Jun 25, 2022Β·edited Jun 25, 2022Liked by Nuno

- Whenever practical, devices should just be kept offline (e.g. fridge).

- Using a self-hosted mail server can significantly reduce anonymity (all emails are tied to a single domain).

- All files stored in the cloud should be encrypted offline by third-party software before uploading. Yes, this even applies to Proton Drive and MEGA.

- Telegram is NOT PRIVATE and probably a WORSE choice than WhatsApp. Signal, Session, Matrix, XMPP, Briar, and a few more are all good choices, Signal being the easiest to adopt.

- Encrypted DNS offers zero privacy benefit. The domains you access are leaked in plain text to your ISP via SNI.

- Using a VPN as a blanket recommendation is very questionable; see the excellent guidance on Privacy Guides instead: https://www.privacyguides.org/vpn/

- The PinePhone and other Linux phones in their current state are significantly less secure than Android (and probably iOS too). GrapheneOS and DivestOS are much better recommendations to maximize privacy, security, and usability.

Expand full comment