If you’re reading this, you’re probably one of those people who don’t like Big Tech (Google, Apple and Microsoft being the most prominent) very much or at least give alternative Technologies a shot. Good for you, you still have an open mind and this is, in and of itself, a great thing to have.
There was a time when I was knee-deep in the “Matrix” and had a “I have nothing to hide”-attitude towards privacy, or Internet Privacy to be more precise. That point wasn’t even long ago. I was using Windows as my main Operating System, MacOS on my Laptop, Android on my phone, Google as a Search Engine and Dropbox as a Cloud Service. It has been that way practically all my life… and now I’ve ditched all of them. And it was so easy. And, on top of that, completely free.
At one point I felt like it was too much data gathered about me in the hands of too few: Microsoft is collecting “Telemetry” on me, among other privacy issues, Dropbox had my e-mail and password breached during the great “Drop Box Hack” in, I think, 2012, Apple moved some of their servers to China and will be forcing people to install a COVID-Tracking mechanism in one of their upcoming iOS releases (I know it’s opt-in currently) and Google is practically tracking everything about everyone. Big Tech is gathering so much information about our lives that it’s going from “creepy” to “possibly outright dangerous”. This had to change. And since waiting for Big Tech to magically have an epiphany about Data Privacy is a rather passive approach, I thought I might as well give them the finger in the meantime. Gandhi once said “Be the change you want to see in the world”, but even though I like to forget this quote again and again, I still remember it every now and then and act accordingly.
If you don’t intuitively care about the nature of Internet Privacy, that’s totally fine. I can relate to that. There’s a really good post on the “Privacy”-Subreddit on why you should care about online privacy and if you’re not creeped out by the data gathered about you already, you should definitely take a look.
But let me “warn” you: once you go down that rabbit hole, there’s no coming back from it.
Before I begin, let me make a quick statement: I don’t think my approach is the end-all-be-all-solution to all the Data Privacy problems, but at least it’s a start and hopefully I can inspire people to take a leap of faith as well. I’m going to focus on the why and how more than the technicalities.
Full disclaimer: I’m a rather tech-savvy person, so take everything I say about the difficulty with a grain of salt.
1. Linux
So, let’s get started with your main computer. It doesn’t really matter if it’s a stationary PC or a Laptop, it works for both. Objective: letting go of the nasty “Telemetry”-spyware that Windows has become and install Linux.
There was a time when Linux was mostly command line based but those days are long gone and the GUI (Graphical User Interface / “Desktop Environment”) is just as good as on Windows / MacOS.
There are a gazillion Linux Distro’s (“Versions”) out there so it’s quite easy to get lost. The most user friendly is considered to be Ubuntu and, from a Windows guy perspective, that very well might be the case. Of course you can also pick Linux Mint, Debian, or if you really want a challenge, Arch Linux. But I think Ubuntu is a good start.
First things first: If people tell you that Linux is the best thing since sliced bread and “way better” than Windows, they’re plain out lying to your face. Sorry, fellow Linuxers, but that’s the truth – at least in its entirety. Just like everything, Linux has advantages and disadvantages.
Let’s cover the Con’s first:
Installing Software that is not in the official Repository is a pain compared to Windows. For someone who hasn’t been using Linux all his life, it often takes 10+ Minutes compared to, let’s say, 1 minute on Windows. Prepare to Google DuckDuckGo a lot.
Drivers. Worst case: you have some piece of Hardware that is not supported at all. Second worst case: It’s not “officially” supported but someone wrote a driver for it, which is usually kind of working, but a pain to install. Before you install Linux, make sure that – if you have special Hardware – there are Drivers for it. This is make or break.
Re-Learning. Forget about Adobe programs or Microsoft Office. Not available for Linux. You have to switch to FOSS (Free and Open Source Software) alternatives. While this might sound like an “oh snap” moment, it really doesn’t have to be one. LibreOffice is a fantastic alternative to MS Office and there are plenty of good Video Editors available for Linux (Davinci Resolve for example). Photoshop can easily be replaced by GIMP.
Let me put it this way: it’s not that there’s no Software available – you’re just not used to it. So you have to re-learn a couple of things. But since most FOSS Software is well known by now (think Firefox, Thunderbird, VLC Media Player, only to name a few) it’ll only be a handful of programs you’ll have to re-learn. While this aspect seemed like the most scary part to me at first, it really wasn’t much of an issue, so don’t worry too much about it.
Games. While the Linux gaming community is growing because of increasing Steam support, it’s still not a good platform for gaming. Yes, there are a couple of games you can play on Steam or Wine (Windows-Emulator), it’s not all that much. If gaming is an issue for you, just install Windows on a second SSD/Partition and treat it like a gaming console that you only boot up when you want to play.
Now let’s cover the Pro’s:
No interruptions. The annoying message from hell “Your Windows is getting updated” is a thing of the past. This alone should be reason enough to switch.
All jokes aside: your OS is working for you now, not the other way around. You decide if you get updates, when you get them, how and which ones. It’s your choice now. While it is always wise to update your Software on a regular basis, the freedom to choose is a big win in my book
You’re in charge. There’s no creepy behind-your-back-installed game waiting for you in your Start Menu anymore. No X-Box Game Center, Candy Crush, nothing. You’re in charge now. (Ubuntu comes with a couple of mini-games like Solitaire but once you uninstall them, they’re gone for good).
Security. Generally speaking, Linux is more secure than Windows. While this topic is enough to fill 10 other articles, here’s a quick read that covers the basics of it pretty well.
Customization. While Windows leaves pretty much no room for customization, Linux is a whole different story. Don’t like the way your Desktop looks? Install another Desktop Environment. Want another Window Manager? Sure, go for it. Want another File Explorer? Go right ahead and replace the old one. Everything can be customized according to your needs. While that might not be the case “out of the box”, chances are good that a quick Google DuckDuckGo search will give you just what you need.
Privacy. Linux is not spying on you. Since it’s Open Source, everyone in the world (provided he/she has the necessary skills) can look at the source code of the OS and convince himself what exactly it is doing. No secrets.
Hardware Requirements. Linux is way more efficient and even a 10 year old machine can run smooth as butter.
Software. Yes, Software is a Pro and a Con alike. While installing “non-official” Software is a pain, installing Software that is in the official Repository is just a breeze. Open your “Ubuntu Software” Program, search for the desired program by typing, click install and that’s it. It’s just delightful.
It just works. And works. And works. And works. Once you’re all set up, it is as rock solid as an OS can get.
The elephant in the room: The Terminal.
The Terminal – that nightmarish creature from hell that every life-long Windows user fears to death. Yes, you will have to use it.
But did you notice how I didn’t say it’s a Con or a Pro? Because it really is neither.
Windows has its flaws, doesn’t it? Some menus are neither logical nor intuitive at all – but we’ve come to learn how to use and live with them. We were getting used to them. And that’s all it is when it comes to using the Terminal: we have to get used to it. We need to clear our minds and don’t think of it as something inherently good or bad, but something different. Because that’s all that it is: different.
After a couple of weeks of using it, I can safely say that the Terminal is equally retarded and genius. In the beginning, you will have to Google DuckDuckGo a lot, and copying and pasting six lines of commands for the most trivial tasks is just what it is: retarded. At first.
Once your initial setup is complete and you internalize the commands, what they’re for and how they’re used, you’ll find yourself using the Terminal instead of clicking through the menus more often than not. Also: once you get the hang of it, you’ll feel like Hackerman. Yes, for real. It’s amazing. Bonus points for setting your Terminal’s background to black and your font color to green.
When it comes to the “Linux Experience”, think of it this way:
if, by some magical incident, your memory was completely wiped and someone sat you in front of a Windows PC – how long do you think it would take you to learn the OS? To feel comfortable using it? Think of a number of weeks or months it would take you. Now give yourself that exact same amount of time to get comfortable with Linux.
If that time period has passed and you still don’t feel comfortable using it: delete it. Wipe your SSD and go back to Windows. And I really don’t mean that in a negative way. If Linux isn’t your cup of tea, that’s perfectly fine… but at least you gave it a shot and I’m sure you learned plenty of new things along the way.
And if you’re still on the fence by now: use a Linux “Live USB”. That means you can put Linux onto a USB drive and just try it out for a couple of minutes to get an idea. No need to format your hard drive, no need to install anything. It just runs off of your USB drive. Keep in mind that the user experience is very limited at that stage.
Let me be honest here: the whole process of switching to Linux is going to take time. A lot of time. Depending on your Software and Drivers, it can take one or two days to fully “get going”, to have everything just the way you want it. But isn’t your privacy and freedom worth it?
2. De-Google yourself
Ditch Google. Seriously, do it. They’re f*ing evil. Plus, all the cool kids are doing it too.
While there is probably enough information out there to write a whole book about the evil nature of Google’s policies regarding data collection, let’s keep it simple and do a thought experiment:
For the sake of the argument, let’s assume that you use a lot of Google services. Gmail, Google Search, Maps, Chrome Browser, Android, YouTube – and all of those services are connected to your Google-Account.
Gmail: Google knows every email you’ve ever written or received. Based on the receipts in your Inbox, Google also knows what you purchased and how much it cost.
Google Search: Chances are, most thoughts you had have somehow manifested into a search phrase in their Search Engine. Google knows what and how you think.
Android + Maps: Google knows where you were on February 5th at 12:48 AM. And at every other time. And at every other day. Also, Google knows what Apps you use, how long you use them, knows your Texts, your Contacts, what pictures you took and who is in them. Google knows all of your passwords.
Chrome Browser: Google knows everything you’re doing on the Internet. And yes, it knows about the kinky stuff as well.
YouTube: Google knows who you follow, knows what you watch and for how long you watch it. Google knows exactly what political side you’re on.
That’s just the tip of the iceberg and not even considering the really nasty stuff like cross-site tracking-cookies that Google puts up all over the Internet (looking at you, ReCaptcha).
Now just put all of the above into one big file about you and let’s go into full-blown Conspiracy Theory tinfoil hat mode here: imagine if somehow someday someone at Google decides that they don’t like you very much. Or imagine if this data somehow got hacked or leaked. Don’t you think there’s enough potential in all of this information to seriously impact your life in a negative way or even outright harm you? Think about that for a while.
Imagine the potential for blackmailing Google has against… well… pretty much everyone. The possibilities of using this power in a negative way are endless.
Besides: I’d bet that there’s no person on earth who knows that much about you. If you wouldn’t give your brother, your wife or your best friend a list of every Google search you’ve ever done, every Website you’ve ever visited, every purchase you’ve made online or every password to every service you’re using – why would you trust Google with that information?
Now let’s focus on the alternatives:
Gmail: Protonmail.com is considered secure and reliable (it comes from a Swiss company and is also hosted there). They have a free account but the paid version (~$5 a month) is where they really shine. Alternatively, you can set up your own Domain and Webspace with the Hoster of your choice and have your own domain (e.g. yourName@yourLastName.com). Depending on the company and plan you choose, it’s around 3-10 Dollars a month.
Google Search: Use DuckDuckGo. They don’t store your info, don’t track you or harass you with ads at every chance. Now granted, their search results are not as good as Google’s but they’re still usable in 9 out of 10 cases.
Android: That’s a whole different topic and I’ll go into that later more extensively.
Maps: Openstreetmap.org is an open-source alternative to Google Maps. The look and feel is a bit different and you won’t find as many stores / places but it’s constantly evolving (you can help with that too) and still amazing to use.
Chrome Browser: Personally, I like to use Brave Browser. It has in-built ad blocking, script blocking (optional) and tracker blocking. Also, you can opt-in to receive Ads and get paid in Cryptocurrency (BAT) to watch them – but that is totally up to you. On top of that, since it’s built on Chromium (the Open Source version of Chrome), you can install every Chrome Extension in existence.
YouTube: There are great alternatives to YouTube by now. BitChute, LBRY and 3speak are the three alternatives I personally use. On LBRY, you can even earn Cryptocurrency while watching videos. It’s really not much but getting paid a couple of cents a day is still a million times better than being the product yourself. While all three are amazing, they can get a bit sluggish from time to time (especially during times of high traffic).
Google Translate: instead of using Google Translate, you can use DeepL, a free and AI-based translate service that even beats Google’s Translate by a mile.
If you’re still not convinced about Internet Privacy and haven’t read it already, take a look at the fist Link in the Linux section. Or look at previous data breaches (“account hacks”) that have happened at well-known companies like Dropbox, Adobe, Epic Games, Sony, HTC or Zynga. You can even check if your credentials got leaked / hacked in a previous breach.
And while you’re at it: do yourself a favor and install a trustworthy password manager like Bitwarden and set up 2FA (two-factor-authentication) for it. Back in the day when my data got leaked from the Dropbox Hack, I used one password for every service. Don’t do that. Be smart. Use a password manager.
3. Run your own services on a Raspberry Pi
You should definitely get a Raspberry Pi (4 Model B). It’s just a smidge above $40 and you can do some amazing stuff with this little bad boy. Note that you also need a set of accessories: a MicroSD card, a case, a fan and a Power Supply – but there are pre-built sets for the accessories that cost around $25. So in total, the Raspberry will cost you $65-70 and you’re good to go.
But why should you get a Raspberry Pi? Personally, I use it for two things: to run a PiHole (a DNS Adblocker) and OpenMediaVault (a NAS Software similar to Synology).
3.1 Use a “PiHole”
Let’s get started with the PiHole:
What is a DNS?
Think about it as the phone book of the Internet. Whenever you type in a Website’s name, you really don’t connect to the Domain (i.e. www.duckduckgo.com) but to the server’s IP where the Website is hosted. But instead of remembering an IP like 79.162.194.149 and a set of completely different numbers for every Website you want to visit, you only need to remember the Domain. A DNS (“Domain Name Server”) then translates your requested URL/Domain Name into the correct IP address where the actual Website is hosted. It’s like the handling of your contacts in your phone: You call “Bob”, but in reality you’re calling the number +1 234 5678910. So instead of remembering each number individually, you just call Bob or John or Mary and the phone handles the rest.
Now think about Ads on the Internet. Usually, ads don’t come from the Website you’re currently visiting, but are hosted with Ad agencies instead that pay out revenue when users click on them or see them. And that’s the magic trick: “they are hosted with Ad agencies” which, in turn, have their own Domain Names. But if your DNS (your PiHole) tells your Browser “Dude, I don’t know that googleads.g.doubleclick.net guy. No idea where to find him”, your Browser then can’t connect to the Ad Servers and therefore can’t display any ads. Now you might think “well duh, I have an AdBlocker installed” and that certainly is correct. The big advantages of a DNS-Adblocker are:
You have control over what gets blocked and what doesn’t
It blocks Ads on every device in your Network and on every Browser
It blocks Ads that are displayed outside of a Browser (installers, mobile games, Smart TV’s etc.)
It blocks massive data collection. Once you see for yourself that, amongst other things, your Amazon Fire TV is trying to connect itself to one of the biggest tracking and market research firms (“IMRworldwide”) over 15.000 times a week, you’ll be just as surprised as I was.
You can extend your Blocklist to your liking (also block adult sites, gambling sites, sites that are known for malware)
Although it might seem like you don’t need a PiHole, once you’ve used one you’ll never want to go back. It’s amazing.
The setup is straightforward and there are preconfigured Blocklists. My current Blocklist has 924473 entries and took me 10 minutes to set up.
A side note to DNS in general: You have to configure your “Upstream DNS” in the PiHole’s UI. For most people, the default is their ISP’s (Internet Service Provider) DNS service. Even if you don’t use a PiHole, you should change your DNS provider nonetheless. Why? Well, I don’t want my ISP to know about every single Website I visit. It’s not a secret that ISP’s sell user data for targeted ads. Personally, I use CloudFlare’s DNS (1.1.1.1) as external audits have proven them to be rather privacy-oriented, but there are several others you can use as well.
Tip: you can set up a VPN connection to your home network and be “shielded” by your PiHole even while on the go. The toll it takes on performance is barely noticeable, if at all (depending on your internet connection of course).
3.2 Set up a NAS and a VPN connection
Let’s go on to your own NAS and why you should build one yourself.
What is a NAS? NAS stands for “Network Attached Storage” or, in simpler terms, “a thing that you can put all your files on from every device in your network”.
Now why would you build your own NAS? For two reasons:
1. to have a decent and safe(r) storage solution and
2. to replace your Dropbox/Cloud Storage provider.
Previously, I owned a cheap “MyCloud” from Western Digital. A single 4TB Hard Drive that was accessible via LAN/WiFi. Suddenly, my MyCloud decided to not do a single thing anymore and I had ALL my relevant files on there. Pretty stupid, I know. For a moment, my heart stood still. After unplugging it several times, it decided to do its job once again (while making funny scratchy noises) and luckily I could back up all the relevant files. That was the point when I decided that I needed a better solution. I searched the web and stumbled upon Synology NAS Drives but I found them to be just too expensive. A simple two-drive solution (2x 4TB) with a halfway decent CPU and RAM costs upwards of 700 Dollars and if you ask me, that’s just way out of line for a NAS. But if you’re not a very tech-savvy person and/or can easily shell out the money, this might be the “Plug And Play” solution for you. I went the DIY route and my DIY-NAS now has the same functionality and Disk Space as an $800 Synology solution while having better Hardware (CPU + RAM) and thus being even more future-proof – for just slightly above $300.
All you need is: 2x 4TB Hard Drives ($200), a dual-slot case for the drives ($50), and a Raspberry Pi (~$65). The only thing left missing is a decent Software for your NAS. Personally, I went through a couple of them before I settled with OpenMediaVault, which is simply amazing. Easy to use, rock solid, fast, well-known and widely supported.
My current setup looks like this: I have one Hard Drive on my NAS that is visible and that I use on a daily basis (let’s call it “Drive A”). There’s also a second Hard Drive for backups (“Drive B”). Every 24 hours new content (if there is any) gets backed up from drive A to drive B. If I delete a file on drive A for whatever reason, it stays on drive B for 7 days until it gets deleted there as well. This might sound complicated but even if you’re a complete beginner, you can set this up in OpenMediaVault in 5 Minutes. It’s that easy to use.
Once your NAS is all set up, you can use a VPN connection to your home network to access all of your files via your phone (or any PC / Laptop) from outside as well – there will be no need for Dropbox or any other Cloud Storage Provider anymore. You can preconfigure every Windows/Linux PC or Laptop and even every iOS and Android phone to connect to a VPN with the press of one single button.
But if you want to go the extra mile, you can install “NextCloud” on your Raspberry / NAS to have the ultimate “Dropbox-like” user experience. A NextCloud setup comes with its own variety of pitfalls (a DynDNS setup for example) but it’s still manageable.
4. Replace Android with Android
Sounds weird, I know.
Initially, Android as an operating system wasn’t developed by Google. “Android Inc.” was bought by Google in 2005. What makes today’s Android what it is are the “Google Mobile Services” or better known as “Google Apps” – that’s where all the spying and tracking comes from. So if there was a way to use the original Android (also known as AOSP, Android Open Source Project), you can get rid of all of those things. But that has its downsides: no Gmail App, no Maps App, no Google Drive App, and most importantly: no Google Play Store (but don’t worry, I’ll tell you how to get your favorite Apps later).
Depending on your device, there might be several Custom Roms (Alternative versions of Android) available or none at all. A good source to find Custom Roms and complete instructions for your device is the XDA Developers Forum.
Every Custom Rom has its Pro’s and Con’s but you should take a look for yourself and then decide on what’s best for you. There’s “/e/ OS”, “AOSP”, “LineageOS”, “Arrow OS” and a whole variety of other ones. One of the most reputable Custom Roms (and the one I chose) is LineageOS and you can choose to flash it with or without “Gapps” (Google Apps). Since you’re a privacy-oriented person, you’ll want to choose the one without Gapps, of course.
Once you’ve chosen your OS, it’s time to make a backup. Once that’s done and you’re all set, you have to make a choice again: do you want to “root” your device or not?
What is “root”? Root is the default administrator user in all Unix-based systems. There is no user with greater power than root. Having root privileges is like being god in your system: you can access, overwrite, open and delete everything – even system files. While that might sound like something you’d want to do, it has its downsides: if you “root” your device and Malware gets a hold of root privileges, you’re screwed. Badly. Also, if you don’t know exactly what you’re doing, you can mess up your whole system with a couple of clicks – so keep that in mind.
In order to achieve a great deal of privacy, I think a Firewall is a great thing to have, but it needs root privileges in order to function properly. Your choice again: “root” your device and have a Firewall or don’t root your device and have no Firewall (or a Firewall that’s not working 100%).
Let’s assume you do want to root your device and install a Firewall. Well, since there’s no Play Store anymore (fun fact: the Play Store logo is the “Sigil of Lucifer”, look it up), where to get it from?
Let me introduce you to the F-Droid Store. The F-Droid Store consists entirely of FOSS Apps and you’ll find plenty of Software there. You can take a look here. Since your device isn’t restrained in its capabilities anymore, you can just visit their Website, download the .apk (the Android version of .exe files) and install it.
But what if you desperately need a “regular” Google Play Store App and don’t want to install Gapps? There’s a solution for that as well:
Version 1: download “Aurora Store” from F-Droid and have access to pretty much every “regular” App there is. Aurora works just like the Google Play Store. You can choose to login via your regular Google-Account or “Anonymous”. Choose anonymous.
Here’s how it works: Aurora is using their login credentials via an API to provide you with the .apk you want. Also, the Aurora Store is providing info about how many trackers each .apk has built-in. There are well-known Apps that almost everybody uses that have upwards of 20 trackers built into them.
Version 2: visit https://apkpure.com/ and download the .apk you want. It’s less of an “App Store feeling” and more Windows-like, but it works nonetheless.
Now let’s get back to the Firewall. Since Google doesn’t want you to have a Firewall or a real Adblocker (both types of Software are banned from the Play Store), you need to download it from the F-Droid Store. Personally, I use “AFWall+” in Whitelist-mode. What that means is: I need to explicitly allow an App to connect to the internet, otherwise it won’t work.
Summary
I know it sounds like a lot of work and I’d be lying to you if I told you it wasn’t. Now I’m going to try and give you an evaluation about the time you need to set all of this up. The assumed time consumption is based on three user types: “pro user” // “tech-savvy” // “total noob”.
Step 1, Linux:
4 hours // 8 hours // 2-3 days
(assuming you have at least one or two driver issues, otherwise it can be much less)
Step 2, de-Googling:
3 hours // 6 hours // 1 day
(depending on how far you want to go with your email and self-host or not)
Step 3, PiHole and DIY-Nas
6 hours // 18 hours // 4-6 days
(depending on: which hardware you use, PiHole and DIY-Nas or both, which NAS-Software you choose, realize PiHole+NAS-Software via Docker images or on “bare metal”)
Step 4, Android
2-3 hours // 5 hours // 1 day
(depending on your device and the Custom Rom you use)
Let’s assume you are neither a “pro user” nor a total noob, so the total time consumption would be 37 hours. Divided by 8 hours a day, that’d mean you’d dedicate five whole days to this project.
It’s not an easy task and it’s time-consuming. But let me ask you again: isn’t your (digital) freedom worth it? Depending on how much you value your data and want to stick it to Big Tech, I’d say the answer is a clear “Hell Yeah!”.
Thanks for reading.
You can also find me on:
Bravo! I'm a hardcore privacy advocate from the very beginning, so my eyes are already wide open for this, but I think this is a much needed read for a lot of people. I hope it will open some eyes. But, just as you say, it takes time and is sometimes cumbersome to protects one's privacy. Then it is up to the user if he thinks it is worth that or not. Personally, I think it is.