Unfortunately, I strongly disagree with this approach for several reasons. Sorry for the long post, but I really hope it will demystify the reasons.
First of all, privacy and security are not binary situations. Privacy is not anonymity or secrecy. I was involved in the preparation of a cybersecurity course for the non-technical managers, and what I learned by reading NIS and several other notable resources that there is no perfect privacy and security.
In the end of the training, the most important takeaway and the final assignment of the course was to make a simple cybersecurity risk assessment.
Participants must learn the fundamentals of making a decision in the nexus of your risk assessment, your resources, your needs and your company strategy. You need to decide on your risk tolerance. Therefore, the most important thing is to make an informed decision about your situation.
That said, as an individual, you don’t have to be very tech-savvy or self-host many systems because not all companies and organisations can do that.
That is why I appreciate the approach of Techlore and PG team. They always remind ppl about their threat model, an individual risk assessment, so to speak. All of the tools and methods are countermeasures. However, what do you want to achieve with these moves?
Second and closely related with the previous one, making a lot of hardening, selfhosting and fine-tuning are not always recommended for everyone. Why? The more you make configurations, the more you are likely to screw unless you have an IT background. And, when you compare the effort, time and money, generally it is not likely for you to reap benefits. Applying pareto principle to privacy, you can easily understand that you can achieve 80% of results by applying 20 % efforts. So, what you mention about all difficulties are generally for achieving the 20%. Of course, these numbers are not definitive. Evading completely from Apple, Microsoft and Google is very very difficult. If you start with this goal, then you will get exhausted. Several years ago, I started my journey by just switching to Proton and duckduckgo. Now, I decoupled from Google and Microsoft, except for work accounts. But it took more than 5 years.
Third, you don’t have to and should not make the changes overnight. Again, even the big corporations cannot change their IT system or software in a short time. One of the main reasons is because of people and their adaptation time. Make a simple plan and start by easy steps.
- As you mention, someone can easily switch Brave or Bitwarden,
- Use multiple browsers, one for work and one for personal for a smooth transition.
- I don’t know the reasons, but Tutanota is not a good option for an average person. Protonmail has a better UI and you will also have drive and VPN. Skiffmail is also a decent option though, they only open source the email.
- Signal is getting more popular day by day.
- Using a private search engine does not decrease your productivity.
- Using a private notebook app is as easier as others.
- Use the privacy options in your phone or services you use and opt out if possible. Just once when you purchase the devices.
- You can use cryptomator and continue to use big cloud providers if you want.
- You can use ublock Origin with no additional configuration.
- Choose a privacy front end for youtube. And the benefit, the ads are gone.
- If have an apple device, activate Advanced Data Protection.
- You can use email alias services for forums and other privacy invasive websites. If you dont wanna pay, just use Duckduckgo email protection. It can be integrated into Bitwarden.
All of these and more, you dont need to do configuration and pay a penny, and you can achieve a decent privacy.
In sum, privacy is achievable and not very difficult if you look from the appropriate lens and make informed decisions.