I will use GitLab when I decide to publish some of my work.

I’ve used GitLab for my own stuff (such as it is…) too, but I’ve heard that lately it’s fallen out of favor and… Codeberg, I think…? is the new hotness.

Also, the gold standard is probably a self-hosted Gitea.

Thanks for the post!

Here’s some of the things I do:

• browser - Firefox w/ uBlock Origin and container tabs; I’m not worried about my ISP since it only operates in my city, so it’s unlikely they’re selling my data
• desktop/laptop - OpenSUSE Tumbleweed w/ full disk encryption, basic firewall, etc
• mobile - currently Motorola Android, will be getting a Pixel soonish to get GrapheneOS
• messenger - rarely use, but when I do, it’s just SMS w/ my wife and family; work is Slack/Teams; I’d like a replacement, but it’s hard getting people to switch
• online accounts - Bitwarden; will be self-hosting the data soon
• video streaming - NewPipe on Android, YouTube and Twitch with ad blocking on desktop
• music - mostly FM radio in my car, YouTube with ad blocking occasionally at work
• AI - hard no
• social media - lemmy
• email - Gmail (gasp!); switching to ProtonMail on my own domain soon (have an account, just haven’t gotten my contacts switched over
• shopping - occasionally Amazon (no Prime) and Newegg, mostly at Costco and the local grocery; mostly on credit card because dealing with change sucks
• TV shows - Netflix and Disney+ subscription; been using DVDs and digital backups more recently
• gaming - Steam and Heroic (for GOG and EGS)
• programming - neovim for Python, JavaScript, and Rust, VSCode at work for Typescript (our codebase is a massive mess); been using Gitlab mostly for personal stuff, on-prem Github at work
• misc - I use an Enterprise router, and have played with putting a subnet on a VPN (soon) and DMZ; I use a lot of Google Sheets, so need an alternative

So I still have a ways to go. Current priorities:

• eliminate Gmail - mostly just need to ask my family to use my new email, and set up some forwarding rules
• alternative to Google Sheets - probably LibreOffice Online with NextCloud or something; it’s going to be tricky because I use it for stock quotes (GOOGLEFINANCE() rocks) and transaction tracking (Tiller integration)
• home automation - I want an Alexa alternative for playing music; my kids have been asking a lot, and it seems willow might be good enough; if I can get that working, I’ll try automating other things too

I also want to play with mobile Linux, so I might pick up a Pinephone to mess around with. It’s not quite ready to replace Android for me, but maybe I can help get it there.

Very nice read, I look forward to posts with detailed explanations of realistic privacy setups!

With that said, here we go:

1. TOR has been compromised. It likely doesn’t matter if you’re not doing anything that nations would be interested in, but something to keep in mind.
2. True nerds/privacy hobbyists always have multiple browsers for different use-cases. Bravo! I need to take a look at Mullvad myself, I really don’t like Brave anymore.
3. Do you host your SearXNG instance? It should not be very hard to do on the cloud.
4. Which DNS resolver? I’m assuming this is upstream to your Adguard setup, which means the latter acts as the recursive resolver in your setup, if I understand correctly.
5. Didn’t hear about SecureBlue before this, good distro in theory. Thanks.
6. Ever thought of getting a 10-year old Thinkpad yet to get rid of that pesky BIOS? \s
7. Do you have DoT and DNSSEC set up for your “private” DNS? Also, is this something like Quad9?
8. With the combination of flight mode and a Faraday bag along with not having a SIM, I’m assuming that people don’t reach you using traditional means (calling). How do you stay in contact with others?
9. Define “locking down” of public accounts.
10. I have been thinking of AI for a bit, and you can get a P40 with 24GB VRAM for about $100-$150 on Ebay. Put that in an old computer and fight with licensing for a bit (Craft Computing has a good video on getting VFIO working on Nvidia cards by tricking the software) and you’ll have a great setup for AI.
11. I’d stop with the subscriptions and start sailing the high seas, personally, but I understand if the sentiment does not sit well with people here. Piracy simply gives you more control and privacy. Look at LocalMonero to try and get monero without leaving a trace (directly converting fiat to XMR and exchanging for gift cards online after churning).
12. You must be using an old TV, but if you really need to purchase a new TV at some point (and it’s very likely to be “smart”), you can simply disconnect the WiFi antenna from the back of the device. If you’re really good at embedded systems, you could find the flash chip that holds the BIOS/OS of the TV and remove it (and edit the boot sequence) or flash it with something else. This is true for everyone who has a smart TV.
13. Holy shit this guy programs games to play them what a chad.
14. Please switch to Codeberg, Gitlab is annoying.
15. How do you coordinate local time with other people if your clocks are set to UTC?

That was a lot. Thanks for reading!

“My BIOS is password locked but proprietary (due to compatibility issues).”

“I use full disk encryption, multiple disks, and a second layer of encryption for specific important files (NSA style)”

I recommend switching to Libreboot, I’ve recently helped add support for the Dell Optiplex 9020 MT, and will soon add support for the Dell Precision T1700 MT. Libreboot allows for full disk encryption, including the automatically encrypting the /boot partition during installation of an OS. I use RAID 0 with 3 disks (LUKS and LVM) on my desktop, with my /boot unencrypted stored on a SD card so I can easily toss it whenever.

For gaming, I’ve had success using Proxmox to play games like GTA V and Rainbow Six Siege through a VM, even passing through NVIDIA drivers (though I plan to switch to AMD). Although, currently the Haswell boards (9020MT and T1700MT) can’t use IOMMU correctly so I recommend using the T1650 for passing through your GPU to a VM. Beware though, the T1650 board can’t be freed entirely in the BIOS I believe.

Also, updating your CPU microcode can help avoid potential performance issues. If you’re concerned about security, consider GPG signing your kernel with Libreboot GRUB for an additional layer of verification at boot.

If you’re reading this and on ios, go do the safety check.

It whips ass and makes a lot of stuff easier to understand.

deleted by creator

deleted by creator

Check out Yattee on the App Store for a YouTube front end utilizing Invidious and Newpipe instances. Can even self host those if you want

Tip, FreeTube is fine, but as you say, certain difficults with some Videos. Because of this, I have specified SMplayer (MPlayer engine) as an external player in FreeTube, this way, if a video does not work in FreeTube, just click on the small rectangle at the bottom left of the thumbnail, so that the Video opens in SMplayer, which practically works always.

If you visit YouTube directly, there is a simple trick to convert the Video into embedded, that is, the video is opened as such in a tab, without going through the YT page. This also avoids a lot of trackers and ads, as well as unnecessary loads (thumbnails, comments, suggestions and other crap).

Simply edit the URL

https://www.youtube.com/watch?v=xxxxxxxx

to

https://www.youtube.com/embed/xxxxxxxx

Removed by mod