So I kind of want to get out of the Gmail ecosystem, and have been eyeing Proton as a good replacement, but I can't help but to think that nearly all of Proton's selling points and marketing points are all smoke and mirrors.

And I don't know, maybe I'm looking at this entirely the wrong way, I am just really struggling to see the appeal of Proton.

First, I'll start with my "threat model".

In general I want to be more anonymous online and slip under the radar better.

I'm not planning on doing anything clandestine, but with the direction the US is going, I'd rather not be an easy target if I want to be active in activism spaces if you catch my drift.

And I'm also interested in staying off of databrokers radars, or obfuscate myself to prevent coherent tracking.

With that being said, it seems that even with a proton email if someone wanted to find my identity they could, data brokers or governments alike, even if I pay for my subscription with cash.

And not that I'm really worried about that, but to me that negates like the entirety of Proton's marketing gimmick.

And I'm failing to see what functional benefit Proton has when it comes to privacy outside of just being "aesthetically private".

Here are some of my concerns, please feel free to correct me if I'm completely offbase with any of the logic below, but this is just my initial thoughts, and I'd love to hear some feedback and/or be corrected or provided more context.

1. Why does the encryption of the message body matter if the envelope and address are is still exposed? If a government or data broker can get the sender/receiver info, timestamps, and my IP, they have a map of my life. Isn't the "private content" just a distraction from the real leak? Like other than not having my emails used to train AI or data being sold to data brokers, I can't find a functional improvement or benefit to my daily life to use Proton outside of thinking "Yeah, fuck The Man" every time I log in. Like I am more worried about governments and data brokers knowing who I'm sending/receiving things from than I am about the content of those messages being exposed since I'm not going to be monologuing evil plans over email, and I really don't care if the databroker tracking me knows that I bought a case of liquid death root beer 4 times in one month since they get that information from Amazon or whatever website anyways.

2. Everyone talks about "Swiss protection," but isn't that just a speed bump? If the U.S. government goes to Switzerland with an MLAT request, Proton has to comply. And even if I've payed with cash, they can still be compelled to log the IP logins and hand over the alias emails and primary mailbox used by that account and the metadata. So if I sign up for something using an alias, they can take that alias and file an MLAT request with Switzerland to get my main email, the metadata for my entire inbox(just not the body content) and the other aliases tied to that account, and then do a search for any services using those emails to find my identity. They could technically use an alias email I've made, send an information request to Switzerland/Proton, get back a list of aliases and email metadata, find that I used an alias to sign up to a pizza delivery service, then subpoena that pizza delivery service for my name, phone number, and address, at that point what's the point? Is the point just to make it harder for them? I'm not planning on doing anything that could get them to want to subpoena my emails ANYWAYS, but what's the point of making it harder for them outside of again, just thinking to myself "haha fuck you" every time I send an email?

3. Even if I use an alias, if the site I use the alias on gets tied to my online data/identity, then my privacy is broken, right? Like lets say I want to sign up for a new site called godotshaders.com, I use a proton alias to sign up. This site then collects that data, my IP, my cookie data, browser user agent string data, and that I'm logged into some account with my other non-proton email, etc, that gets tied to my browsing data they're collecting, and suddenly they've linked that alias email to my advertising profile and other browsing. Rinse & repeat. Now all the aliases are tied to me. I don't see how these emails help with online advertising tracking.

4. I have tons of accounts I use, my bitwarden login count sits at around 850 logins, but I probably only regularly use a small fraction of those. But if I end up changing my email on a lot of those accounts to the proton email, even a proton alias, all that does for data brokers is potentially tie every one of those new alias emails to me. And at that point there is no difference in my data broker information just that I have 850 different alias emails. But my data is still tied to those accounts. So AGAIN, what's the point of this? Do I need to sign up for everything from scratch in order to maybe have privacy?

I forgot my driver's license today but had my phone with me. I remembered seeing stories that google and apple both allow these (for some states) in the digital wallet.

Before doing this, I thought I would ask people here to weigh in on whether it is a good idea. Is it considered secure? Is it going to cause me more privacy issues than a physical card in my wallet?

This is also related to recent discussions about online age verification.

This is a related Tildes post from last year: Google Wallet adds age verification and more government ID support

as a grapheneOS user, I obviously care about my privacy, hence why the iPhone will not be my main driver, the grapheneOS device will continue to be.

but I might be getting a free iPhone soon and I have an idea of what I would use it for (Podcasts as Apple Podcast is the best cross-platform podcast app I have come across) but am not sure what else I would be comfortable using it for as I don't know what actions are safe without having Apple gather that much data or telemetry on me.

I know that I won't be using iCloud on it. I have no need for Apple's data storage. Nor do I see myself ever using the App Store, except for installing a VPN app. I might install Signal on it but not anytime soon (not least of which cause Signal does not yet support multiple smartphone usages for the same device). I definitely won't use iMessage as I don't believe in using a messaging service that is limited to a specific ecosystem.

I will note that I wont install a SIM on it. It will be using Wi-Fi for the foreseeable future.

Given these things, i am not sure if there is anything i should be on the look-out for in terms of privacy concerns with the usages I have outlined above

Edit:

Based on the answers to my post, I am getting the sense I didn't explain my current situation, which fair enough.

I have audio and video podcasts I consume, for my audio podcasts that I tend to listen to while commuting and exercising, AntennaPod proved a God send for this, to the extent that I wanted to support the app financially until I saw that they said their costs are already covered and it made me appreciate them even more for their honesty.

However, I have a free iPad I got by accident (not worth going into here) and I prefer to consume my video podcasts on a bigger screen than my google pixel. I don't trust Google with tablet development after a bad experience with another tablet I had from them so that was out. so I decided to just use the free iPad and was delighted to find their Podcasts app also supports videos.

However, I wanted 1 service that I can use on a phone and tablet. AntennaPod does not have any iPad apps. I saw this page and the 2 alternatives seemed to be Pocket Casts and Podverse. I tried Podverse but the iPad app would not even launch for me, it crashed every time so I said goodbye to that.

reading into pocket casts, it seems they do collect some data and they do have the option opt-out of that but that could very well change, which means I'd be in a situation where I could be paying for a product while also having my data collected and I disagree with that business model.

So, Apple Podcasts is probably collecting some data on me but I figured all it knows is what podcasts I listen to, which isn't terribly useful (I hope) considering I have subscribed to podcasts from a feed I generate myself.

And I happened to already have an old iPhone lying around at home so I decided to switch to using that for my audio Podcasts and use my iPad for video podcasts and its sometimes glitchy since I would call the Apple Podcasts synchronization experience (between devices) half-baked at most but I can make it work for my use case. So I am already using a separate iPhone just for podcasts and I might be in the position where I get a new iPhone which would replace the current iPhone but not sure what new threats to be aware of privacy-wise. I would be upgrading from an iPhone SE first gen to whatever new version I am getting.

A few months ago, my credit card number was used in a few unauthorized transactions. The charges were reversed, and I got a new card, so overall, no big deal. But I am curious as to how the thief actually got their hands on my information.

Are there any lookup tools for leaked credit cards, similar to Have I Been Pwned, that might tell me how my credit card number was exposed? Since my card has already been cancelled, I don't even mind typing the number into a somewhat sketchy site.

I didn't watch the whole video and I'm not familiar with the channel so I don't want to make this a link post, but here's the source: The Lunduke Journal

I watched up to the point where the author explains how Microsoft tends to turn on all the privacy invading settings every time they push an update (not surprising). I guess if I had to use Microsoft products, I'd try to disable automatic updates and just do them twice a year in one go, while also turning off the settings I want off. Would it be practically feasible? I don't know. Having to go to those lengths to use some software just seems ridiculous.

I'm getting a little bit worried these days about the tracking features in chrome and was looking into Zen Browser. Does anyone here use it? Any thoughts?
Also looking for any simple non tracking browser alternatives!

I'm streaming Firefox to watch Riverdale, so I opened up Chrome to browse while I wait for them to join. Youtube has ads on it, and I realized I can't grab uBlock or anything (meaningfully) privacy focused. So, I wanna try out one of the cool new browsers, what do people use and recommend?

I'm on Windows and a proper techie, so give me anything that's a bit strange and off the wall as well! The only one I tried out recently was Comet, but it needs more time to bake, total waste of time IME. I remember using IceWeasel for some reason lol

I've been in the lengthy process of degoogling myself. Email is done, Calendars are done, drive is more or less done (but now at MS, so... yeah) - but a real sticking point is Google Photos.

I just love looking up places and faces and the occasional "This day one year ago" albums really lighten up my day.

Additionally, I am a bit of a hoarder, I never ever throw out photos, so I have right now 101 GB of pictures since 2012. This will be a pain to migrate so I only want to do it once.

I tried Immich, but could not make it work on my NUC with a very limited connection to the Internet and probably because of the vast number of images.

I came across ente.io, and it looks promising. While 4.99€ per Month for 200gb isn't exactly cheap, it feels still okay for hosting all of my visual memories.

But before committing, I would like to get some more feedback on this service, what is nice and what is not so nice and why you feel comfortable with entrusting them with your pictures.

Edit
After the very helpful answers in this thread, I signed up for a 200 GB plan, downloaded all my pictures from google and I'm currently in the process of uploading them to ente. This takes a bit longer than I thought, but then again, these are 45.000 pictures and live-pictures.
So far, this feels pretty slick. Thanks for the feedback here.

My understanding is that Android emulators primarily exist for mobile development and app testing and such-like, and maybe secondarily, to play mobile games.

I want to explore the possibility of using them as a, basically, full-time replacement for installing apps on my phone. More and more apps and services have no "desktop/laptop" version, and no website version. Installing the app on your phone is starting to become a non-negotiable requirement ... one that I'd like to find a work-around to.

So, yeah ... I guess that's the question. Is this a 'thing'? Has anyone experimented with--or flat-out used--an emulator on a desktop/laptop to run their banking app and the like? Is this even possible? Can you connect an emulator to an app-store and just start downloading/installing stuff?

Thanks.

A long, complicated story, summarized: (apart from Tildes, on which I lurk) I swore off all social media years ago. Then my job required that I have an account on LinkedIn. I reconsidered, and attempted to make the least disclosive account possible in an effort to protect my privacy. Things aren't going well. Despite logging in with the correct credentials, on the same device, using the same browser; and with access to my signup email, and access to the phone I used to enroll, LinkedIn has flagged my account the second time I tried using it and now requires me to upload images of myself and my government ID to regain access to their cesspool. Are you familiar with their protocols and can share insights, so that if I start again I don't face the same problem?

I have read what LinkedIn says and I have read discussions on Reddit on the topic. LinkedIn says you can opt to "use your work email" or mail them an affidavit. These options were not given to me. Everyone else I have seen reporting facing this seems to have triggered the system by losing their login credentials or moving countries; what brought this upon me and can I avoid it?

1. Is it that I use a VPN, and it may have routed through a different IP address on the second login?
2. I use an email alias. Is LinkedIn purging accounts with email domains that offer aliases?
3. Is it a result of clearing cookies?
4. Is it easier to maintain a Google account (!) which LinkedIn allows as login without this ID thing coming up?

Please be gentle with your advice as I am kind of panicking.