–
I know you’re not asking me these questions so my answers are unsolicited but sharing what I know or think nonetheless to provide more nuance and context (apart from answering your questions).
But wouldn’t the network info/connection be just as readily available running the VPN on host? I thought the VM would provide an extra layer of protection between the host and VPN. If this is not the case, what’s the point of the VM at all?
If I had a choice, I would most definitely use alternatives. I’ve been unsuccessful in convincing my collaborators to use different tools.
I don’t know if I will ever be able to completely de-google in my personal life, I think the best I can do is minimize risk and limit use to specific devices. I have a neurological disorder that involves place blindness and I can’t get around without Google Maps on my phone. I’ve tried other map tools but nothing comes close for real-time street directions and location services if I need someone to come and find me or navigate back to my car. I still get lost two blocks from my house. Before Google Maps, I was housebound, the tradeoff is my independence.
I very much appreciate your honest answers, thank you for taking time to explain some things to me. I really do hope to be able to completely de-google at some point especially when some of the alternatives become more mainstream. Google already has all of my personal information, I’ve literally never taken any precautions before now… even if I can’t implement everything now, I do want to learn best practices so that I know what to do when I can make the break. Thank you!!!
Every VPN claims that they don’t take logs, if they really doesn’t do it depens mostly on trust.
Recommended and trusted VPN providers are for example: Mullvad VPN, IVPN, ProtonVPN
Its very likely that Google knows exactly who you are, based on all the information they already have, so it is a battle on losed ground to try to make the account anonymous now.
Keep in the account what you need and move the rest of your activity out of it.
You are absolutely correct. The forum is only a place of discussion. Nothing said here is reflective of any authority figure (let alone Privacy Guides), only the poster themselves.
For the average person, authority figures are where we gain knowledge from. For example, if I am the average person I would rely on the Privacy Guides website to learn about privacy.
For the more technical person, however, they do not need to rely on authroity figures like this website. They are able to, with their own professional experience and/or research, come to evaluate statements and come to their own conclusions (which they can do about discussions on this forum). And with that, they can contribute to generating knowledge by giving their opinions here.
It would take serious dedication and time for the average person to learn cybersecurity, information technology, political science, etc., and to furthermore be able to give professional opinions on the subject such that they become authrotiy figures.
So if you are just the average person, then understand that you cannot evaluate opinions espoused by forum users alone, which you acknowledge here:
When you ask questions here, you are only asking for the opinions of individuals. It is up to the broader community to assure that correct opinions are written on the site. But until then, anything discussed here should be treated as opinion for the average person.