Introduction into computer security for the layman
You are running an operating system on the device you are currently reading this post with. It might be called iOS, Android or Windows.
These OS'es comprise of millions or even billions of lines of code. No one can have an idea about what code is executed because no one except the vendor can look at it. That is called closed source or propriatary software.
You have to trust the company that they have not implemented harmful code that harvests your passwords or records everything you type on your keyboard. You have to trust that they haven't implemented faulty code (bugs) which opens doors for hackers to compromise your system. An operating system without bugs does not exist. Microsoft for example has a so called patch day every month where they roll out patches that fix security vulnerabilities because of bugs.
To make it short.. You are exploited by any kind of closed software in some way. Any company who needs to earn money exploits you in some way. Either it is through psychological manipulation or by plainly sending any kind of personal data to a third party company or by monetizing it themselves. Even if you think your personal data has no value it is extremly valuable to companies. That is how Google got that big because of all the people who think their data has no value.
Just a minor discourse.
Google has had 80110 employees on december 31st of 2017 (source). Eighty thousand employees! All these people have to earn money and google's enormous infrastructure has to be paid. Did you ever pay a cent to google? How can they possibly pay this mass of people and hardware?
They can because your personal data has that much value.
What is a way out?
Open source software. Open source software is created by people for a reason other than earning money. Their belief in doing the right thing is their profit alone.
Open source software is open so that anybody interested is able to look at the code that is run on your computer. This is a huge build up in trust because there is simply no way to hide anything. If Microsoft would have nothing to hide wouldn't they open up their source code? They simply can't because they are not build on truth and honesty.
Let's say you have switched fully to open source software. Even at this point you are not safe. Because your computer/phone is running closed source hardware. Your wireless lan chip is running closed source firmware. Can you be sure that no one logs all your network traffic? No. Your USB Keyboard has a firmware installed. So maybe everything you type on it is logged somewhere. Your intel or AMD CPU has undocumented instructions inside of it which maybe are implemented to give some government full access to your machine (even if your system is OFF! source).
Because of this knowledge I'm working on projects to downsize the use of technology and services or even to get rid of them as a whole. I can't go back to where I loved the shiny new iPhone or when I was excited about the next version of Windows. The stoneage becomes attractive again..
A minor discourse again:
Do you "have" digital audio books that you "bought" from audible.com? If you close your amazon or audible account you can no longer listen to the audio books you have paid for. In other words you will never own what you have paid for but you are just renting it. Brave new world!
If you are fed up with all this shit like me than these are the first steps you can take to get back a bit of your privacy as of 5/24/2018: (source)
- Browser - Firefox, TOR, Brave
- Firefox Addons - uBlock Origin, Privacy Badger, Decentraleyes, HTTPS Everywhere, Cookie Auto-Delete
- Search Engine - DuckDuckGo, Startpage, searx.me
- YouTube - HookTube, RSS Feed for Subscriptions, NewPipe from F-Droid
- Drive - NextCloud Server (Self-Hosted or DigitalOcean), Syncthing
- Docs - LibreOffice with NextCloud and Collabora Office Online (Never tried this combo myself but it was in the replies)
- Maps - OpenStreetMaps, HereWeGo
- Mail - ProtonMail, Tutanota, Posteo, Self-Hosted
- Calendar - NextCloud Server, may come with email service
- Keep - NextCloud Server, StandardNotes
- OS - Linux (Mint, Arch, etc.), Debian, Tails (TOR based OS)
- Android OS - LineageOS, CopperheadOS
- Android Store - F-Droid, Yalp-Store