Fossify messages. Not the most feature filled app, does only the basics but because I don’t use SMS as my main communication method it is more enough to receive the odd 2FA text

Since they publish their client-side source code (https://mega.io/developers), anyone can verify that the encryption actually happens locally on your device before a single byte is uploaded.

Unlike Google or Microsoft where you just have to hope they aren’t scanning your files for ads or AI training (which they are!) Mega’s transparency means if there was a backdoor in the client code, the FOSS community would have flagged it years ago, it gives independent researchers a chance to check the behaviour. As an offsite backup is crucial, for me Mega is one of the better providers, not saying they are perfect but good enough for now.

The two I use are Nextcloud and Mega. Nextcloud is my primary location and I have a script that runs daily to replicate the Nextcloud with Mega. I chose Mega because it has end to end encryption and Mega cannot see your data. They also cannot recover your account if you forget your password. They have had issues/controversy in the past but these days they are, in my eyes a solid choice. I also make use of their S3 bucket so that my Proxmox Backup Server can save offsite so technically Nextcloud is included in that as well!

I self host so the data in the cloud is stored on my own equipment, yes it is still technically online but it saves a copy locally so you only need an active connection to sync new items.

I regularly use multiple devices and having that sync is vital. Even at work, I cannot install software but I can install browser extensions. This means I can use my instance for both personal and work. I have also set up most of my family with access, all for free!

Which phone and message app are you using? I also don’t see a way to view photos or files and which camera app?

Obviously GrapheneOS is the best way to go for privacy but if you do stick to OEM Android then make sure you’re using apps like the Fossify suite. I use their apps with all contacts and calendar synced via davx and self hosted on Nextcloud.

What about KeePass, where is that data backed up?

I recently wrote about why the year of Linux might actually be a trap. Most users want control handed to them even if it means giving up their privacy. If Linux goes mainstream, it could lose what makes it special.

https://the.unknown-universe.co.uk/privacy-security/year-of-linux-trap/

You’re right that the average person doesn’t care about fingerprinting, but that’s exactly the problem. To me, browser fingerprinting isn’t just a technical quirk, it’s a violation of privacy that effectively erases your ability to be anonymous, regardless of whether you have a VPN or not.

If we let OS-level ID checks become the standard because people don’t care, we’re essentially legitimising that tracking. My red line isn’t just a government log of my identity, it’s the fact that the tech is being built to make that log possible in the first place. Once the infrastructure is there, the incidental proof of identity quickly becomes the primary feature.

I think that’s a dangerous assumption to make. If the OS is tied to your physical identity, the ‘VPN’ layer becomes much less of a shield. Once the kernel level is ‘compliant’ with an ID check, the metadata being leaked or even the hardware ID itself makes anonymity a lot harder to maintain.

You’re right about the social media risk, but the OS is the foundation. If you give up the keys to the house, it doesn’t matter how many extra locks you put on the individual room doors. That ‘disappointing risk’ is exactly how the ‘invisible borders’ start getting built.

My real worry isn’t that Debian will cave, but that the services we use every day—banks, government sites, DRM-heavy media—will start checking for a “compliant” kernel. If those “invisible borders” get built, you might have a truly free OS that’s effectively useless for 90% of the modern web.

It’s not about the distro failing; it’s about the “compliant” versions becoming the only key to the door. We have the choice now, but the gap between “free” and “functional” is definitely getting wider.

The systemd age-storage drama was a massive red flag. It showed how easily a “safety” mandate can be used as a wedge into the lower levels of the stack.

My worry is exactly what you said: politicians creating “compliance” requirements that are fundamentally toxic to the GPL or the way community distros operate. It’s not about making Linux better; it’s about making it legally unviable for anyone but a massive corporation to maintain. Digital enshittification via regulation.

t’s the “corporate enshittification” cycle. Once Linux becomes a viable market for the mass-market predators, they won’t just move in, they’ll try to legally mandate the bulldozing.

It is a myth, always has been. But the worry isn’t the “Year of Linux” happening, it’s the corporate version of it being forced on us via regulation.

ChromeOS is basically the blueprint for the “Gold Cage”. My real worry is that “security” is just becoming a convenient excuse to swap user ownership for corporate control. Once that “masses” version becomes the legal standard for compliance, the rest of us are basically looking at digital exile.

Thanks for the feedback. You’re right, it’s really just scanning for known extension IDs, not poking around your entire computer. Saying “computer scan” might sound a bit dramatic, but the privacy risk is still pretty serious given what info they can guess from those extensions.

About the home lab and network side — I get that LinkedIn isn’t scanning your whole network or anything. What I meant is more about how you can block or filter those sneaky requests at the network level, like with DNS blocking or firewall rules, so they never even get sent out. It’s not a classic home lab threat, but if you’re running your own DNS or network filters, it’s a handy extra layer to keep things tighter.

Sure, switching browsers or faking your user agent works too, but not everyone wants to give up Chromium or LinkedIn completely. That’s why I mentioned a few different ways to protect yourself.

Appreciate the note on wording — I just wanted to show why this isn’t just some minor browser oddity and why it’s worth thinking about from a privacy and network defence angle.

Spot on. If you can see a user has certain VPN clients, IDEs, or specific advocacy tools installed, you’ve essentially built a psychological profile of an employee’s home environment without them ever clicking ‘Accept’. It’s a massive GDPR Article 9 violation (Special Category data) hidden in plain sight.

Did you find it, I think the Lemmy server is having a few issues today. https://the.unknown-universe.co.uk/privacy-security/linkedin-browsergate/

I get it. I spend more time in the CLI than writing, so I’ve been using tools to help structure my posts. Clearly, that ‘polished’ look just comes across as robotic slop here. I’ll stick to the raw technical details from now on. Thanks for the feedback.

Depends! Bazzite on ROG Ally X, Debian for servers, CachyOS for my desktop and laptop and Fedora for my sons PC

Fair play, you’ve done a proper deep dive there. I’ll hold my hands up—I’m a sysadmin, not a journalist. I use tools to help structure my thoughts because my natural writing style is about as readable as a kernel panic. As for the ‘social media’ bit, the share buttons are a default plugin I haven’t stripped out yet, and Mastodon is the only place I actually hang out because it’s federated. I’m just a guy in a home lab trying to share some tech stories; sorry if the ‘robotic’ prose put you off

That is a fair point. ‘Sideloading’ is definitely a corporate term designed to make basic ownership of our devices feel like a ‘workaround’ rather than a right. I used it here because it’s the language Google is currently using to justify their crackdown, but you’re absolutely right—it’s just installing software. We shouldn’t let them control the vocabulary of our digital freedom.