You are right, it was unfairly harsh wording, I apologize for that. Most of those products are super cool and important, I’ve kind of extrapolated it from what I’ve read in other posts about them spending too much on stuff like events and other, non-developemnt, related stuff that I actually never checked, while also not realizing that they also have a ton of other projects, which mixed with the dissapointment with the recent development about the Meta partnership led to me choosing that wording unfairly.
IIRC, only like 2% of Mozilla spending goes towards FF (I may be misinterpreting something, but I remember 2% being thrown around), so funding FF without rest of Mozilla bullshit shouldn’t be that hard. Of course, since Mozilla did spend so little on FF, it’s a question how much they actually care about FF and what would happen if they lost access to their golden goose. They shouldn’t have problem funding FF, but they probably have other bullshit they don’t want to let go and that has more priority for them.
I’m not sure what Mullvad is based on - i think it’s on Tor, which is Firefox based?
I do use mostly LibreWolf, but if FF also went to shit, I wonder if Tor, and thus Mullvad, would keep on going or not. Because I suppose LibreWolf would have troubles with keeping up, if Mozilla would enshitify FF, since they would probably have to fork and continue development on their own.
This is the first time ive heard about microg. How is the app support with it? Can you run every app that needs play service? I have Google Sandbox installed only on a second Graphene profile, and use it for bare minimum of apps that dont work without it, Bolt app, mostly weird MFA for work or package tracking apps i use once per month, while disabling most of their permissions. Will microg improve my situation in this case to be worth switching over? Does it work without root?
One thing I forgot to mention - last time I recommended cloudflared, I was told that the TOS for cloudflared forbid use for high-volume streaming of data, such as movie/audio streaming, or sharing of large files for download.
I never had an issue with it, but I didn’t use it for streaming, only to share/download a small to medium sized file once per few weeks. I suppose that if you were to publicly post a link to a few Gb large file, and had hundreds of people download it through the cloudflared, they may take an issue with it. Maybe even if you were regurally watching streamed movies from your server through it. So just a heads up, make sure to check the ToS first.
I’m using GrapheneOS, and suprising amount of apps (including my bank app) works without Google Services. And if there’s something I need for work that doesn’t work without them, I have another profile with sandboxed Google play (which isn’t enabled on my main profile), and use the app there, where it’s separated from all of my data. No need to root my phone, and so far it worked great.
As for sharing your Nextcloud stuff, what I did was for services that need to be public, I just got a cheap (like, few dollars per year) domain and use Cloudflare Tunnel (Cloudflared). It handles all port forwarding for you, and you don’t have to make anything public on your router - just install cloudflared on the server and have it forward the port you want to your domain. You can also set up geoblocking and ACL pretty easily, so it’s perfect for that.
I’ve however recently moved to using ZeroTier, because it has a nice mobile VPN app, so I just run zerotier (it’s literally two commands to install and join a network) on my server, and if I need to access something there I just launch it on my phone and connect through ZeroTier. This, however, won’t help if you want to share stuff from your server with others, since they’d have to install a ZeroTier client and also join your network. For Jellyfin, Nextcloud and Sunshine, though, it’s amazing.
And if that still feels like too much hassle for you, I’d recommend looking into Proton Drive. I’d consider that one of the best hassle-free alternatives to GDrive, which launched recently.
I also have a dual-boot, with fresh install of Windows I debloated as much as possible, that I use for games that I can’t get to run even after trying protondb.com. However, it has only happened one or two times since I switched more than half a year ago, and I usually just give up on and refund games that I can’t get to work on Steam. I have a lot of other things to play, and usually I wasn’t that much dead set on playing that particular one. I do make sure to post on the forums of the game when that happens, though.
I’ve also recently stumbled upon https://windowsxlite.com/24H2ProV2/, which should be a debloated and minimized Windows (4Gb installed size is mindblowing, considering that all my Windows VMs have like 40Gb freshly installed). The site looks shady, but it was recommended to me by my coleague who works in cybersecurity, so I hope he knows what he’s doing. I haven’t got the time to test it yet, but it does mention that it should work for games, so who knows.
I’ve switched a few months ago mostly for gaming, and here are few tips and issues I ran into, in case you run into them too.
Not sure what distro you are using, but I’ve run mostly into issues when trying to get NVIDIA and Proton working on Fedora. Just getting the drivers to work took a few tries, and I never managed to get stuff like cutscenes to work properly.
However, I then switched to Nobara (I suppose PopOS may also work), and the experience was wastly better, with everything working out of the box (I did switch to KDE Plasma on X11, since Wayland kept freezing on me).
I’m not sure what of the many changes Nobara does helped solve my issues, but I guess it may be related to it including Proton GE by default, which I recommend getting, and a slightly streamlined installation of NVIDIA drivers.
I also recommend checking out Lutris, instead of using Wine directly. However, I never really managed to get it working, aside from WoW, so your mileage may wary. But I have most of my games on Steam, where everything is working out of the box, so it wasn’t that much of na issue. I only sometimes have to switch Proton version (by right clicking the game - properties - Force a specific version of compatibility tool).
you need to do it not only for every Discord server you want to use on matrix, but every channel as well. It’s a huge chore. And ofc it doesn’t work with Discord DMs.
This wasn’t my experience at all - all I had to do was message the Matrix bot with servers I want to join (I’m not a mod on any of them), and it bridged all channels in that server. Also, Discord DMs are working fine.
I’m using the mautrix bridge, which doesn’t use a bot or anything like that, but uses your Discord session instead.
If you don’t use Discord for voice much, Matrix has a pretty solid bridges you can use.
Hosting your own Matrix server is suprisingly way easier than I though - got a VM on hertzner for like 5$ a month, and there is an Ansible script that takes care of the setup for you. It’s also one of those rare cases where someone made an Ansible script that actually works, instead of you getting stuck in dependency-hell (seriously, fuck npm. Not a single docker or ansible tool that has used it ever worked for me out of the box. Python can get simillarly annoying).
They have a pretty easy to follow guide, and the whole setup took me like 20 minutes. I only edited a few options in config.yml (mostly to add Messenger and Discord bridge), and ran the ansible, and it worked at first try.
So I could at least ditch both messenger and discord apps from my PC and phone, without having to convince anyone to quit their poison - with only issue being that you can’t use Discord voice. And that the messenger bridge is still unreliable sometimes, but those are still minor inconviniences in comparison to my deep-seated hate for Meta.
Of course - Meta still gets my chat data and content, same as Discord. But at least they don’t get anything else from my phone or PC.
My own setup from the top of my head would be:
- Browser: Mullvad with Mullvad VPN, LibreWolf for stuff that breaks. Brave if I really have no other choice.
- Phone: Pixel with Graphene, main profile is Google-less, second profile with Sandboxed GServices for apps that don’t work without it but I need them, downloaded through fresh gmail profile. Third profile linked to my old gmail with credit card for the two apps I bought and sometimes need to use.
- Mail: I use Protonmail, with my own domain that sounds vaguely corporate. I have a catch-all address, and generate random name.surename@mycorpdomain.com addresses for each service.
- File storage: I have a NAS, that I use for most file sharing I need.
- Music: Jellyfin server with Headphones and redacted.ch account, and I also make sure to support artists every month by spending what would be my Spotify subscription price on Bandcamp albums
- Desktop: I run Nobara, too lazy to run QubesOS - plus I game a lot, so it would be infeasible. I mostly try to get stuff on GoG and back it up on my own NAS. I have a ZeroTier network set up for streaming through Sunshine/Moonlight when I need to game from a laptop.
- VPN: I use Mullvad paid for with Monero, because it plays nicely with the Mullvad Browser fingerprint.
- Home automation: I have a few basic stuff made for Home Assistant that is running on RockPI I have at home, everything local and without any cloud, mostly through ESP32s.
- Messaging: This is the one I hate the most - most of the groups I’m working with or volunteering for use Messenger, so I have a Matrix server hosted that bridges it and Discord. It’s not ideal, but better than having anything Meta on my phone.
- Payments: This one is the one I’m struggling with the most. I pay by card almost everywhere, because cash is so much effort. I’ve tried looking into crypto or prepaid cards, but it’s really hard to find anything without KYC in Europe, so I’ve given up. I’m looking for advice regarding this, but I’m afraid that aside from switching to cash I’m out of luck.
- Passwords: I just use Bitwarden with YubiKey setup, same as using YubiKey for every important MFA I can. I have two backup keys stored at home, so I don’t need to use other recovery methods that would render it useless.
Few recommendations from the top of my head, from skimming the post.
I’d recommend checking out QubesOS (https://www.qubes-os.org/), especially since it seems you switch between ToR and already use Silverblue, which is AFAIK similar, but why not go all the way in?
Also for VPN - I’ve switched Proton for Mullvad VPN, because I really like the idea they are going for - if you pair Mullvad browser, that is designed to have the same fingerprint for all users, with a VPN that’s from the same company, you can kind of expect that most of the Mullvad VPN users will also be users of Mullvad Browser. Which means you will not be one of the few Proton VPN users with Mullvad fingerprint, but will have the same fingerprint as most of other users of Mullvad VPN. This will make it harder to fingerprint you based on your browser. One word of warning, though - don’t install extensions to Mullvad. If you do, you break the “same fingerprint” premise, and the more extensions you install, the more identifiable you are. Mullvad should be used without any extensions.
Another thing I see is music streaming - I think that in general I’d recommend just getting a cheap laptop/NAS and run your own Jellyfin, and slowly start building your own music collection. You can also run Matrix server as a bonus, and bridge all your communication (including Signal, even though that may not help that much) - but it does help if you need to use some kind of service, i.e Messenger, for group or work related purposes.
My approach to music was to cancel my subscription, and then use the money I save to spend on albums on Bandcamp, so I still support the artists I want. I make sure to do that every month. Since there’s just wast amount of music to get, I use Headphones with an account on redacted.ch to fill my library, but I still make sure to buy albums I like even if I already have them downloaded. The added bonus is that you actually don’t loose any of your music, if the artist decides to pull it off the streaming service, which has aready happened to me several time.
If you want hosting your own LLM, take a look at https://refact.ai. But note that it’s not really cheap, I’ve recently upgraded my computer and decided to use my NVIDIA 1060 to run refact, and it still didn’t work well - 8Gb of GPU memory is borderline usable, and I couldn’t do the finetuning.
I was using LibreWolf before, but I really like the idea of bundling VPN + Browser, and also the way they handle payments - not only is Mullvad VPN kind of cheap, I can just pay with crypto and don’t need any account (kind of - you just generate username that also serves as an password, without any other contact information required).
But what I like the most about it is the idea of making a browser with the goal of having the same fingerprint between users (as much as possible), and offering it with a VPN - becuase that means that most of other users of the VPN will probably also have the same fingerprint from the browser, so you will blend in with them. I wasn’t really sold on the idea of VPN before that and didn’t use one, but this was what convinced me.
But tbh I haven’t done much research into the company, or into the effectivness of their implementation. I’m kind of betting on their cooperation with Tor Browser, which should have most of this stuff already figured out. But it’s possible that other browsers are just better at it, I never checked.
I do however still use LibreWolf for the occasional site that breaks with Mullvad, but it’s not something that happens too often.
I use(d) the VPN alongside it and found the add-on “hints” regarding the correct DNS settings more frustrating than helpful, too.
Hmm, I don’t think I’ve ever noticed anything about DNS. I think I’ve actually never click on the browser vpn extension, though :D Is it the encrypted DNS hint?
EDIT: Found this, apparently it’s doing pretty well https://privacytests.org/
I’ve been having a pretty good experience with Mullvad, however I don’t hear many people talking about it. I wonder why is that, IIRC it’s being developed with Tor Foundation, and is basically a Tor browser for clear web, and that sounds perfect. So far, I didn’t run into any issues, so is there a catch, or are they just not well enough known yet? Or, maybe people are turned away by their optional VPN?
I haven’t really looked into it too much, but… Aren’t they actually right in this case?
Sure, reading “we can’t protect your privacy because you’re using privacy-centric extension…” feels like bullshit, but from how I understand it based on the screenshot, the issue is that you have blocked the cookie permissions pop-up, whose main reason is to give you an option to opt-out of any tracking cookies, thus protecting your privacy. While also being required by law.
However, this depends on how exactly is the law formulated. How does it deals with a case where you don’t accept, nor decline any cookies, and just ignore it? Are they not allowed to save any cookie until you accept it and specify what exactly can they save? Or should they not let you use the site until you accept it?
I vaguely remember that it used to be enough to just have a OK-able warning that this site is using cookies, but then it changed to include a choice to opt-out. Which could indicate that unless you opt-out, which they are required to give you a chance to, they can use whatever tracking cookies they want. And if that is the case, this message is actually correct.
That is true, but can’t they (a company that wants to, not the goverment) do that already if they want to, under ChatControl 1.0? And I wouldn’t say that whether a service is E2EE or not makes any difference here - scanning private user messages shouldn’t be allowed, whether they are encrypted or not. IMO if ChatControl 2.0 passed and was made mantadory for everyone, the fact that it is mostly noticable on E2EE apps is only a side-effect of blanket surveilance, and not the main issue with the proposition.
What’s the point of them agreeing that they will let the 1% of users of E2EE services keep their privacy, while they already scan 90% of communication (I mean, just GMail + FB/IG + iCloud, that is already being scanned, makes for most of the worlds communication) for the past year or so?
Now I’m curious whether Facebook/Instagram, who does offer encrypted chats and also scans all your content under ChatControl 1.0 voluntarily, also scans the encrypted chats or not. I’d vager they do, but that’s just a speculation.
But they did briefly mention that they will begin “phasing out” chatcontrol 1.0. I wonder what does that means, and how long will it take.
I think the headline is missleading, if I understand it correctly.
ChatControl is already possible, and implemented for major communication service providers that most of the people use. It’s just not mantadory.
Currently a regulation is in place allowing providers to scan communications voluntarily (so-called “Chat Control 1.0”). So far only some unencrypted US communications services such as GMail, Facebook/Instagram Messenger, Skype, Snapchat, iCloud email and X-Box apply chat control voluntarily (more details here). source
The article states that they decided that they will not blanketly require it, but I don’t think it says anything about rolling back the first version of ChatControl that’s already in effect.
EDIT: I was wrong, the article actually does mention it, even though on pretty vague terms:
The current voluntary chat control of private messages (not social networks) by US internet companies is being phased out. Targeted telecommunication surveillance and searches will only be permitted with a judicial warrant and only limited to persons or groups of persons suspected of being linked to child sexual abuse material."
Get GrapheneOS, your mobile phone will be one of the best sources of data about you, and if you’re on Googled Android or IOS, there’s nothing you can do to stop google apps stalking you, which they have already had several lawsuits about doing it even when you disable it. GrapheneOS takes care of it by sandboxing google apps, so they can’t do almost anything, along with really fine-grained permissiion control, i.e giving messenger access to only selected photo you want to upload, and nothing more.
As far as browser goes, I recommend Mullvad, and bundle it with their VPN. Not only can it be payed for by Crypto, it also means that almost every other VPN user will have the same browser fingerprint as you - fingerprint of the Mullvad browser, which is based on Tor browser and designed to be as unfingerprintable as possible, so it will be really hard to distinguish you using secondary fingerpriting, such as extensions or minor browser details.
Don’t use Gmail or GDrive, ideally get your own NAS for file sharing and switch to something like Protonmail, which now also offers Drive. Get a domain that is vaguely company-sounding. Something like @techcorplimited.com, and create a catch-all email address, so any email sent to that domain will end up in your inbox. You can now use randomname.randomsurename@techcorplimited.com as your throwaway email address, and just randomly generate them for all services you use, while also making it believable to confuse even AIs.
Even when using VPN, don’t sign into your accounts. You don’t need to sign in to Youtube to tell it that it was you all the time, just remember your favorite youtubers and look for them by hand every time.
If you’re really serious, look into https://www.qubes-os.org/
That’s why I’m avoiding any extension I know I really don’t need.
I’ve already burned myself once, when Nano Defender sold out and turned into a cookie-stealing malware. By the time it was one of few adblockers that were not being blocked by adblock killers. They’ve pushed a malware update through the Chrome web store, and started exploiting stolen cookies immediately.
It was a difficult day, where I had to explain to few of my exes that someone hacked their Instagram account due to an ad-blocker I’ve set up for them when we were dating few years ago.
I think it’s time to stop and think whether we really need all of those services? We’ve been slowly trapped into social networks and various unecessary services through dark patterns, and now we somehow can’t imagine being without them, even though they actively make everything worse.
What was the last time you watched a Youtube video that actually was worth the time, and wasn’t just a shallow content about something vaguely interesting, but something you’ll probably could live without? Do we really need to agregate news and articles from the whole internet, while there probably are good local newspaper/news sites that will get you up to speed, without giving you clickbait articles? For example, we have a pretty great news company that is independent and funded entierly by users, and it’s enough for keeping up to speed on world events without having to scroll through a lot of bullshit.
The more enshitificated the internet gets, the more I’m starting to realize that I really don’t need almost any of it. Sure, some things are pretty usefull, like cloud storage, but almost anything I needed so far was solved by just getting a NAS with Nextcloud. The only thing I really need the internet for is messaging and email. And if I want to stay up to date, we have amazing smaller local sites for both gaming news and for world news, and those two are enough.
The more that I think about my internet usage, the more I’m realizing that I don’t really mind its enshitification - because ever since it started happening, I’ve been just removing addictions from my life and replacing it with more niche or smaller sites that are updated less frequently, don’t stalk me, and I’ve slowly started to realize that thanks to that I can do a lot more done and don’t get trapped by scrolling through clickbaity dopamine rush made to keep me glued to a screen.
I recommend reading https://www.goodreads.com/book/show/40672036-digital-minimalism . I’ve already read it several times, and never managed to get into fully implementing it. I did stop using Facebook, and reduced my Reddit usage drastically during those years, but this enshitification is only making it easier to just not using anything I really don’t need. I’m looking forward to WEI and other “You can’t do this” stuff that will come with it, because it’s exactly the trigger that will make me stop and think “Do I really need to do this? Or are there better ways how to solve this.”. And the answer is almost always “Nope”.
What’s the consensus on https://www.privacyguides.org/en/ and https://www.privacytools.io/ ? I was always just using privacytools’ recommendations, but then discovered that the original people behind it somehow split into privacyguides, and both sites have almost entirely different recommendations.
So, which one to believe?
Ooh, nice! This is exactly what I was looking for.
Unfortunately, it doesn’t seem to work with Librewolf, which I guess has hardcoded some tracking options - even after I disabled Enhanced Tracking Protections, I’m still at 0 clicked adds even though I tried really hard to visit ad infested sites :D Oh well, I’ll see if I can do something about it, because this is a concept I really support.
EDIT: Ok, I was just really bad at finding sites with ads, for some reason :D
Yeah, I know and that’s what I’m afraid of. I guess I’ll just have to come to terms with most websites not working in some obscure web browser that’s not feature-complete. Would actually help with my addiction, so it won’t be so bad, I guess.