Context: my gf mentioned getting a vpn for privacy, and I tried to explain that it “does” help, but it’s more like type of windows on a house. It certainly can be part of the package, but it’s no where near the foundation.
So i tried to explain the best that i could That if she was worried about online privacy the first step wasn’t to mask traffic, but to not submit personal data to anything online like FB, not use Google services that package everything on you together to sell to advertisers, and to limit phone apps to essentials.
But I’m curious on what other steps you guys would consider the “foundation” of online privacy that should be prioritized before a vpn. Any thoughts? Or am I way off base?
Note: this is in context of vpn for privacy. Using vpn to avoid Geo blocking and censorship I see as incredibly valid for those that need it.
True! Lots of wonderful comments here.
Running as much open-sourced privacy oriented software as possible. This includes on computers, routers, and phones. While this is 100% a marathon, not just a quick change, it’s well worth the time. Utilizing an encrypted DNS would be another solid move. NextDNS is a fantastic choice as it has a free option which still provides granular control of what is filtered online. A trusted VPN mixing your internet traffic with others is great, but like you said, it’s not a magic bullet whatsoever.
If you’re talking OpenWRT, then I totally agree. But something like Asus Merlin is a relatively easy change and still provides additional protection. While part of the Asus code is closed-source, most is open-sourced and Asus has implemented improvements developed by the Merlin team. This shows Merlin knows what they’re doing and are trustworthy too.
Here are some things you can do, roughly ranked:
- Use a password manager
- Assume anything you post/do online/financially can and will be used to build an advertising profile on you/train AI/be shared with government authorities
- Disable ad personalization/history/sharing of information via privacy settings of mobile phone, mobile apps, Google, Facebook, banks, credit cards, ISP, cellular service, everything
- Turn off third-party cookies.
- Use an ad-blocker on desktop and mobile. They also help prevent a lot of tracking.
- Don’t use Chrome. Consider Firefox/Brave/whatever else
- Avoid using ad-supported services/companies. Consider using paid alternatives. This means using alternatives to Google Search, GMail, Facebook for photos, etc etc.
- Use a profile deleting service like https://monitor.mozilla.org/
- Different browser profiles: general use, Facebook, personal (GMail / Google Docs), and maybe more
- Use a VPN w/ secured DNS
- Many Google accounts: one for general, YouTube, Google Docs/personal, and maybe more
- Use a different email address to sign up for every account. I use StartMail’s aliases
- Don’t use your personal phone number for most things (finance/healthcare excepted). Get another number via a call and SMS forwarding service
I concur with this. Any Chromium based browser is still under the chokehold of Google. A great example is Manifest V3 being forced on all Chromium browsers. Honestly, Google controlling such a significant browser marketshare should be a worry to more peoople. To a lot of people they are people’s access to the internet, via Google Search, and they also control people’s window to the internet, via Chromium.
In short; Google by and large is the internet, meaning they can do whatever hell they please and there’s not much in the way to stop them.
Switch your browser (Firefox or Librewolf) and use uBlock Origin. Tweak settings for privacy and security (check the guide on /c/piracy). Use DuckDuckGo as your default search engine. Remove personal details from social media, especially anything public-facing.
