2. Removed google analytics from my personal website/blog.

3. Uninstall Chrome on desktops and disable it on Android phone/tablet.

4. Use Firefox with Multi Account Containers add-on so that I am by default signed-out of google unless I need to do specific things, which are sandboxed in specific tabs.

5. Paid for Kagi search and set it as the default search provider on my desktops and devices.

6. Migrated a few legacy accounts from Google oauth sign-in to email/password.

Still to do:

a. Migrate my calendars from Google to Fastmail. For various reasons I need to be able to share calendars on Google and I haven't had time to sort this out.

b. Migrate off Google Photos. I take a lot of pics with my phone and google photos is just so convenient. I try to only keep six months of pictures on google and archive the rest to a machine that I own.

c. Google Movies/TV. I have a fair amount of bought content, mainly because its convenient to stream on a tablet. Not sure what the solution is there.

d. I still find google maps useful for a few things - particularly as a way to discover opening hours for businesses. My car has a built-in, non-android, GPS so I don't use google maps for driving.

e. I still have an android phone and tablet, and I'm sure they're still phoning home about me.

Not knowing why it's so convenient for you, have your tried syncthing for your images? You could write a cronjob on your machine that automatically removes old files from the synced folder as well.

> c. Google Movies/TV. I have a fair amount of bought content, mainly because its convenient to stream on a tablet. Not sure what the solution is there.

Just wait until your licensed content becomes inaccessible because google stops paying the copyright mobsters. You can then repurchase all that stuff without feeling bad about it.

> e. I still have an android phone and tablet, and I'm sure they're still phoning home about me.

We still haven't reached the day of fuchsia, so there's other distributions that will separate google from your life:

https://lineageos.org

https://calyxos.org

https://grapheneos.org

Rightly or not, I'm always a little cautious about synchronisation - I worry about stuff getting overwritten, and this has bitten me in the past. But I've not used syncthing so I'll take a look at that.

Movies: I remember when Microsoft dropped PlaysForSure, and i think that over a long enough timescale "my" google content will go the same way. No easy solutions there, unless i go back to physical media. Ideally there would be a backup solution like Kalibre for Kindle ebooks

That is a great idea.

Here is the excruciating process I had to follow in more detail, in case it may help anyone else: https://jmmv.dev/2022/03/abandoning-gafyd.html

[0] https://kagi.com/

Subsribtion business model annoys me quite a lot. I want be charged for actuall use.

I can't overstate how frustrating Google's search quality has gone down, and DDG just wasn't cutting it.

> Our searching includes anonymized requests to traditional search indexes like Google and Bing as well as vertical sources like Wikipedia and DeepL or other APIs.

It's a fucking google proxy with some nice css

However they do it, I get different search results from Kagi than I do from say DuckDuckGo and I have no reason to believe my privacy is compromised.

Worst case you'd raise a ticket (how good is actual support!) and they would be able to change the ___domain contact information for you because you can already authenticate with the user account that owns the ___domain.

If this wasn't possible all those domains that have self referencing contact information (eg. [email protected]) could never be verified.

I just changed the email in the owner field in namecheap. I did not receive a confirmation email. (At the old one, I did to the new one)

> Ultimately, in case of ___domain theft/dispute or similar, the ___domain's owner record has highest authority.

I would highly suspect in a court of law that is not true. You see, you have a contract with the registar for the ___domain. You can put whatever information you want there it doesn't change your contract with the registar. That is why your registar account is important.

> "I would highly suspect in a court of law that is not true."

OK, but why, and in what court and in what legal system?

> "You see, you have a contract with the registar for the ___domain."

It's not the registrar that sells the ___domain. They are brokers between registrant and the entity owning the TLD, and registrars also have domestic laws to abide to.

> "You can put whatever information you want there ..."

No you can't, not in European nations part of the EU. While not legally enforced, registrars based here are required to request and urge customers to put accurate and truthful information there. Some of them (e.g. OVH) even require personal identification documents in order to register a ___domain. In my case, with my .se ___domain, I cannot change anything in the contact records without providing verifiable identification data - part of which goes into my contact records.

I mean, I literally went and changed the email on a ___domain to check if what you said was true. And validated that your claim was false.

Secondly, contracts are a thing. I am not sure why you think that you would have a contract with the registar is something that is guess work or made up. I'm also confused as to why contract law 101 isn't a thing you know.

> OK, but why, and in what court and in what legal system?

Why? Because contracts are a thing. And pretty much all of them. You know the first thing a judge will ask if it's being question who owns a ___domain? Who paid for it. The second thing will ask is what registar account it belongs to. The email address on the ___domain record would get ignored for the more important aspects that obtain to the fundamentals of law. It's like if you pay for a book but someone else writes their name on it. The judge isn't going to say "Oh but he wrote his name on it."

So many people think that judges care about small little details. They don't the case would be happened quickly and swiftly. It would be a minor case and the judge would literally ask basic information to obtain who owns it. Paying for it and having it in your ___domain regsitar account would statsify them that it belongs to you. If you honestly think a judge would listen to a claim of "But your honor my client came into possession of this email address and that email address is listed as a contact email for a ___domain so it belongs to my client" I don't really know what to tell you. It's not how the world works.

> It's not the registrar that sells the ___domain. They are brokers between registrant and the entity owning the TLD, and registrars also have domestic laws to abide to.

So here is how contracts work. You have a contract with the registar and they have a contract with the registery. There are obivously some clauses in there. But there will not be a clause that allows them to transfer that ___domain to another user/registar without your approval and that often comes from you going to their site and requesting the transfer code. And I don't remember when I did a transfer I had to confirm the email on the record.

> No you can't, not in European nations part of the EU. While not legally enforced, registrars based here are required to request and urge customers to put accurate and truthful information there.

That legally enforced part is a major thing. And request and urging is different from requiring. In fact, go do some whois and I'll be you find you can't find the information for any of domains you whois since they have whois privacy.

Quite simply, the idea that forgetting to update an email in a ___domain record means someone else owns your ___domain is ignorant of the law and how thing things work.

> "I mean, I literally went and changed the email on a ___domain to check if what you said was true. And validated that your claim was false."

You changed it on your ___domain, on your registrar. This doesn't the slightest invalidate the requirements and procedures that I am faced with when doing the same with my ___domain/TLD, on my registrar, abiding to domestic laws in my country.

> "Quite simply, the idea that forgetting to update an email in a ___domain record means someone else owns your ___domain is ignorant of the law and how thing things work."

It means what I said: the contact in the record is the legal owner of the ___domain, and also has rights to confirm a ___domain transfer, to alter the other contact records, and to change the NS records of the ___domain, no matter if that contact/e-mail is still me or someone else.

In the case of my TLD (.se) that contact is also the only one who's legally allowed to obtain an unredacted WHOIS from the registry. This information is not public for .se.

> abiding to domestic laws in my country.

Just to confirm, you country is Sweden, right? The Court of Justice of the European Union ruled that a ___domain name is property. All member states of the EU must implement and have laws that follow EU laws. This means that the Court Of Justice of the European Union's decision must be upheld in all EU countries of they face penalties. This is echod by the Swedish Supreme court's deicision that domains are property that can be seized in The Pirate Bay case. Sweden like every other country has written laws and case law on the ownership of property. This stuff was solved and settled so many years ago it's hard to even guess when.

So let's put a line under this. In the country of Sweden your ___domain name is property of you, by law. Ownership of property doesn't change hands because you registered an gmail address. Just like ownership of property doesn't change hands because you move into an address that someone was previously there. I'm sure Sweden has laws about mail. Just because it arrived at your address does not make it yours.

Using google accounts with a non gmail non gsuite email suuucks

Analytics - GoatCounter, Counter.dev

Keyboard - Unexpected Keyboard (A very cool keyboard)

Search - Neeva

Translate - Lingva

Some notes on the post:

- Protonmail as a company doesn’t have a very stellar reputation. I recommend hosting an e-mail server by yourself, or just use providers like Disroot Mail

- K9 Mail is an email client, not an email provider

As someone who did this from about 2001 until three years ago, I strongly suggest most people don't bother with this route.

GMail, Outlook, etc, all throw so many arbitrary and ever-changing security conditions to accept mail, it really isn't worth the hassle - or the lost clients from mails that don't reach their walled-garden end-points.

I've used Fastmail for a few years now, and I'm 99% sure that when I respond to an email sent from GMail, they'll actually receive it (So, I'm not talking about cold-emails, which I could just about begin to understand).

Rolling your own is fine until you're explaining to your spouse why the realtor never received the email they're waiting for to adjust the closing documents.

I still host my personal email address, but I lost a few jobs sent to my work address by inadvertently being 'rude' in not responding to cold emails from GMail addresses I had in fact responded to. THAT was the situation that really irked. Such a stupid logic, or lack thereof.

• Google Chrome

— Firefox - Safari - Vivaldi

• Google Chrome Passwords

— BitWarden - 1Password - KeePass - Enpass

• Google Authenticator

— Authy - 1Password - AndOTP - Aegis - Enpass

• Google Translate

— Deepl - WordReference - Lingva - bab.la

• Google Maps

— Dark Sky - Weather Underground - OsmAnd - Guru Maps

• WeTransfer

— Internxt Send - filetransfer.kpn.com

[1] https://github.com/dani-garcia/vaultwarden/

For Android, to be specific. I'd love for an alternative to SwiftKey after Microsoft acquired them.

I use Fastmail for email and calendar, DuckDuckGo & StartPage for searching, Firefox as a web browser, and a Synology NAS for storage over Google Drive.

I use Google Drive / Docs / Sheets occasionally for collaborating. Most people aren't de-Googled so it's more of a hassle to ask them to use a different service. Additionally, I don't use Google services for anything particularly important so I don't mind if Google knows about it.

Fastmail isn't the most private service out there, but it is an amazing service to use for email, calendar, contacts, file storage, and notes. It works with 1Password with masked emails [0].

You can also use sieve [1] to fine tune your filter rules. I'm not aware of other email services that provide this (unless of course you are hosting your own).

I've played with it a bit. You don't really need to do it because the interface they have can generate sieve code for you, but it's nice that it is an option.

[0]: https://www.fastmail.com/1password/ [1]: http://sieve.info/

Quant for search makes sense in Europe.

Trying hard but I still find stuff where my auth is gmail. Some sites won't let you change email. The ones of those that I can, I have left for other services.

What is most frustrating is that I have a Google phone so they snoop even bank auth.

I could not live without WhatsApp in Spain and, weirdly, that requirement forces me to have a gPhone or iPhone.

They might, like DDG, promise not to track me and to respect my privacy, but as an ordinary user I have absolutely no way of verifying their claims.

I don't trust Vimeo any more than YouTube. I don't trust Authy any more than Google Authenticator. FastMail is great, but I don't want it to have my email any more than Gmail. I don't trust Firefox any more than Chromium.

Unfortunately the internet and computers in general were never designed to respect privacy and most corporations are happy to collect data on their users... and I'm pretty pessimistic on this changing much for the typical user... If anything it's only going to get worse as tracking technology becomes ever more sophisticated and omnipresent.

That's not to say we shouldn't deGoogle. But we should be under no illusion that that alone will somehow magically make our online lives private.

  - SearX instead of DDG
  - PeerTube instead of Vimeo or YouTube
  - There are a TON of FOSS TOTP authentication apps that you can build the .apk yourself if you'd like. You don't need Authy or GA
  - You can self-host email with something like iredmail, or get a pre-made personal server like Helm
  - Browser situation is tough, but there are FF workarounds like arkenfox/user.js

I don't that's necessary true. Google (and maybe Facebook) are unique in the size of personal data they hold and they types of data they have access to. If you move email or docs or search to something else, at least that's one less data source for them about you. (Assuming they are not selling it to data brokers Google has access to.)

In that case, stop using the Internet, your smartphone (and smart devices), credit/debit cards, streaming services, etc.

So take /etc/hosts or little snitch or whatever and hard block .google., googletagmanager etc. - all sorts of domains that you come across from google.

Then, when you run into something that doesn't work, figure it out at that moment.

• Youtube

Too much content there to stop using. I almost never use it while logged in. I never subscribe: I bookmark the channel.

• Maps

Too useful to stop using. Haven't tried alternatives, but open to recommendations. Business locations and open/close times are must haves for me.

• Duo

It's a videophone that mostly works.

• Chrome

I never stopped using Firefox as my main browser since ~2005, but I'll use Chrome from time to time, mostly for website development and watching Youtube.

• GMail

I've almost completely moved off it about a year ago for Fastmail, but I keep checking my existing GMail. Probably should get around to moving over completely.

• Android

I'm a recent LineageOS convert, but still use it with the Play Store.

Youtube channel subs etc can be handled with some privacy adds by using NewPipe on Android. Features are never ending.

People interested by LineageOS may also be interested in GrapheneOS, and their Play Store related handling.

Tangentially related: Aurora Store in place of "actual" Google Play app/Google Play Services.

Signal or meet.jit.si for video calling.

Chromium. Pain in the ass, but worth it. Change ALL relevant settings, Chrome or Chromium. Find a couple guides.

GrapheneOS looks cool, but it only supports Pixel phones? (I have a Moto X4)

I'll look into the Aurora Store.

Duo's call interface is practically identical to POTS calls on smartphones, so I use it to call my mom.

Signal can do video? Didn't know that.

I set up a private Jitsi meet server two years ago, but it insisted on directing mobile browsers to the app. I was able to configure it to not do that, but friends complained about high battery usage. Has that changed since? Regardless, I'm not sure how I could call someone on it, aside from sending them a link and hoping they open it. It's more of a videoconferencing system.

I've used Chromium on a few Linux installs, forgot it supported Windows, too.

Source: https://en.wikipedia.org/wiki/NewPipe

Since I started using a smartphone/Android, I've been on CyanogenMod/LineageOS without Play services installed. I use FOSS apps from f-droid (Firefox, K-9 Mail, osmand~, DAVx5, Gadgetbridge, Signal) exclusively, and self-host the server-side of all my email (postfix/dovecot/amavis/opendkim) and CalDAV/CardDAV (radicale) stuff. I even set up my own public-ish DNS recursor that all networks I take care of use.

Never regretted any of it, but I'm aware few will find it enjoyable taking care of some of this infrastructure. I am lucky that I do :)

• Google Images

— Unsplash - Pexels - Simple Gallery Pro

First two are stock photo sites, last one is an Android app for browsing local pictures. Google Images is a search engine for images, which is covered by the "Google Search" section anyways. Perhaps you confused Google Images with Google Photos (which is missing from the list), but even then the alternatives don't make sense.

- YouTube has content that I enjoy and isn't available elsewhere. I know that it stores my history but I find its recommendations and multi-device support good enough that I consider it worth it. (Also, FWIW, you can disable the history using [0], it also has an autodelete, though I don't use it)

- I drive and in my region, nothing is good enough for driving directions aside from Google Maps. I've tried all the other major apps on iOS like TomTom, Sygic etc. but they just don't work well enough.

- Again, while driving, I use Android Auto on a device dedicated to that purpose. It's also the only situation where I use Google's voice recognition. I do so because I speak English in my daily life (e.g. song titles) but my region is German-speaking (e.g. places/street names/business names/addresses) and I need to be able to use both while driving. Only Google Assistant/Android Auto can be configured to recognise two languages.

[0]: https://myactivity.google.com/activitycontrols?settings=yout...

+ Google search. I tried setting my default engine to bing/ddg for a year and brave for a few months.

Everytime I found myself directly going to Google using the g! shortcut on brave and ddg

So I’m using other search engines now when Google Doesn’t give me what I want

That's it. The rest is easily superfluous for most personal uses and I suspect that claiming otherwise is pure self absorbed convenience-hunting.

All of this can easily be disabled on the setting page for your Google account? And, ___location history is off by default.

https://www.cbsnews.com/news/google-___location-tracking-lawsui...

> Google has systematically deceived consumers about how their locations are tracked and used and has misled consumers to believe that they can control what information Google collects about them

Any solutions to make the transition easier outside of manually updating email everywhere?

Also, what’s the best alternative to Gmail currently that will support using my own ___domain name?

Visit each site in your password manager and knock over a couple a day.

You'll never get anything that fully automates this because every site does the change differently. Even LastPass's automated password changer could only ever do a handful of sites fully automatically.

I've seen everything from full self service, to manual approval, to begging their privacy/legal department, to sites claiming allowing me to change my email address would represent an unacceptable security risk. I ask those sites that make up reasons like that to delete my personal information and move to someone who understands why email addresses are bad primary keys.

If you use your own ___domain, you'll never have to do this ever again, no matter how many times you change your email provider.

You need to start today, if you wait it's only a matter of time before Google does it for you by locking you out of your account for reasons they won't explain. Browse the GMail subreddit and observe the sea of hundreds of people locked out each week.

As for alternatives, I have iCloud+ with my Apple One subscription I already pay for. That lets you setup five custom domains, with up to three emails each[1].

I think even if you don't switch yet, it's a good idea to change your ___domain name while you still can because most services ask for confirmation on the old email and we've all heard the horror stories with Gmail locking you out of nowhere

[1] https://support.apple.com/en-us/HT212514

[0] https://en.wikipedia.org/wiki/Canary_trap

If you're concerned about privacy I would evaluate fastmail.com

Email - Aquamail

Calendar - Business calendar pro 1.*

IM - Whatsapp (network effect sadly, otherwise I would go with Element, used for years Signal but was sick of horrible UX)

Maps - Mapy.cz

SMS - Pulse

app store - Aurora store, I know I know it's cheating...

2FA - AndOTP

Gallery - Simple gallery pro

Btw Duckduckgo is horrible shady search engine, you are better off even with Google or Bing, though Kagi, Searx and Brave Search are better.

Tons of non-Google Android users use Gboard, with varying levels of protection in place.

Personally, I use OsmAnd with custom map files for better address coverage: https://github.com/pnoll1/osmand_map_creation.

Fairphone 3+ with /e/OS

Firefox + uBlock + uMatrix + NoScript

Duckduckgo

Tutanota (mail, calendar) and ecloud (mail, calendar, notes, tasks)

Quad9 DNS

SyncThing

OpenStreetMap

Magic Earth

DeepL

To me, feels like road to hell being paved with good intentions.

Signal

Tusky (Mastodon client)

Codeberg.org

There is Google services that you and me don't know that we are using.

What can be done is stop outgoing traffic to Google AS. You can physically cut off internet connection for google devices. Or set rules on firewall.

IMHO any data I generate is basically useless chaff. I still have yet to be convinced that there's a downside to this parasitic relationship. How exactly is my life, in a practical way, negatively impacted by this data going walkabout? Does it take years or months off my expected lifespan? Does it give me cavities? Does it turn my family and loved ones against me? Does it slow my typing speed?

Point me to a good non-philosophical non-ideological non-emotional argument and I'll spend my time and money on transitioning to non-google sources for my problem-solutions.

Imagination is not the question. I want facts. I can imagine all sorts of stupid. The majority of targeted ads I get are for things I just bought. This is not scary.

https://nakedsecurity.sophos.com/2020/03/10/google-data-puts...

https://www.bbc.com/news/world-us-canada-45632941

Food poisoning kills dozens every year.

https://en.wikipedia.org/wiki/List_of_foodborne_illness_outb...

Some estimate that nearly 10% of people in Jail in the states are innocent:

https://en.wikipedia.org/wiki/Innocence_Project

Your example is a base rate fallacy. https://en.wikipedia.org/wiki/Base_rate_fallacy

aka Extension Neglect : https://en.wikipedia.org/wiki/Extension_neglect

"One swallow does not a summer make"

Out of partly luck and partly a lawyer. He could easily have ended up in jail.

I should move away from Gmail too but that's the hardest part imo. I mostly have trust issues if that make sense. Not that I trust Google that much but I just don't know if any other email service will be around in 20 years or so. Probably Microsoft and Apple? iCloud Mail sounds good just don't have any experience with it (and it only works with custom domains afaik)

  [home_ungoogled_chromium_Arch]
  SigLevel = Required TrustAll
  Server = https://download.opensuse.org/repositories/home:/ungoogled_chromium/Arch/$arch

The main thing standing in my way is the family ___domain hosted by Google. There are few enough of us, not using it for anything but family stuff, that Google is letting us keep it for free. Though I have an account at that ___domain (since I'm the administrator), I don't use the ___domain anymore.

Other than that, except for an occasional foray into YouTube and a !g search when DDG isn't satisfactory, I pretty much ignore Google. I'm still more entangled than I want to be, but better than I was.

most of these services are inferior to the google service imo. and many of these alternatives may leak or sell your data too.

if you're paranoid then DTA. it's far better to hide in the crowd then to use some browser developed by 4 people with anime emojis on github.

also, I trust google won't get hacked far more than the others.

better solution would be to obfuscate your data as much as possible.

Also, Google Sheets & Docs are really really good too. I can live without Gmail.

[1] https://tinylist.app

Ehhhh, not so sure about this.

• Your individual data is worth a lot of money in aggregate with the data of thousands/millions of other users, but it is difficult (impossible?) to exchange your individual data for money

• If you're talking philosophical/non-monetary "worth" then this varies from person to person. I value my data almost not at all.

However there are few tools that has no competition yet. Unfortunately. YouTube and Gboard with swipe (for non English lang).

I still have a gmail account, which is kinda needed for YouTube Premium, which is a service I do enjoy.

Also switched to ProtonMail for anything shopping or bill-related, and paid for a ProtonVPN sub

Got my own ___domain, starting to change over accounts to new email. My webservers are at home, my NAS is being built.

I'm getting GrapheneOS because I love my PinePhones but can't quite use one exclusively yet.

There are unofficial versions.

As it happens, I'm being gifted a Pixel 4, so full steam ahead.

Check their site/wiki for info, if this interests you.

What is the alternative? Running some chinese hardware and chips? I guess iPhones would work but you have no real softwarecontrol over those. And what do you worry about regarding the hardware if I may ask? That there is some way the hardware bypases the software running on the device and send out information?

Yes, the firmware.

The day I could replace that too, I'll try my best not to touch a Google product ever again.

Startpage uses Google results.

Search results are great + additional features for developers

Why would I appreciate seeing more generic ads?

I don't really have an argument against this happening, capitalism will force it if it's an option. It's worth noting the internet the millenials and gen x'ers built, the internet we grew up on, could be gone forever and we are seeing it start to go now. The free web might become an altogether unpleasant place.

Google's data centres aren't the Borg hive-mind. They are the future glaciers that will be mined for knowledge and ideas much later on.

* anyone from https://searx.space/ or * https://metager.org/

I really wish PeerTube was more of a thing.

You saw the same effect with Gab. These spaces become polarized very fast based on who is already there and what the admins believe is adequate moderation.

Odysee seems more right leaning. I don't see queer content creators on there, for instance, despite YouTube heavily demonetizing and recommendation-banning them too.

This is why I really want federated spaces, because they can serve different margins of society without becoming isolated islands.

Folding Ideas made this point (about VidMe) half a decade ago: https://www.youtube.com/watch?v=r3snVCRo_bI

I have a problem with federated platforms where you just get scalled down youtubes where every local sheriff gets to terrorize the people under his ___domain with his whims and if youtube's are driven by ad sales these are perhaps even worse because they're just ego driven.

Federative approach is terrible, it combines the downsides of decentralized and centralized solutions, it's far from neturality or increasing inclusion or escaping censorship.

Thank you for reading my blog.

Google Drive -> Mega.nz

My own goals/use cases:

- I'm unhappy with the current economics of the online world, that are based on advertising. I accept that developing products requires money, and getting money requires a business model, so if I don't like the incentives ad-based business creates, I should actively support alternative models

- I'm unhappy with the intrusiveness of tracking. I think consent is important -- not as a legal concept, but as a regular human being understands it. When I interact with a person or organization, I can meaningfully give consent for their actions. I can't meaningfully give consent to what some third party who isn't part of that interaction does, regardless of the legal fine print that says.

- I'm happy that the internet has become mainstream and people who aren't "tech people" use it.

- I'm not concerned with targeted attacks, but am concerned with opportunistic attacks against my online accounts and identities.

- Yes, "identities" -- I believe people should be able to have multiple identities online.

With those criteria, my current set up:

- password manager -- no reusued passwords. Whole family uses this.

- Fastmail. Because I use email so much, it's clearly a valuable service for me. So it' worth paying for -- I'm many years out from being a broke college student.

- A ___domain I purchased just for emails, and make use of subdomain addressing. I tend to use a different subdomain email per service. Goes to the goal of multiple identities, reducing tracking and reducing opportunistic attacks

- I've kept my gmail address and forward it to my fastmail, because I don't want to make my personal contacts use a different email address than they have for years. Maybe I'll change that some day, but I'm ok with _reducing_ rather than _eliminating_ google in my life

- FireFox. Also Mozilla VPN, to give Mozilla some money, though in practice I don't really have a frequent use for VPN.

- Duck Duck Go

- Ublock Origin

- Subscriptions to a handful of news outlets I read frequently. Print subscription for one of them!

- Separate computer for work vs personal

Biggest gap I'm still uncomfortable with: Shopping on Amazon.

Pixel 4a with Graphene OS, only GCam Services Provider (https://github.com/lukaspieper/Gcam-Services-Provider) to be able to use Google Camera. Implementation is super simple and it shouldn't take long to see that it actually does nothing.

Browser:

Firefox - followed https://blackgnu.net/firefox-hardening-guide.html; Fennec on Android

Search - https://searx.space/ (plan on self hosting one)

Youtube - https://docs.invidious.io/instances/ (plan on self hosting one)

Passwords:

Bitwarden - backups done regularly to encrypted external storage and encrypted rclone mount

Email:

Tutanota/Protonmail + custom ___domain

2FA:

Aegis

Messaging:

Signal - easiest way to setup for non-technical friends and family. Used to use a few different apps, but only use this right now. I also use https://meet.jit.si/ occasionally for calls on the laptop/desktop.

VPN:

Mullvad - currently working on setting up my own.

Maps:

Organic Maps on Android/Open Street Maps on desktop/laptop.

Sync:

Syncthing - syncing desktop, laptop, a few phones to my home server on LAN only.

Notes:

Markdown files kept on devices, synced through syncthing.

Media:

Emby - had issues with Jellyfin, but might revisit in a few months as I have some plans there. Airsonic - music

Adblocker:

Mullvad + ublockorigin

Calendar:

Tutanota

Analytics for website:

C# console app that parses caddy logs and clears logs after parsing.

Cloud:

Create encrypted mount with rclone and dump backups there when needed.

It was a slow process to get here and I am lucky to have friends who followed me on this journey to be honest. The first step came while working for my final project at university and building something around my heavy dislike for Facebook. Once I had to research the subject more in depth I started to realize how wrong I was all these years entrusting troves of data to the highest bidder... I had a friend who had asked me about these things and I am sorry for not listening to him sooner, but I felt that he never went past "bro, you shouldn't trust google!". Which is I think what most of us do.

I am trying to have conversations about this with everyone and try to adjust my language to their level. It's good because it highlights how little I know and it works both ways as I have to learn myself a bit more about any given topic. It's quite nice. It's even better to have people who have followed me on this path, moving to devices with no google services at all on them, moving away operating systems and so on.

If you think you're stuck, try to get rid of an app or two and see how it goes. Most of them add little to NO value to your life and your tech stack so trust yourself and delete them. It took me about a year to fully get rid of any google related stuff (and I include micro G here to allow me to run stuff like WhatsApp/YT/Gmail/Maps). And I knew it's bad, so I imagine it's a lot harder if you don't think there are risks.

Some things are more difficult, but my phone is now a tool that quietly sits on a desk somewhere in the house and I use it to do something specific. It's also reassuring to know it's not constantly feeding off me to send info to whoever is interested in my particular demographic.

As an afterword, please, all of you who suggest open source alternatives, also keep in mind that most of these projects have very little financial support. A few dollars, euros, pounds might not mean much to you, but it could make the world of difference for all these people working to keep our data safe and our devices useful. Stop recommending people stuff and starting with "it's free" and phrase it with "it's private and secure...". Start introducing the cost early on. Without our support these alternatives can and will vanish or will morph to attempt to keep themselves alive.

No. Stop using smartphones. GNU/Linux and FOSS only.