This follows on nicely from my previous entry, and I feel that detailing my setup is worthy of its own post. By trying times I obviously mean the global effort to ramp up mass surveillance and lock down the internet and the devices we use to access it.
For years I have gone down privacy rabbit holes with my digital life, generally stemming from a feeling of disgust at the knowledge of the level of data being harvested, simply from using a device I own on the internet. Other than this though it has been without a true cause and clear reason for doing so. Eventually I’d often feel like I was doing it for no reason and revert back to standard usage.
This time however, things are different. The reason for trying to preserve my privacy and anonymity online is now crystal clear. Even if the motives of the powers pushing these agendas are more murky, it’s abundantly clear that these attempts should be resisted.
Anyway, I wanted to share my setup with anyone interested. Quite a lot of work went into getting where I am now so I’ll break this down into sections. Any questions or recommendations for me feel free to leave a message:
Background work
I made the decision to move away from anything that required an app and had no web based alternative. Apps collect data and increase reliance on having a “compliant” smartphone. This involved changing banks (twice!), changing my mobile phone provider, avoiding certain utility providers and accepting that there are some things that just aren’t going to be accessible for me.
I bought a domain for myself and host my emails with an independent provider. In my eyes there’s no point doing all this work just for [insert big tech co here] to get all the information I’m trying to protect by scanning my inbox.
I devised a robust, offline system to back up my valuable data, it’s nothing complicated just a series of hard drives in a couple of different locations. However this allows me to keep backups of my data (photos, documents etc) without relying on a cloud provider.
I began using an open source, independent password manager. No password is recycled, and I can access this via the web if I ever need to.
My phone
Currently I’m using a Moto G55 which is a bit of a unicorn in my opinion. It has an unlockable bootloader, a headphone jack AND a micro SD card slot! I bought it used for around £100. I have the bootloader unlocked, the device rooted and heavily debloated. I run a root firewall (AFwall+, available on F-Droid) and do encrypted app data backups to my SD card (Neo Backup, also on F-Droid) which I periodically copy over to my Hard drives. The phone is not signed into a Google account and I have very minimal apps on my phone aside from Signal, Magic Earth (google maps alternative) and a web browser.
I don’t use the camera on my phone, I use a digital camera which I backup to my hard drives. I keep a local calendar using Fossify calendar (F-Droid again!) which I backup regularly. I have a local copy of all my music and use a local music player. My contacts are also local only and I keep a backup of those. I don’t have emails on my phone, I don’t feel the need to check them frequently and periodically check them on my desktop.
I disable radios when not in use; GPS, bluetooth, NFC, Wi-FI. If I’m not using them they’re switched off. Same with microphone access and camera access. I have everything in my quick settings so it’s a minimal inconvenience to re-enable them when needed. If I’m out shopping my phone will be on airplane mode or better yet left in the car. The data collection while in shops is well documented.
My aim with the phone is to have nothing of value on it. If it was stolen or confiscated there is essentially nothing on that device. They’d have access to my boring schedule through my calendar, the phone numbers of my family members and would be able to check out my music. I would simply cancel my SIM card and restore my small amount of data to a new device. As I have no apps on my device it would be very difficult for a thief to abuse having access to my phone number, there would be no way for them to work out who I held accounts with to try and gain access to them.
My mobile web browser of choice is Firefox Focus. On exit it wipes itself clean. This serves two purposes. Firstly it stops me relying on it too heavily. It adds friction if I have to sign into something every time (plus I don’t keep my password manager on my phone so I would have to manually type it from my PC). Secondly I leave no trace if someone were to steal or gain access to my phone. No picture could be built from my web history, and accounts that would normally be left logged in on any other browser cannot be exploited in my case.
I have a Google Pixel 10a stashed away for the future with GrapheneOS installed for if restrictions in the UK really ramp up. Knowing that device will be supported for another 7 years gives me some comfort in knowing that I have at least that long before I have to revisit my strategy. For now, the Motorola is sufficient though.
My computer
I have a number of computers, anyone in IT will know you just accumulate them. However I’ll summarise.
My main gaming PC runs Linux. (There are no PC’s running Windows in my house, the telemetry and unreliability are too much for me to tolerate outside of work.) This is the one device I am completely comfortable using. There is nothing on this machine actively trying to steal my data, it is reliable and it is powerful. Any banking or similar tasks are performed on this machine. I also game through steam and any games I have that are DRM free can be played through Lutris. Any programs that I relied on from my Windows days I’ve found have all run flawlessly through WINE.
Digital services
Aside from the annual fee for my domain name, the £0.30 a month it costs me to host this website (didn’t want anything pointing at my home IP) and my annual VPN subscription (Private Internet Access) I have no subscriptions.
That includes Netflix, Amazon prime, Spotify, game subscriptions, cloud storage. You name it, I don’t subscribe to it.
Aside from not wanting to waste money, my goal is not to become reliant on anything that I don’t have full control over. I also don’t want my data to be held hostage in the event an account is closed, banned in my country, a payment isn’t made or a service shuts down.
The VPN subscription may be in question soon though as the UK government are discussing making ID checks mandatory to use a VPN. In which case I’ll just rent a VPS in a country without restrictions and tunnel my traffic through that. To be honest it would probably work out cheaper anyway.
Physical aspects
This seems strange to be writing in a post about my digital life but I feel it’s relevant. There are no pictures of me online. If there are they’re from many many years ago and they’ll have no links to my name or any of my online usernames.
Anyone from the UK will know we have one of the highest density CCTV networks in the world. I make a conscious effort to wear a hat that covers as much of my face as possible and generally wear sunglasses when out in public. Cameras are usually overhead and sunglasses throw AI facial detection cameras off. I also have a beard where I have neither in my drivers license or passport. I shave every time my photos need renewing.
Conclusion
I have nothing to hide. If the police came to me with a warrant I would gladly hand over my devices and they would (eventually) hand them back with nothing incriminating discovered. That’s not the point. I believe privacy is a human right. I do not want my data analysed by marketers to analyse my spending patterns. I do not want authoritarian governments monitoring my innocent movements and communications. I do not want to be arrested for being incorrectly identified by an AI camera. I do not want to be wrongly associated with a criminal act because my phone was geofenced in a certain place at a certain time. I do not want my personal data stored on a server that will inevitably be hacked and sold to the highest bidder on the black market.
All I want is a simple, private and honest life for myself and my family, free from the poison that’s being forced upon us. Of course I do not want my Children being exposed to adult content, however as a tech literate person, when the time comes I will use the widely available tools to control access as a responsible parent should. The state need not interfere.
Leave a Reply