René's old blog

Distorted logos of Amazon, Apple, Microsoft and Google - symbolically de-googling

De-googling

by

René Seindal
in ,

I have tried for ages to de-google. Not just from Google itself, but all the big ones — Google, Apple, Meta, Amazon. However, de-googling is not easy.

The main problem is that of surveillance capitalism. These giant corporations — and many others — spy on you to sell or exploit the data for commercial purposes. While you can decide not to buy, they can used that information for other purposes.

Once the information is there, it will be used, and often for nefarious purposes to our own detriment. Often, once we’ve lost control of our data, it’ll be used against us.

One example: a recent case in the USA where mother and daughter ended up in prison for an abortion performed in another state, based on their Facebook messages, willingly handed over by Meta.

It is very much in our interest not to give these corporations our data.

We can do something, but it is not easy and it doesn’t go all the way. It can be very hard indeed, if you have family, friends or even a job, and most of us do.

I also have the advantage of being tech-savvy — my wife or friends would not be able to do much of this.

This is a run-down of what I have tried to do so far, with a short discussion of the problems at the end.

Computers, phones, things

We’re surrounded by computers. Everything has a computer inside, often with with more computing power than what was used for the entire Apollo program to put a man on the moon.

Desktop computers

All our computers are running Linux and have for decades. I started with Linux in the early ’90s, and with Unix in the mid ’80s, so it’s second nature. There are no closed source software on the computers.

Everything I need to do with a computer, I can do with Open Source software. My wife is generally happy with a browser, a mail program and an internet connection.

We have one Windows installation, which rarely boots, but its there in case it’s needed for my wife’s work. In practice I boot it every few months for updates, in case she’ll need it. It is, however, not used unless there’s some kind of emergency.

During the Covid lockdowns she worked from home, which required a bit of proprietary software. It was available for Linux, and we had no Windows computer then, so that was how she used it.

We do have Chromium installed on the computers, but only use it for emergencies. I use Firefox with lots of containers, so all Google activity is in one container, Meta in another, search results (through DuckDuckGo) in its own, and all my private sites and activities separate.

Cellphones & tablets

Our phones and tablets are all Android. We’re completely embedded in the Google eco system. There’s no easy escape. The hardware is usually locked down, and the systems won’t work without several of Google’s apps.

Alternatives to Google Android often lack essential functionality (see below about Banking and Public administration).

I do have some dubious apps on my phone, because in the end you’re forced to make compromises, even if you’re self-employed. Most notably I need the apps that will get me paid for my services, such as apps for my bank and for credit card processors.

I have avoided the worst, especially social apps from the big culprits, and I use the mobile sites as much as possible. I can check Facebook and Twitter without the apps, at least for now.

We both have DuckDuckGo installed, including the VPN part which blocks trackers embedded in other apps. It is amazing how much data is sucked out of your phone by just about every commercial app in existence.

Internet of things

We don’t really have a lot of ‘things’ online. For now its limited to routers and printers.

We try to get stupid appliances, or alternatively, not to connect them. This will probably get harder and harder in the future.

If I have to, I’ll put up a separate Wi-Fi network for such ‘smart’ appliances, so I can check on traffic and so they can’t reach our computers and phones.

Banking and public administration

This is one of the larger systemic problems. Banking and online access to public administration is now locked to our phones and without their apps on our phones we’ll have real problems in our daily lives.

Even if you try to connect to your bank or a payment service from a desktop computer, there’s usually a two-factor check with an app on your phone.

Anybody who’ve lost their phone will have some horror story about losing access to bank accounts and public services, and about regaining that access on a new phone with a new SIM card, even if its the same number.

Telephone numbers are often used for identity validation.

Social media and messaging

Social media and messaging have become a large part of our lives, and an equally large attack surface for the surveillance predators.

By now social media are unavoidable, but most of the companies behind are the worst of the surveillance predators.

I try avoiding the apps on my phones and tablets, by using the mobile sites through DuckDuckGo as much as possible. Consequently, I have so far been able to avoid the WhatsApp, Facebook, Messenger and Twitter apps. Messenger doesn’t work on the mobile site, on purpose, so I only check that on the computer.

I live without WhatsApp even if many people cannot understand how it is possible.

Mastodon is the lone exception. I have the app on my phone, but Mastodon is different (I hope).

Signal is the obvious correct choice of messaging app. However, in reality I use Telegram the most, because that’s where the people I need to talk to are.

That is the main problem with messaging. Everybody else is on WhatsApp, Messenger, Telegram, Snapchat, Discord, and so on, rather than on the safest and most secure systems, like Signal.

The reason is — obviously — that the same surveillance predators push us hard towards their own offerings, because the data they can scoop out of our devices are just too good to leave to others. That is also why they make it so hard to use their services detached from your phone.

I don’t have most these apps on my phone, but we both have some because of work requirements.

Documents & sharing

After the revelations of Edward Snowden — tens years ago — I moved our files and as much as I easily could away from Google Apps where I had a free setup. I had a company back then, and that moved too.

Since then we’ve had most of our files on an instance of initially Owncloud, later NextCloud, installed on a VPS. We ended up using it a lot, and space is often tight on such VPS’es so I set up a separate instance on a NAS we have at home.

Consequently, I have practically all my files in some NextCloud folders, synced with one of the two instances, which is very handy as I can walk from one computer to the other easily, yet the files will arrive there first.

Mail, calendars and contacts

The Google Apps setup (actually two, one private and one for the company I had some years back) served mostly for mail, calendars and contacts.

Therefore, all that data was on Google servers.

When Google removed the free option on Google Apps I finally moved the difficult bits — mail servers are notoriously difficult — to another VPS running Mail-in-a-box.

MIAB — as it’s often shortened — is nothing short of fantastic. It basically automates all the difficult parts of running a complete mail server. In that box is a mail server (Postfix), IMAP (Dovecot), web-mail (Roundcube), anti-spam (spamassassin and postgrey), DNS and some more bits. There is also a minute Nextcloud instance — running of an SQLite database — for contacts and calendars.

Since modern mail requires lots of entries in DNS for all the domains, MIAB has an integrated DNS server, which is now primary for all my domains, with secondary on one of the other VPS’es. That’s another tiny bit of data — but a very important bit of data — brought under my own control.

Obstruction

The main problem with a private mail server is that the surveillance predators don’t want you to, and make your life difficult, just because they can. All the mail passing through the mail servers of Google, Microsoft and Apple is a treasure trove of data for their advertisement networks and now for training their ‘AI’ — which illogically is short for Automated Plagiarism.

While probably some 80% of the spam hitting my server comes from Hotmail, Microsoft is also the only one who’ve repeatedly blocked my mail server because of ‘spam.’ In reality they just randomly block entire subnets of IPs for various hosting providers, so if somebody is sending spam from an IP address in the same block — which is out of my control — they block the lot. In any case, I’ve had had to open tickets with Microsoft repeated for ‘mitigation’, and recently it’s been working reliably.

Mail servers have always been obnoxious to administer, but MIAB generally just runs smoothly. I spend very little time on that server.

Data safety

Our data is on our servers, so we’re good, right?

Wrong!

Google is still there

While mail, contacts and calendars are now on my own server, through software I trust, Google hasn’t really left the building.

All that data still passes through our cellphones, which run Android and Google apps.

I use an open source mail app on my phone. That’s the easy part.

Calendars and contacts are synchronised with Nextcloud by DAVx5. However, I need a Google calendar for one of the places I work with, and I’ve found no open source app to synchronise that. I therefore must have Google Calendar installed and active on the phone, so that’s the calendar app I use.

Files on VPS’es

The VPS’es I have all run Linux. There’s a mail server and a couple of web servers.

They are with an external provider, and that external supplier obviously has access to the physical disks where our files, mail, contacts and calendars are stored.

That’s the nature of things. If you have physical access to a storage device, you have access to the data.

I could encrypt the file systems, but it will probably prevent an automatic restart of the servers, if that should be necessary. Servers need to reboot unattended, but the hardware is not under my control, and it is not entirely up to me to decide a reboot. If the encryption key is stored on the server, I have gained nothing as they’ll have access to the key.

So what have I gained?

Firstly, both the hosting provider and myself are in Italy, so the legal situation is rather simple. My data is on some random disks in a data centre, but under Italian law. That is a lot better that having your data who knows where under who knows which laws of who knows which jurisdiction.

Secondly, while I don’t have full control over the data, the data are not accessible by the surveillance predators. Those who could gain access are Italian law enforcement and Italian courts, but private entities cannot.

Thirdly, even the files I have on the NAS in our home are within the reach of Italian law enforcement and Italian courts. The same court order which can give them access to the hosting provider’s data centre, can give them access to our home.

This is still orders of magnitude better than having your data directly on the servers of one of the surveillance predator corporations.

Major problems

As should be evident, what I have done to secure our private data is not perfect. There are problems, and there are some major problems.

Android

The glaring hole in al this is obviously the phones and tablets with third-party apps, not to speak of Android itself.

A central part of our daily lives is directly controlled by an America advertising giant, one of the main surveillance predators.

Next time I need to get a new phone — if I have the money — I’ll try a de-Googled Android phone, like a Valla Phone. Unfortunately, Google-free Android phones are more expensive, so if you’re short on money they might be out of reach. As always, being poor is expensive.

I also need to be absolutely sure that essential apps do work on such a phone, because I rely on apps to get paid for my work, and I rely on apps for banking and for access to public administration.

Social media — social pressure

Social pressure around social media is a problem.

Outside pressure, such as my wife’s work requirements, can easily force you to have apps on your phone which really shouldn’t be there. In her case we’re not talking about work specific apps that allow her employer to spy on her, but general purpose apps which allow mega-corporations to spy.

I probably make a bit less money because of my refusal of using WhatsApp, which is what everybody wants. I get asked about it continuously.

De-googling is not easy at all.

Comments

2 responses to “De-googling”

  1. Cloud68co 🐱‍💻 avatar
    Cloud68co 🐱‍💻

    @blog thanks for sharing your story. Self hosting should be the end goal, but it is not easy. Sharing these stories in an honest way is quite helpful for anyone that thinks that even limiting the digital footprint from #EvilTech is… impossible. The more we share on this topic the better 🙂

  2. Christoph Schmees avatar
    Christoph Schmees

    @blog
    It is quite easy: NONE of the GAFAM gang: NO #Amazon, NO #Android but #Custom-ROM, NO #Apple NO #META, NO #Microsoft and so forth. I practice that since many years. It is possible!

Leave a Reply

Your email address will not be published. Required fields are marked *