I mean, exactly how invasive are default operating systems? (Like Windows, Mac, Chrome OS, Android, iOS) Do they log your keystrokes, log passwords, capture screen, upload your photos, videos, or audio? (Assuming you aren’t a target of government) Is it even possible for the average person who doesn’t feel comfortable messing with installing operating systems to have any privacy?
Privacy is not binary. There are degrees of privacy that can be achieved. Where you would like to be is totally based on your personal situation. If you are a beginner, understand that privacy is a journey.
Regarding which OSes you could use for your computer if Linux is not an option:
Windows in my experience is the worst offender when it comes to telemetry. It is so ingrained in the OS that you’ll never be certain there isn’t any telemetry regardless of the measures you take. MacOS on the other hand can be configured in such of way that Apple will have very little if any telemetry on you. It also has good permission controls which would cover things like screen capture and logging of keystrokes which you mentioned above. You could do the following:
- Purchase a Macbook
- Opt out of using an Apple Account (as of today it’s optional)
- Opt out of using iCloud
- Opt out of any telemetry
- Turn on built-in firewall
- Turn on disk encryption
- Install Lulu or Little Snitch to block any Apple telemetry
This alone will probably put you in a better position than 99% of people (not an actual statistic).
I’m not a Mac guy, but I get the sense that using a Mac without engaging in any of Apple’s ecosystem would result in a very degraded experience
It might be degraded comparing to default experience but it’s not like you are missing something that you have on other OS. I mean, you can’t iMessage on Linux, right?
No you can’t but you can also have a Linux box for significantly less than apple. Guess that’s the price of ease of access though.
Honestly it doesnt make the experience much worse in my experience
Agreed. I was using Apple products for more than a decade before switching to Linux and Android, and I opted out of several of their products long before I started considering the privacy aspects of things. For example, I found the experience of using something like iPhoto to be very lackluster. I reluctantly ended up using iCloud due to the superior pricing compared to Dropbox, which I used before. That was a particular nightmare when migrating away from the Apple “ecosystem”.
I’m sure their products cater to many users preferences, but I’m not one of those, and had a better experience using other products. That should’ve made me jump ship way earlier than I did, but a combination of cost (by the time I would’ve changed, I had already purchased a new MacBook which I ended up using for about 6 years) and inertia.
I use my Macbook exactly like the points cited before, and i can assure that i’ve had a very good experience. Maybe it’s even better to avoid using AppStore etc…
You have some margin to work with. Of course it’s not going to be as effective than switching OS but you can use privacy focused firewall. For example Portmaster on windows or tracker control on Android.
These firewall will try to block as much telemetry as possible.
You should also be cautious about what you install on your system, opensource app usually have a better track record regarding privacy.
Thank you, I never knew about TrackerControl. I noticed it’s available in FDroid.
Default OSs are very invasive. Windows, Mac and iOS are constantly spying on everything you do and stock Android is only as private as the apps it comes with which include things like Google Play Services - an app so baked into the system it can only be disabled through adb/root
If you want to read into this - Louis Rossmann made a video on this and this is the paper he mentioned.
possible for the average person who doesn’t feel comfortable messing with installing operating systems to have any privacy?
Yes, depends on how far you are willing to take it.
Replace default apps with FOSS (F-droid)
Delete or disable defaut apps through developer options/adb
Limit the number of permissions you give to apps (your calculator shouldn’t have access to internet or your camera)
Don’t install apps that you don’t trust/need
Block app’s access to the internet with a firewall
Check out r/degoogle on Reddit for many useful resources
For Windows/iOS, etc.: change settings to be more private: give less permissions and turn off telemetry wherever possible.
If you think that’s not enough, consider dual booting a Linux distro like Linux Mint Cinnamon (easy to set up and very beginer-friendly). If you do that you can learn Linux and keep your private data there instead of on Windows/iOS
Here is an alternative Piped link(s): https://piped.video/watch?v=CE0EB5bXj14
Piped is a privacy-respecting open-source alternative frontend to YouTube.
I’m open-source, check me out at GitHub.
Mac is less intrusive than Windows. Windows 10 is a whole lot less intrusive than Windows 11. You can lock Windows 10 down even more if you use Shut Up 10. It’s an amazing piece of freeware. Just be aware that Windows will reset a lot of your options after major updates.
Duck Duck Go is more secure than any other search engine and browser. Firefox is next in the list if you’re not on a Mac. Get uBlock Origin and NextDNS.io.
Don’t give your real information to companies when possible. Don’t browse the web logged into Google, Facebook, Reddit, TikTok, etc.
I would say there’s an argument to be made against duckduckgo with how they’re not open source, and the whole allowing Microsoft trackers deal, but it is definitely a better option than google or bing. I don’t understand why you’re mentioning their browser however, as there are definitely much better alternatives.
Their browser runs in permanent privacy mode and blocks all tracking scripts and cookies by default. You can configure Firefox to act the same way, and it’s a better browser overall, but I figured that anyone who knows how to do that wouldn’t be asking the question, so recommending DDG browser is an easy solution. Plus it has a cool window burn animation!
Fair enough, and the window burn animation is definitely nice.
There’s a Burn My Windows plugin for Debian if you’re on Linux that lets you apply that, and many other animations, to all of your windows. You can get it working on Arch too if you’re into that sort of thing. It’s probably my favorite part of my Linux computers, which is silly considering all of the other benefits, but I love it. LOL
Yeah that sounds quite nice, I’ll look into it.
You can buy computers and phones with those OSes preinstalled, so it’s not necessarily “custom”. Otherwise, no.
Linux is not like a custom ROM, it’s just an OS like any other (but many distros do respect your privacy). But yeah, custom Roms are the only way to have privacy on phones other than just using dumb phones. Support open source projects and manufacturers that make devices that use open source software!
No
I think you mean yes (you do just not have any privacy at all)
Damn Engrish! 😉
You’ll be a lot less private, but it’s not black and white.
Privacy is not a black & white thing. Every step you take matters. And being entirely private without digital footprint is impossible unless you isolate yourself from the internet entirely.
To answer your question. Yes, they spy on you. To what degree depends on the OS and your settings. But they always cost you some privacy.
But it’s never useless to take other steps just because you don’t want to or can’t switch OS. Because you’ll still give them less data if you do. They might still have info on you. But the less, the better.
Taking easier steps like switching mail provider and other services you use to privacy-minded ones are a good and easy start anyone can do. Replacing apps/programs on your system with FOSS or privacy-minded ones is another good one.
Even the biggest noob can make a Proton account and use it instead of Gmail/Outlook. Use 1Password instead of your device/browser’s password manager. Use LibreOffice instead of MS Office. Check F-droid for apps before Google Play (and perhaps even use Aurora when you do need it). Use FireFox instead of Edge or Chrome. Install a FOSS keyboard on your phone. Get rid of Social Media. Use Signal instead of WhatsApp. Those are just some example of easy my-grandpa-can-do-this level of difficulty options that already greatly improve your privacy (in fact, after I installed it for him, my grandpa does many of these!). Is it as private as an extremely hardened custom device by a security expert? Nah, but it’s definitly much beter than a default device full of big-tech apps. Even if you just do 1 of them!
Since every step counts, I think we should apploud people for caring and starting to take steps instead of deminish them for not going in to the max. Changes like this are slow, especially with a big mass of people. The more people show they care, the more privacy-minded alternatives grow and show up and the more normal it becomes to care about privacy.
For computers, you dont have to switch to linux, I’m currently using ReviOS (a custom version of windows) but I might try AME 10 later. But sure, it’s still messing with installing operating system since it needs a clean windows install, alternatively you can use software like O&O Shutup10 but I noticed that some options doesn’t exist in Windows 11 as compared to Windows 10, I’ve also tried winutil but it caused task manager to close really slowly for me
You can definitely harden operating systems like Windows and Android to be better for privacy and security. I’ve used some of Techlore’s videos to make my Windows system a bit more secure and private, and he’s made one for Android and other OSes too. Of course, this isn’t perfect, but it’s something if you don’t want to install a different OS, it’s better than nothing.
This is a highly loaded question.
You are making a number of very poor assumptions based on a number of ridiculous misconceptions.
The average, everyday, human adult is fully capable of understanding their own personal “threat landscape”. How they deal with that will vary.
For most; if not all, average consumers; their concerns are still very limited. They’re not so much concerned with the provenance, the history, of companies…they just want to duck for the oncoming threats in their landscape. These metaphorical tree branches are what they’re ducking under. They have no logical need to fear the entire tree.
Personally, I choose not to live like Stallman, nor do I have fears of big state repercussions like Snowden does. Neither does your average consumer. Functionality is the top priority. Functionality on-par with the CSSC (Closed-Source Software, Corporate) competitor is critical. If the FLOSS (Free/Libre Open Source Software) version can do exactly what people typically want and expect it to do AND cost less monetarily AND can impact their privacy way less than using the CSSC competitor would, then it will be adopted by many and loved by all who use it.
This isn’t to say that privacy does not matter.
It simply means that privacy is a spectrum; and everyone has varying privacy wants and needs. For some reason, a large potion of the “tech-savvy” people in the FLOSS community feel the need to measure their superiority in “How private their systems are.” The average user does not give a damn about that dick measuring contest; and really would rather not be bothered. They just want the amount of privacy that is right for them, and their specific situation.
It is best to put your ego aside when discussing privacy, or helping someone else to discover and improve their own privacy.
I’m not as worried by data logged by the os as such, but don’t want it sold to third party ad networks.
I use both macOS and Windows daily for combined work/personal stuff so hard to avoid. I trust Apples use of my data a little more than I trust Microsoft.
All my devices are always behind a VPN and always behind a DNS filter that blocks most vendor tracking from Apple, Microsoft etc. You have to allow a fair bit through for some functionality to work though.
It depends on what you consider spying. The vast majority of devices want some form of push notification capability, which requires being connected to Microsoft/Google/Apple servers, and thus the company knows your IP address. But doing pretty much anything on the internet and you expose your IP address.
If what you mean by spying you think it is looking at what app/program you are doing, recording your keystrokes, recording what your camera sees, the vast majority of devices don’t do any of this. Those are done on hacked laptops and school laptop admins that are either creepy and unchecked or overly intrusive.
Somewhere between these two extremes you would say it crosses the boundary into spying. You don’t need a custom OS to stop it unless you your threshold is all the way to the push notification level.
true all the way down to the silicon really. Unless you are prepared to do you own lithography you are on an untrusted platform.
Of course this is true, but moving to a privacy respecting OS, like linux or buying a phone w a custom ROM installed goes a long, long way to improving the situation.
One easy way to start is not by doing it all at once. Start by avoiding the Playstore and using fdroid instead. On your main OS replace proprietary software with foss alternatives. Once you get comfortable with that, THEN you can make the next steps. It doesn’t have to happen overnight, but you’ll be heading in the right direction:)
you are simply moving your trust base and saying that chip and board makers are more trustworthy. Unless you have the resources to validate the code you are running you are in the same boat in OSS, your trust is now in that FOSS community.
its necessity of course.
Sure, but I’ll say that FLOSS distros and builds have a much better privacy trust record than the alternatives - though I also have to say that at least I haven’t seen the news articles about Apple or Microsoft that you do about Google, Facebook et al. Some of this is literally around business models - Microsoft and Apple aren’t ad-tech companies really. They have obvious revenue streams that do not need to invade your privacy, and may actually hurt their business if they do. Not that I trust big corps to actually make sound business decisions though, and any cloud stuff is right out the window WRT privacy from governments.
I’m also left personally in a really weird situation - I don’t especially like or trust Google, but I use Android. There are several competing interests here - While Google may spy on me, Android (so far anyway) does allow FDroid and third party apps like AdGuard much easier than iPhone from what I understand. So at least for quite a while I was trading OS level telemetry vs every app and website telemetry. I think Apple might be better now, but I still think you have to jailbreak to install non App Store apps. In the third party apps are things like Syncthing, which lets me basically back up and sync my phone contents without touching any cloud at all.
The other benefit of Android is just the huge variety of vendors and phones available - I can get a brand new Android phone that’s “good enough” for $300, and my current one has lasted over 4 years (but at the cost of security updates, so YMMV). I’d love to get a phone I had root on, but most of those cost a stupid amount (to me) and also seem like the fun I had with the Pyra - they’re “in development” for 5 years with no real sign anything is actually going to come out, and then when one does it’s 5 years old tech.
It’s also not particularly useful to have Android without the play store. I tried that once a long time ago with a chinese tablet. You couldn’t install apps really. Like, yes, I can get FDroid - but how do I get my online bank’s app? - kind of needed to deposit checks, and they no longer have the scanner from a computer option. How do I get ParkMobile - now used instead of putting coins in the meter? Most shopping apps? Yes, you can make your smartphone de-googled, and about as useful as a feature phone from 2010, but then why bother - just get the cheapest flipphone I guess.
I don’t have answers - most companies don’t want to make privacy respecting tech, so unless you can realistically live your life mostly outside of current society - you’re sort of screwed.
100% you make your own choices and the tools available offer various levels of true privacy. I do tend to agree that if you carefully select your hardware then roll a project you trust onto your system you are likely 1000x better than any off-the-shelf big-brother setup.
There is no easy answer to 100% verifiable and trustable secure systems at this state in the industry. Though I expect that to change over time, even lithography is starting to become a workshed hobby.