An issue arises with that. Linux is fundamentally insecure, as you are likely well aware if you use secureblue. secureblue is designed to be as secure as possible while still being Linux, and so is still bound by the same constraints. Qubes OS is not a distro, so it (should be) more secure, but it is an absolute pain to use. Furthermore, Qubes OS emulates Linux distros, so the question becomes "Why not just emulate the most secure Linux distro?" which is either Whonix or secureblue depending on who you ask. Is that more secure than running secureblue on bare metal? What about GrapheneOS used in desktop mode? And what about emulating Linux inside of GrapheneOS using the Linux terminal? There are plans to use multiple distros inside of the terminal, so what about secureblue inside of GrapheneOS?
The whole situation spirals out of control. I know this iceberg chart isn't ranking security, it's ranking what software people generally use for each experience level, but neither secureblue nor Qubes OS would fit nicely in any category. You can read this post for more of my thoughts about this mess.
How the heck is TOR less secure than any of the vpns?
This isn't a ranking of security. It is ranked based on the experience level at which people generally begin to start using certain software. They build on top of each other.
"As seen on TV" does not imply privacy, it just implies a large advertising budget. These are software that market themselves as private (and are sometimes better than nothing at all) but may still be just as bad as software on the tip of the iceberg.
Not all Chromium-based browsers are bad. Browsers such as Vanadium or Trivalent are very secure, and discourage the use of extensions altogether due to privacy and security risks. These browsers come with ad blocking preinstalled.
I forgot to put it on there. I would put it probably in The Beginner. Chromium-based browsers aren't all bad, such as Vanadium or Trivalent, so people sometimes feel more comfortable sticking with what seems familiar (coming from Chrome).
If you're alive, you are asked for documents such as property records, taxes, etc. and if you refuse then bad things happen. If you fake your death, no more questions are asked and you can take on fake identities. In essence, faking your death takes your identity out of "the system"
Privacy isn't dangerous unless it gets in the way of your life (your job, relationships, housing, etc.). As long as you maintain a good balance, more privacy is generally better.
ProtonVPN is open source, meaning the code running ProtonVPN can be inspected by anyone to make sure privacy is being upheld. ProtonVPN is also based in Switzerland, which has strict privacy laws. NordVPN has had many criticisms about their privacy and security practices. ProtonVPN also has a free tier.
If you want to pay using a private cryptocurrency such as Monero, you can shop on XmrBazaar. Otherwise, you can buy a prepaid VISA with cash and find stores like eBay that accept fake personal information while ordering. Remember to ship to a PO box and not your real address (or mail to an abandoned home if you're feeling risky).
If you can, avoid online shopping altogether and use in-person stores with cash.
I wasn't able to fit everything, but I specifically excluded Android, because it isn't inherently bad. GrapheneOS is based on the Android Open Source Project (AOSP), for example, so I didn't want to give the wrong idea.
Was not aware of the existence of Coincarp (logo by GrapheneOS). Is a crypto price tracker used by Activists? I left crypto a couple of years ago but though Activists just don´t trade much and stick for the long haul and use Monero for purchases.
I was wondering where you stand on the following topic: email obfuscation by using different aliases or throwaway email addresses for web accounts.
This is a matter of threat model, but part of my threat model is making sure none of my accounts can be correlated with each other and that my real email is not given out. For those reasons, I use addy.io for email aliasing.
While I thought that it was cool in the beginning, I found that even with a PW manager, things can become messy very quickly, and at a later stage, moving away entirely from iCloud’s “Hide my email” for example could turn out to be a nightmare and make things even more complicated.
Bitwarden is a password manager that allows you to generate email aliases natively, and integrates nicely with addy.io. Switching between email aliasing services is a tedious process, but hopefully one you will only need to do a couple of times in your lifetime.
So to cut to the chase: use your own email addresses every time or use a, preferably, self-hosted service for that specific use case of generating more or less random email addresses?
Email aliasing provides numerous other benefits than what I listed here, such as being able to fight spam by fully disabling the leaked email alias, so there's plenty more reasons to use it. I would avoid self-hosting an email alias service, because the domain you use is a unique identifier across aliases and defeats the purpose of anonymity. Furthermore, if you accidentally mess something up, you end up putting your own security at risk. It's up to you.
I contacted a moderator about restoring it, but due to the current moderation situation with c/privacy it's likely that it was an instance moderator that removed it, rather than a community moderator. I don't want to upset the moderators further, either way.
I was actually expecting you to comment.
Absolutely! Giving credit is appreciated, as well.