I am trying to re-adjust how much effort I want to put into privacy concerns. Too much stuff I’m using isn’t working properly or using a lot of my mental resources that I need elsewhere.
For (a bad) example: I recently performed a half-switch from my self-hosted Nextcloud instance to ProtonDrive, in the hope that it would spare me the stress to maintain my private Nextcloud. Unfortunately, it doesn’t, as basic functionality like cross-device-sync is not possible (there isn’t even a client app for Linux, as of yet).
This brings me to the question: have you found any services/apps/stuff that significantly eases your life while still being privacy friendly? I know, this is a broad question, but I think this is for the best as this thread then maybe even has use for other users.
I’ve found Syncthing a better way to handle file sync than NextCloud. Much more set and forget and not a single point of failure. It also syncs a notes directory in flat .md format, so anything can edit them, in a simple directory hierarchy.
SyncThing is great for encrypted, serverless, bidirectional sync, preferably with small folders… But unfortunately really eats up a lot of battery.
I’m still waiting for some company to figure out E2EE syncing with the quality of Google Drive (mobile and desktop integration built in). Proton is close, but they fumble reliable integration.
I’ve used it for years, across multiple devices, syncing 100gb. My average daily sync is probably 20gb.
It’s been surprisingly good on battery - currently using 0.9% average. It’s never been a significant battery hog for me.
I currently have 28 sync jobs (folders) on my phone, ranging from a few MB to 20gb, from a few files to 1200 files. Most only sync over wifi, but my DCIM folder (one of the larger ones) is over any connection.
Apps like Foldersync are much heavier on battery for me. Resilio is terrible for me (and it’s also a memory hog because I have some large folders).
Maybe you have a stuck file that’s causing it to hang. May be worth pausing all but one job, see if that affects battery. Then work though them.
Also, check out Syncthing-Fork, it has finer controls over individual sync jobs. For example, I let photos sync over any connection and on battery, but my media (music/video) only on wifi and while charging.
Between all these replies, I have to say I’m a little jealous. And I might have to look into making a SyncThing dedicated “server” on my home network using YunoHost, a thing that (IIRC) wouldn’t require exposing to the Internet because SyncThing will also happily run across volunteer-run relays.
By any chance, have you had any success with a unidirectional sync between your phone and your computer, where it’s possible to delete old photos on your phone to save space without worrying about them being deleted on the computer side? (This issue really only crops up for me when I’m already far away from a computer, BTW.)
By default, the built in Photos sync job works as you describe. It essentially just has the “Backup” flag set (send, ignore remote deletes set on both ends). Even manually configuring that (send/no delete) in a job works fine for me.
I don’t use that job because I like to use my computer to manage photos (all files really) on my phone. So I have numerous 2-way jobs, so I can move files around on my server, and those changes get reflected back to the phone. (There are a couple send-only jobs for other things).
My storage has a folder structure for users that reflects the folder structure on a phone:
Users/<UserName>/Phone
SD_Internal
SD_External
The sync jobs then keep those folders in sync in their respective phone structure. Makes it easier to manage a phone, especially when I switch phones, just export the config from the old phone, install ST, import the config, and my files all come back.
I also configure versioning on each folder based on what it does. Most folders have no versioning, important stuff gets a 30 day trash can (for example, on my “server”, for photos).
I currently run SyncTrayzor on a Windows desktop that’s always on, so any pics I take with my phone get synced nearly instantly. I’m currently moving ST to a Linux Container on a new Proxmox server. There’s a container available from Turnkey (think it’s turnkeylinux.org)
I’ll have to defer to your experience; I’ve set it up on a PC, a NAS and a phone. The phone was connected to an ethernet-equipped dock at the time of setup so the sync was quick and painless.
I don’t see a hit on battery life on a Fairphone 4 running /e/OS after initial sync has completed.
I haven’t had battery usage issues with it for years! Just checked now and it’s below 0.4% - it doesn’t even show up in the main app list in the battery settings.
Syncthing is brilliant, although for me it has had a heck of a learning curve to keep straight. Might just be me though.
It does have a bit of a learning curve, you have to think about what you’re trying to do.
My biggest issue with Syncthing is that it becomes unusable for large amounts of data due to the lack of selective sync (ignore lists are cumbersome as hell) and lack of virtual file system support. I have about 8TB of data on my NAS that I want to access remotely and it is not feasible to have duplicate copies of that much data on all of my devices.
You could simply sync select subdirectories.
That’s what i do. Work perfectly
Agreed.
Resilio sync works better. But the “sync identity” thing is broken, and configuring it declaratively is hard.
But 100% agree. Would love a virtual file system solution. Ideally one which you can use to fill available disk space and ensure you always have a minimum number of copies.
NewPipe is a killer app I would say, with nearly Youtube Red level functionality in something that’s free and OSS. A bit afield from privacy, but you do get to access youtube stuff without logging in.
From what I understand, NewPipe has been abandoned and someone else forked it to Tubular which includes SponsorBlock.
From what I understand, NewPipe has been abandoned…
That’s completely incorrect. From NewPipe’s Github:
We are planning to rewrite large chunks of the codebase, to bring about a new, modern and stable NewPipe. Please do not open pull requests for new features now, only bugfix PRs will be accepted.
…and someone else forked it to Tubular which includes SponsorBlock.
polymorphicshade “stopped” development on their fork of NewPipe, which included SponsorBlock (because NewPipe did not want to include it) and started working on their rewrite of their own fork and/or NewPipe, which is now Tubular.
Very good to know. After following your Github link, I found my way to the blog post that it looks like you are quoting:
https://newpipe.net/blog/pinned/announcement/State-of-the-Pipe-2023/
After following your Github link, I found my way to the blog post that it looks like you are quoting
You mean the quote block where I said it was undergoing a large rewrite and don’t submit any feature PRs? That was actually the first two sentences of the README.md on the TeamNewPipe GitHub link I gave lol.
Newpipe is definitely not abandoned. :) But always nice to learn of an alternative
Bitwarden, Aegis (2FA app for Android), Syncthing are probably the most impactful
Ntfy - no more google reading notifications
Jellyfin - media served without questionable Plex account
Arch - on so many levels allows me a private computing experience
Posteo - simple but efficient email service
Resilio sync - cloudless syncingNTFY looks intriguing.
If I’m reading the description properly, it uses an HTTP server as the middleman for the notifications?
Pretty
neatnifty idea. (Yea, had to come back and edit because I missed a great opportunity).It’s based on unifiedpush standard https://unifiedpush.org/. So a central notification middleman like google firebase for all your apps (that support it). There’s messengers like mercurygram, fluffychat, Molly that support it and you can also send notifications yourself via a simple curl command.
Wow, I really appreciate how they use animations to show how it works (and I generally despise any animation on a home page).
That’s how it should be done.
Also, what they’ve done is impressive. Smart. I had no idea this existed, though I’ve seen another open solution to Unified Messaging (just can’t recall what). This is really promising.
The most impactful are probably browser (Firefox), adblocker (uBlock Origin), DNS over https (Mullvad), and password manager (Bitwarden), because these are used every single day.
https://rethinkdns.com/ the android app is also an excellent firewall with logging. I use a custom config on my router. I can’t say enough good things about this.
https://simplex.chat/ Android/ iOS/ macOS/ Linux/ Windows getting people to switch is a pita though.
I look forward to SimpleX development - it’s already come a long way.
It’s unfortunately heavy on ram for me.
Bitwarden, PiHole, Proton Pass/VPN/Drive, BlueWallet to name a few
Freetube on PC has really changed it up for me. Vencord over Discord is another I’ve not seen mentioned yet, basically strips out the telemetry and sandboxes the application.
Pair Libre redirect with Freetube and that’s been my worry free YouTube experience during all of this anti adblocker business.
Oh yeah totally forgot to mention that! An absolute must if you have freetube indeed 🙌
Two I use a lot daily are KeePass 2 in various versions, computer as well as tablet. I used KeePass “original” 1 for years, but moved to 2/XC/DX. Occasionally also used for storing notes and not just passwords.
My notetaker, all hands down, though. Joplin, with encryption activated, the file stored for syncing on my privacy oriented community’s encrypted NextCloud. I am an avid notetaker, both digital and analogue, and Joplin really fits my needs.
OK, third, honourable mention: Veracrypt
NextDNS - I use it on my router and all mobile devices.
Is NextDNS really a good privacy tool? I use it myself because it’s convenient, but I always assumed that they would collect data about me since it’s a free service
I pay for mine, not sure how it differs from the free version but you can turn logging off, or if you have logging on you can specific how long to store logs and what jurisdiction to keep them in (I keep mine for a few months in Switzerland). You of course have to place some trust in NextDNS the company that they are actually doing what they claim to do as far as respecting user privacy but I trust them more than Google and Cloudflare, which is what I was using previously.
You can turn off logging in settings
- uBlock Origin saves time and resources
- This is a classic one, but with Mullvad VPN I can pretend to be in any country. When combined with Tailscale, it becomes really OP. With Tailscale, I have a secure, flat network, which allows me to access all my devices from anywhere. Things like LocalSend, KDE connect or other apps that normally require all devices to be in a LAN also work over Tailscale.
- A DNS filter doesn’t just help with protecting your privacy, you can also use it to block/restrict distracting websites that you spend too much time on. NextDNS for example lets me restrict social media websites to only work on certain times of the day.
- Private frontends like Invidious and Piped for YouTube, Redlib for Reddit, SafeTwitch for Twitch (RIP Nitter, Libreddit and Teddit)
- LibRedirect automatically redirects sites like YouTube, Twitch, Reddit and many more to privacy frontends
- Alternative desktop/mobile clients for YouTube and Twitch. For YouTube, FreeTube on desktop, LibreTube/Tubular on Android, Yattee with this guide on iOS, Xtra for Twitch on Android. These all block ads or any other annoyances.
- GrapheneOS makes my life easier in many ways, but I specifically want to mention this one. Since GrapheneOS uses per-connection MAC address randomization by default, I can simply reconnect to a wifi network that wants to restrict my usage. This is so useful on trains/airplanes.
- UnifiedPush/ntfy allows me to send notifications from my server to my phone. For example it notifies me if one of my self-hosted services goes down (through Uptime Kuma), but I can also use this for Signal notifications through the Molly client for Signal (which also improves security and adds a few other cool things).
Mobile Fennec (or pick your poison for any Firefox fork) has made browsing overall much better. Between ad blocking, Enhanced Tracking Protection and a paywall-bypassing extension, browsing is overall less tedious than a comparable Chromelike.
Which paywall-bypassing addon would you recommend?
Bypass Paywalls Clean is the one I use.
Removed by mod
Personally, I’m okay with shouldering the security risk considering the internet-wide toxicity of Chrome and forks.
Lynx would be more secure than either.
Removed by mod
okay with shouldering the security risk
To me, that depends on what you use the phone for. I sometimes use mine for banking as well as logging into various sites, so I want to reasonably minimize the security risk I am taking. If I wasn’t, then sure.
I’ve used Firefox mobile for a while now and I’ve had zero issues. The attack surface may be “much more,” but that doesn’t mean that it’s completely open to hackers.
Plus let’s be real: Gecko-based browsers are, what, 1% of the browser market? Guess which browser is the most targeted by malicious actors? Not the one having 1% of the market, that’s for sure.
Gecko-based browsers are, what, 1% of the browser market?
Last I checked, Firefox was close to 3%, but you right, still not a large number.
Guess which browser is the most targeted by malicious actors? Not the one having 1% of the market, that’s for sure.
It doesn’t have to attract the most attackers, especially if it is notoriously weak. You shouldn’t choose software that is easier to exploit simply because it’s more obscure. Do you also choose weaker encryption algorithms because no one uses them? I sure hope not.
And your comment would probably ring a little more true, except we just had the xz debacle, and guess how much Linux has of a market share? Probably close to Firefox’s, both in the single digits.
No, I use Firefox because it’s an excellent browser. It doesn’t fit GrapheneOS’s security requirements, but then, I’m not too concerned, because it’s quite secure regardless. Even to the point in which it’s more annoying than Chrome for certain things (like HTST.) You’re trying to paint Firefox as “easy to exploit” when that’s not true. Easier doesn’t mean easy. The Kremlin might be easier to sneak into than the Pentagon. But that doesn’t mean it’s easy. Hell, Tor uses it to build its Tor browser. They could very well use Chromium for that.
guess how much Linux has of a market share?
You’re probably referring to desktop Linux. Linux is used in billions of devices all over the world, and it reigns in the server space. So, no. Not “in the single digits” usage.
If I am being completely honest, there are very few. Convenience is consistently the #1 trade-off when I make privacy-based decisions about which applications and services to use.
An exception I can think of are ad and tracker blockers like uBlock Origin, iodé, etc - I cannot imagine life without them Any time I borrow the phone or computer of someone who doesn’t have an equivalent of these installed I am just blown away by how many ads they are confronted with while performing even the simplest tasks. And not just harmless ones, but ads that directly waste their time. I genuinely don’t understand how people can live like that unless they just don’t know there is an alternative.
I guess another one I can think of is the Aurora Store. The UI is so much cleaner than the Google Play Store’s, important settings and features aren’t hidden and it has some additional features like Exodus Report that I think are genuinely useful. It’s so superior as an application that I actually prefer using it even on devices where the Play Store is installed and working.
I am finally really happy with my privacy setup, I am not feeling like there’s anything more I need (or want) to do at the moment…
- NextDNS on PC and phone
- Linux on PC - I do have a drive with Windows (AtlasOS with no Microsoft login) on it for dire emergencies (Rust and Destiny 2)
- Mullvad VPN
- Degoogled phone with LineageOS
- Non-self-hosted Nextcloud
- Browsing: FireDragon and Mullvad Browser on PC and Mull on phone
- FreeTube for YouTube
@politicalcustard @lens17 If you’re open to advice or ideas, I highly recommend setting up a VPN in your router. That makes sure all devices in your home are protected at all times, and avoid the matrix protocol for all purposes, as it’s by Amdocs under the guise of New Vector and The Element Foundation.
That’s a good idea about the VPN on the router but it’s just my computer and phone that connect to the internet and I maintain a non-“smart” home. It would be nice for guests though. That’s interesting about Matrix, I didn’t know about that. Sadly, for the moment it will be something I have to live with; I’m in a few groups that use Matrix, but it’s good to know though, thanks.
It’s a more complex setup to have vpn active on your router though. It’s not noob proof, because you’ll get blocked from websites like Netflix. I have an openwrt based router that allows be to use device based vpn policies, which is more efficient and effective
Nextcloud all the way. I especially love the calendar, contacts and notes integrations besides the file sync, and it’s extensibility in general. Such a powerful tool.
I love my Nextcloud instance, too. Zero problems in the past 4 years. I don’t run many extensions on it, though. The mobile app works great as well.
Trillium plus its sync server in a VM is my goto for notes. Mobile isn’t a problem (I usually drops everything into my notes app, then expand on it when I’m in front of a full keyboard at home).
Not sure how I could get through my day without either of these two.
Have you gotten any recipe integrations to work with nextcloud? Can’t find a satisfactory apk to enter and edit recipes correctly, kinda turning me off to the entire nextcloud thing.
I just use a bunch of markdown files for that. Guess you could also use Notes and its category feature.