Privacy Nowadays

Ramp up the effort

Now that you're serious about it, add these changes to enhance your security.

Get Better Messaging Apps

Folks recommend a number of messaging apps to replace text messages for your private conversations. Signal, WhatsApp, XMPP clients using private XMPP servers.

XMPP is great but that's not going to get your friends and family to use it.

To help you choose Signal over WhatsApp I'll just include contrasting quotes from Meredith Whittaker and Mark Zuckerberg when it comes to AI adoption.

I think in the future, if you don’t have glasses that have AI, or some way to interact with AI, I think you’re kind of similarly probably be at a pretty significant cognitive disadvantage compared to other people.

-Mark Zuckerberg

vs

There’s a profound issue with security and privacy that is haunting this hype around agents, and that is ultimately threatening to break the blood-brain barrier between the application layer and the OS layer by conjoining all of these separate services.

-Meredith Whittaker

Combine that general vibe with Meta moving into monetizing messaging, adding realtime services such as translation that require sending your message to their cloud servers, and the general authoritarian-friendly stance Meta has nowadays, the choice is easy.

Also, A Simple WhatsApp Security Flaw Exposed 3.5 Billion Phone Numbers.

Good

Signal.

Good, but adoption may be harder

Conversations on Android. Conversations is also available on f-droid for what it's worth.

Users also need to choose which XMPP server to use. That's why adoption may be harder than Signal.

Of course there are XMPP clients other than Conversations. Your iPhone family could use one of those XMPP iOS Clients.

Or you could use Signal.

Avoid

SMS regardless of RCS, WhatsApp, Discord, any social media app direct messages including Bluesky, X, Facebook, Patreon.

Matrix seems like it could be a good option but the early adopters have given the ecosystem a bad rep.

Get a good VPN

VPN choice is very subjective depending on where you're at and who's in your business.

It's also important to note what security researcher Marcus Hutchins has to say about apps running in the background revealing your identity regardless of your current IP address. Use an app like SuperFreezZ to close all other apps.

Good

Mullvad

or depending on your location, another No logs, Diskless, No analytics provider from Techlore's VPN comparison list.

Avoid

  • VPNs advertised on YouTube
  • VPNs you find in search on the Google Play or Apple App stores
  • VPNs integrated into a browser
  • VPNs that came with a sketchy off-brand device

Get A Better Email Account

There are two main aspects of email.

  • You don't want the provider going through your messages in bulk after the fact.
  • You don't want advertisers to tie accounts and identities together by them using the same email address.

First, get your email out of big tech. GMail, Hotmail, Yahoo, whatever your ISP gave you, they're all really bad for privacy. Imagine your google account is locked tomorrow. How difficult would it be to recover your other accounts?

Second, multiple emails will make it more difficult for data brokers to get in your business and link activity together. More on purchases later but email is the first step.

Good

Tuta Mail or Proton Mail.

Tuta's base email is free but adding your own domain and having unlimited email addresses coming into that domain is very cost effective. They also have 30 email addresses at their domains included in that base plan if you don't want to venture into using your own domain name.

Think about it. Keep the account name that you use to sign in secret and hand out other addresses that you only use for specific purposes. They can all come to the same mailbox and sort into folders.

Another nice thing about Tuta (and Proton works similarly) is that emails sent to other Tuta Mail users are end to end encrypted by default.

Avoid

  • Running your own server. You have no idea how much of a headache email is due to spam, phishing, and everything used to combat it.
  • Big tech accounts like GMail.
  • Just using an mx forwarder to send mail to your big tech account.

VOIP phone number

You may be familiar with these. Google Voice, Zoom Business Phone, GoDaddy Business Phone, Using Skype/Teams to call a phone number. It's voice calls and text messages on the regular telephone system using an app or your web browser. Some even support faxes in case you need to get in touch with the 1990s to cancel your subscription.

I wouldn't recommend using Google, Zoom, GoDaddy, etc since they're big tech but there are good options with a bit less gloss.

Good

VOIP.ms or CallCentric.

Imagine a phone number being 85 cents a month and then paying 1 cent per minute for the tiny number of calls you make. Less than a cent per SMS you receive for 2FA codes from the places that refuse to support authenticator apps.

Imagine having a phone number specifically for pet collars that goes straight to voice mail.

Imagine being able to pick a phone number without 5 people standing behind you at the store while you do it.

When numbers are cheap, all sorts of options open up.

Avoid

Google Voice, Zoom Business Phone, GoDaddy Business Phone, Teams

Side note about porting out of Google Voice

Porting out of Google Voice isn't that hard. Plenty of phone providers, including regular non-VOIP cellphone providers, make it easy to pull your long-standing Google Voice number out of their system if you're trying to leave Google's web.

Unredacted Magazine did a great article on it in issue 8.

Road bumps

Some businesses refuse to accept a VOIP phone number because they think somehow it's easier to get one than it is to get a burner phone. A cheap, real phone cell plan can cover those use cases for a few dollars a month too.

Previous

Start Here

Next

Secure Platforms

All rights reserved.