As another poster said, the underlying tech is not private: https://jmp.chat/privacy
For backwards compatibility, what your proposing is unlikely unless driven through regulation (personal opinion).
Use something over the top (like Signal was suggested), use a non-KYC provider (like Jmp), or use a burner phone.
A non-KYC provider I wouldn’t trust to be private personally, especially as a secondary SIM. Maybe slightly above average (the company can’t sell the number attached to my name), but I’m sure enough information leaks that a state-level actor could correlate the device to me. The IMEI the tower gets is probably enough to run to Google to figure out who bought the phone.
Even burners may trace back to you through GPS or triangulation depending on how private you really want to be.
This is common for scraping even on desktop.
Dark mode, screen resolution, window size, and installed fonts are all tracking points plus hundreds more.
As I understand it, randomizing can make you stand out more as an outlier. Its better to blend with the herd. VPNs help by putting a bunch of clients behind the same IP, but if you stand out based on activity, an advanced enough algorithm may pick you out by what’s static and by what’s always changing.
I’ve been getting in the habit of using per service emails and rotating them like my passwords (if the service allows). MS allows this (assuming the account is not for your email). I’ve changed it 5-6 times. Except for Skype which I don’t use. Can’t seem to change that one myself.
Others mentioned YubiKey. Another alternative I use is both an OnlyPass and Mooltipass, interchangeably. They act as keyboards and work with any device I’ve tried that supports USB keyboards without some agent always running. With it I’ll add an extra 56 random characters on top of my memorized passphrase for critical systems (disk encryption, system login, password manager).
A few notes as I’ve been doing some PQ research for my own projects:
With that said, I’d want to know where and how the encryption is going to be applied.
An ideal solution for me:
I suppose you could use a PQ TLS, but if the payload is already AES encrypted, I see little value. You could use PQ to sign each object I suppose in case your AES key is broken, but that would mostly detect tampering of the data.
Been using jmp.chat. I didn’t have to give any personal info. It uses XMMP/Jabber to handle text/calls instead of wrapping your existing number. Their in-house client is pretty nice as it integrates with the dialer.
They straight up tell you its not private. That’s not what I use it for. I use it to make my online activity less linkable when companies try to KYC me by requiring a TN.
The phone network itself does not encrypt metadata or content. Therefore, if your concern is a state-level actor, exploit of a service provider, or rogue employee, you should consider all the metadata and content of your phone calls and text and picture messages to be not private.
Some third party tools you might find useful.
I do use rclone but I’m pretty happy with b2 storage. I did a small test with proton and it seemed to work.
https://rclone.org/protondrive/
VPN in docker with port forwarding. Didn’t have any luck routing host traffic through it but I didn’t dig too deep. Might be useful for a web based torrent docker container.
https://github.com/qdm12/gluetun-wiki/blob/main/setup/providers/protonvpn.md
Rclone added beta support.
Yeah, its super annoying.
Port forwarding with the VPN on Linux was an adventure because all the docs are outdated and I had to scour github issues for how to do it.
Android mail app becomes super slower over time. No snooze. Wish it could do POP3/IMAP for send/receive from other accounts like my school one. Can’t delete aliases I made before proton pass aliases came out.
No contact syncing as a bi-directional provider with Android.
Someone recently added Proton Drive to rclone if you want to sync in Linux. Worked for my small test but I’ve since moved to Backblaze for my backend storage while waiting for a solution and it works really well for less than a $1 a month.
And track this stuff in git so you don’t need to remember how you did it when you inevitably forget, lol.