Do they require KYC?

What carriers do with our data is a black box and changes all the time. They must do whatever the government compels of them. No opensource baseband options are available. Therefore I would not trust any of them.

It is best if you can decouple the phone number you use from the provider of the SIM card.

1. Get a SIM card for data only with no KYC such as Mint Mobile or Ting for physical prepaid cards or jmp.chat or PGPP for pay as you go ESIM. Your voice and location give away your identity. So for maximum privacy, never make calls with the number associated with the SIM card nor activate cellular near your home.

2. Transfer your number to a VOIP provider such as voip.ms or jmp.chat. Of course use encrypted messaging and calling as preference whenever you can.

For years I have been paying less than $20 a month and have a few phone numbers. Governments and corporations have no idea where I am. Because my phone is anonymous, they would have a hard time deploying malware onto it if they wanted to target me. Most data goes through a VPN.

You can skip logon to just get notifications. Since Aurora store was rate limited, I started installing from GPS.

Grapheneos.org explains how the sandboxed GPS minimizes what it can collect. The highly promiscuous standard implementation of GPS has massive access to your device with limited and uncertain abilities to restrain what it can collect. All apps in Graphene are treated as hostile with fire grained firewall abilities. The sandboxed GPS from Graphene is implemented as any other app and only needs network access to deliver notification.

I created an anonymous Google account and only give it network access until the day some of the apps I need. Google only knows that someone from an IP address is getting notifications for those apps that use it. Once these apps switch to unified push or web sockets to deliver notifications, I will remove GPS.

Mixed in here are search engines and metasearch engines. Metasearch engines like DDG, Metager, and Searx are not actual search engines but rather sites that query other engines. I would rather see only actual search engines for comparison. I would like to see some non western (search engines based in non NATO aligned) countries included such as Yandex.

Data collection always happens. How does the engine know what to return if you did not send it a query(data)? Sometimes results are personalized/manipulated. Anonymity reduces impact of both.

Looks good for files, but if you want total replacement of icloud/google/ms services such as contacts, calendar, tasks, notes, and so much more, Nextcloud is best in class.

I deal with this by subscribing to very few mainstream media sources since they typically report the same thing in unison with slight variation. The slight variation makes deduplication technically difficult. I use Nextcloud News, and maybe their future LLM models could accomplish this.

Good alternatives you can self-host are Nextcloud Talk, Jitsi, BigBlueButton, Unhangout, and Matrix. Find a community instance of any of these if you don’t have the chops to host your own.

The price of freedom is eternal vigilance which in this case means staying up on and switching up your tech stack constantly. The solutions are generally straightforward, but the implementations are seemingly too difficult for most. With digital, self host everything you can and use FOSS everywhere you can. With physical, pay cash and leave as few footsteps and facial images as you can.

I recently started sending trivia questions to my friends in group chats on the old horrible comms. To get the cash rewards for winning answers, they must respond to me on the specified decentralized comms (Nextcloud, Session, XMPP, Matrix, Simplex, fediverse…). It costs me some money, but we are having fun while they learn new things.

It is great but only missing a desktop client.

When Signal is compromised or compelled, you won’t know it happened. It may have happened already.

Even if Signal might be better for those people’s current threat model, people’s habits are hard to change. Good luck getting them onto a better decentralized protocol later. Most people will not take the time to understand the importance of decentralization and think we are just making their lives difficult. I regret getting people onto Signal mainly for this reason.

The client app is FOSS other than the Google blob for notifications. The server SW is partly closed source because they say that is needed to prevent spammers.

Checkout Nextcloud calendar and appointments. If you host your own, you have full control of what apps are installed on the instance. Most Nextcloud subscription services come with calendar + appointments pre-installed. You will need a mail server or relay configured to confirm appointments with people. Easy appointments is an alternative server app you could deploy which does just appointments. Nextcloud provides a ton of other things which you might like to have as a freelancer.

It is a question of whether you really need all your traffic going through a VPN. Your app might support split tunneling. VPN browser extensions such as Proton, Mullvad, and Brave will only route that browser’s traffic through VPN. Since I am running Linux, a DNS resolver and am generally off of most corp and government servers, my need for VPN is more limited. I activate ProtonVPN extension in Librewolf browser where I open news sites. I use other browsers without VPN for safe stuff such as my own and friendly fedi sites to get full bandwidth. I use split tunneling on Android to similarly exclude safe apps from VPN for a private and efficient setup.

I have a similar 321 strategy without using someone else’s server and needing to traverse the internet. I keep my drive in the pool shed, since if my house was to blow up or get robbed, the shed would probably be fine.

It costs a few bucks more per month than services such as voip.ms, but it is simple and stable. I wasted a lot of time aligning different VOIP clients with voip.ms which I never need to do with jmp.chat. If you are novice, go with jmp.chat to spare some headaches.

You can stream but not subscribe in a few ways.

You can build a collection of music on your own server using Navidrome, Nextcloud Music, Jellyfin, or Plex (proprietary) and then stream it to devices. You can find music with Soulseek (Nicotine+), torrent, and other methods.

You can stream Spotify, Youtube, Soundcloud, Bandcamp and others without any account or advertising. Many of these tools for doing so also allow you to download the music. Newpipe, Nuclear, Spotube…