Page 1 of 1

Data privacy while hobbying - a guide

Posted: Wed 08-Feb-2023 10:17 am
by blueman
Cross-posted from TERB:

Thought I'd put together a short guide on some of the preventative measures I take while hobbying to keep myself protect my privacy.
Feel free to add any other points you may have - the hope is that this thread'll help save someone somewhere at some time.

First things first: Google is the enemy
When you dig into how much data Google has about you it's more than a little worrying.

If you go to http://timeline.google.com - you'll notice that you're pretty much low-jacked anytime you have your phone on you.
All your Web / YouTube Activity is also saved anytime you're signed into your phone and you use the browser.

This is the portal you can use to see the different kinds of data Google has about your account:
https://myactivity.google.com/more-activity

You can clear the data from there / disable collection -- but frankly, I don't trust Google that they're not going to change the settings / add some new settings without letting me know.

Tips for being Google-free:
  • Don't sign into Google on your phone during setup
  • Don't access any Google services from your phone (signing in one place will sign in everywhere)
  • Create a burner Google account if you need to download any applications
  • Burner phone (+ leave your civilian phone at the office or at home)
  • Use a seperate browser on your computer and take the same precations to be Google-free in that browser
It's one thing if your SO low-jacks you, they put in the work. It's another thing to low-jack yourself.
I'm guessing many hobbyists have been killed by this section :(

The web browser - security by obscurity
Use another browser for the hobby, keep the shortcuts off the desktop and apps section.
Frankly, I'll outline below how to clear your history, etc. but it's just easier if you're not intermingling the data.
Also, if someone is snoopy - they'll tend to trove through your personal browser first, which is super-suspicious when there's no history in there.

I use Brave - it's privacy-forward, built on Chromium and looks just like Chrome when I'm using it.
Again. Do not sign into Google from this browser...

Using Private Browsing / Incognito is good - but we can do better.

Clearing data on close on the desktop
Brave has a nice option for clearing browser data anytime the browser is closed.

This can be found at:
Settings > Privacy and Security > Clear Browsing Data > On Exit

From there, you can select your History / Downloads / Cookies etc. to wipe on close.
It's a little annoying to have to re-sign into everything, but I suggest clearing cookies as well which will wipe your sessions on sites like TERB.

This will clear browsing data - but you'll notice that open tabs will still open on browser re-open.
To clear these you can go to:
Get Started > On Startup > and select 'New Tab'

Clearing data on close on mobile
On mobile, I also use Brave as a browser for similar reasons to the above (I use an Android device).

It also has the ability to clear data on browser close.
You can set this by going to Brave Shields & Privacy > toggle Clear Data on Exit

The problem is when the app is considered 'Exited' on Android.
As long as something is available as a background process (in the multi-tasking drawer) Brave won't consider itself 'exited'.
If you follow this guide to limit background processes and select 'No background processes, the browser won't be kept as a multi-tasking app.

https://www.gadgetsnow.com/how-to/how-to-make-your-smartphone-run-faster-by-limiting-background-process-limit/articleshow/70557178.cms

Bonus: Notifications
I generally disable all notifications.
If you need notifications you can selectively disable them based on the application (SMS / WhatsApp / etc.).
I just find there's more room for error in case you miss something, so I disable them and manually check everything.

Also, just highly recommend using a burner you don't keep at home.

Bonus: Locking apps on mobile
I always recommend wiping your text / call log on your burner device between uses, but what if you forgot?
There's a tool called 'AppLock - Fingerprint' by SpSoft which I like because it allows you to lock your applications, but also pop up an error screen as if the app had crashed.
This is, again good for security by obscurity since it doesn't seem like you have a blocking app installed.

----


These are all good ideas at first glance, but not using Google services makes an Android phone nearly useless. Google Maps GPS won't work at all with location services disabled. At that point, you may as well use a flip /dumb phone that doesn't have the internet on it and stick with paper maps.

Here are some other fairly simple things you can do to increase your privacy/security. I don't know if iPhones / Macs have similar settings.

1. Never leave your phone unattended, even when going to the bathroom at home or work. Don't use it while on the toilet, though because that's disgusting ;) I am constantly surprised how many people leave their laptops, phone, keys, etc in public places. It only takes a second for stuff to disappear.
2. On most Android phones, a setting called Power Button instantly locks. As the name suggests, pressing the power button will instantly lock the screen.
3. Be careful with an Android feature called Smart Lock. It should be turned off by default, but it remembers places like home or work and keeps the phone unlocked for convenience.
4. There are a few different ways to deal with notifications on Android. You can disable them completely or hide their contents on the lock screen. If you choose the latter option, you will still see notifications where they all say "contents hidden" on the lock screen.
4. Setup fingerprints / Touch ID / Face ID on your phone. You should also have a strong password too.
5. Lock the screen on your PC / Mac when you walk away instead of waiting for the screensaver to kick in. You can quickly lock the screen on Windows by pressing the Windows key and L. The Windows key is between the CTRL and ALT keys and is on most PC keyboards. If you don't have a Windows key, you must buy a new keyboard. On keyboards without a Windows key, press CTRL + ALT + DEL on the keyboard and there should be an option to Lock the screen.
6. This is a bit technical, but you can also use a password manager like 1Password, LastPass, Google Authenticator, or Microsoft Authenticator. They will keep your passwords for various sites and allow access using a single master password. As always, the security of such apps will depend on how good your master password is.
7. Set up 2-factor authentication. This is where the website/app will ask you for a pin sent to your phone; You must type the pin after your password. Just about all sites, these days have 2-factor authentication. All banks should have two factors, as does the CRA.

A burner Google account doesn't really help you because it also will keep track of your search and map history. Try using an alternative email account like Proton Mail, which is encrypted.

There are lots of alternatives to Google Maps. I like MapFactor Navigator, which I use while travelling and don't have data access to. There's a free and pro version and offline capabilities where you can download a region before travelling. The only issue with the app is that it does not say street names out loud as Google does. It only says something like: in 100 meters, turn right, which isn't helpful when you're driving. You'll have to glance at the screen to know the street name. I don't think it maintains an online history like Google, but you must clear your search history manually.

A burner phone is interesting, but you have to store it somewhere. You can store it at work, but what happens if you get laid off or fired? Then you have to explain why you have an extra phone when they ship your stuff back to you.


Orginal: https://terb.cc/xenforo/threads/data-privacy-while-hobbying-a-guide.789762/

Re: Data privacy while hobbying - a guide

Posted: Tue 21-Feb-2023 1:46 pm
by wawadodo
First, I must express both gratitude & admiration, to 'BlueMan' for taking the time to share such a very helpful, well organized, & super detailed beginners guide to help us on the road to beginning to become self-accountable for our own digital sovereignty & privacy.

If you are a person who read, understands, and actually practices all the 'BlueMan' has shared in his educationally-generous post... than you can graduate to level-up towards a Privacy Smart Phone, or also known as (aka), a De-googled phone.

These are phones that are COMPLETELY disconnected from all iOS, Google-Android (so not Open Sourced Android), and Meta. With this kind of phone, you will never be able to sign into any products from the three companies I just listed.

I'm not gonna sugar-coat this, it takes a lot of self-education to understand concepts such as browser-isolation, VPN's + DNS' , corporate tracking of IMEI# & IP-address, much more. The only browser you should be using are Brave, DuckDuckGo (they use Google search algos but are still encrypted searches), StartPage.com (my fav.), Operah, and FireFox.
For VPN's, from my personal knowledge & usage, I can only recommend MullVAD, braX-VPN, and IVPN.
Use ProtonMail or Tutanota Mail for all emailing... fAck the others.

Start making a regular habit of watching/consuming the following YT channels called: Rob Braxman Tech, Techlore, and The Hated One.
I learned everything from these three guys over the last couple of years.

The biggest positive I gained/learned by switching from an iPhone to a Privacy Smart Phone was my screen time naturally reduced by like 80%.
Additionally, through an app downloader called F-Droid, I use NewPipe to replace YT. It's a spoof app downloaded from F-Droid (over Open Source Android) that works exactly like YT, except for two Major Positives... and they are no ads ever, and it plays in the background while minimized... all while never tracking/storing any of my searched videos.

If your someone who cannot live w/out Facebook, TikTok, Insta., Gmail, Linkedin or any app from iOS... then this phone is not for you.


The biggest negatives with this phone (from my experience) is I cannot send SMS' that contain photos or vid.'s even though I should be able to, I have not been able to troubleshoot the carrier issue going on with this device & the Bell network. So I use both Signal and Sessions to send messages that contain photos & vid.'s until I figure this out. Purely SMS messaging w/out pics or vid.'s is working normally.
Secondly, there's no talk-to-text capabilities which really hurt me because I always used that function. Apparently is proprietary to both Apple & Google and they literally store everything that you dictate, which why it is not on a Privacy Smart Phone.
Lastly, I still have four Gmail accounts that I still need & use. But I only check them on my home or work PC's. Never on my Privacy Smart Phone.

My cell is a De-googled phone call a braX2 privacy smart phone. I now browse & surf Confidently Private, always.



A big thank you again to @BlueMan !!!

Re: Data privacy while hobbying - a guide

Posted: Tue 21-Feb-2023 8:32 pm
by blueman
wawadodo wrote: Tue 21-Feb-2023 1:46 pm First, I must express both gratitude & admiration, to 'BlueMan' for taking the time to share such a very helpful, well organized, & super detailed beginners guide to help us on the road to beginning to become self-accountable for our own digital sovereignty & privacy.
...
Thank you, I'm glad it's been helpful, however, most is from the original authors linked in the thread - I just condensed and cleaned it up a bit.

There's definitely some good tips in there for sure, that's why I figured it was worth sharing :)