Missing from this list of to own your own domain, and use it for email and anything else you can. This also allows you to generate infinite email addresses (although your email provider needs to support that; proton does for recieving but makes sending a bit awkward)

Gandi used to be a decent domain provider but have been bought out and are putting up prices.

There is also simplelogin.io (it is now part of Proton, but they still have an independent subscription). Supports custom domains, or you can use their domains to generate infinite email addresses

Domains can be revoked, and you have to give up your physical address to get one.

You can lie, of course, but if they find out you lied, that's grounds for immediate revocation without notice or refund.

You can’t use a modern mac without hardware disk encryption; turning on FileVault in the UI is a no-op, security wise. (It does give you a recovery key to write down, which is good.)

You also can’t set a 90 day message expiration in Signal. 4 weeks is the maximum.

It’s insane to me that someone is talking about digital privacy hygiene and still using gmail. This basically invalidates the entire argument.

Protonmail also is a major UX downgrade; I recommend selfhosting an IMAP server for long term mail storage and using a service like Fastmail for your inbound email to replace gmail. Periodically move everything from your email provider to long term storage in your selfhosted IMAP server.

I don't recommend self hosting your own server, because most of the people I care about would not be capable of either doing that, or doing it securely; like 99.9% of people . We really need to have a world in which at least some service providers can actually be trusted. This is particularly true for communications, because the provider of all the people you are talking to each have a copy of your data.

There are probably valid situations for self hosting, but a bit like prepping, it is not a method of sustaining civilization, but an attempt to survive it's fall; suitable for only low numbers of people.

Service providers cannot be trusted as long as the government says "all service providers must give us your data."

> These devices generate and store a private key on the device secure element itself, so the private key is never materialized on a suspiciously general purpose computing device like your laptop.

What's suspicious about being general-purpose?

> This is significantly better than storing TOTP private keys on other (software) authenticator apps, because again you should not trust general purpose computing devices.

If you can't trust your own PC, a Yubikey doesn't help much.

The PC is what generates the request to the Yubikey and presents the UI where you approve it, so an attacker in control of your PC could for example replace the intended request with one that transfer all your Bitcoins to the attacker. Or it could replace the recipient in whatever transaction you're approving. You would need a separate trusted screen on the Yubikey to verify the details of the request if you don't trust the PC.

The PC is also what actually processes the data (or at least mediates access to it if it's processed on the server side), so an attacker in control of the PC can modify any data you view or submit, regardless of what authentication method you use.

> do not log in or access any of your personal services on work computers.

It baffles me whenever I see someone’s personal email open on a work machine. Seems like that’s putting a lot of unwarranted trust in your employer.

Thought experiment, what is the worst thing the employer could do, assuming a 2fa email setup?

Would it be “just” learning the password and making a screenshot of the inbox and any open emails, or is it relatively easy to look at more?

Edit: right, also any email that gets written.

The risk isn't that much that your employer gaining access to your email (though you may potentially be risking the contents of emails that you view from that machine getting saved and accessed by someone at the company). It's more that you've legally entangled things. If your employer is sued or investigated, a judge can issue a subpoena for them to turn over records. If those records show that employees accessed external accounts from work systems, now they can get a subpoena to access those accounts and any other devices that have accessed those. I've seen this happen to friends. Employer gets sued and as part of discovery, they had to hand over all of their personal devices because they hadn't kept church and state separate. Took them many months and significant legal expenses to get their stuff back. If you never access personal stuff from your work devices and never access work stuff from your personal devices, you'll never be in that position.

2FA only protects login. If you're already logged in, someone with access to the computer can just copy the session token. Or instruct the email client that is already running to dump all your emails to a local file.

Why use NextDNS when you can use a lightweight, native solution[1]? Sorry if this sounds condescending but I need less services and not more.

[1]: https://github.com/StevenBlack/hosts

He recommend Proton Mail. However there's been a few comments lately on hn that its privacy isn't really sufficient. I'm wondering what I can use instead? Self hosting seems not only burdensome but likely less secure.

Have been using FastMail for a long time. Works just fine.

I also have an old Proton Mail account that is used occasionally. Can't complain about that either.

I don't want my mail being scooped up by Google-scale orgs. Don't really have any other privacy requirements beyond that.

Your mileage might vary.

Email is insecure. Protonmail is no less private than any other normal email host. Its convoluted e2ee setup may be more private.

You can selfhost just IMAP storage, and pay an email service provider to receive and store your mail for you, periodically archiving it to your own long term storage and removing it from the provider.

I see replies claiming that you shouldn't move from X to Y because Y isn't perfect, even though it is better.

Chromium is already Chrome without Google. Why Brave?

Chromium is Chrome with "less" (but, still substantial) Google. ungoogled-chromium[1] is Chromium with no Google.

[1] https://github.com/ungoogled-software/ungoogled-chromium

Built in adblock that (I think?) is supposed to be better than uBlock lite.

Statistically you will die before you get hacked.

Secure the top, let everything else trickle down.