Nordlocker is neither open source nor has it been audited. Tresorit at least has audits.
This 100%. It's also worth looking at https://www.privacyguides.org/en/basics/common-misconceptions/#complicated-is-better
Don't be obsessive about "degoogling" to the point where you pick worser alternatives that don't have the features you require. Always test something out before doing a mass migration of "all your email" for example.
Delete your accounts. Get a relay service (Firefox Relay, SimpleLogin, AnonAddy, etc.). Create new accounts with alias emails.
Also suggest reading this: https://www.privacyguides.org/en/basics/common-misconceptions/#complicated-is-better
For "known identity" do not use cloaking services, you'll end up banned. Amazon does this for example.
Skiff is another option to replace Gmail
Make sure you don't depend on features like email clients. You also can't use encryption like PGP so, that will mean that you'll only have E2EE if you're sending to other Skiff users. (There is no external E2EE with Skiff).
GrapheneOS, CalyxOS, /e/OS, etc
I'm not sure that /e/ is as degoogled as you might think:
- https://web.archive.org/web/20210429032124/https://infosec-handbook.eu/blog/e-foundation-first-look/
- https://web.archive.org/web/20210501132539/https://infosec-handbook.eu/blog/e-foundation-second-look/
- https://web.archive.org/web/20210515115246/https://infosec-handbook.eu/blog/e-foundation-final-look/
We do think their phones are very pricey for what they are and not nearly as secure as something like GrapheneOS, ie lack of verified boot etc. Their cloud service is also not E2EE as far as I can tell, which you'd really expect from a "privacy service".
Better to focus on using good products than be obsessive about Google.
Keep in mind Google Workspace has a significantly different privacy policy to Gmail and other consumer services. Data is not used for advertising purposes and is owned by you. They also warn you if you leave to a consumer service like YouTube.
Best bet would be to simply have a separate browser you're not logged into your account with. Don't do personal browsing with a company owned/educationally owned institution device.
I know with standard setttings my isp see everything, but if i will use some encrypted dns what they will see exactly
Basically the same thing.
Encrypted DNS is not for privacy, it is for stopping someone from altering your queries basically, because normal DNS is not encrypted. Domains are exposed through other various methods we explain. Please see our website where we've gone to the effort to explain this https://www.privacyguides.org/en/advanced/dns-overview/ we have a flow chart that characterizes the above methods of obtaining the domains you're requesting.
Vanadium is built specifically for security. It lacks privacy features such as an ad blocker
Currently I use the AdGuard DoH server. It's not perfect, but I don't do a lot of browsing on my phone. There were some plans to implement this in vanadium https://github.com/GrapheneOS/Vanadium/issues/10
Related thread here https://discuss.privacyguides.net/t/cromite-bromite-fork/13274 The main thing we find is Vanadium is not lagging behind upstream and it has hardening patches that a lot of other WebView implementations do not have. Whether you like a to "contribute to chromium based market share" you'll have a WebView implementation on your Android device used by apps you use. It's also worth noting that per site isolation doesn't seem to be a thing on Android for non-chromium browsers.
As for the metadata leaking, while metadata is obviously available to the admins of the servers you and you recipient are using, these chat histories are not synced in their entirely,
Maybe so, but for a public room it really means nothing because they could just join it anyway. Every client has a copy. The point is neither system has deniability in terms of "I was never talking to this person". I do think there is more utility in Matrix's future with P2P accounts however, that don't depend on a single Matrix server and can be rotated. Anything you aim to be anonymous with should be regularly rotating accounts as we suggest. Take a look at XMPP: Admin-in-the-middle. Admins can get more than enough.
SimpleX chat addresses most of Matrix and XMPP’s shortcomings
Except there is no desktop client, and I'm not sure how it will work at scale. It does not have anywhere near the feature set of Matrix. The whole "spaces" thing is the beginning and I suspect they'll be doing a lot more there, specifically: "Spaces effectively gives us a way of creating a global decentralised filesystem hierarchy on top of Matrix".
I hope it can one day replace them.
I honestly doubt that will ever happen they aren't really competing products. Matrix is really meant for large scale networks, a bit like a whole social media platform, whereas SimpleX is more like a competitor to Signal or Session.
I would like to see Decentralised user accounts and I think they may be still looking at this because it would be nice to be able import your account somewhere else if a home server you're on shuts down or something.
Plus their unwillingness to open source it and not sharing the audits just doesn’t inspire my confidence.
The server side isn't open source, and you can't verify that is what is actually running in production. While we do recommend it I don't personally use their products.I like the use of email clients, particularly customized to my needs.
Nested folders was only a very recent feature added https://tutanota.com/blog/posts/subfolders and without that I wouldn't even consider a provider as I use this for organization. Of course as you can't use your own email client, downloading email from Tutanota can be a bit of a pain too, you can only export per-folder into Mbox.
You'll still need email hosted by someone else, even if you are self hosting, in order to sign up to domain registrar etc.
It's very poor idea to use the same domain for contact from a registrar.