New to privacy! I would like to learn

Hello to all! Newbie here and I’m looking forward to learn as much as I can. To be honest, it has been quite mentally and emotionally challenging, but I want to fight this fight.

As of the moment the only devices I have are Apple. I really would like to use GrapheneOS but I am unable to get a Pixel anytime soon. I would love to hear everyone’s thoughts on the feasibility of privacy on iOS. I’ve done some reading around and apparently Apple ‘sandboxes’ all applications and that’s a good thing? But, I also know that iOS isn’t open-source so I’m really gambling here aren’t I?

Regarding my threat model, I guess I want to be private as much as possible. I want my thoughts to myself, I want to protect human integrity and creativity and know that my data isn’t being mined to feed some algorithm that boxes me in some echo chamber. This is something I truly have a deep existential connection with. I understand that in this day and age this will be tough.

The pressure is intensified all the more because distanced learning leaves me prey to Google products.

With all that said, I am here and I’m all ears. I look forward to you all. :grin:

2 Likes

Hi, welcome to the forums!

As you already pointed out, preserving privacy in the current era is a very challenging and tiring process. I recommend taking it easy and one step at the time, to avoid getting burnt out with too many options or too many “inconveniences”, workarounds, etc, that you’ll have to get used to. It’s a long-term play, so again take it easy and tackle one issue at the time.

Most of what you can do is a matter of changing certain habits, and goes beyond what phone you’re using (although I recommend something like GrapheneOS or LineageOS). Here are a few pointers, and please I insist, for your own piece of mind remember you are not supposed to do all of this at once!

  1. Try shopping less online and use more cash instead, whenever possible.

  2. You can start looking into shifting email providers to one that is more privacy mindful, like Tutanota or Protonmail to name a few.

  3. Install F-Droid on your phone and just browse to see what apps are available. They are all open-source and mostly more privacy-friendly than those found in other App Stores. I suggest you start with NewPipe which is a Youtube front-end, meaning you can access all videos from Youtube without any of the tracking.

  4. Visit websites like Alternative to and Privacytools to find out new alternatives to popular computer programs, apps and services.

  5. This has to do more with security rather than privacy but is still a good measure to use a password manager, this will allow you to always use very strong and secure passwords for all your accounts without having to remember all of them. There are several popular options but I’m not sure which ones work on Apple devices, so I’ll leave you to research on your own or someone else here to give a better response.

  6. Encrypt your files when uploading them to a cloud service provider like Google Drive and similar. Encryption can be done in may different ways so I’d recommend to once again take the time and research a bit on your own. Privacytools has a page dedicated to encryption tools which is great to use as a starting point.

  7. There is a lot more to cover, but there are excellent guides to help you have a better understanding of what’s going on and what you can do. EDIT: Actually I just found this privacy guide for MacOS users, in case it helps

And finally, please feel free to ask as many questions as you want over here we are all happy to help. Cheers!

4 Likes

First of all, dont stress to much. i was new too in privacy and my goal was anonymous but nothing was like that. so put your goal more in realistic scope.


Some good places to start is techlore, the hated one and privacytools.io


If you can’t get pixel soon, you can still use apple at mean time with the tweaks that recommended by (again, techlore, the hated one and privacytools) and there is nothing called " I guess I want to be private as much as possible" because i was like this, all i got was mental problems. put to yourself goals like you want protect your data from companies like google or FB or if you want to hide data from the gov (good place to read about it: https://ssd.eff.org/en#index and https://ssd.eff.org/en/module/your-security-plan) also my last recommendation is watch The great hack and The Social Dilemma to get the full picture about tracking and get more info about the subject

3 Likes

Welcome to the forum! It’s encouraging that you’d like to learn. As you said, you’d “like to be private as much as possible” and want your thoughts to yourself, but that can be tricky when a lot of the major platforms and technology are sold by a few major companies like Apple, Google, and Amazon, etc.

It’s a start not to use Google products like Gmail, Google Drive, and Chrome. Personally, I like email clients such as Protonmail, Riseup, and Tutanota. Riseup is invite-only, but you can get an invite from a user if you know them.

As far as browsers go, that can be tricky. Firefox is a good general option for every day browsing. I’ve known some people who use Tor for this, but in my experience, the problem with using Tor all the time is that many clearnet (non .onion) sites block you because Tor is treated as suspicious. There are also browsers like Lynx, which is text-based, kind of like the Linux command line, but that’s pretty advanced, and doesn’t seem to be for the everyday user! Lynx Browser

Personally, I switched to using Linux about two years ago as well, and though that’s been a learning curve, it seems to be better privacy wise too. I’d had my identity stolen not long before that, and it made me extra paranoid, which was a good motivator! Around that time I also started randomly generating all of my passwords and using password managers like KeePass and Bitwarden. There are quite a few other options that could be included here, but I’m sure they’ve been discussed in other threads.

What have I left out?

1 Like

Thank you for all the help.
I must say I’ve found all the researching quite enjoyable. I feel at ease and that’s good for my mental health but I really do still feel uncomfortable using an iPhone and an iPad. (These are two devices I use the most)

Right now, my plan is to keep my iPhone free of anything Google whatsoever. To name a few, I use Signal, Tutanota, DuckDuckGo and ProtonVPN. Do you guys think I should use an app like Lockdown as a firewall? Is that effective? It’ll take up the space of ProtonVPN though, is it worth it?

Sadly, I can’t get rid my life of Google Classroom and Meet. They’re kept on the iPad though.

If there are any more nifty tips anyone would like to leave I’d love that. I too have some more questions about privacy but on a more philosophical standpoint about trust. Maybe I’ll save that for another thread.

1 Like

I think you are already doing a great job then!

Lockdown uses the device’s VPN connectivity which means you cannot combine it with other VPN apps. However it’s best to block unwanted connections individually than simply let them through but with a different IP address.

Today tracking is more effective and precise because it relies on “device fingerprint” rather than you IP. Using a VPN is best used when you need to conceal your real IP from a server for whatever reason, or for a little extra boost in security whilst in public areas.

I too have some more questions about privacy but on a more philosophical standpoint about trust.

When it comes to VPN providers there is also this matter of trust. What you are doing is basically send all your traffic to them, who can see and log it if they want to. Realistically, you basically have no way to verify whether that is the case or not.

I would recommend to keep using your devices until they start to fail and need to be replaced. This is just my personal take based on the environmental impact rather than privacy. But also because you are already doing pretty good job and as I mentioned above, privacy is not just about the technology you use but about how you use it. In the meantime, do some more research on what else you can do or change: encrypt DNS queries, get a password manager, enable multi-factor authentication, etc.

2 Likes

Damn, it’s really nice to hear that I’m actually doing something right. Thanks. :slight_smile:

With regards to the whole trust scenario, I guess I entrust whatever Privacy Tools promotes on their site. I definitely want to get to a level of understanding on these apps and their codes. Truthfully, I think everyone should know what exactly is going on behind the scenes. I find it frustrating that culture has made it so that these things are complicated. It leaves normal folk like me completely in the hands of these corporations.

Anyways, I’d just like to ask. Would you recommend that I use Lockdown so that all trackers are blocked? Does that actually do more for my privacy than using ProtonVPN? Regarding, DNS queries I found this app called DNS Cloak.

1 Like

Absolutely, blocking trackers individually is preferable because those trackers contain information about your device that can potentially make you unique. If you’re using a VPN that information would still reach Google and Facebook, it’s just that the origin IP address would be one provided by the VPN provider; that’s really insignificant because the information used to create a profile of you is already in their hands i.e., they don’t care about your IP that much.

Truthfully, I think everyone should know what exactly is going on behind the scenes.

This is a lot harder than you might think. Personally I don’t have the time to go through the source code of every program I use and every website that I visit. Even if I did, how could I keep up with every new update? Realistically you have to trust someone at one point or another, though I agree that having a general idea of how things works is very important.

I’m not familiar with DNS Cloak but as is listed in privacy tools I would definitely give it a try. I’ve found many apps that I use today through PrivacyTools so I do trust what I see here, but also like to read about it myself and give it a try to see if it works for me or not.

1 Like

Welcome to the forum :slight_smile: hope you’ll succeed in your learning and have fun doing it.

Just for your information, I know you mentioned GrapheneOS, but did you know about CalyxOS ? If you did not know about it you may want to have a look as it could really be used as your OS for day to day use* (it includes MicroG so it makes a lot of things more convenient out of the box). It also has a 1 click install method (still in beta and you still need to go by terminal to make it work but it works fine, check on their Github or their Reddit if you are looking for the link for it).

There is pros and cons for CalyxOS as their is for everything. If you already knew about it and did select GrapheneOS as your best choice so go for it. But if you didn’t know about it then take the time to search about it, look for reviews (difficult to find good ones) and at the end make the best choice for you. Here is a recent review by Techlore :

Don’t just limit yourself to 1 review and 1 source. Explore other sources, ask questions, gain knowledge, create your own conclusions.

  • precision on what I mean by “day to day use” : every OS can be used for day to day usage. What I meant by that here talking about CalyxOS it’s because I think it’s an OS more convenient for starters who are new to Android, flashing, rooting, etc.
1 Like

Hello! I read your post and welcome to privacytools and the privacy life!! I read that you are doing distance learning with Google products and I thought I would share some privacy tips for that.

Click here to read some privacy tips

Since schools everywhere are forcing the use of Google to get your education it may seem like we can’t do much but there are somethings we can do. I recommended you go into your Google account and enable all privacy settings you can. To do that go to: https://myaccount.google.com/data-and-personalization

  1. Disable “Ad personalization” if it is on.
  2. Go to the privacy check up and delete and then disable all that you can. (This would be Google search history, YouTube history and some other settings.)
  3. And then go to Activity controls and go through each service, review and delete what you don’t want there. (To do this you click the little drop down box and then go off to each individual service. You may have to look for that service’s own settings section.)

If you do this you just gained some privacy! Now, with these enabled (or rather disabled), Google says they don’t log what you searched but only that you have searched and all the meta data associated (time stamps, IP, browser fingerprints, ect). Still not all that great but better than the default. If you want to take your school privacy a bit further I would recommend only use what you have to for school (G Classroom, Drive, Gmail) and do some or all of the following:

  1. Use privacy minded search providers rather than Google. (Duckduckgo or the Privacytools SearX are my two favorites.)

  2. Use a document editor to do all written school work. I would recommend using LibreOffice locally on your machine, if you can, and then uploading PDFs to Google Drive and Classroom.

    • Why? If there is any behavior tracking related to how you type it won’t be tracked offline on LibreOffice. Also Google Docs are optimized for Google to scan while PDFs are less so. (Google promises they don’t scan School users Documents for advertising but it’s still creepy that it happens [or can happen] at all.)
  3. Try using a email client to access school emails via Gmail. Or old HTML Gmail “for slow connections” to load potentially less JavaScript which could be used for tracking. Using Thunderbird as an email client would allow you to use your Gmail with potentially less tracking. Everything you do is still on that school Google account but you can rest assured knowing that Google doesn’t know that you kept re-reading that email from your class crush :blush:

    • Why? JavaScript can be the wild west of tracking. It’s powerful stuff. Using IMAP or POP on an email client would let you read your emails locally on your computer which would help preserve an extra bit of privacy. I would recommend Thunderbird with IMAP as IMAP lets you connect to Gmail from the client while keeping your emails still on Google’s servers while POP downloads the emails from Gmail and can delete them from their servers while keeping them locally on your computer. Be careful with this one! You have to make sure to keep copies of your own emails and if you lose them you lose them – plus no syncing!
  4. School admins can read your G Drive data so be careful what you upload! If you do upload something that isn’t school related I recommend encrypting it with VeraCrypt or another application. Also using school drive for non-school purposes is against their TOS so keep that in mind. They used to boast “unlimited storage” for schools but recently changed the wording on school accounts storage page’s to “Storage is managed by your admin.” So the days of storing all our encrypted containers full of “school work” may be coming to an end.

  5. Back to the school admins really quickly: if someone reading this has concerns and trust issues with their local school administration and IT department for any reason – but lets say bad interactions in the past – they may want to “organize” their Google Drive in such a manner that it is a pain for anyone snooping to get a good picture of what’s going on. What could be deployed is that age old tatic: a folder in a folder in yet another folder. Complex folder nesting doesn’t make it impossible for someone to read what you have there but it sure does make them think twice about spending their time trying to figure it out – much like a foreigner invading another parties land, they don’t have the “lay of the land” that the locals do.

    • Why? Folder nesting is great for school work that you need to turn in, since that work cannot be encrypted but who said that it can’t be organized in such a fashion that only you know natively? Google can still scan it however.

      Example of G Drive folder nesting
  6. Use a VM (Virtual Machine) to do all your school work?

    • Why? A VM could help compartmentalize your school life from your home life. Having a VM dedicated to school can help make sure you don’t cross contaminate identities or data. Also it’s incredibly useful when schools make you install various proprietary software that you don’t want touching your main computer. Downloading said software on a VM lets you rest knowing that only the school work on that VM could be spied on and not all of your personal files and thoughts. Downside: Need a beefy PC most times. Good CPU and lots of RAM.
  7. Mask your IP from Google via Tor or a VPN?

    • Why? They may know the school you go to but why should they know where you live? Knowing your home IP may let them correlate your families traffic with your school account and vise versa. If you don’t care about this then no worries.
    • Warning about using Tor: The first few times you log into a Google account they ask for lots of confirmation for security so you may have to type in a confirmation number via phone if you have a phone connected to your account. For me I have a few Google accounts that have no phone numbers attached and I log in exclusively over Tor and they are surprisingly Tor friendly (vs Microsoft who locks you out of your account and demands a phone number to unlock if you try logging in over Tor.) Just lots of captcha’s (not the bad ones) and you have to temp-trust Google on No Script to have the captcha’s appear.

Sorry I wrote so much! Don’t feel like you have to do any of these things. Not doing something here doesn’t make you any less of a privacy person as someone who does do these things. It’s all about how much convince you are willing to give up for privacy. Just doing the Google settings change is a massive leap towards better privacy and it shows that more people care. As the Tor Project says: “Anonymity loves company!” so I am most happy to have you here and if you have any questions about anything, whether or not listed here, the Privacy Tools community and I are always happy to help!