• GUI: Thunderbird
• TUI: neomutt
• Android: K-9 (soon to be Thunderbird)

• No good operating system preinstalled by default
• No headphone jack anymore

I’m barely still a Millenial. Which is kind of cool. I don’t like the “generation names” before or after that much, and I liked that I grew up with non-invasive tech and non-existent smartphones during school. I was able to grow up with tech but none of the tech I dislike today. Also, tech was still easier to understand back then. I was able to learn how to create web sites for example when HTML, CSS, JavaScript and CGI was still in its infancy and not very complex yet. Of course I learned the growing complexitty as it all developed but the point is that it kind of grew with me. Which probably made several things easier to get into in the first place. Also, I still grew up with almost forgotten values such as privacy, and my whole youth life (as well as dumb things you did when young) isn’t available online and therefore “gone”. I kind of like it that way.

Dumb user friendly (having no particular background): yes

Dumb user friendly (having Windows background): no

Windows knowledge makes learning other OS harder because Windows is the weirdest OS out there.

Answer is correct, I just want to clarify a bit more:

“Password protected” in your case probably just means that you have a bootloader password or a user account password. Both would not matter in this case. If you put your drive or partition anywhere else, and it’s not an encrypted partition, it can be read. Independently of user access rights. Any other OS accessing the same drive/partition can literally read everything if it’s not encrypted. Provided, of course, that there’s a file system driver available for the OS.

Windows by default doesn’t have any Linux filesystem driver installed. I’m not sure if that’s still the case when you install WSL. And there are 3rd party Linux filesystem drivers available as well.

But to protect yourself against robbery or a Windows which might in the future include a Linux filesystem driver, you should always encrypt all of your partitions. And when encrypting, use Bitlocker only for your Windows system partition, not for any data partitions, and certainly not for Linux partitions. For Linux partitons, use the integrated LUKS2. Bitlocker on Windows isn’t private encryption by the way, since a recovery key is being uploaded to MS’ servers automatically. That means MS has theoretical access, the US government has, and law enforcement has. As well as any hackers who manage to exfiltrate that key from somewhere. That’s why I’d use Bitlocker only for the C: partition, a 3rd party encryption tool like VeraCrypt for any other Windows partition, and LUKS2 for any Linux partiton.

Windows will continue to get more and more user-hostile as time goes on, and they want everyone to have a subscription to Microsoft’s cloud services, so they can be in total control of what they deliver to the user and how the user is using their services/apps, and they also will be able to increase pricing regularly of course once the users are dependent enough (“got all my work-related data there, can’t just leave”).

The next big step that will follow after the whole M365 and Azure will be that businesses can only deploy their Windows clients by using MS Intune, which means MS will deploy your organization’s Windows clients, not your organization. So they’re always shifting more and more control away from you and into MS’ hands. Privacy is always an obvious issue, at the very least since Nadella is CEO, but unfortunately the privacy-conscious people have kind of lost that war, because the common user (private AND business sector) doesn’t care at all, so we will have to wait and see how those things will turn out in the future, they will start caring once they are being billed more due to their openly known behavior (driving, health, eating/drinking, psychology, …) or once they are being legally threatened more (e.g. your vehicle automatically reports by itself when you’ve driven too fast, or some AI has concluded based on your gathered data that you’re likely to cause some kind of problem), or once they are rejected at or before job interviews because of leaked health data or just some (maybe wrong) AI-created prognosis of your health. So I think there will be a point when the common user will start caring, we just haven’t reached that point yet because while current data collection and profile building is problematic because it’s the stepping stone to more dystopian follow-ups, it alone is still too abstract of an issue for most people to care about it. Media is also partly to blame here when they do reviews or news about new devices and then just go like “great camera and display, MUST BUY” and never mention the absurd amount of telemetry data the device sends home. MS is also partnering with Palantir and OpenAI which will probably give them even more opportunities to automatically surveil every single one of their business and private sector users. I think M365 also already gives good analytics tools to business owners to monitor what their employees are doing, how much time they spend in each application, how “efficient” they are, things like that. Plus they have this whole person and object recognition stuff going on using “smart” cameras and some Azure service which analyzes the video material constantly. Where the employees (mostly workers in that case) are constantly surveilled and if anything abnormal happens then an automatic alert is sent, and things like that. Probably a lot of businesses will love that, and no one cares enough about the common worker’s rights. It can be sold as a security plus so it will be sold. So I think MS is heavily going into the direction of employee surveillance, since they are well-integrated into the business world anyway (especially small and medium businesses) and with Windows in particular I think they will move everything sloooowly into the cloud, maybe in 10-15 years you won’t have a “personal” computer anymore, you’re using Microsoft’s hardware and software directly from Microsoft’s servers and they will gain full, unlimited, 100% surveillance and control of every little detail you’re doing on your computer, because once you hand away that control, they can do literally anything behind your back and also never tell you about it. Most of the surveillance stuff going on all the time already is heavily shrouded in secrecy and as long as that’s the case there will be no justice system in the world being able to save you from it, because they’d first need concrete evidence. Guess why the western law enforcement and secret services hunted Snowden and Assange so heavily? Because they shone some light into what is otherwise a massive, constant cover-up that is also probably highly illegal in most countries. So it needs to be kept a secret. So the MS (and Apple, …) route stands for total dependence and total loss of control. They just have to move slowly enough for the common user not to notice. Boil the frog slowly. Make sure businesses can adapt. Make sure commercial software vendors can adapt. Then slowly direct the train into cloud-only territory where MS rules over and can log everything you do on the computer.

Linux, on the other hand, stands for independence. It means you can pick and choose what components you want, run them whereever and however you want, build your own cloud, and so on. You can build your own distro or find one that fits your use case the most. You’re in a lot of control as the user or administrator and this will not change considering the nature of open source / free software. If the project turns to sh!t, you’re not forced to stick with it. You can fork it, develop an alternative. Or wait until someone else does. Or just write a patch that fixes the problematic behavior. This alone makes open source / free software inherently better than closed source where the users have no control over the project and always have to either use it as it is or stop using it altogether. There’s no middle ground, no fixes possible, no alternatives that can be made from the same code base because the code base is the developer’s secret. Also, open source software can be audited at will all the time. That alone makes it much more trustworthy. On the basis of trustworthiness and security alone, you should only use open source software. Linux on its own is “just” the kernel but it’s a very good kernel powering a ton of highly diverse array of systems out there, from embedded to supercomputer. I think the Linux kernel can’t be beaten and will become (or is already) the objective best operating system kernel there is out there. Now, as a desktop user, you don’t care that much about the kernel you just expect it to work in the background, and it does. What you care more is UI/UX, consistency and application/game compatibility. We can say the Linux desktop ecosystem is still lacking in that regard, always behind super polished and user-friendly coherent UIs coming from especially Apple in that regard (maybe also a little bit by Microsoft but coherent and beautiful UIs aren’t Microsoft’s strong point either, I think that crown goes to Apple). That said, Apple is very much alike Microsoft in that they have a fully locked-down ecosystem, so it’s similar to MS, maybe slightly less bad smelling still but it will probably also go in the same direction as MS does, just more slowly and with details being different. Apple’s products also appeal to a different kind of audience and businesses than MS’ products do. Apple is kind of smart in their marketing and general behavior that they always manage to kind of fly under the radar and dodge most of the shitstorms. Like they also violate the privacy of their users, but they do it slightly less than MS or Google do, so they’re less of a target and they even use that to claim they’re the privacy guys (in comparison), but they also aren’t. You still shouldn’t use Apple products/services. “Less bad than utterly terrible” doesn’t equal “good”. There’s a lot of room between that. Still, back to Linux. It’s also obviously a matter of quality code/projects and resources. Big projects like the Linux kernel itself or the major desktop environments or super important components like systemd or Mesa are well funded, have quality developers behind them and produce high quality output. Then you also have a lot of applications and components where just single community developers, not well funded at all, are hacking away in their free time, often delivering something usable but maybe less polished or less userfriendly or less good looking or maybe slightly more annoying to use but overall usable. Those applications/projects could use some help. Especially if they matter a lot on the desktop because there’s little to no alternative available. On the server side, Linux is well established, software for that scenario is plentiful and powerful. Compared to the desktop, it’s no wonder why it’s successful on servers. Yes, having corporations fund developers and in turn open source projects is important and the more that do it, the more successful those projects become. It’s no wonder that gaming for example took off so hugely after Valve poured resources and developers into every component related to it. Without that big push, it would have happened very slowly, if at all. So even the biggest corpo haters have to acknowledge that in capitalism, things can move very fast if enough money is being thrown at the problem, and very slowly if it isn’t. But the great thing about the Linux ecosystem is that almost everything is open source, so when you fund open source projects, you accelerate their growth and quality but these projects still can’t screw you over as a user, because once they do that, they can be forked and fixed. Proprietary closed-source software can always screw over the user, no one can prevent that, and it also has a tendency to do just that. In the open source software world, there are very few black sheep with anti-user features, invasive telemetry, things like that. In the corporate software world, it’s often the other way around.

So by using Linux and (mostly) open source products, you as the user/admin remain in control, and it’s rare that you get screwed over. If you use proprietary software from big tech (doesn’t even matter which country) you lose control over your computing, it’s highly likely that you get screwed over in various ways (with much more to come in the future) and you’re also trusting those companies by running their software and they’re not even showing the world what they put in their software.

Well every major tech product probably needs to have “AI” somewhere anywhere, otherwise you’ll probably have a problem of being too honest marketing disadvantage because there will be potential buyers who don’t understand anything about it but think “Thing with AI is better than Thing without AI”, period. Doesn’t even matter if there’s any AI involved anywhere or if the AI feature is actually useful. Unfortunately the tech industry is always heavily riding on hype trains and AI is the current one.

code: camel or snake, depending on language

files/dirs: snake + kebab + dot mixture (trying to avoid caps and special chars here)

AFAIK, browser choice is still limited (as usual with Apple) because every browser on iOS needs to use Apple’s WebKit engine. That means they only differ in UI.

Of course they do. It’s to be expected that big tech companies use all data they can gather for training AIs, tracking users, creating psychological profiles of the users and selling data to the highest bidders.

Microsoft is also known for creating tools and products which track employees and workers and provide nice looking dashboards and statistics for the employers. And they partner up with Palantir and other companies to create even more effective surveillance solutions for companies and law enforcement to use eventually. MS is a data company since a couple of years, just like Google or Meta is. Data is very valuable.

In the case of Microsoft Office and Teams, there’s also the issue of corporate espionage. Companies from all over the world are freely giving away sensitive data about their documents, employees and projects to a US-based megacorp. There was a time in history when this would be called corporate espionage which is supposed to be bad and illegal and so on. But, since they’re all doing it voluntarily, and there’s no definite proof of MS doing anything because it’s a black box and no one except MS can inspect what they’re doing, it’s apparently “fine”. It’s like we have collectively become dangerously naive.

So yeah, it’s all “fine”. Until it isn’t. Until it is revealed one day. Then we can all be shocked and say “how could they do this, how could they violate our trust like that, their marketing slides looked so nice and the consultant was so charming and said we needn’t to worry about anything they would keep our data safe”. Well, if you trusted them in the first place, that’s your mistake. You cannot trust a company like MS, Meta, Google, TikTok, and so on with a huge track record of privacy violations. Ever. Cloud = someone else’s computer. Host your own stuff. Prefer not to use software with proven track records of privacy violations. Don’t use products or services from companies with such track records. Prefer open source over proprietary because when the code is openly auditable that’s a plus for trustworthiness, and proprietary applications usually have a bad track record of privacy violations and other anti-user features, while open source software rarely includes such things.

And it’s only going to get worse. With upcoming things like Recall, that’s almost like having a permanent camera behind you recording your screen at all times. I feel bad for all Windows users, but on the other hand, I don’t actually have to care. Keep trusting them blindly, but please don’t be surprised when it will come crashing down on you one day.

MI is great, I played 1+2 when they were new (in the 90s), they were brilliant back then. These days, they’re probably still good point&click adventure games. There were some special editions or remasters which probably make them play well on modern machines. They belong to a long list of awesome LucasArts point&click adventures during the 90s and early 2000s. Most of these games are great. You should definitely try them out, especially if there are remasters available. But you can also play the originals using ScummVM most likely. Ron Gilbert is like the mastermind behind the series. He still creates adventure games to this day. And they’re all pretty good, but the genre is kind of niche these days. It wasn’t niche back then. It was just as big as action or soulslike games are today. The Monkey Island titles were probably the most successful or popular ones of the bunch. But there are some others which are equally good. Adventure games are rare these days but basically they are like puzzle games where you have to solve certain situations by combining items, finding items in the first place, trying different approaches, and so on. You kind of know once you’ve overcome a challenge when you were able to progress further in the game. There’s little to no handholding, but also little to no handholding needed. There’s one timing-based riddle in the original Monkey Island which I never liked that much, but it’s still a funny one. It’s not hard but it doesn’t really fit the genre well because nothing else is timing-based. It does fit the game’s art, setting and humor well though. The soundtrack is nice indeed. This is probably the most well-known track: https://invidious.nerdvpn.de/watch?v=FoT5qK6hpbw

Yes.

If you still want to play such “modern” games loaded with what is akin to spyware, I recommend a dedicated only-for-gaming PC (running Linux of course*) using a different IP address than your main system (probably a notebook), for example by using a VPN on one but not the other. I’d recommend using the VPN for the gaming machine, it’s less of a risk there, it allows for easy circumvention of geo-blocking, etc. If you need to access some services (e.g. chat) from both machines, create a separate account for it. Don’t share account credentials between machines. In fact, act as if the gaming machine is permanently infected with random stuff “required” for modern games, and isolate it accordingly. This is just an idea how to mitigate those problems and don’t let them creep into to your real machine where non-game-related data could leak out as a result. But you’re still going to support the developer doing this which is not recommended.

*) Why still no Windows, in this isolated case, you ask? Well, because it’s important to fight MS’ monopoly on gaming machines, so don’t support it by running it and contributing to its marketshare. Instead, run Linux and enjoy watching Windows’ sinking market share. In fact, if you can, don’t support such games either by not playing them, that would be the ideal solution. But this is written under the presumption that you or your friends still want to play it and you kind of feel left out otherwise.

Yes, but my post is for the people who DO care about privacy issues. I also don’t like the defeatist’s attitude. You can always start making things better. My post is for those who want to make a better informed decision, that’s all.

Well this whole area is mostly based on deceit. Like if they claim they MAY do something they will absolutely do it all the time, if they claim they aren’t getting anything from it, it just means they aren’t getting anything directly, but indirectly instead, or from a different involved party. I also like the message at the top of the page: “Under certain circumstances, you have rights under data protection laws in relation to your personal data.”. Under some circumstances you have rights. Which is weirdly accurate. Because in most circumstances, they will just sh*t on data protection rights. Which is also evident by everything being opt-out, rather than opt-in. And then, most likely, even when you disable everything, data will still flow somewhere. Then again, it’s an industry-wide problem. Not specific to Jagex.

Reasons are the data transmissions happening by default and Mozilla’s questionable inclusion of add-on things like Pocket. See for example:

https://www.kuketz-blog.de/mozilla-firefox-datensendeverhalten-desktop-version-browser-check-teil20/

vs.

https://www.kuketz-blog.de/librewolf-datensendeverhalten-desktop-version-browser-check-teil8/ and https://www.kuketz-blog.de/mullvad-browser-datensendeverhalten-desktop-version-browser-check-teil22/

You might need to translate the site to English. If you compare that, you can see why it’s easy to recommend the forks over the original. That said, you CAN configure Firefox to also behave well, but that takes an extra effort. It is far from there by default.

Well, they’re only doing what they announced already like 1-2 years ago. So we knew it was coming. This is also accompanied by Google making YouTube more restrictive when viewed with adblockers. Google is (somewhat late, to be honest) showing its teeth against users who block ads. I always expected it to happen but it took them quite some time. Probably they wanted to play the good guys for long enough until most users are dependent on their services, and now their proprietary trap is very effective.

On the desktop, you should switch to a good Firefox fork right now. Firefox can also be used but needs configuring before it’s good. The forks LibreWolf or Mullvad Browser are already very good out of the box. There’s the potential issue of the forks not being updated fast enough, but so far these two have been fast. Mullvad shares a lot of configuration with the Tor Browser, so using it may break some sites. LibreWolf might be “better” for the average user because of that, but otherwise I think Mullvad is the best Firefox fork overall.

On mobile, Firefox-based browsers aren’t recommended, because on Android, the sandboxing mechanism of Firefox is inferior to that of the Chromium-based browsers. And on iOS, all browsers (have to) run on Apple’s proprietary Webkit engine anyway, but well this is Apple we’re talking about so of course it’s all locked-down and restricted. It’s one of the reasons I don’t even like talking about Apple that much, just be aware that as an iOS user, your choice doesn’t mean as much when it comes to browsers, and your browser might not behave like you think it does on other platforms.

So on mobile, I’d suggest things like Brave, Cromite or Mull. Or Vanadium (GrapheneOS). If the browser doesn’t have built-in adblocking capability which sidesteps the MV3 restrictions, make sure to use an ad-blocking DNS server, so your browser doesn’t have to do it. But you still need it. Adblocking not only helps you retain your sanity when browsing the web in 2024, but it also proactively secures you against known and unknown security threats coming from ads. So adblocking is a security plus, a privacy plus, and a sanity plus. It’s absolutely mandatory. As long as the ad industry is as terrible as it is, you should continue using adblocks. All the time. On every device and on every browser.

The ad industry is itself to blame for this. There could in theory be such a thing like acceptable ads, but that would require ads to be static images/text, not fed by personal data, and not dynamically generated by random scripts which could compromise your security, and not overly annoying. Since that is probably never going to happen, you should never give up using adblockers. Since they basically fight you by reducing your security and privacy, you have a right to defend yourself via technical means.

“We”, no. “Too many”, yes. In general, hard dependencies on proprietary software or services are often overlooked or ignored as potential future problems. Recent examples of this are Microsoft and VMware. Once the vendor changes things so that you don’t like anymore, or drives up prices like crazy, you’ll quickly realize that you have a problem you can’t solve other than switching, which you might not even be prepared to do short-term.

The Windows world now experiences this because Microsoft is no longer interested in maintaining a somewhat quality operating system, they are mostly interested in milking their user base for data, and don’t hesitate to annoy or even disrupt their user base’s workflows in a try to achieve that goal.

Many Windows users are currently looking at Linux because of this, but the more your whole workflow is based on dependencies to proprietary Windows-only software, the harder your time to switch will be. If you still use Windows today, you should at least start using more open source or cross platform software, which also will work on Linux, because you are on a sinking ship and there will probably be a time when you can’t take MS’ BS anymore and want to switch. Make it easier for you in the future by regarding Linux compatibility in the hard- and software you use today.

Long-time GrapheneOS user here.

Can’t say anything about Motorola gestures.

Banking apps MIGHT not all work on GrapheneOS, if unsure check first, or ask on the GrapheneOS forum. I forgot the reasons but it’s probably something stupid like the banking app blocking any non-“Google-sanctioned” Android versions via the Play Integrity DRM kind of feature. It sucks, especially because GraphneOS is way more secure and private than any commercial Android, but what can you do, bad decisions are being done all the time.

GrapheneOS is my recommendation, it’s easy to install and can be used by tech-illiterate people as well because almost none of its security and privacy enhancing features require any special configuration work from the user or require advanced knowledge, it all happens mostly in the background with good default settings. Even for tech-savvy people this has the advantage of not requiring any tinkering or maintenance work, it feels like using any proprietary Android, just hardened and much more privacy-friendly.

You should still maybe be aware of these potential minor issues:

• Some apps might refuse to work on any “unsanctioned” Android version via the Play Integrity thing, but so far this seems to be very rare (thankfully). If you find any, make sure to tell the developers that they should stop doing that.

• Some apps might simply require Google Play services to be installed. On GrapheneOS, you can install them via the “Apps” app, and they will be slightly less terrible than they are on any other Android because they won’t run with full system rights, but instead they’ll be sandboxed and can be completely shut down by using the standard permissions system, which the user is blocked from doing on proprietary Android systems. But then again, if you must use them, then of course they’re going to require Network permission and they’ll use that to phone home to Google, as they always do on standard Androids as well. So it’s not recommended to install any proprietary apps from Google on top of GrapheneOS. Even though on Graphene, the amount of things an app is allowed to do is more limited compared to the huge amount of data an app can read and phone home on a propreitary Android system.

• Some apps include certain widgets like Google maps which, again, require the respective app or Play services app to be installed as well. Depending on how these apps are written, they might simply fail completely when this dependency is not there. But so far, I’ve had luck, and some apps I’ve used which integrate a Google maps widget still worked without it. So it depends on the app and the quality of its developers.

• When not having the Google play services installed (default), you won’t have access to Google’s push notification system in the cloud. Some apps, even some privacy-respecting apps like Signal, rely on that. Signal will work without, but then it uses a power-inefficient alternative based on websockets instead, which means Signal without Google play services drains your battery faster than it would otherwise. There are ways around this by using the Molly fork of Signal (Signal is open source and there is at least this one fork often being used as well) with the open source app “ntfy” and an either self-hosted or a privacy-respecting ntfy server instance somewhere to go along with it, which will then act as your own push notification server in the cloud. So you don’t need to contact Google’s stuff for that, and less connections overall to Google equals more privacy overall.

• If you do decide to install the Google play services app on Graphene, make sure to allow it to run in the background. But, again, it’s not recommended to use any proprietary Google apps/services.

• Once you have Graphene installed, be sure to use its integrated browser called Vanadium (a hardened Chromium fork) to download and install an “app store” of your choice. When I first started out, I installed the F-Droid apk first, then from within it Aurora as a Play Store client. Giving me access to a lot of open source and Play Store apps, respectively. F-Droid unfortunately has some potential disadvantages, which is why I recommend using Obtainium instead of the F-Droid client (you’ll still access the F-Droid repository sometimes because some APKs of open source apps are only hosted there, but at least you’ll avoid potential issues with the F-Droid frontend application then). Using Obtainium instead of F-Droid will be slightly more work at the beginning when compiling your needed open soruce applications, but afterwards it’s just as easy.

• Make sure to configure a privacy-friendly and ad/tracker-blocking DNS server, as well as something like RethinkDNS or NetGuard Pro to control which apps are allowed to contact which hosts/IPs. Otherwise, while Graphene itself won’t violate your privacy, many apps will still do that (especially proprietary apps often contain several trackers).

• If you need tutorial videos on how to install or initially configure Graphene, or Obtainium, watch the youtube channel “Side of Burritos”, excellent content.

If any of that sounds scary, it shouldn’t be. Most of these issues are really minor and it’s unlikely that you’ll be too negatively impacted by any of it, so give Graphene a try without Google services. There are great open source apps out there for all sorts of functionality. Just felt I should mention any potentially small pitfalls.

Other Android variants or ROMs are inferior to GrapheneOS in terms of security and privacy, unfortunately, so it’s best to buy a cheap Pixel (8th generation recommended due to strong hardware-based security) and install Graphene on it. Otherwise you’ll miss out on Graphene’s very strong security and privacy features. There are some other privacy and security oriented Android variants like Calyx or /e/OS or things like that, or even LineageOS, but they all, again, don’t reach up to Graphene’s level of security and privacy.

HTH

RethinkDNS is probably better, but I’m currently still using NetGuard Pro and kind of happy with it, but I will soon migrate to Rethink DNS. If you use NetGuard, make sure to use the Pro version, download its hosts file and use it in whitelist mode and display all contacted hosts/IPs for each app (block everything by default, allow only the technically necessary connections!). The more proprietary apps you use, the more tracking hosts you’ll see being contacted (lots of proprietary apps contact Google, Meta, etc.). Don’t allow these connections.

Remember that this is just one case in isolation. US-based data hoarders like Google, Meta, Microsoft, and so on are also regularly sued for various privacy law violations. And they all deserve it equally, TikTok included. I hope no one is left out. That said, unfortunately, the punishment is often a joke, which means these companies simply pay it out of their pocket change and then continue doing the exact same stuff. For example, France sued TikTok for something like 5 million $. Unless that number goes into the billions at least, I bet it’s still way more profitable for those companies to continue to absolutely sh*t on anything privacy related. So, in essence, nothing will change because of this. Not for US-based data privacy violators, not for Chinese-based. “Same shit, different country” has never been more fitting.