Hi! 2 and 4 months ago @Hellfire103 and @Charger8232 made a post about their privacy setup. So I though I would also share mine.

Remember these rules:

• Be respectful! Some people are early on in their privacy journey, or have a lax threat model. Just because it doesn’t align with yours, or uses some anti-privacy software, doesn’t mean you can downvote them! Help them improve by giving suggestions on alternatives.

• Don’t promote proprietary software! Proprietary software, no matter how good it may seem, is against the community rules, and generally frowned upon. If you aren’t sure, you can always ask! This is a place to learn. Don’t downvote people just because they don’t know!

-** Don’t focus solely on me!** I want to mention that this thread is not designed to pick apart only my setup. The point is to contribute your own and help others. That doesn’t mean you can’t still give suggestions for mine, but don’t prioritize mine over another.

• Be polite! This falls under “Be respectful”, but be kind to everyone! Say please, thank you, and sorry. Lemmy is really good about this, but there will always be someone.

Here is my setup:

Web browsing

• I use Librewolf for almost everything.
• For 3D stuff (games, 3d modelling) I use Brave.
• On mobile I use Vanadium.
• My preferred search engine is Kagi.
• Most if the time I have MullvadVPN enabled.

Desktop and laptop

• I have self-build Ryzen + Radeon PC and Ideapad with Ryzen CPU.
• I use Arch Linux BTW!
• I have disk encryption and Nitrokey as a decryption key (or a long password of course).
• I have secure boot with locked BIOS.
• I'm running self-compiled linux-hardened kernel.
• I'm using Gnome (Wayland).
• I have only open-source apps installed.

Mobile

• I have Google Pixel 7a with GrapheneOS.
• I have different 5 profiles: main, google, school, finance, anonymous.
• I have PIN on every profile and also fingerprint for main and school profiles.
• I always use VPN, either Mullvad or self-hosted Wireguard.
• I don’t use a privacy screen protector (for now).

Messenger

• Signal for my family.
• Viber for my schoolmates.
• MS Teams for school.
• Matrix for help with some open-source projects.
• Discord for voice chat and local scouts group. I have Aliucord on mobile and Armcord on desktop.

Online accounts

• Passwords are safe in self-hosted Bitwarden (Vaultwarden).
• I use 2FA if I can. Either hardware 2FA - Nitrokey, or TOTP with Aegis.
• I use SimpleLogin for email aliases and randomly generated usernames and passwords.

Video streaming

• I watch only Youtube. Newpipe on mobile and Invidious on desktop.

AI

• I do not use AI a lot, but if I do I use locally running LLama3 8B or Duckduckgo's LLama3 70B

Social Media

• I had Instagram, Snapchat and Viber accounts, but I've deleted them.
• I use only Lemmy on clearweb and Dread on darkweb.
• I have Mastodon account, but I don't use it.

Email

• I use ProtonMail.
• One of the best privacy things you can do is use SimpleLogin (or other email alias service).

Shopping/Finance

• IRL I use cash most of the time.
• Online I use Monero if I can, otherwise just my credit card.
• Cashew app for helping managing my purchases.

Music streaming

• I use only RiMusic on my phone, that's it.

TV shows

• I use a VPN, that's all I'm gonna say...

Gaming

• Minecraft, Veloren, SuperTuxKart, and some Steam games.

Programming

• I forgot how to code in Python, because Rust is so much better.
• VS Codium.

Productivity

• LibreOffice for simple stuff.
• Typst for proper documents.

Paid services

• ProtonMail - 4$ per month
• SimpleLogin - 30$ per year
• MullvadVPN - 5$ per month
• Kagi - 10$ per month. For 5$ you get 300 searches, I use ~350 searches so I will try to lower my searches.
• Domain - 13$ per year

Self-hosted

• Everything runs on Raspberry Pi 4 with encrypted micro SD card.
• Pi-Hole for blocking ads on network level.
• Bitwarden (Vaultwarden) for storing all my passwords.
• Wireguard server (with pihole as DNS) for connecting back home from anywhere.
• Ntfy for self-hosted push notifications.
• MollySocket for Signal push notifications.
• FindMyDevice if I lost my phone.
• Cloudflare DDNS, because I don't have static IP.
• Nginx Proxy Manager.
• Watchtower automatically updates docker containers.
• My website.

Misc

• I have Samsung Galaxy Watch 4 classic. I'm trying to do something about it...
• I'm using Syncthing to sync documents and pictures between my devices.
• I don't have a car (because I can't - I'm 17) and I won't have one for quite some time. I have a bicycle and my parents have 2 (smart/spy) cars.
• I'm into crypto (mostly XMR) and I'm trading a little (making a trading bot) on MEXC. I also have Ledger Nano S Plus.
• I have a 3d printer and it's fun and usefull :)

TODO

• self-host Git repos for my projects.
• Buy a privacy screen protector when I break my current one.
• Buy a faraday bag, just in case.
• Do something about my spywatch (maybe sell).
• Make backups... Yep, I don't have any yet.
• Monitor and harden all my devices.
• Memorize cryptowallet's private key in case it gets lost.

Thanks for reading!

I have Galaxy Watch 4 and Pixel with GrapheneOS. Currently I have second profile with galaxy wearable and google play services for connecting to the watch. Before I've installed graphene I was using my watch as any other person, for notifications, sports, etc. Now I use it only for checking what time is it and developing apps. I can see my sports activity only for a week back, because samsung health only works on main profile.

Is there a way for me to use my watch on main profile without google and samsung apps? Maybe with some alternative app? Or should I sold my watch and buy a new one? I've heard good things about garmin and polaris? I would love option to develop my own apps on them.

This is probably not the right community but I haven't found a better one.

So I watched a video from Seytonic where he mentiond that some malware creates a windows link with the name of the usb on a usb. So I checked my usb because I remembered that I had to click 2 times on my usb to opened it. I found a link that contained cmd.exe and a name of a file next to it. Upload to the virustotal showed Raspberry Roblin worm.

I use Linux but my familly uses windows so I will have to go through all familly computers and remove the worm. Where can I find info how to remove this specific worm - Raspberry Roblin? On google I found a description about how the worm works but not specific files it creates and how to remove it.

The first page that shows up is microsoft.com and it says that windows defender detects the worm, but clearly it doesnt.

Edit: The worm was on one computer and it did not have windows defender installed. Seems like malware removed it and also disabled automatic updates. I installed MalwareBytes and sucessfully removed the worm :)

I found a few old phones from my family. II cleaned them, installed LineageOS and rooted most of them. On one I installed postmarketOS, one is still stock Android and one is lets say bricked (after installing lineagesos it stay on boot logo for ever, before that I installed lineageos and nethunter on it). One one disk encryption doesnt work for some reason.

Phones (all samsung galaxy):

• S4
• A5
• A5 (bricked)
• A5 (postmarketOS)
• J3
• J4+ (no encryption)
• A31 (stock)

What can I do with them? Something like Monero node or Tor relay, but I'm already running that on old pc. For something that needs speed I have rpis (like a website). Camera security system? Tracking device?

Is it possible to run (and autorun) cli apps and/or services that can access interent, bluetooth, gps, sensors, camera, files, etc. just like on linux? I'm a programmer and I don't like making normal android apps for a simple project.

Hi, I want to pay with online prepaid visa in person. I could add it to Google Pay, but Google Pay doesn't support NFC payments on GrapheneOS. Do you know any other app that lrts you do that?

I want to make my own website, like a blog where I talk about tech and tutorials and such. Something like https://kerkour.com and https://lukesmith.xyz. Any ideas for simple but modern design?

Hi, I'm building a personal website and I don't want it to be used to train AI. In my robots.txt file I blocked:

• ChatGPT-User
• GPTBot
• Google-Extended
• FacebookBot

What bots should I also add? Are there any other ways to block AI bots?

IMPORTANT: I don't want to block search engine crawlers, only bots that are used to train AI.

Hi, I'm thinking of building a personal website about tech, privacy, open source, etc. Any recommendations about where can I buy domain? .com is taken, but everything else is not. Shuld I take .tech (few dolars more expensive) or something more basic?

I use Pi-Hole and works great. I've heard about AdGuard and seems the same thing as PiHole, but you have to install an app/extension. Everyone in this community recommend NextDNS. Whats the difference between them?

Hi, currently I have a almost none backups and I want to change them. I have a PC with Nextcloud on 500gb ssd that I also use for gaming (1tb system drive). Nextcloud would be used to store/sync images, documents, contacts, and calendar from my phone and laptop. I also have an old pc that has 2x 80gb, 120gb, 320gb, and 500gb hdd. I want to use it for other backups like OS snapshots, programming projects, etc. but its not a big hdd but a lot of small hdds. Should I store each backup on 2 drives? Can I automate this? Any suggestions would be helpful.

I just discovered this amazing app! It lets you remove (or just disable) preinstalled apps like Facebook, Netflix, etc. and system apps like samsung knox apps, diagnostic, bixby, and even One UI (but you must have installed other launcher). You can’t brick your device, worst case it falls into a boot loop and after 5 reboots it will factory reset.

Debloating your device will make it faster, more private and more secure (less atack surface).

Online privacy: Best privacy related thing I've done is use a nickname. If I search my real name on Google, only two results show up (and my Instagram, but I deleted it) from the same site, my place in some school competition. That's it! But if I search my made-up nickname... Github, Gitlab, Reddit, StackOverflow, LocalMonero, fucking SuperTuxKart and A LOT MORE related results - basically my whole internet life. I stared using randomly generated username for each account in case my name is somehow leaked from my nickname account.

A month ago I also bought Pixel 7a and installed GrapheneOS as my daily driver. Separate accounts are AWESOME. I have account for personal use (family, photos, friends, etc.), (not basic) internet use (Lemmy, podcasts, torrenting, youtube/newpipe, etc.), google apps (maps, drive, galaxy wearable, etc.), finances (banking app, Paypal, crypto wallets, etc.), school apps (teams & ms office, Canva, etc.), and anonymous account (Tor, OnionShare, Session, Briar, etc.).

On personal profile I have "always on" VPN to my house, so anywhere I am, apps think I'm home and it's useful for public Wi-Fi-s. On the internet profile I have "always on" MullvadVPN. On anonymous profile I have "always

I use self-hosted Bitwarden. Can this de-anonymous me on the internet profile, because traffic from Bitwarden goes to my home, or will this know only Mullvad (that already knows my home IP, because it has to)?

I also switched to ProtonMail, LibreWolf, and Startpage. I self-host Nextcloud, Syncthing, Monero node, Pi-Hole, etc.

Recently I started deleting all my accounts that I don't use anymore. Now I'm pretty happy about my anonymity online.

Physical privacy & security: I weak ago I got a RFID blocking wallet. I bought it in a store where I am signed in for news and sales, and I also get a lot of cheaper things because of it. But they basically track everything I buy, where and when. And that is with all stores if you have the stores card (I only have one, because parents pay for everything currently). Does anyone know if this stores share data between each other or with someone else? I live in Europe, I know we have better privacy laws than US but it's still bad, right? I am also joined in club of students in my city - cheaper movies, skiing, tickets, etc. Is that also a privacy concern?

Payments: For privacy reasons only pay in cash, I know. What about if there is no cash option? I've heard of prepaid debit cards, but they only work in US. Is there any way for private payments in Europe? If not would something like Revolut be more private than traditional banks?

For online payments I can buy prepaid debit cards for US services in XMR. And for not US services like ProtonMail? Is there something like privacy.com (with virtual cards) in Europe?

Thank you for all comments :)