cross-posted from: https://lemmy.ml/post/26343625
Recently I had to go through a almost one year process of Degoogling and canceling a lot of my data from the Internet. Unfortunately, I noticed that a lot of specific information are not available in only one source and I had to do separate researches for each problem that I had. So, I decided to write this guide to share my experience hoping that it will make this process easier for who will read it. You are absolutely free to share this guide here, on other sites, with your friends and family. Feel free to comment and add a feedback.
I want to start with a very immediate list of FOSS applications that I’m using on my Degoogled Android phone. The most important thing here is to never login with Google on your phone and also never use it to login to internet services such as forums or news websites.
System administration *MicroG suite : This provides minimal libraries for applications that uses Google Play Services. *F-droid : Is an alternative store that can be used in place of Google Play. *Aurora Store : A Open Source front-end for Google Play. However, downloading applications from it does not guarantee that you will not be tracked. *App Manager – Android package manager : This gives you a lot of control on applications that are installed in your phone. It shows also the trackers and eventual vulnerabilities. *Shelter : This is one of the most useful apps on F-droid, it permits you to clone preparatory apps such as Instagram in a sandboxed environment on the work profile. *Logcat Reader *PCAPdroid : A network monitor *Irregular Expressions : A Keyboard to write with different styles *Simple Keyboard : This is very important, a keyboard on your phone should be as lightest as possible. *Termux : This is more than a terminal emulator. It comes with a almost complete GNU/Linux environment and lets you to install many CLI applications used on these machines.
Generic *Organic Maps : An alternative to Google Maps. It uses OpenStreetMaps and works quite well. It is also true that it relies a lot on user’s contributions. So if you will visit a place which is not on the map, remember to add it. *Fossify Calendar, gallery, voice recorder, contacts, messages, phone, ecc : This suite is a FOSS fork of the old “simple mobile tools” suite that was acquired by a Israeli company. *OpenCalc : A calculator app *VLC : A well known audio/video player which supports a lot of different formats. *Librera Reader : A pdf and document reader *Open Camera *ObscuraCam : Use it to blur faces *Scrambled Exif : Remove metadata from pictures. (use it before publishing a photo on social medias) *PixelKnot : Embed a secret message in a picture *QR Scanner (PFA) *Collabora Office : (Not directly present on F-Droid but they have their own repository, check on their website) *Nextcloud : A very good alternative to Google Drive. *Call Recorder *Firefox and Thunderbird : Be careful, even if Firefox browser is generally more privacy friendly than others, it cannot avoid fingerprinting. The only way to avoid it is to use the Tor Browser. *Tor Browser for Android : This is a modified version of Firefox that uses Tor to connect to the Internet in order to protect your anonymity. *Print *Signal
Security *Aegis : A 2FA app (two-factors authentication) *Bitarden: A password manager (Not directly present on F-Droid but they have their own repository, check on their website) *AFWall+ : A firewall for Android *Hypatia : An Antivirus *DroidFS : It permits you to crypt files in vaults that are not readable by other apps. *Orbot : A proxy to route app activities through Tor- *LocationPrivacy *Ripple : A panic button that will trigger apps with a panic responder. *I2P : An alternative to Tor *InviZible Pro : An app that permits you to enhance your privacy on the Internet by using DNSCrypt, Tor or I2P. Be careful, this is an all-in one application and should not be used if you are already connected to tor. *Léon – The URL Cleaner : Remove trackers from URLs *PersonalDNSfilter : Use it to block unwanted ads *PilferShush Jammer : Block the microphone usage by other apps.
Not on F-Droid *Prey : An Anti-thief app. The free version is GPL licensed
But this list is not enough in my opinion. It is important also to know how to protect our privacy with actions that are not directly involved in setting up applications and filters. If we are going to think that our privacy will be protected just by pushing a button, we are doing a mistake. Using DuckDuckGo and Searx as search engines its a good thing but not enough.
Important mistake to avoid : If you have your Google account as a login for some websites wait before closing it, you may lose access to them. Your Google account should be the last thing that you are going to delete. Make sure that you have deleted all relevant information from the Internet before closing it.
Today corporations and repressive governments are using a variety of methods to profile users and some of them are very subtile.
Fingerprinting This is a way to identify a user by looking at unique characteristics of his browser. When we connect to a website, our browser must exchange some basic information in order to load a page. Some of these information can be the type of device, screen size, browser settings, language settings, operating system, ecc. With all these information together it is possible to recognize a specific user in the middle of many others. This is unfortunately very difficult to avoid but Tor Browser can be a solution while a VPN cannot really help here.
Firefox also permits to activate a resist fingerprint setting but this solution will break some websites and probably is not effective as Tor Browser. Instructions to activate it can be found here: https://support.mozilla.org/en-US/kb/resist-fingerprinting
Open Source Intelligence (OSINT) It has little to do with free software. This is a method of data collection that looks for information about something or someone through public available sources. The problem is that today these sources are much more difficult to control for an average user than 20 years ago.
A classic example: You are a very careful person about your social medias, you don’t post anything controversial and maybe you don’t even have a real name on Instagram. But You may have some relatives that likes to share a of lot pictures and for your birthday you have been tagged by them and they wrote your name in a post. If they have a very loose privacy settings (which is likely), this information will be publicly available on the Internet.
Another example : You are a exchange student in a foreign university and of course you want to meet new people. You may take a group photo during a party with some people that you don’t really know. This photo gets shared many times and maybe becomes also a post. After a lot of years one of the persons in the photo gets convicted for a serious crime. This photo will continue to be available on the internet and a insurance company that you asked for a service may increase the price or not provide it since you “are a person with criminal contacts”
Last example (and this is what really happened to me) : You are a 18-19 old teen writing dumb comments and posts on Facebook or Instagram. This gets cached by search engines and external websites. Many years after, you are just searching your name and surname on the internet and you find out that a search engine has cached a very dumb comment from many years ago that you have even deleted.
All these examples shows how its easy to lose control over our data. Many companies uses automated software to see websites on which you are registered just by putting the email on your CV in a box.
You must also be aware of data breaches. You can be registered on a website with your email set as private. If a data breach happens, your address is going to be disclosed and become publicly available. You can check this on: https://haveibeenpwned.com/ If you don’t use a site for years, delete your account.
Another tool that is frequently used to see where a user is registered is: https://epieos.com/ This website searches where your email address is set as public. It can also search for a phone number.
So the problem here is not only to DeGoogle but also to remove our personal information for all other places. Removing a content from Google is a little thing today.
Fortunately, there are some ways to remove our contents from the Internet but they must be planned well. The first thing to do is always to remove the content from the original site, in this way the content on search engines becomes outdated and easier to delete even if you don’t live in the EU.
Social medias First thing: Never publish photos of your children on the Internet, in the future they may hate you for that. We are going to live in times where nontransparent AI will scrap for all possible content.
Now, even if you have a private profile on Instagram, your likes and comments are going to be visible on public pages and reels. Delete them all. Why someone should be able to find what you liked 6-7 years ago? Does the discussion that you had on a Facebook page of your local newspaper still matter? You may need months to delete all these stuff but it is worth. Remember to do a regular follow up on the deletion page to see if some buggy content still reappears after some weeks.
Use different usernames for every social media and never put your real name.
Power move : If you have your real name on Instagram and you want to delete it from search engines : first modify your real name, then change your username. By doing this, you will modify the link of your profile and it will be cached by search engines without your name. Change also a photo in order to avoid the possibility of reverse photo lookup.
Other sites In some cases you will have to contact the webmaster of a specific site in order to cancel your data. It happened to me with a local news page.
Search engines Here we are, this is the magic moment. Remember that if you are going to just remove something from a search engine without actually deleting the original content, this will continue to be available and someone may find it even without Google.
So, I can speak for what I know : These solutions refers for content removal in the EU. If its not relevant to you, skip to “How to use email addresses”
Google This is the page for content removal in the European Union: https://support.google.com/websearch/answer/9673730?hl=en#zippy=%2Cwhich-removal-option-do-i-choose Note that if you are living in the EU and ask to remove results about you, it will usually remove these results only for all EU versions of Google. This means that if someone has a VPN he can actually see them by connecting to a United States server. The best strategy is to remove the original contents from sites also by contacting the owners. Then the results on Google will become outdated and most of them will disappear. In some cases like Facebook comments, they can remain in the search results even if they are already removed because they were cached by the search engine. In this case, this tool should be used once the content is removed: https://support.google.com/webmasters/answer/7041154?hl=en If you are from a EU country and you already removed it so it continues to exist in external Google versions, make this request with a VPN connected to a foreign server.
Bing
Bing (EU citizens):https://www.bing.com/webmaster/tools/eu-privacy-request Bing (Non-EU citizens):https://www.microsoft.com/en-us/concern/bing
For cached pages : https://www.bing.com/webmasters/help/bing-content-removal-tool-cb6c294d
Many search engines (also DuckDuckGo) are partnered with Bing and removing content from it will also remove content from them most of the time.
DuckDuckGo For who lives in the EU, this is this page: https://duckduckgo.com/duckduckgo-help-pages/r-legal/privacy-rights/
Internet archive Be careful: some of your content was maybe cached by the Wayback Machine. Always check if this is the case. This is a very useful internet museum but sometimes it may be problematic since a lot of people does not even know about its existence while it takes data from a lot of sites. This is the removal page: https://help.archive.org/help/how-do-i-request-to-remove-something-from-archive-org/
How to use email addresses My advice is to have as many addresses as possible and split the websites login between them. You can write a .txt file with lists of services attached to every address. Like this :
Logins: Mail xxxxx1 Instagram, Facebook, Tinder
Mail xxxxxx2 Bank 1, bank 2
Mail xxxxxx3 Local news1, other site2, ecc
I would suggest you to have at least: One email with a fake name and surname One email with a completely invented username in a foreign language (Tutanota is great for this)
Personally, I would recommend Protonmail and Tutanota for communications with real people. Then, one email should be left only for banking and government accounts.
Use fake emails to register to websites that you will not use often but they are pushing you to create an account. Of course, this applies only to sites that are not related with shopping. An online transaction will reveal your identity.
A normal email provider such as Yahoo is ok for professional life, so no one will make too much questions. Eventually, your Linkedin account should be linked only to this address. Use it with Thunderbird so you can avoid proprietary JavaScript. I would also recommend to use a separate phone number for work.
Bonus: Other Alternatives to Google and AI If you are pushed to use Google Maps because the place that you are looking for is still not on OpenStreetMaps, remember to add it so other people will not have to use Google to find it. Remember that public transport information that you find on Google Maps is always available on local transports websites. Its just 2-3 minutes of research.
Remember that it is possible to use fair and open source AI models on your computer with: https://gpt4all.io/index.html?ref=top-ai-list Download a model that will not send your data to corporations, there are plenty of them.
This is more or less everything that I learned during this year, remember that human factor makes always the difference. Think about your personal situation. What do you want to show? To who ? And what do you what to hide? From who? And how? Think in a way to protect your privacy according to your personal situation.
I hope that this guide will be useful for average users that wants to regain control of their private life and that at the same time, it will be a impoverishment factor for evil corporations and their supporters.
I modified it at the end. I remember that a long time ago (maybe 5-6 years) I found something about that but since now I cannot find it anymore its better to change it.