This past week has been a bit of a whirlwhind, without stating some of the geo-politicial shennanigans going on in the world right now, it’s given me the final incentive to make the final push on my data.
A few years ago I shifted all my personal data to on-prem, with encrypted, air-gapped backups in multiple locations.
This week, I’ve purged my personal Google, iCloud, and Microsoft accounts, shifting everything to Proton. It’s not perfect by any stretch (looking at you Proton Calendar and Thunderbird!), but I’m more comfortable with my data being out of the hands of a multi-national corps. Oligarchs or not, the only knee-bending I want to be doing is to re-silver a drive on my NAS.
My only recommendation from this experience, is that if you do one thing this year, sooner rather than later, it’s question who has access to your sensitive data, how valuable it is, and in what context. Privacy should be a basic right, sadly that’s not always the case, mitigate the risks that are relevant to you, it’s not a binary situation.
Moving wasn’t as bad as I thought it would be, - will I ever go back to having so much on “corporate cloud” services? Absolutely not. I think whatever unfolds for the world this year, there are some bridges that are very burning, and burning hard.
I think it depends on what you’re backing up on the cloud services. For me, personal photos and/or documents I’ve written, really aren’t sensitive. I do want to have them in more than one place though.
However, if you have records of illegal activities or things that might be classified as illegal (apparently on FB linking Distrowatch is subversive) by your govt, then you probably should take such actions seriously. Possibly also financial records.
Anything else?
This is the problem: Assuming people want privacy because they are doing something illegal, versus recognising that governments can make anything illegal “overnight”. As such, people should seek privacy-respecting alternatives to protect themselves and their families in the event of such decisions as government overreach and breaches of the constitution.
I am sad that millions of people are stupid enough to think a billionaire, especially one in their 70s, cares about anyone outside their inner circle. But I’m also happy that more people will now see (and EXPERIENCE) that they don’t care about Billy Bob Dufus from 13 Nixon Street, Bellmead, Texas.
Criminal activities aside (lol what?!), most people in their 70s only care about their family, and a billionaire only cares about making more money. These alone are enough — criminal activities aside… (I said it again! LOL!).
I made that change over too mostly mid last year. And swapped out pretty much all my software as well. Some of the things remaining now is my smartphone, which I plan to get a new phone and then install a different OS on it such as Graphene.
Most of my stuff is on multiple backups on encrypted drives too, although I need to make a NAS at some point to make things easier (With a Raspberry Pi), and I have a full offline backup on an encrypted drive that I carry with me every time I leave the house, even if I lost my whole house or my PC was stolen I can get a new PC back up and running with this drive as well as it containing all important sensitive information not necessarily related to the PC, kind of like a last resort backup as long as I don’t die, and even then the data is still protected from being used to harm others I know due to encryption and can’t just be picked up and accessed. I have a small amount of files on cloud storage currently but it’s on the Filen cloud storage so it’s not so bad compared to some other cloud services but I’m going to move that stuff too. Nothing too sensitive on there as it’s mostly things downloaded from the public internet anyway such as images.
Speaking of privacy, I also never use AI services as it can potentially reverse everything.
Here is Deepseeks policy, all data stored in China under Chinese laws and regulations.
Here is a small list of many, and it should concern everyone away from Deepseek (Not including the other AIs in everything else).
Technical Information. We collect certain device and network connection information when you access the Service. This information includes your device model, operating system, keystroke patterns or rhythms, IP address, and system language.
Advertising, Measurement and Other Partners. Advertisers, measurement, and other partners share information with us about you and the actions you have taken outside of the Service, such as your activities on other websites and apps or in stores, including the products or services you purchased, online or in person. These partners also share information with us, such as mobile identifiers for advertising, hashed email addresses and phone numbers, and cookie identifiers, which we use to help match you and your actions outside of the Service.
The American public, Gen Z and some of Gen Y in particular, reacted to the ban of TikTok like rebellious teenagers.
Government bans TikTok
Find another Chinese-based short video platform. What are “Reels” anyway?
Deepseek AI hits the market
Hop onboard the Chinese ChatGPT train and say it’s better
Meanwhile, the Chinese government is thinking, “Our long-term plans to create communist sympathisers and global defeatism has worked as we calculated decades ago when we started working on taking over the world without a fight”.
All this to say: “Privacy Policy, Shmivacy Policy.”
PS: I hated Reels when I had an IG account to be clear. And I want Facebook to be killed, and Meta to be split up. BUT, the world allowing the US the have all the top-used apps/services is the lesser of two evils, and I would prefer it to the more likely alternative.
That said: I’d VERY MUCH prefer for protocols to be used rather than platforms. This way you can interact with anyone on any social platform because a common protocol is used by them all. ActivityPub FTW!
Oh that reminds me of the old days when you could chat to people on ICQ, MSN Messenger, and other chat apps, all on one app (was it Pigeon?!) because they were all open to one another. And then the ensh*tiffication began…
My only thing to add here, is that if you do one thing, it’s test restores if you aren’t already. A backup’s worthless if you can’t actually restore the data back in bit-level mirror quality. The next challenge is shifting to quantum-resistant encryption, AES512 won’t cut it in a few years…
Interesting, how do you mean by testing restores? Or rather how do you go about it?
Is this when you compare the hashes of the data from the back up with the sha512sum command (As an example) so you can see if it has been tampered with compared to the original one in terms of the process not necessarily this method. I admit I am not fully knowledgeable with Encryption as I would like to be but I have been learning about it over time but trying to push in the right direction at least as I build up my knowledge base.
There are a number of ways you can do, - for example if you use Borg (with the Vorta frontend if needed) you can verify the integrity of the backups and restores. Restore to another location, or even device, and test that your files are actually present, including metadata. Often the metadata is what’s equally as important.
If I can’t pick a backup and recover an individual file, it’s not a backup. I use that as my standard, alongside the “break/fix” full backup restore tests.
I see, I have a borg setup on my system currently which as you say can verify integrity of the data and of course is incremental which avoids overwriting good backups with corrupted data.
BOLD. I think it’s smart.
You had your data too many places.
Now all the eggs in one basket.
No happy medium.
If it was me, something like Proton plus a mega-TB external HD. One more basket and it’s non-cloud.
You had an epiphany and you have to respect those.
It’s a good point. An option is to have your data stored primarily on a NAS. The NAS can then be setup to automatically synchronise with cloud storage. Data can be encrypted so the cloud provider has no access to it (achievable in a number of different ways, depending on use case).
The advantages here are:
The user doesn’t need to directly interact with any cloud storage, the NAS does this.
Access to data is at fast network speed, not comparitively slow Internet speed.
All the users data is both on NAS (which can have RAID redundancy also) and cloud.
It is possible to have the cloud data encrypted (possible in a number of ways).
along the lines ^^ of my thought–an automated-to-cloud share (NAS or other) even better; even better reasons. global to local seens the only sensible way
