I tried the second approach for some time, but using NoScript became really annoying, since I never knew which scripts are necessary, and which are used for tracking or some other bullshit. It was always trial and error, and just felt tedious and unnecessary. I wish NoScript would have a built in whitelist of scripts that are known to be necessary for websites to function, this would avoid breakages and make it much more comfortable to use.

The EU literally uses the Fediverse themselves. https://ec.social-network.europa.eu/

And basically 99% of the modern web doesn’t work without JS. I don’t know why there are still so many people running around and saying “disAblE jAvAscrIpT!!!”, yeah like how the fuck am I supposed to use the web??? At that point, I could also just delete my web browser, it would literally have the exact same effect.

You don’t control any VPN services hosted on someone else’s (e.g. a cloud provider’s) infrastructure. They have full access and can technically do anything. And they see your incoming and outgoing connections. This is stupid, and doesn’t give you any privacy benefit. There are good and trustworthy VPN providers like Mullvad, IVPN and Proton. Just acknowledge that.

The avionics bay of an Airbus A380

This might sound weird, but Apple. I was NEVER disappointed by any of the products I bought. Sure, they are fucking expensive. Sure, they sometimes release really dumb products that most people probably shouldn’t buy (e.g. the 2015 MacBook). But if you make all the right considerations before your purchase, I’m pretty sure you will have a product that won’t disappoint you. At least that’s been my experience so far. That doesn’t mean that I’m perfectly happy with everything, for example I’m trying to switch away from an iPhone (I will definitely keep using macOS laptops/desktops though) for privacy reasons. I wasn’t really disappointed here, when I bought this phone, I knew what I was getting myself into, but Google isn’t much better.

Proton for secure email/calendar/whatever they offer now. I’ve been a subscriber to their paid plan for years, really happy so far.

IVPN and Mullvad for a trustworthy, private VPN provider

Darknet Diaries is just amazing, it’s always really interesting, I never get bored

The Lockdown is a pretty good podcast about digital (and physical) privacy and security

The Privacy, Security, and OSINT Show by Michael Bazzell @ inteltechniques.com was really great, but they took it down last year. Fortunately there is still a torrent of the full archive of the show floating around: https://lemmings.world/post/11120738

The Ask Noah Show is all about Linux and open source software

Basically everything produced by Jupiter Broadcasting is just awesome, including Linux Unplugged and Self-Hosted

Linux Matters can also sometimes have really good content (Here’s their Mastodon profile: https://ubuntu.social/@linuxmatters)

Brodie Robertson’s Tech over Tea (I’m sorry I don’t have a better way to link to it than Apple Podcasts)

The Linux Experiment’s weekly Linux & open source news podcast (which you can also follow from the Fediverse btw, Castopod is just an awesome piece of software)

I’ve been using OpenCalc, but CalcYou seems great too

This is just talking about developers having to include a link to their privacy policy in the respective field in the App Store/Play Store

A privacy policy is only legally required when you actually collect user data. Most devs don’t write a privacy policy for no reason, so seeing one can often be suspicious. Btw if you are worried about a FOSS app tracking you without disclosing it in their privacy policy, if this is the case, F-Droid would display it under the Anti-features section.

It’s actually a problem with Google, because the only reason GrapheneOS doesn’t pass the Play Integrity API check is that Google enforces a whitelist of allowed operating systems. Even though GrapheneOS is 10x as secure as the stock OS, Google doesn’t allow it. Since this is a highly monopolistic practice, the GrapheneOS team is talking to regulators to finally stop this: https://grapheneos.social/@GrapheneOS/112916691727814901

Because it’s Google’s proprietary garbage app. Use FOSS alternatives from F-Droid instead.

Personally I wouldn’t keep my TOTP together with my passwords, but it’s up to you

Using 2FA on all accounts that offer it is just as important. And make sure to use a good, open-source TOTP client like Aegis on Android or Tofu on iOS.

Definitely make sure to backup your seeds in an encrypted format (e.g. Veracrypt container or GPG-encrypted files). If you lose your seeds, you lose access to your accounts.
I like to use the automatic backup feature in Aegis, which syncs my encrypted vault to my Nextcloud server. You can also enable compatibility with Android’s backup API and use that if your ROM includes a backup solution like Seedvault.

I think that’s because KDE has just reimplemented it to work on Wayland, but it’s not there by default. This is a feature of X.

I also have Caps Lock als Ctrl, but I leave Cmd where it is by default, and I just disable the Ctrl key.

Some terminals use weird combinations like Shift + Insert, which is ridiculous, because it requires me to take my right hand off the mouse to hit the insert key

You can get Vi keybindings in Emacs, I use Evil mode all the time

Same. The closest thing I could find is !arctic@lemmy.world. On Android, I use !thunder_app@lemmy.world. (yes I always use 2 phones)

Shutting down 3rd-party apps