I just wonder what are some things you would never use/decided to ditch because of privacy reasons but ended up using anyway?
For me these things were Discord and Snapchat. I have used Discord in the past quite a lot but decided to delete my account because of the huge amount of logging. After that I could live in peace, even tho that meant to leave all those cool communities I was in. At some point I considered to use Discord again because I missed chilling in voice channels with some friends. Now I use Discord in a separate browser profile with uBlock Origin which blocks stuff like https://discord.com/api/v*/science.
Snapchat was something I never wanted to use. I know about its privacy issues but still ended up using it because I felt cut off. Everyone around me used it and it is the app to get in contact with new people. I try to give the least info possible and block some of Snapchats trackers.
How about you? Where did you make compromises?
I was pretty maximalist about getting away from Google for a while, but then I had to use Google for work anyway. I just use a separate work device.
I also have a personal Google Voice account where I ported my old cellular number after I started using prepaid SIMs and VoIP numbers. I set up forwarding to another email address so I don’t actually have to log into Google except every few months to change the password. And when I do log in, I create a new browser profile, do what I need to do, clear the history, cache, and cookes, delete the browser profile, and then run Bleachbit.
Other than the Google situation, the only place where I really compromised was in settling for SMS with the few people in my life who adamantly refuse to use Signal or another E2EE app.
I tried doing this with Discord but got locked out of my account because I was using a VPN and refused to provide a phone number. They wouldn’t take any VoIP numbers, so I had to get a burner cellular number to get back into the account and delete it. Are there any workarounds to this?
That’s a good solution actually. But does it really make sense to change passwords every now and then?
Doesn’t sound that bad. I wish it was possible to just get everyone to Signal xD
It’s because of the VPN or the email address I think. I didn’t have to verify my number when I signed up with my real IP, with a simplelogin email address using Chromium. I tried to sign up with some other email provider once and got locked out.
It’s important for me to keep privacy and security in perspective with any other factors that I take into account when using a tool or service.
Discord is an example of something I do use regularly. I’m not going to stop using it just on the premise of wanting to be more private. What I do is keep Discord in a browser and limit what information I give it.
One thing I’ve tried to stop using is a chromebook. I don’t need to use a chromebook and I can keep it as just a backup or travel laptop instead of taking my main Linux machine around. But it’s just so cool. I don’t know why it pulls me back in, I’m just a fan of the idea and product.
I still have a Google account and use a stock Pixel, so I’m not really giving Google any new information. While I still feel uncomfortable about it sometimes, I try to take comfort in the fact that I am still secure if not as private as I want, and also the entity getting the data is one that already has a lot of my data. It’s not like using Windows where Google AND Microsoft are both seeing what I’m doing. I know for some that’s not a win at all, but that’s where I am for now.
The reason why some people don’t recommend changing passwords frequently is that they just come up with variations of the same password over and over again, or use weaker passwords every time. This issue can be avoided if you use a password manager that generates long, secure passwords for you. I don’t know any of my account passwords (not even to this forum account ), only the passphrases to the password manager itself and the user accounts on my devices.
On the other hand, some people recommend changing passwords every few months because there could be accidental exposure, or a breach we don’t find out about immediately. However, if the websites are hashing passwords correctly, a strong password at this point would still take several billion years or so to crack. So in my opinion, the choice is yours. For myself, I do it because I’m going to sign into some of my lesser-used accounts anyway to prevent them from being deleted due to inactivity.
Thinking about it compromise wise I haven’t had to make that many. Just a few people still using SMS. And of course certain services that still only offer 2fa through SMS, like why can’t they offer more secure options?
I still have a drive laying around with Windows installed on it that I use on weekends soley for VR gaming. Unless I’m installing a new game I use it not connected to the internet so that mitigates the telemetry there but I can not wait for the day that VR gaming works correctly on Linux. I’m patient though and I know it is a lot of work for those people working on wine and proton.