As my wife sends me messages telling me about the latest Apple product release, I just feel sad. I used to get excited for each major phone release, and not just from Apple. I used to be excited to try new online services / web apps. There are so many things to think about now, and balancing privacy, security, and convenience is far from easy. Becoming interested in protecting my own privacy has essentially ruined tech for me.
Let’s start with phones.
I bought an iPhone X last year after seeing Apple’s move towards being a privacy-respecting company. However, they’ve recently done a 180 on that. While that alone wouldn’t have made me immediately rush to switch phones, my screen broke, so I switched back to my old Android phone.
I have a OnePlus 5T. It no longer receives security updates. I thought installing LineageOS to keep my device going, and in the process, removing Google, was the obvious choice, but not really:
- Manufacturer blobs are used. This means they’re no longer going to be updated. Security issue.
- Bootloader needs to remain unlocked. Security issue.
- My battery life sucks since installing it. LineageOS issue? Issue with apps checking for new messages in the background without Google Cloud Messaging? Who knows? 🤦♂️
What are my options for a new phone?
Pixel with GrapheneOS
If you search privacy communities, there’s one common suggestion across all of them: Google Pixel phone with GrapheneOS. But, there’s an outlier: A subreddit called /r/privatelife. It’s run by TheAnonymouseJoker, and they’re very much against using a phone made by Google, and they’re suspicious of the Titan M chip:
Some proponents of GrapheneOS community will try and lie to you about the open sourcing of the generic security chip in Pixel 2 series, which is not Titan M chip, and how the microcode of Titan M is already open sourced by Google, yet the Titan M chip has NEVER been independently audited, or can be analysed using whitebox methods.TheAnonymouseJoker
Can I trust Google hardware to protect my privacy while running a privacy-friendly ROM? Is that a good option? Is it a bad option, but still my best option? I have no idea. I don’t know enough about this to argue for or against it, and I shouldn’t have to.
New phone with LineageOS
I’ve looked at a lot of newer, “budget-friendly” phones, that have official LineageOS support. Particularly, I think the Xiaomi 10T looks interesting. But what do I really get for my ₱20,000 ($400) vs my OnePlus 5T?
- Updated blobs 👍
- RAM downgrade 👎
- Bigger screen 👍
- Similarly bad camera quality 👎
This doesn’t make me excited to buy.
PinePhone and similar devices
The idea of having privacy-respecting hardware, with switches to disable the camera and microphone, sounds amazing to me, but this just won’t work. Maybe it will get there one day, but I need something that is reliable as a daily driver now and can run the apps I need to use. I’d definitely be interested in playing around with one, but I don’t expect to be able to make the switch.
Moving on to services…
If you’re involved in the privacy / tech community, you’re already aware that many free services only exist to gather as much data about you as possible. This leads to many of us switching to open source alternatives, but to be honest, many of them aren’t great.
File upload and sharing
I’ve never liked Nextcloud:
- When I first tried it, I had extremely unreliable uploads. This was eventually resolved.
- It feels clunky. It tries to be so many things, and isn’t ideal for any of them.
- I don’t have the time or desire to maintain a Nextcloud server.
- If I pay a service to do that for me,
- storage provided is usually small
- it’s an additional expense
- it’s not easy to get my files in or out. Generally, there’s no SSH access provided.
So I ended up going proprietary, by buying pCloud, but the main benefit to me is just that it isn’t Google. Encryption is supported, but not really. You can pay a subscription fee for their encryption feature, but it doesn’t work for automatic photo uploads or their desktop backup feature, so it doesn’t really do anything for me that Cryptomator doesn’t.
I could probably write a full article about why I hate all the messenger options. Maybe I will, but for now let’s just do some bullets. I’ll also leave out the obviously creepy ones, like Facebook Messenger.
- Requires phone number. Bad for chatting with people I’ve met online.
- Terrible desktop app.
- No web app.
- Requires phone number, but you can also have a username.
- Can’t create a separate identity without an additional phone number.
- Not encrypted unless you use the “Secret chat” feature.
- Ugly apps – very outdated UI styles.
- Depending on your app, you may be missing some features you’d expect from a modern messenger, like being able to delete/unsend a message.
- Basic functions not available, on macOS at least. For example, I can’t paste an image. I’d have to save the image and then drag it into my chat.
- Unreliable notifications on iOS. Yes, I’ve tried the beta versions that were supposed to fix it.
- Many email providers have an hourly send limit that you can easily hit when chatting. In fact, my IP was blocked by my email host because of this.
I could go on and on and do this for everything I’ve used, but it’s all basically the same: things are usable, but not great.
Where I’m at now
I currently have no idea what I want to do about my phone having outdated blobs. I don’t really want a new phone because none of the options excite me, but I also don’t like taking the security risk of having outdated software. A purchase at this point would just feel like a necessity and not a treat.
I’m sticking with XMPP as my main messenger for now. I’m considering migrating to yunohost for easier maintenance of the stuff I self-host, but that migration alone will take a lot of time I don’t have. I also might switch to proprietary services for things I feel are less sensitive – like Pocket for saving articles – but I haven’t decided yet.
Are you hating tech as much as I am? Discuss on Mastodon.