As a hangover from my PhD, doing things that aren’t work often feel like procrastination. I had a really lovely morning (not working, because it’s Saturday!) and had to stop for a moment to remember that I wasn’t procrastinating, I was just doing something nice that happened to not be work.
And what a nice day for it.
I’ve been growing some plants on my little balcony to brighten to place up – with the secret ulterior motive to attract bees and butterflies, muhaha! This weekend I’d finally remember to get some compost, so I could plant some of the seeds I’ve had waiting around for a week or two.
Planting seeds, seeing things grow, and watching the flowers open up are all really good for my mental health. I had a wonderful morning planting:
- Mixed Bee Seeds,
- Mixed Butterfly Seeds, and
The newly planted seeds join the more established plants on my balcony and I look forward to seeing them grow, while I sit at my desk.
But, since the morning had been relaxing…a little too relaxing, I decided that the afternoon would be productive in a different way…
(Now that I’ve lured you in with the gardening, here’s the tech)
I’ve started a little quest to try and improve my privacy online (not such a relaxing task).
(Also, note that this is just my choices of online privacy and security. I’m not saying these are the best options.)
I remember the reason I finally switched my Web browser from Firefox to Google Chrome; it was tabbed browsing. I think this was over 10 years ago and I was less bothered about my online privacy. I made a conscious choice of a feature that I wanted, which Google Chrome provides. Firefox quickly caught up; but I never went back, despite the pull of its library of extensions (which Google Chrome quickly developed too).
I don’t remember looking into it at the time, but I think there was less connected to Google at that time.
But I’ve become concerned about the data being leaked about me while I’m online. It’s almost impossible to completely prevent leaving a trail of data, but since most of my data is stored by Google just moving away from some of their services will help.
As with my move from Firefox to Google Chrome, the pull to stay with Google is with a feature that I like: synchronisation between computers. The problem is, this is also how so much personal data funnels into their servers.
So, I’m on the hunt for alternatives that are free and allow me to synchronise things between devices (some Linux computers and an Android phone).
Some of these suggestions came from a fantastic article from Restore Privacy.
Since my use of Google’s services has grown out of using Google Chrome, I thought it was a good place to begin.
I’ve been playing around with Firefox and Brave for a while now. Tor is also highly recommended by Web security articles, but it just too slow for me to consider for every day use. That being said, I do keep a copy of installed.
Brave seems to the best choice for combining usability and privacy. I was very impressed with it when I opened it up. It loads pages quickly, it is pleasing to look at, and it has an easy to customise set of security and privacy settings (its ‘Shield’ button). Another feature that I found amazing is the ability to open proper Tor tabs within the browser window, along side all the other tabs – fantastic! The main issue for me is the lack of extensions. Brave comes with a few, but to maintain its stance on secure and private browsing, it doesn’t allow very many. Since I make heavy use of extensions/plugins for research (such as unpaywall and Kopernio ) this made Brave a less attractive option for day-to-day use.
The other option I considered was Firefox, which is what I picked in the end. Yes Reader, I went crawling back to the browser I had deserted years ago. Thankfully, it welcomed me back with open
arms paws. At the recommendation of the aforementioned article I went through their very helpful guide to securing Firefox more than it is by default.
which I’m using to gently check if any of the setting and extensions actually make any difference.
Firefox has a large library of other extensions, including unpaywall,Kopernio, and various security/privacy extensions. Plus, it has its own synchronisation feature. Obviously that means the data is stored with Firefox, but I think I trust them more than I trust Google now.
Finally, within Firefox, I’ve moved to using the Last Pass password manager, which stores passwords in an encrypted ‘vault’ that you can access with a master password. I’ve been reusing passwords for a while now (which is bad, yes I know) but found the idea of resetting so many passwords quite daunting. Most password managers (including both the ones I’ve tried: Last Pass and Bit Warden ) give you the option of generating very long random passwords, so I’m going to use that to secure some of the online accounts with a better password, stored in the password manager, which is then usable from the browser extension.
I’m already familiar with Firefox, so the transfer hasn’t been too tricky; we’ll see how things go with the password manager.
Oddly, I found that using Google as a search engine (which is what I remember them being when I first started using their services) was the easiest for me to replace.
I have been using DuckDuckGo for a while now, both on my computers and on my phone. It’s summarised rather nicely in the Restore Privacy article as “a great privacy-friendly Google alternative that doesn’t utilize tracking or targeted ads. They also have a zero-sharing policy with other features, but they do record search terms.”
Searx also looks interesting. It’s “a”n open source metasearch engine that gathers results from other search engines while also respecting user privacy. One unique aspect with Searx is that you can run your own instance” (Private Search Engines ) which appeals to be, but seems like too much faff for now. So I’m going with DuckDuckGo as my default.
This one is tricky; I’ve grown to really like using Google maps. Recently it has become more and more annoying, as it crowds my screen with recommendations of places to eat or drink or visit, when all I want to do is see if I’m going the right way or when the next bus is.
With a quick look, there are various websites and apps based on data from Open Street Map. I’ve gone for OsmAnd as my replacement here. It looks nice, the maps are detailed enough, and it lets me store maps on my phone for offline use. I’m not sure it’ll have access to all the information the Google maps does (that’s the upside of the reach of Google’s tendrils I suppose, a mapping app that also lets me check public transport times) but I’ll trial it for a while and see how it compares. This one might be a while before I know if OsmAnd balances privacy and function well enough for me.
Another tough thing to move around on. The instant massager you use, like your choice of social media, is usually dictated by your your friend’s choice (or the choice of the people you want to talk to, anyway).
I’ve been using WhatsApp for about a year now. Even though it’s owned by (evil) Facebook, I like the way the app works and the end-to-end encryption is the same as is used by the more secure Signal app. I’ve downloaded Signal and it’s waiting for me to try out, but I don’t know anyone else who uses it – which is a bit of a problem for a messaging app.
The other privacy app I came across while doing this was Silence, which encrypts SMS (text) messages on your phone. If the person you’re texting also has the app, it encrypts the text in transit, as well as on both the sender and receiver’s phone. This sound great, despite me not knowing anyone who has the app, because it still provides me with some encryption for the messages on my phone.
Yes, I still sometimes send texts, shh.
Here it is, the biggy. Email is a very important means of day-to-day communication, and the linchpin of a Google account. When I got my first Android phone (a lovely HTC Desire HD) I signed up for a Gmail account so that I could use the Google Play store. It happened to give me access to some other Google services. Now, you sign up for a Google account, which includes email.
Honestly, I don’t think I’ll be moving away from my gmail account, not entirely, not yet. But I do want a secure, private, usable alternative for certain things. Back to the Restore Privacy…
And after some perusing, I’ve signed up for a (free, for now) account with Tutanota. Based in Germany, and with a named formed of the Latin words for ‘Secure’ and ‘Message’, Tutanota give me 1GB of storage for emails, a nifty Web client, and the option to send end-to-end encrypted emails or not. The end-to-end encryption looks like it works best if the recipient also has a Tutanota email account; if they don’t then they get an auto-generated email giving them a link to a page that asks them to provide a password (which is specified by the sender) to access the email. Even if you send an unencrypted email, your version (the version on Tutanota’s servers) stays encrypted – which is nice.
As I said, I’ll be keeping my Gmail account for now. But I think this new account will be useful for things I want to keep more private and secure.