• Introduction
• Deleting Yourself from Data Brokers
• What Tech Must You Use?
  • GNU/Linux Operating Systems
  • Applications
  • GrapheneOS
  • Getting Rid of Compromised Devices and Services
• Conclusion

§Introduction

Content creation has gone cloud-based within the past couple of decades. While some parts of it might have been for the better, it was nothing more than surveillance most of it. That said, the way content creation had gone to absolute trash. This is due to we, the nostriches allowing these large-scale corporations to completely control our lives, causing us to take the Mark of the Beast on the right hand (by obeying the Pope, even when we say we don’t). This, combined with the convenience we’ve wanted for so long, is what ultimately destroyed human autonomy, especially now since LLMs made by these large corporatocacies are being fed our data. Do you want any of this to happen? Me neither, but we do so when we use the following:

• Google’s GSuite and its other surveillance features
• Twitter/X or BlueSky for social networking
• Notion or Evernote for note-taking
• Windows, Mac, iOS, or stock Android (which snitches on everyone with default settings)
• Discord for content creation communities
• Need I say more for these…?

To fix this absolutely garbage mistake we’ve made, we must take back control of our content creation, and localize everything. Some exceptions to this are cloud-based solutions, but they must be encrypted. There are no exceptions to this rule, as even sending files without properly cleaning them up first (by removing metadata) is so 2010. You need to encrypt locally first, and then send the files. Otherwise, you risk feeding an LLM scraper that you don’t realize you’re feeding.

To help you remember this, treat every single one of these applications as hostile unless proven otherwise by professional auditors who know what they’re doing. If something is free to use, you might be paying for it with your data. This is nothing you want to be doing nowadays, especially now since Catholicism is being forced down our throats in many different ways. This is why I mentioned taking the Mark of the Beast, and the clarification I had made. To fix that, we first need to start by knowing where to begin…

§Deleting Yourself from Data Brokers

The first thing you need to do is find a list of data brokers who have your data (and check to confirm that they do using the search features). Make for yourself a habit of checking what data brokers have your data, and opt out of every single one of them. Do this every once in a while, and you’ll find yourself being liberated from some of your OPSEC mistakes, as reusing your name, email, and even phone number, will result in massive fingerprinting done to you without your consent. Remove this first, and then remove or strip all accounts from said email. You will be doing something different, and you won’t be using that email anymore, as it’s already been burned.

To fix this mistake, use something like SimpleOptOut, which is a free site with DIY links to get yourself removed from data brokers to go manually remove data from these brokers. Otherwise, you can use Optery, which has free and paid tiers, tough I used SimpleOptOut to see if my data was on there. That said, these are the brokers to start with first:

• Whitepages
• Spokeo
• BeenVerified
• Intelius
• PeopleFinders

The above you will want to document each removal for, and check every once in a while to ensure your data is not on that specific broker. As a personal anecdote, I was on ThatsThem, which is a smaller site. I was on that site somehow, though, so I got that removed.

Once you get this done, you will be setting up a new email. For all that is sacred, do not use Google or Apple’s email services, period! These will burn you if you are not careful. I will assume you are usually not careful with this type of stuff, so to soften the blow a bit, you need to set up a ProtonMail account. Proton, despite some controversy, is one of the best email providers I can recommend as a privacy advocate myself. However, don’t use some of the default settings, as you need to assume those can burn you if you aren’t careful. Instead, take the time to go through the settings and see what they do.

Now, why don’t I recommend Tutanota (now Tuta)? The answer is simple: It’s a Jesuit-owned nightmare. It censors against certain people (mainly this fake left-right paradigm it enforces), and has been clearly all-in on the climate agenda. Not to mention that Tuta is in Germany, a 9-Eyes country. That is a fancy way of saying “Jesuitism” being forced down our throats. Once you set Proton up, you should be good to go to the next step.

If anybody wants you to sign up for a newsletter, do NOT place in your real email or phone number. Instead, use an email alias (I’d recommend using something like SimpleLogin) or a VoIP number (essentially, a phone number for the internet) if the developers allow for it. It’s getting harder to do this nowadays, but do it anyway and see which services will let you through with an alias or a VoIP number. If a service doesn’t do so, it’s likely because they want to control your behavior, which is what all of these “convenient” tools are for. Another method, while a pain in the rear for some, is to have multiple email addresses set up, each for a specific purpose. You wouldn’t use one for your banking as the email for a newsletter, as that will cross-reference you. I’ve made this mistake a couple times, but got that fixed by switching the emails necessary (I only get 10 with SimpleLogin’s free tier, since it’s a Proton product). The other issue will be pseudonyms.

Unlike privacy maxi, GHOST, I only go by one pseudonym. I make sure to never give out my real PII (personally identifiable information) as best as I can, but instead, the only pseudonym I go by. Some privacy enthusiasts will say it’s a mistake to do so. However, since I’m technically a public figure going by a pseudonym, I use aliases, but don’t change my pseudonym. The exception is any usernames that are variations of my pseudonym, which I think works out for me quite well given the circumstances. That said, I would start by going by a specific pseudonym and researching how to go about it from there.

Now you’re ready to ditch the spyware on the hardware you bought.

§What Tech Must You Use?

§GNU/Linux Operating Systems

Have a computer running Mac or Windows? Stop using them immediately, and delete the accounts that were on them. Factory reset them and sell them, for they are compromised machines. Instead, build your own computer using powerful parts for your purposes, and slap a GNU/Linux operating system on it. There are some operating systems I would recommend, such as:

• Linux Mint, the Ubuntu-based beginner-friendly powerhouse for both beginners and veterans alike
• Linux Mint Debian Edition, Linux Mint, but if it were Debian-based
• PikaOS, the Debian-based and beginner-friendly gaming-centric distribution
• Nobara Project, a Fedora-based gaming-centric distribution created by GloriousEggroll for the purposes of making Fedora much better performing than IBM’s wasteful product
• CachyOS, the Arch-based gaming-centric distribution that’s optimized, and even faster than vanilla Arch for your hardware
• OpenMandriva, a Systemd-free RPM distribution that’s confirmed to be outside of the IBM - GNOME and FreeDesktop control grid
• Artix, vanilla Arch, but without Systemd as your init system
• AntiX, a Debian-based distribution for those who don’t like Systemd

Now, there are some systems, like Tails and Qubes, that are designed for the ultra-paranoid. However, those are systems that aren’t for the faint of heart (especially Qubes, which is Fedora-based), and require a lot of technical knowledge. The above OS’s are for those of all skill levels, but I had provided beginner-friendly options, and I would recommend those if you’re starting out. You need to learn how to set them up, secure them, turn off the telemetry (if any), and use the command line for any configurations you may want to do to your system.

Now, for the desktop environment. There are two types of them: Desktop Environments and Window Managers. Desktop environments (or DE for short) are point-and-click user interfaces (the likes of what Windows and Mac do) designed to be easy to use even for those who don’t know how computers work. Window managers (WM for short), on the flip side, are keyboard-driven, and use keybindings to navigate the user interface. If you didn’t install enough ram, then you need a WM.

In that case, the recommendations here are as follows:

• i3, a manual tiling WM, and a popular choice for beginners, and with good plugins like Autotiling plugin for that classic master and stack layout
• BSPWM + SXHKD, a manual tiling WM designed for performance using binary space partitioning (the splitting of objects into smaller ones)
• Xmonad, a dynamic tiling WM written and configured using Haskell (which is a strange language, as most people don’t use it)
• Qtile, a dynamic tiling WM written and configured in Python, an Xmonad clone
• HerbstluftWM, basically BSPWM, but with the option to use SXHKD

Every single one of these WMs is X11 (maybe with XLibre once mature). I’m a massive proponent of using X11, despite it being old technology. The reason is because Wayland (what should be called Gayland) is a broken mess by design, and former X11 devs went over there because of IBM, GNOME and FreeDesktop wanting control over our Linux machines. Use something that supports X11 or XLibre by default.

Speaking of, there are DEs that support X11, including as follows:

• Cinnamon, a GNOME 3-based DE with the look of Windows Vista or Windows 7, working on Wayland support
• XFCE, an independent DE with high customizability using CSS (I hate CSS), working on Wayland support
• Trinity, a KDE 3-based desktop environment that’s X11 by default, no Wayland support
• LXQt, a lightweight Qt DE with Wayland support as WIP (It’s X11 by default), working on Wayland support
• Moksha, an Enlightenment DR17-based DE for X11, supportive of Wayland clients
• MATE (mah-tay), a GNOME 2-based DE designed for X11 with Wayland support as a WIP

Again, all of these are X11 supported, with Wayland support as a WIP (with the exception of TDE [Trinity].) This is because Wayland is broken big time, and nothing will work very well if you use Wayland (Don’t even bother removing X11, if it’s installed on your machine).

Now, if you want to use a display manager (a login screen), I’d recommend TDM for Trinity, SLiM (which is Systemd logind free), or LightDM if you need Systemd logind. I use LightDM on CachyOS (my daily driver at the time of writing), and it works for me just fine. That said, though, my arguments for using XLibre and/or X11 are ironclad based upon my recommendations, and why I won’t use Gayland anytime soon, even if IBM, GNOME and FreeDesktop try to shove it down my throat.

§Applications

Now, we get to the applications necessary for your privacy stack. This is a requirement, as in order to keep your stack local, you need to know what apps allow you to stay local-first with your setup. You may use this as a guide and make your own decisions on what apps you want to use.

A quick list will reveal the following, as such:

• KeePassXC, a password manager that utilizes AES-256, Twofish and XChaCha20 encryption technology, an old-school and local-first password manager
• Obsidian, a proprietary knowledge manager using Markdown, which is designed with plugins that make it the most powerful knowledge manager in existence; local-first by default
  • I use Mushin as my theme of choice, with the exception of the ITS theme for TTRPG management with the Style Settings plugin
  • Plugins I use are as follows:
    • Daily Notes (connected to Periodic Notes), which starts a daily note for a specific day of work
    • Templates, in case I want to use a template for something (unlikely that I use it)
    • Custom Font Loader, a font loader that runs locally on-device, so one can choose the font of their choice (I like using Iosevka, Times New Roman and JetBrainsMono Nerd Font, unless they’ve been overridden)
    • Harper, think LanguageTool or Grammarly, but run locally and without any espionage
    • QuickAdd, a method to add new pages or content to a vault automatically
    • Templater, an advanced template creation tool
    • Dataview, a powerful tool for tracking systems
    • Nostr Writer, the tool designed to write directly to Nostr once the private key is stored on-device
    • BRAT, a requirement for installation of beta plugins
      • FadeLine, a plugin designed to dim whatever isn’t being written and keeps everything centered
      • Snippet Downloader, a downloader for CSS snippets to add to Obsidian (archived BRAT plugin)
• VeraCrypt and Picocrypt, encryption applications used for different purposes (VeraCrypt designed for encrypted drives, the other designed for encrypting folders or files)
  • Both of which use strong encryption (Picocrypt utilizing XChaCha20 cipher and Argon2id key derivation, and VeraCrypt using AES-256 cipher and PBKDF2 key derivation)
  • Both support plausible deniability, but VeraCrypt does not support data integrity, Reed-Solomon or compression
  • Both do not implement any telemetry, and both have been audited by independent third-parties
• LibreOffice, the office suite of choice for many Free Software enthusiasts (including myself at times)
• MAT2 or ExifTool, metadata removers for pictures or documents, depending on the tool used; metadata removal is a must nowadays, for anybody not using it leaks PII that will lead to doxxing
• Signal, the encrypted messenger (albeit with some controversy) designed for anybody who likes the design of WhatsApp, but doesn’t want to logging of Facebook, and it’s feeding of the LLM, LLaMa
• Hardened Firefox-based browsers, the ultimate in online browsing, customizability out the wazoo, support for MV2 and MV3 extensions, and not as locked-down as Chrome and Chromium-based browsers
  • The required plugins are as follows:
    • uBlock Origin, a spectrum-wide content blocker designed for CPU efficiency, but also to stop any tracking, fingerprinting and advertising cookies and other disgusting methods of data extraction
    • Privacy Possum, an unmaintained fork of Privacy Badger that blocks tracking cookies, referral headers, etag trackers and browser fingerprinting
    • Local CDN or Decentraleyes (Local CDN is a fork of Decentraleyes), a CDN emulator designed to take anything from a CDN, and makes it local in the environment
    • LibRedirect, designed to redirect you to a privacy-preserving frontend of a Big Tech SaaSS
    • Privacy Settings, a plugin to change privacy settings on the fly if needed
    • Canvas Defender, a plugin that randomizes your fingerprint with a noise hash
    • CanvasBlocker, an anti-fingerprinting plugin that can be used to attempt to fool fingerprinting software
    • Multi-Account Containers (or Containerize), designed to help with multiple containers so no cross-site tracking can occur
    • ClearURLs, designed to strip tracking elements from any website, if any
    • SingleFile, a plugin to save webpages as HTML files locally
  • Do not install any of the above with Tor, especially now since Tor is compromised
• GIMP, or the GNU Image Manipulation Program, your best alternative to Adobe Photoshop
• Kdenlive, a video editor that’s capable on its own (you’ll need to utilize either a system package, build it from source, or use an older AppImage, like I do with version 24.12.2)
  • Designed as a video editor akin to the likes of Premiere Pro, even though it’s not as feature-rich
• OBS… no duh, you need a screen recorder. Either that, or SimpleScreenRecorder will do.
• novelWriter, a Python-based, Markdown-like writing software for authors (specifically fiction authors)

More are to come, but that sets the basics of your workflow for now. For gaming, just use Steam, GOG, Itch, open-source games or just pirate them. Piracy is not a crime when the same criminals that publish games break the law with how they’re handled and misappropriated.

§GrapheneOS

Now that you learned how to set up a GNU/Linux operating system of your choice… let’s ditch that Apple phone, or get stock Android off of that Pixel. You need to learn how to install GrapheneOS on the Pixel you have, and set it up. Harden Graphene, so that way, you won’t have to worry too much about leaking any data.

The apps should be a small amount, and they must be Free Software compliant. No exceptions. Don’t use F-Droid, don’t use Google Play unless through Aurora Store if necessary for certain things, the Graphene App Store, and Accresent for any applications. Obtainum is the most recommended, as the APK files for any Android application will be easily found on GitHub, GitLab, or Codeberg. Most of the time, these Free Software apps will be found on GitHub, so check there first. There are many tutorials on how to do this, but I would use a combination of Michael Bazzel’s method and the Side of Burritos method. Nothing else to say here.

§Getting Rid of Compromised Devices and Services

This one is a must. If you’re an Apple user, ditch it immediately. Apple is worse than Google in some ways, but it’s the other way around in some others. Both companies run a duopoly, and this won’t be stopped unless we minimize the amount of services we use from them. This is the same with Meta (Facebook), Twitter (now X for some godforsaken reason), Amazon (just ditch it already), Discord (It’s big tech too), OpenAI, Anthropic and other cloud-based LLM spyware, and many more Big Tech firms.

You’ll thank me for all of this later.

§Conclusion

Nowadays, doing all of what I’ve described is a must, especially now that the surveillance state is in full force (It has been since 2001), and only now are we realizing the extent of the espionage. The only way to stop it is to vote with your software choices, like I have for just shy of 5 years at this point. Unfortunately, this will be uncomfortable at first, but using Free Software (notice how that’s spelled) is the best we can do in order to completely slow down the dragnet to have it return blanks.