Need To Change Privacy Strategy - Recommendations and BlackFriday

Hello everyone,

There are a few basic things in my current setup that I’m not very comfortable with. Since we’re on blackfriday -> cybermonday I think it would be a nice season to make some changes [cloud - e-mail - calendar - cloud - DNS] Here’s the deal:

E-mail / Calendar Strategy

  • Using tuta for more than 2 years but I still rely on my gmail address for many things; issues with Tuta:
  • troublesome to export/make backups (worse since I have many folders, would be folder by folder)
  • not a fan of not having an e-mail client on my desktop (not issue in mobile phone), also don’t love the calendar

What would be ideal:

  • a nice mail provider, possibility of easy backups, possibility of using e-mail client (this one is not a hard requirement)
  • Calendar, end-to-end encrypted: a hard requirement since I store some sensitive data there. Should be easy to see on mobile (e.g.: dedicated app); for desktop it does not matter much to me I guess the calendar requirement excludes nextcloud and most providers, as well as calDav stuff and similar
  • I wouldn’t mind if it would be 2 products working side by side if no alternatives are available (calendar and e-mail, but not ideal)

Backups and Cloud Storage (for redundancy)

  • I have 1 cold backup at home, another at someone else’s home (both encrypted) but to be safe I’d like to also have a trustworthy cloud Cloud: -end-to-end encrypted or -> next bullet
  • compatibility with cryptomator is a big plus (though I want to avoid Apple/Google/MS/Dropbox)
  • possibility of mounting the cloud storage as drive on my computer (not hard requirement this one)
  • could be 2 products side by side (not ideal though): a storage solution for entire backup (wasabis and stuff) and a cloud solution (day to day usage)

DNS for filtering

I’d like a solution to have all traffic filtered (malware, ads) system wide on my laptop/desktop I have used adguard in the past; open to all other possibilities. I also have mullvadVPN; wouldn’t using a different DNS defeat the purpose of the VPN? Or when VPN is on, the DNS is always the one of the VPN? Possibilities:

  • controlD (i have seen people vouching for it)
  • NextDNS (system settings)
  • MullvadDNS (system settings)
  • adguard desktop app

Malware / Virus / etc

I have a linux desktop and macOS laptop. My doubts are regarding macOS. I’ve seen so many new antivirus ads that it almost makes me think that I should have one. I have malwarebytes installed for occasional runs and CleanMyMacX (I have doubts regarding its security claims - I use more for system management)

  • Should I opt for an antivirus program? If so, which would be advised intego is showing up all the time weirdly)

This time of the year is when I can gear up, since financially I haven’t been at the top.

For those that will answer, thank you so much in advance!!!

jacktherippah,

You don’t need an antivirus. No one needs an antivirus. Common sense is good enough.

JackSkellington,

Thanks!!! Weird that without looking for any there are ads popping up everywhere is for antivirus.

So for the macOS system , if I want to do a scan once in a while (even to catch windows-targeted stuff so that I don’t get bad files in backups) what would you advise ? I go on the “high seas” occasionally for anime, books and tv series… that’s one of my worries

jacktherippah,

If you REALLY need it, I’ve seen some people recommend ClamAV but really, I don’t like the concept of antiviruses. They run with I’m assuming full access to your storage and generally bog down your system performance. IMO, the best line of defense for your system is you. Use your common sense, stray clear of the shady websites, stick to well known and safe recommendations (especially relevant since you sail the high seas) and don’t run random commands from the internet.

pkill,

Buy yourself a VPS at a provider that accepts untraceable cryptos, like 1984.hosting and self-host

JackSkellington,

It’s on my plans to dive a bit into self hosting, but for now only inside LAN. Still reading on it. On a VPS I wouldn’t be capable of securing and doing good administration in the next few months. But definitely on my roadmap (especially since I want to move careers for something more technical)

  • would you consider 1984 above orange for instance? The only ones I’d like to avoid are the likes of godaddy stuff
pkill,

You can set up an account over Tor in case of 1984. Haven’t used Orange but mainly due to bigger costs. Iirc the only time my 1984 Wireguard VPN was facing issues was when trying to edit Wikipedia, so not a big problem. Searxng was also working fine.

scytale,

You’re correct in that you shouldn’t mess with the DNS settings when on the vpn. Off vpn, I have had good experiences with Control D ans Aha Blitz on browsers and mobile, with the latter allowing you to actually select the granular filter lists yourself. I recently switched to Mullvad’s DoH though and it’s been good so far

JackSkellington,

Ohhh. I think that’s where I’m getting confused in terms of best practice. Which one the following scenarios do you recommend?

  • leave DNS in the network settings as default and once in a while use VPN as-is
  • change DNS in network settings and onde in a while use VPN without changing anything else

I’m making a big confusion: so you mean that if I change the DNS at network settings I should revert those changes when I decide to activate VPN? Or simply leave the new DNS of the settings and not touch anything while I have VPN on?

Sorry for the trouble!!!

Pantherina,
@Pantherina@feddit.de avatar

Use a normal mail provider like mailbox.org, startmail, posteo, and soo many others. Privacyguides

JackSkellington,

But none of them has an E2EE calendar right?

Pantherina,
@Pantherina@feddit.de avatar

Hmm normal caldav, I guess they could read that.

JackSkellington,

Caldav would be the ideal solution if it were decently encrypted but it’s not the case… it would be nice since most calendar apps support it :/

akilou,

Proton suite. And they have a black Friday deal I think

nnullzz,

Seconded. Subscribed to it a month ago in my mission to cut my dependence on Google products. So far I’m loving it. Calendar is a bit basic but it is encrypted.

Between the 500gb provided with the proton suite and using backblaze for backups, I’m pretty covered with data.

JackSkellington,

Thanks for the feedback! Ah for the 500GB it’s the higher plan. Already gets somewhat expensive.

Regarding backblaze for backups, it’s basically a way of dropping all the stuff and leave it there right? It’s not a cloud service (in the sense of filen and others) but for keeping data right? How are you ensuring that you have all the backups encrypted?

nnullzz,

You could actually use Backblaze for both scenarios: as a normal cloud storage where you can access stuff back n forth or for long term backups and storage.

I use Duplicacy to copy and encrypt my main folders once a week. But you can set schedules for backups as you wish. Depending on how much you’re backing up it may get a bit pricey though. I have a little under a couple terabytes backed up and pay around $6 for Backblaze. They have a client I’ve never used that might be helpful as well.

One thing I wanna look into is using Duplicacy to also back up really important documents to my proton storage.

JackSkellington,

Yes that’s exactly what I was aiming for:

  • an option for data backups that I will only access/move when managing backups or restoring data in computer (I’d need at most 300-500GB)
  • an option for repeated access for files that I’d plan to use / change weekly.

So with duplicati you’re able to send the backups to backblaze bucket in an encrypted way? What would I need to retrieve the data and unencrypt on computer if mine would break? How would you use backblaze as daily cloud? I thought it was mostly a bucket to drop stuff. Is there any way to mount it as a network drive while having everything encrypted ?

  • right now I have Filen with 100GB and it’s more than enough for me right now. However, from what I’ve read it’s not compatible with cryptomator and I cannot mount it as drive. Moreover the app is only for syncing data, which is not my aim
nnullzz,

I have some answers that might help but there’s a few pieces that I need to write out on something other than mobile. Will reply back in a day or so.

JackSkellington,

Yes; they have nice deals now! That would close the topic of email and calendar. Are you able to easily backup your emails?

akilou,

I’ve never looked into backing it up. I do know they make it easy to import emails from other services so maybe they’d make it easy to export to other providers too? You’d have to look into it.

LunchEnjoyer,
@LunchEnjoyer@lemmy.world avatar

Personally have this too, but would recommend against it as the support for Linux is tragic.

LWD, (edited )

deleted_by_author

    •
    JackSkellington,

    Thank you!! Regarding cloud it could be something that can have a cryptomator container. I wouldn’t have much requirement regarding mobile app except for being able to upload backup of photos

    Regarding DNS:

    Right now I have it by default, so it goes through my ISP.

    I use the VPN mostly when on the high seas… Having the DNS as default value wouldn’t be the same as using any other DNS address? When VPN is on, how is the dns at the netwoek settings behaving? I never quite understood this part!

    PS: sorry for bad formatting. I wrote original post in computer, not on mobile the app is having formatting issues (Memmy)

    toned_chupacabra,

    Even before anything else, you should change your DNS from your ISP to one of the many third party, respected, fast resolvers. Clooudflare 1.1.1.1, Quad9 9.9.9.9, both do not log and are free. There are many others.

    I use the paid $1.99 USD/mo NextDNS with malware-only blocking on my router, and malware, ads, trackers blocking on my Android devices, Linux desktop and Windows desktop.

    JackSkellington,

    Thanks for insights!! I was unsure if changing default settings on DNS would have any effect when using VPN. So it’s ok right? I’ll go for NextDNS, which makes me clear one of the issues in the list. Thank you!!!

  • All
  • Subscribed
  • Moderated
  • Favorites
  • random
  • uselessserver093
  • Food
  • aaaaaaacccccccce
  • [email protected]
  • test
  • CafeMeta
  • testmag
  • MUD
  • RhythmGameZone
  • RSS
  • dabs
  • Socialism
  • KbinCafe
  • TheResearchGuardian
  • oklahoma
  • feritale
  • SuperSentai
  • KamenRider
  • All magazines
    •