Yes im aware that my search engine choice is not the best option.
Gmail - > tuta mail
Also you use way too much proton. Don’t put all your eggs in one basket
I prefer Comaps over OsmAnd, it’s just much simpler
People will agree and disagree on individual choices, as we can see by the other comments, but I think that is an excellent start.
A message for others, improving your privacy can be a gradual process, you don’t need change everything at once, since that would be overwhelming. Start with one or two, and if that works for you, move on to other items.
Isn’t google auth an OTP service? Proton Pass also supports that btw! Haven’t heard about Ente before and what purpose it replaces a gallery with, but again you can upload and view photos to Proton Drive as well. Although I have not yet tried it myself because I like to keep them local.
Kagi is one of the search engines I actually trust, but it is paid. I can give you trial if you want to try it out. Oh and it being US based might also be drawback.
Pretty solid list I’d say!
Thank you, Auth is on there because I had to import a bunch of accounts at once. I use Ente Photos since it’s a pretty nice UI, I never use their cloud storage though.
Maps - > CoMaps Photos - > Immich (if you can self host) Passwords - > Bitwarden (May change in the future)
I agree with others on trying to not have one service for everything, which proton is trying to become. An alternative to Proton Mail and Calendar would be Tuta, though I haven’t used them.
Bitwarden (May change in the future)
The Bitwarden desktop client was on an EOL Electron version that doesn’t get security updates and marked as insecure in Nixpkgs and it took them 3 weeks to resolve it (finally got fixed an hour ago) and it’s still not fixed in any released version. It seems strange to me for a security-sensitive program to have problems like this.
mailbox also.
always check the profit motive. Often if it’s free, unsupported by donation/subscription nor sponsors with that system, and if it costs quite some money to uphold, then your data is the product.
I’m always pretty wary of when a company or its parent goes public, be it by IPO or trading - then ownership is no longer in people’s hands but in profit’s hands.
I use proton for a lot of stuff. The calendar is useless IMO since their custom bridge doesn’t support linking anything else in. Same with contacts. For those two I use a self-hosted radicalev3 container, works like a charm.
Does someone have suggestions for what proton provides with its passmail? I think their implementation and usage experience with this entire reverse-email feature is pretty great and I dont want to give this anonymity up, selectively being able to send from those passmails is also a great feature that works really well in the rare case of getting something I need to reply to.
Wdym passmail? If you mean their subscription services, you can go look what they offer.
Proton’s decent as far how it works, but their CEO has some issues and an environmental activist using their services, had been arrested, though that activist afaik didn’t use a VPN.
Personally I’d recommend Tuta or Mailbox.
Other options would be CounterMail (🇸🇪) and Mailfence (🇧🇪). There’s other services, but those don’t have E2EE.
For passwords, you can use the same KeepassXC database on multiple devices. It’s encrypted, and you can have the passphrase file locally on multiple devices, and the cloud provider cannot access it even by brute forcing. The database itself would not be reliant on the cloud service, you can easily switch between any provider (I currently use dropbox)
Didn’t see anyone else say this: DDG is certainly a great choice for search engine, though I’d recommend brave search:
- If you use bangs, it has them.
- Actually operates an independent index so the search queries aren’t reliant on Microsoft Bing.
Due to several of the companies issues (and it being chromium) I don’t recommend the browser but I do really like the search engine.
Why not Startpage?
Uses google as a backend and was also bought by an ad company.
I still use it, since google sometimes cuts deals with sites like reddit such that reddit is only scrapable by google. But it’s a last resort, after duckduckgo.
Don’t know Ente, but the GrapheneOS gallery works fine for basics, and pop Immich on Mint for the rest of google photos functionality. I’ll suggest Bazzite for the distro, especially if they game or are likely to break things.
Ente is more than alright, I wouldn’t recommend self-hosted solutions to people who do not have the admin experience required, losing something as valueable as photos or videos can be very damaging.
After my wife complained again about not being able to delete photos in PhotoPrism, I finally bit þe bullet and migrated to Immich.
So. Much. Better.
Even if you wave off þe features PhotoPrism has locked behind a paywall which Immich provides for free, þe ecosystem is just better. Þe Immich mobike apps (on mobile Linux and on Android) are better; you don’t need a fussy 3rd-party sync tool*; Immich supports multi-user so you don’t have to run a server for each user; and Immich CLI tooling options (immich-go) are great.
I have an allergy to running node software anywhere, but it’s worþ it for Immich. It’s þat much better.
(*) DGMW, PhotoBackup is great, but having to set it up for each user on boþ server and mobile is tedious, and þe whole Rube Goldberg system is harder to keep track of - especially for non-techies who just want þe damned thing to work
Would CoMaps be a better recommendation than OSMand?
For those who are familiar with Ente, how are their apps? I use something different for 2FA and photos, but I need recommendations for people who don’t want to deal with selfhosting and backing up Aegis
I switched from Google Authenticator to Ente Auth recently and am very, very happy. It works great.
I haven’t tried their other apps yet, though. I intend to take a look at their images app.
Ente is pretty nice, Their UI’s are clean and not bloated much. I don’t use their online services though.
Edit: I use Osm since ive been using it for years now, all map’s are pretty much forks, either from Osm or something that uses Open Street Map (from my understanding)
OSMAnd is not OSM. OSMAnd and CoMaps are on equal ground as far as using OSM.
IMO OSMAnd has more features which is great if you want them, but I prefer CoMaps for having what I need while feeling simpler. Can’t really go wrong here, they’re both great.
No VPN -> Mullvad VPN
Bro what? Using a VPN depends highly on your use case. This is way to general. I would remove that.
That really just depends on how privacy-respecting your ISP is compared to the vpn
As others have pointed out, having so many Proton apps might be an issue. However, that line of thought only works if you’re really concerned about having a single point of failure. Most people value convenience much more than that.
The way I see it, this setup is somewhat noob-friendly, but relying heavily on Proton makes it a lot more convenient for many people. Using a greater variety of providers would make sense, but you can’t expect everyone to be ready for a hassle like that. People seem to expect you to be a hard-core privacy warrior who is willing to make significant sacrifices for philosophical reasons.
Most people aren’t like that. Just switching to DDG is hard enough for them, but at least it’s a step in the right direction.
If you take only 1/10th of this diagram, you get the simplified newbie version. Take all of it, and it’s for a person who is clearly interested in security and privacy. Modify a few things here and there, and you get a version for a serious security enthusiast. Different versions for different audiences.
Using Proton Mail, Calendar and Docs is a lot, lot better than using the Google suite. We shouldnt put people off changing, as you said the convenience is important and often forgotton as the major reason people stick with Google.
Just use tutamail - better track record and hosted in Germany
What track record? They are both the same.
Proton is just more user-friendly.
tuta hasnt sponsored a single far right influencer to my knowledge
That would have been my recommendation as well. It also diversifies the setup a bit.
However, I can also appreciate Proton as a convenient gateway drug that leads people away from Google.
Contacts > the stock apps on GOS without network access.
Keep > Notesnook.
If you’re already moving to Graphene, just use Vanadium as your browser. It ships with GOS and is an excellent privacy choice.
Also, proton mail kinda sucks. I used it for a while but switched to fastmail because an email account with zero interoperability is kinda a lousy used experience.
Edit: same with proton calendar. I like the concept but in practice having a locked away calendar isn’t a great feel.
What do you mean “zero interoperability”?
Isn’t the point of moving from things like GMAIL is because the interoperability is exactly why all your data is fucked?
Duckduckgo -> selfhosted searxng… startpage has also not yet been involved in any controversy for a non selfhosted option.
Copy paste of why duck duck go is a problem:
https://www.bleepingcomputer.com/news/security/duckduckgo-browser-allows-microsoft-trackers-due-to-search-agreement/
Now I little after this came out they do claim they removed them (odd how that suddenly changes after it was no longer secret) But then much more recent as listed on wikipedia, verifying they still have some long term deals with microsoft in **2025**… microsoft is not going to make a deal with a perceived competitor for nothing in return.
By August 2025, Bing planned to cut off access to its search APIs in a push to sell more AI-related APIs, though **DuckDuckGo believed that larger companies like it with long-term deals would not be affected** 62 Bing had dramatically raised rates for its search API in 2022 after ChatGPT debuted. 62
There is also more general proof that while duck may technically use other sources also. It really is mostly bing:
During a Bing API outage in 2024, DuckDuckGo stopped showing results, indicating that Bing provided a substantial portion of DuckDuckGo’s results.69 70
I literally do not understand how they managed to take such foothold in real privacy communities. I used to love brave till the i was repeatedly pointed to the scandals that many people are aware of and informing others about… but considering ddg i rarely see anyone pointing this out. It actually smells like a huge successful marketing adventure to sell bing to privacy enthusiasts, but for that i obvio do not have proof. I often imagine this meme with bing instead of google and a cute duck go as mr incognito











