Over the past few months, I embarked on a rewarding digital journey to move away from US big tech and towards more European [EU], open source [FOSS], privacy-oriented [P], and decentralized [D] alternatives.

I’m sharing my experience here in case it can be useful to others, as well as to gather any additional thoughts or suggestions:

  • Desktop OS: Microsoft Windows 11 --> OpenSUSE Tumbleweed + KDE [EU][FOSS]
  • Web browser: Google Chrome --> Brave --> Vivaldi --> Mozilla Firefox + Strict privacy settings, uBlock Origin, Privacy Badger, Conset-O-Matic [FOSS][P]
  • Email: Gmail --> Infomaniak Mail [EU][FOSS]
  • Calendar: Google Calendar --> Infomaniak Calendar [EU][FOSS] + OneCalendar [EU]
  • Files: Dropbox --> Infomaniak kDrive [EU][FOSS]
  • Photos: Google Photos --> Infomaniak kDrive [EU][FOSS]
  • Notes: Google Keep --> Notesnook [FOSS][P]
  • Social Media:
    • Facebook --> Nothing
    • Twitter/X --> Mastodon (mas.to) [EU][FOSS][D]
    • Reddit --> Lemmy (lemm.ee) [EU][FOSS][D]
  • AI Chatbot: OpenAI ChatGPT --> Mistral AI Le Chat [EU]
  • Videos: Youtube --> Unwatched [EU][FOSS][P]
  • Podcasts: Apple Podcasts --> Spotify --> Pocket Casts [FOSS]
  • Translate: Google Translate --> DeepL [EU]
  • Maps: Google Maps --> Organic Maps [EU][FOSS][P]
  • Weather: Apple Weather --> YR [EU]
  • Online payments: PayPal --> Revolut [EU]
  • Password manager: LastPass --> Mozilla Firefox --> Bitwarden [FOSS][P]
  • Online shopping: Amazon --> Cdiscount [EU]
  • Travel booking: Booking.com --> Direct booking

And here’s the list of things I couldn’t let go of:

  • Mobile OS: iOS | I have a business iPhone which is also my personal phone
  • Messaging: WhatsApp | The network effect is too big here: family, friends, local businesses, etc
  • Streaming services: Netflix, Amazon Prime Video, Disney+ | These come basically for free with my ISP and are too convenient for the moment (esp. w/ kids)
  • Tynan@lemmy.ml
    2·
    4 days ago

    They’re using an iPhone so F-Droid is off the table. Is it also an attack vector on iOS?

    • TWeaK@lemm.eeEnglish
      1·
      3 hours ago

      Probably not. Back when the WhatsApp Pegasus vulnerability happened, there was a vector on iOS, but it was iMessages.

      I don’t know any first hand details, but my suspicion is that the way WhatsApp on Android worked was via Facebook system apps bundled with the phone by the manufacturer. Back in the day, Facebook itself used to be a system app on some phones (making it difficult to remove), but gradually they moved away from that to having the Facebook or WhatsApp apps be the same as the one on Google Play, but there would be a separate system app that would be much harder to remove. I suspect this system app used various exploits for further data mining by Facebook (perhaps even gaining microphone access so they can present ads based on what you say?) and that the Pegasus hack got into WhatsApp, then simply called the system app to use its established exploits. One other thing that maybe points to this: the Pegasus hack would only sometimes be effective on Android phones, and researchers couldn’t pin down why. To me, that suggests some other app or configuration variation.

      WhatsApp on iOS shouldn’t have this vector, as Apple control both software and hardware on their phones, hence why the strategy was to go for Apple apps directly (as they had the direct access to system level permissions, like I’m alleging Facebook sometimes had on Android).

      Like I say, the exact workings of the hack are my own assumptions, and I understand that the WhatsApp Pegasus entry vector has been patched, but ultimately I don’t think Facebook/Meta or any of their apps are trustworthy and encourage people to remove them from their devices.