Welcome to The Privacy Dad's Blog!

Conversations with an IT Security Expert

Several years ago, when I had just begun learning about digital privacy, I asked a friend who works in IT security for advice. I took a lot of notes and kept copies of the email exchanges and Signal messages. Below is a summary in bullet points of the information I've found most helpful.

Q: Is it safe to download and use sensitive apps, like your password manager or banking app, on a de-Googled phone? Some apps give warnings about rooted phones being less safe.

Note: At the time of asking this question, I was using /e/OS. I have since switched over to CalyxOS, though my kids still use /e/OS on their devices.

Should I try to de-Google?

What other advice can you give?

I recently bought a PinePhone. What are your thoughts on Linux-based environments?

Conclusions

There was a lot there! The problem is that this conversation took place around 2020, and IT is a quickly changing landscape. I decided to keep this post in, because it aligns with the purpose of my blog: a diary showing the steps I took towards better digital privacy as a regular consumer.

You can do a lot on your own, but having a friend who knows more than you and is willing to take time to answer your questions can give you confidence you've been taking steps in the right direction. Some of the comments above also made me pause and think that perhaps not everything that carries labels like privacy or open source is by definition better.

The main take-away points for me—things I still do today—are:

  1. try to avoid tying all your online activities to a single identity or device, and,
  2. accept that sometimes using a mainstream device may provide better security or safety.

Note about summer months

Loyal readers may have noticed a reduction in the rate of my posts recently. I explained to my email subscribers last week that this is partly due to a career change, which I have discovered can take considerable time and energy!

Looking ahead to summer, I'll be doing quite a bit of traveling and spending time with family; posts might therefore be a bit more sporadic. I may try to write a few short glossary posts for beginners (What Is...?), explaining some of the terms used above.

I have very much enjoyed the process of writing I really appreciate the encouraging responses I've received this year. If these posts have been useful to you, I hope you'll stick with me. I plan to return to weekly publication from the beginning of September.


-----Discuss on Reddit-----

Subscribe to my blog via email or RSS feed.

Find me on Mastodon and Twitter.

Back to Blog

  1. This comment was adjusted in a subsequent conversation. My friend looked a /e/Foundation's documentation and found their apps come from cleanapk.org, which pulls from F-Droid. He was not able to find a lot of information about F-Droid but thought it might be an 'APK scraper'. I later learned he was talking about /e/OS's own store app here.

  2. I'll be honest: I copied this verbatim and don't know what it means.

#de-googled #digitalprivacy #expertise #security