My Privacy Journey

I've been a long-time Apple fan and user of practically most of their products. Everything from the iPhone, iPad, MacBook Pro, to the Apple TV, Watch, and Speakers. I even signed up to their Apple One service. Wow! Don't get me wrong, I'm still very much an Apple fan and I still feel they are a great option for the majority of people because everything just works. While not perfect, I believe they still offer better privacy than Google, in my personal opinion. However, two years ago, I wanted to explore slowly breaking out of Apple's ecosystem for more open-source and privacy-respecting alternative solutions. At first, it was just for fun until I realized I was okay. The world didn't end and although the road was bumpy, I found that I actually enjoyed it more than I thought I would. Here's a breakdown of some of the changes I made over the past couple of years.

My journey started a couple of years ago on October 2023. I purchased a used ThinkPad T480 laptop primarily to install Arch Linux on it and ticker with it while still using my MacBook Pro as a daily driver. Growing up, I used to repair laptops and I missed doing something as simple as upgrading the RAM and the hard drive. These days everything is soldered and boring. Interestingly, I found that I was picking up my T480 more and more over my MacBook Pro. Admittedly, there were definitely some hiccups at times and it was too easy to pick-up my MacBook to get the job done. For example, I couldn't connect a Pixel device that I wanted to flash with a custom ROM (more on this later) to my Linux laptop but it was a breeze on my MacBook. I'm pretty sure it was some driver issue but I wasn't able to figure it out. Again... things just work, but it's more fun (sometimes) trying to figure out how to make something work. I find that's when you learn the most.

Fast-forward a few months, and I decided I wanted to try to slowly leave my iPhone behind. This was by far harder than I thought. I purchased a Pixel 8 device and I flashed it with GrapheneOS, a privacy and security focused mobile operating system. The community around GrapheneOS is amazing. I was very impressed with the operating system and the very active community. Whenever I had any issues (which was rare), I found a solution on their forums. People are always willing to help, and I really appreciated that. Early on, I had decided that if I was going to give GrapheneOS a shot, I was also going to avoid using Google Play services on my device. However, I found that I was missing too many notifications this way and felt for me personally like it was a huge downgrade from my previous iOS experience. I quickly learned that privacy and security is not 0 or 1. It's not black or white. It's a sliding scale and it's okay to make some trade-offs. To be completely honest, I struggled with this a lot. I'm not sure why, but it felt wrong to try to switch to something that is more private and secure and not be "fully committed" (whatever that means). It was a weird time but what helped was having my iPhone side-by-side with my Pixel device. Whenever I felt I needed to go back to my old ways, I would use my iPhone to browse my social media apps and feel "normal" again. The reason was that on my Pixel, I didn't want to use any Google apps. Only open-source or privacy-respecting alternatives. I didn't want to use social media apps and instead used progressive web apps (PWAs) on separate profiles to isolate them from my main profile. I know... this was extreme and definitely not needed. I introduced more complexity to my day-to-day than I needed, which made my experience (initially) not as fun. That is until I finally accepted that in order to make a transition, I needed to first have a similar experience to that of my iPhone.

The Pixel 8 was not bad but it felt like a toy made out of plastic. I missed the way the iPhone felt in my hand. That little bit of weight made a difference in the way my brain perceived things. Silly, I know. So guess what I did? I purchased a Pixel 9 Pro during a sale and used my Pixel 8 as a trade-in. It's the little things for me... but the more "premium" feel felt much more familiar to me. This time, I didn't hold back. I installed Google Play services and most of the apps that I used on a daily basis. Yes, even the social apps. In the end, I realized I'm more interested on the security features of the device/operating system and minimizing the amount of telemetry that is collected and sent back. I didn't want my phone to be constantly collecting and sending telemetry data back to Apple's servers.

While the hardware and the operating system are important, so too are the applications and services that we choose to run on them. For a while now, I've been using Signal for private communications primarily with my security-industry friends. Since I no longer had iMessage, I started to share Signal more with family and friends. It's difficult to sometimes get people to want to install yet another app simply to chat with me, but I was surprised to see that some people did it anyway because they weren't aware something like this existed. I was even happier that it wasn't difficult to get my family to join Signal as well. Today, I still communicate over several different platforms, but my primary choice is Signal whenever possible. For email communications, I've been using Proton Mail. I know this one is a bit debatable because sending email to someone using Gmail for example, means a copy of my email is no longer encrypted on their end. Again, this is me being okay with the things I can't control. My threat model doesn't call for that and it's okay. What I can control is how the messages I receive are stored in the service provider that I choose. I haven't had any major issues with Proton and overall really like the service. I also use the rest of their services: Proton VPN, Proton Pass for password management (switched from 1Password even though I feel like 1Password is still much more polished given how long they have been in the business. I still highly recommend them), Proton Calendar (pretty bare-bones but works for my needs), and Proton Drive. My only major complaint as expressed by others in the community is the lack of native Linux support. Outside of that, I'm pretty happy with their services and as alternatives to Google Gmail, Calendar, and Drive.

I should also mention, I'm by no means perfect and I don't intend to be. As I mentioned earlier, it's a sliding scale, not 0 or 1. I still use social apps/services. I drive a Tesla, which is a tracker on wheels, I use my real name/email on a few websites (but I have been using email aliases a lot more whenever I sign up for new services/accounts!), etc. Anyway, all this to say that I'm in a happier place now. I don't feel like I play tug and pull with privacy or my devices anymore. Sure, things are not perfect and they are not as buttoned up as they were when I was using my Apple devices, but I am okay with that. There are still times when I need to use my MacBook because specific software just doesn't exist on Linux. There are still issues that sometimes pop up on my Linux laptop that annoy me, but nothing that makes me feel like this journey wasn't worth it. It's still very much a work in progress and my hope is over time I'll continue to adopt more open-source and privacy-respecting alternative options. I might even consider self-hosting photos. I'm not sure yet. For now, I'm keeping a close eye on Immich, a self-hosted photo management solution. I'll likely use this journal to continue to post more details about my journey and setup as it changes.