Recommended Setup

Mobile Phone

Hardware: Google Pixel 4a running GrapheneOS.

App Stores: F-Droid, Aurora Store and APK files directly from the developers if needed. GrapheneOS is fully de-Googled, and obviously no Apple at all, therefore there are no accounts needed.

Cloud Service: Self hosted Nextcloud server, either on a Virtual Private Server (VPS) or on a dedicated home server.

Browsers: Firefox and Tor

Messaging Apps: Signal, Threema, Element, Conversations.

You Tube viewer and download tool: NewPipe

Email: Tutanota, Ctemplar, ProtonMail.

Email masking/burners: SimpleLogin

VPN: MullvadVPN, ProtonVPN, OpenVPN.

Media Player: VLC

Password Manager: KeepassXC

PGP Tool: OpenKeyChain

Mapping: OSMAnd

Notes: StandardNotes

Podcasts: AntennaPod, Sphinx.

Social Media Viewer: AndStatus.

Useful tools: HashEasily, UnitConverter, VoiceRecorder.

VoiP Phone: Linphone.

Contacts and Calendar Sync with Nextcloud: DAVx

Two Factor Authentication: andOTP.

QR code scanning: SecScan.

Language learning: Duolingo.

Fitness/Sports/Location tracker: OpenTracks, PhoneTracker(NextCloud)

Removing metadata from photos and files : Scrambledxif

Desktop

Hardware

Purism Mini: A manufacturer that focusses on making hardware that is protected all the way through the build process. It also purports to have the Intel Management Engine largely disabled.

Software

Runs PureOS, a hardened security and privacy focussed distribution of Linux. BIOS is PureBoot. I use a hardware token to allow boot and for GPG. Signal Desktop, VirtualBox, VeraCrypt, StandardNotes, Tor Browser, OnlyKey App, MullVad VPN, JOSM, Handbrake, KDENLive, Onion Share, Balena Etcher, KeepassXC, Element, VLC, Keybase.

 

Laptop

Hardware

NitroPAd from Nitrokey. A brilliant German company that has relations with Purism above. Products are related to a degree, if one does not have stock the other might and/or work depending on where you are in the world.

Software

The same as for my desktop

 

Home Network

Hardware

Protectli 6 port router.

Wifi is an ORBI mesh system from Netgear fun in Access Point mode, ie no router functionality. Firmware is an issue here.

Software

pfSense. I run several subnets to compartmentalise my servers for Nextcloud, Media Server, TV, Wifi, Guest Network etc.

After 5 years of working hard to improve my online privacy I have found a set of tools that currently work for me. For this I have to thank Michael Bazzell, Matt Odell, Diverter, KeTan, Jameson Lopp, Seth Simmonds and many others.

In so doing I have become more independent online and no longer rely on Apple, Google or Microsoft for  maps/music/operating/system/hardware. I now chose from the many different open source software and hardware providers from different parts of the world. This means I do not rely on big tech, but I have the option to use them when it suits me. I am not forced to stay on Apple an accept their updates for example, I now have choice, optionality.

For the phone, using a Google device sounds crazy, but read on, as with many hard subjects there is significant nuance. Google is terrible for privacy but great for security. These are linked issues but there are big differences. So what I do is run the Graphene Operating System on my phone. The phone is bought with cash from a shop, I then remove the current operating system which is full of bloat, trackers and hidden code. I then install GrapheneOS, a hardened version of Android which has all the Google software taken out of it. The default settings are privacy orientated and prevent the normal state of affairs which is where Google and Apple will try get as much usage and location data as possible from you. They store this data against your account, which is invariably linked to your real name, home address and phone number.

For Apps I use the F-Droid app store which has apps that are free and open source. I can also load apps from the Google Play Store via Aurora, which cleverly makes an anonymous download of the free apps. This covers all my mobile phone needs in terms of apps. I can also side load APK files of any app I want, there are no restrictions. This is what being digitally free is about. I choose the software I want, not Apple or Google. As a side not, Apple and Google have provided many great services and resources, they have upped the bar in many ways, however, their approach to data harvesting is fairly scary.

I do not need an account to get anything. Therefore I do not need to enter any personal information like my home address or telephone number to set this account up in the first place. This saves time and my information being shared out. Another advantage is that the operating system does not constantly call Apple or Google to tell them what apps I am running or what music I am listening too or where I am in the world. It is refreshing, and fun.

On my desktops and laptops I run only Linux now and have removed Apple hardware from my life. Until 2009 I was Microsoft and constantly battled slow computers, untold numbers of viruses and generally a terrible experience. Apple was brilliant in comparison, hardware was beautiful and the software just worked. It was a great change and lasted ten years in total. All the Apple hardware I owned worked well and never broke. However, Apple still requires an account to effectively use your computer, your purchase is usually tied to your bank card since most people don't pay in cash. So Apple can know who you are at all times which is linked to the serial number of your hardware and therefore what you are doing with your computer. So although their products are wonderful, I choose not to allow them to harvest my data. The other benefit here is a I no longer pay Apple prices. My Google Pixel 4a phone was around 400 dollars. My last iPhone was 1200 dollars. Easy win.