this post was submitted on 24 Nov 2023
52 points (96.4% liked)

Privacy

32165 readers
235 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

Hello everyone,

There are a few basic things in my current setup that I'm not very comfortable with. Since we're on blackfriday -> cybermonday I think it would be a nice season to make some changes [cloud - e-mail - calendar - cloud - DNS] Here's the deal:

E-mail / Calendar Strategy

  • Using tuta for more than 2 years but I still rely on my gmail address for many things; issues with Tuta:
  • troublesome to export/make backups (worse since I have many folders, would be folder by folder)
  • not a fan of not having an e-mail client on my desktop (not issue in mobile phone), also don't love the calendar

What would be ideal:

  • a nice mail provider, possibility of easy backups, possibility of using e-mail client (this one is not a hard requirement)
  • Calendar, end-to-end encrypted: a hard requirement since I store some sensitive data there. Should be easy to see on mobile (e.g.: dedicated app); for desktop it does not matter much to me I guess the calendar requirement excludes nextcloud and most providers, as well as calDav stuff and similar
  • I wouldn't mind if it would be 2 products working side by side if no alternatives are available (calendar and e-mail, but not ideal)

Backups and Cloud Storage (for redundancy)

  • I have 1 cold backup at home, another at someone else's home (both encrypted) but to be safe I'd like to also have a trustworthy cloud Cloud: -end-to-end encrypted or -> next bullet
  • compatibility with cryptomator is a big plus (though I want to avoid Apple/Google/MS/Dropbox)
  • possibility of mounting the cloud storage as drive on my computer (not hard requirement this one)
  • could be 2 products side by side (not ideal though): a storage solution for entire backup (wasabis and stuff) and a cloud solution (day to day usage)

DNS for filtering

I'd like a solution to have all traffic filtered (malware, ads) system wide on my laptop/desktop I have used adguard in the past; open to all other possibilities. I also have mullvadVPN; wouldn't using a different DNS defeat the purpose of the VPN? Or when VPN is on, the DNS is always the one of the VPN? Possibilities:

  • controlD (i have seen people vouching for it)
  • NextDNS (system settings)
  • MullvadDNS (system settings)
  • adguard desktop app

Malware / Virus / etc

I have a linux desktop and macOS laptop. My doubts are regarding macOS. I've seen so many new antivirus ads that it almost makes me think that I should have one. I have malwarebytes installed for occasional runs and CleanMyMacX (I have doubts regarding its security claims - I use more for system management)

  • Should I opt for an antivirus program? If so, which would be advised intego is showing up all the time weirdly)

This time of the year is when I can gear up, since financially I haven't been at the top.

For those that will answer, thank you so much in advance!!!!

top 28 comments
sorted by: hot top controversial new old
[–] [email protected] 19 points 1 year ago (3 children)

Proton suite. And they have a black Friday deal I think

[–] [email protected] 5 points 1 year ago (1 children)

Seconded. Subscribed to it a month ago in my mission to cut my dependence on Google products. So far I’m loving it. Calendar is a bit basic but it is encrypted.

Between the 500gb provided with the proton suite and using backblaze for backups, I’m pretty covered with data.

[–] [email protected] 2 points 1 year ago (2 children)

Thanks for the feedback! Ah for the 500GB it’s the higher plan. Already gets somewhat expensive.

Regarding backblaze for backups, it’s basically a way of dropping all the stuff and leave it there right? It’s not a cloud service (in the sense of filen and others) but for keeping data right? How are you ensuring that you have all the backups encrypted?

[–] stifle867 1 points 1 year ago (1 children)

It's more expensive when you compare any individual services vs competitors but keep in mind you get email, VPN, storage, password manager, and calendar.

[–] [email protected] 1 points 1 year ago (1 children)

That’s true! But the ultimate plan is quite a bit, at least where I live. Even though I’m in Europe, it’s a lower-than-average income country. But it’s definitely on my table. I just don’t understand one thing: the proton drive is only for the ultimate plan with 500GB? For the lower tier, there’s no access?

[–] stifle867 1 points 1 year ago

How the pricing structure works is:

  • All services have a free tier. For Drive it's only 1GB for free.
  • If you specifically want only 1 service upgraded there's a pricing tier between free and unlimited. For Drive it's 200GB for 4.99 EUR p/month
  • Proton Unlimited tier is the intended paid tier for 9.99 EUR p/month that gets you premium access to all the apps with 500GB for Drive

Discounts are available if you prepay for longer periods. If you wanted premium VPN and Drive for example you would want the Proton Unlimited (may be out of your budget). The free tier is enough to get started but you'd probably want more. If you're willing to switch VPN it would be decent value. If you're happy with the free tier, don't want to switch VPN, and need more drive storage you'd be looking at an extra 4.99 for 500GB storage.

[–] [email protected] 1 points 1 year ago (1 children)

You could actually use Backblaze for both scenarios: as a normal cloud storage where you can access stuff back n forth or for long term backups and storage.

I use Duplicacy to copy and encrypt my main folders once a week. But you can set schedules for backups as you wish. Depending on how much you’re backing up it may get a bit pricey though. I have a little under a couple terabytes backed up and pay around $6 for Backblaze. They have a client I’ve never used that might be helpful as well.

One thing I wanna look into is using Duplicacy to also back up really important documents to my proton storage.

[–] [email protected] 1 points 1 year ago (1 children)

Yes that’s exactly what I was aiming for:

  • an option for data backups that I will only access/move when managing backups or restoring data in computer (I’d need at most 300-500GB)
  • an option for repeated access for files that I’d plan to use / change weekly.

So with duplicati you’re able to send the backups to backblaze bucket in an encrypted way? What would I need to retrieve the data and unencrypt on computer if mine would break? How would you use backblaze as daily cloud? I thought it was mostly a bucket to drop stuff. Is there any way to mount it as a network drive while having everything encrypted ?

  • right now I have Filen with 100GB and it’s more than enough for me right now. However, from what I’ve read it’s not compatible with cryptomator and I cannot mount it as drive. Moreover the app is only for syncing data, which is not my aim
[–] [email protected] 1 points 1 year ago

I have some answers that might help but there’s a few pieces that I need to write out on something other than mobile. Will reply back in a day or so.

[–] [email protected] 4 points 1 year ago

Personally have this too, but would recommend against it as the support for Linux is tragic.

[–] [email protected] 1 points 1 year ago (1 children)

Yes; they have nice deals now! That would close the topic of email and calendar. Are you able to easily backup your emails?

[–] [email protected] 1 points 1 year ago

I've never looked into backing it up. I do know they make it easy to import emails from other services so maybe they'd make it easy to export to other providers too? You'd have to look into it.

[–] [email protected] 4 points 1 year ago (1 children)

Use a normal mail provider like mailbox.org, startmail, posteo, and soo many others. Privacyguides

[–] [email protected] 1 points 1 year ago (1 children)

But none of them has an E2EE calendar right?

[–] [email protected] 1 points 1 year ago (1 children)

Hmm normal caldav, I guess they could read that.

[–] [email protected] 2 points 1 year ago

Caldav would be the ideal solution if it were decently encrypted but it’s not the case… it would be nice since most calendar apps support it :/

[–] [email protected] 3 points 1 year ago* (last edited 11 months ago) (1 children)
[–] [email protected] 1 points 1 year ago* (last edited 1 year ago) (1 children)

Thank you!! Regarding cloud it could be something that can have a cryptomator container. I wouldn’t have much requirement regarding mobile app except for being able to upload backup of photos

Regarding DNS:

Right now I have it by default, so it goes through my ISP.

I use the VPN mostly when on the high seas… Having the DNS as default value wouldn’t be the same as using any other DNS address? When VPN is on, how is the dns at the netwoek settings behaving? I never quite understood this part!

PS: sorry for bad formatting. I wrote original post in computer, not on mobile the app is having formatting issues (Memmy)

[–] [email protected] 1 points 1 year ago (1 children)

Even before anything else, you should change your DNS from your ISP to one of the many third party, respected, fast resolvers. Clooudflare 1.1.1.1, Quad9 9.9.9.9, both do not log and are free. There are many others.

I use the paid $1.99 USD/mo NextDNS with malware-only blocking on my router, and malware, ads, trackers blocking on my Android devices, Linux desktop and Windows desktop.

[–] [email protected] 1 points 1 year ago

Thanks for insights!! I was unsure if changing default settings on DNS would have any effect when using VPN. So it’s ok right? I’ll go for NextDNS, which makes me clear one of the issues in the list. Thank you!!!

[–] [email protected] 3 points 1 year ago (1 children)

You don't need an antivirus. No one needs an antivirus. Common sense is good enough.

[–] [email protected] 0 points 1 year ago (1 children)

Thanks!!! Weird that without looking for any there are ads popping up everywhere is for antivirus.

So for the macOS system , if I want to do a scan once in a while (even to catch windows-targeted stuff so that I don’t get bad files in backups) what would you advise ? I go on the “high seas” occasionally for anime, books and tv series… that’s one of my worries

[–] [email protected] 3 points 1 year ago

If you REALLY need it, I've seen some people recommend ClamAV but really, I don't like the concept of antiviruses. They run with I'm assuming full access to your storage and generally bog down your system performance. IMO, the best line of defense for your system is you. Use your common sense, stray clear of the shady websites, stick to well known and safe recommendations (especially relevant since you sail the high seas) and don't run random commands from the internet.

[–] [email protected] 1 points 1 year ago (1 children)

You’re correct in that you shouldn’t mess with the DNS settings when on the vpn. Off vpn, I have had good experiences with Control D ans Aha Blitz on browsers and mobile, with the latter allowing you to actually select the granular filter lists yourself. I recently switched to Mullvad’s DoH though and it’s been good so far

[–] [email protected] 1 points 1 year ago

Ohhh. I think that’s where I’m getting confused in terms of best practice. Which one the following scenarios do you recommend?

  • leave DNS in the network settings as default and once in a while use VPN as-is
  • change DNS in network settings and onde in a while use VPN without changing anything else

I’m making a big confusion: so you mean that if I change the DNS at network settings I should revert those changes when I decide to activate VPN? Or simply leave the new DNS of the settings and not touch anything while I have VPN on?

Sorry for the trouble!!!

[–] pkill 1 points 1 year ago* (last edited 1 year ago) (1 children)

Buy yourself a VPS at a provider that accepts untraceable cryptos, like 1984.hosting and self-host

[–] [email protected] 1 points 1 year ago (1 children)

It’s on my plans to dive a bit into self hosting, but for now only inside LAN. Still reading on it. On a VPS I wouldn’t be capable of securing and doing good administration in the next few months. But definitely on my roadmap (especially since I want to move careers for something more technical)

  • would you consider 1984 above orange for instance? The only ones I’d like to avoid are the likes of godaddy stuff
[–] pkill 1 points 1 year ago

You can set up an account over Tor in case of 1984. Haven't used Orange but mainly due to bigger costs. Iirc the only time my 1984 Wireguard VPN was facing issues was when trying to edit Wikipedia, so not a big problem. Searxng was also working fine.