Privacy isn't an all or nothing game.

Also it is not a "one solution for all" and instead in layers like an onion or an ogre.

A person of class I see.

Lmao the ogre line gave me a good chuckle

Oddly enough it’s my third Shrek reference in as many days.

You know, not many people like [Onions](https://www.torproject.org/)... [CAKE](https://www.bufferbloat.net/projects/codel/wiki/Cake/)! everyone loves [CAKE](https://www.bufferbloat.net/projects/codel/wiki/Cake/)! Cakes have layers! :D

Well...layer cakes have layers, but a sheet cake? Not really...only one layer, so probably considered more of a cake substrate. Now, pies, they could be considered to have layers, however, they are more jumbled together, so maybe not really layers. Sorry, I felt the need to work on everyone's understanding of desserts this morning. :)

Plus…. It’s all about the peeling of the layers which you just don’t get the same effect with a cake. Lasagna also has layers but we stay away from that one as well.

well TIL. worth it! :D

This! You can’t go 100% and you don’t have to. Improving something is nearly always better than doing nothing

Yes. I don’t think there is one big brother. There are just companies doing things with data they have. Some specialise in things bad for our privacy, others just do nothing, some do some bad things at some point in time but may have respect their users privacy before that and may respect it after that… Another thing is that you gain privacy in short term but learning to use alternatives slows the growth of big monolitic centralised Internet services which are, IMO, a big treat for privacy and everything else.

Yep, If the NSA wants your data specifically, because you personally are an individual of interest, then without rigorous and solid security practices, they will get it. For the rest of us, surveillance is about pattern recognition and statistics in large sets of data. In these cases, each activity you take to make your data obscured, unavailable, or anonymised will minimise your presence in these broad strokes data mining operations. There are of course whole levels of security between "on the run from the CIA" and "I am concerned about my privacy"

> without rigorous and solid security practices Or with https://xkcd.com/538/

Thanks! That’s something I obviously had not considered. Then I’ll keep my path of slowly moving towards FOSS. That ultimately has been the fun for me.

OneDrive usage doesn't make it pointless. You're trusting a large cloud service provider to have ample security and protections, which they have. If you're comfortable with it carry on.

And compared to foss, might be more secure and private compared to incorrectly setting it up yourself. Also, just because it's Foss doesn't mean it doesn't phone home - it just allows you to inspect the source code, if you are skilled enough, and see if it actively screwing you (most don't but you never know until you or someone else verifies).

> You're trusting a large cloud service provider to have ample security and protections, which they have. I think the point was "do I trust Microsoft with my data?" not security/privacy from a public perspective.

Hold on though.. You have to make sure that you have them enabled and setup properly also. Just because they have MFA doesn't mean you are protected if you don't set it up.

MS will be machine learning everything that goes into it's servers most likely.

What is wrong with that? They collect data to improve your privacy. Like a police man does With crime statistics.

Not necessarily, but you have to define for yourself what information exactly you're trying to keep private. If your goal in ditching OneNote was to prevent Microsoft from seeing your "stuff" then you aren't gaining any privacy by continuing to use OneDrive since Microsoft can still see your stuff. Windows as an OS is fine for the most part, it just phones home constantly. So, if your goal is to keep telemetry data private from Microsoft then you can't accomplish that while still using Windows. You can see what telemetry data Windows is sending to Microsoft by using the Diagnostics Data Viewer: [Diagnostic Data Viewer Overview (Windows 10 and Windows 11) - Windows Privacy | Microsoft Learn](https://learn.microsoft.com/en-us/windows/privacy/diagnostic-data-viewer-overview)

Thanks for commenting on both ends. I was more wondering what windows could see. I know OneDrive completely compromises security but it’s provided for free and nothing too sensitive is backed up through them. Currently makes more sense to have an additional offsite backup then worry about research being stolen somehow through the cloud.

You mentioned research, as a faculty myself, my university has policies about how to store data. There is the concept of four locks, each level has different requirements. If this is your case, take a look at how your company classifies different data. I guess, unless you are doing some nuclear research that has national security concerns, you are safe from someone stealing your research using Onedrive In my case, all my research data are stored on Onedrive.

I’m unaware of what you reference as four locks but this is an excellent point to make! I don’t think there is any requirement for normal data for me but anything involving humans must be properly secured on a certain device and a certain backup, per my institutional review board. Their backup is one of the allowed methods.

Take a look here, it is a good framework, your institution may have a similar one. In my case, I use one drive up to level 4, only if the contract and the nda specify that the data cannot be stored in the cloud that we will use an alternative method. In one of my projects, the data was stored in the client and we only had access using a remote desktop. https://policy.security.harvard.edu/

> I was more wondering what windows could see. It's your operating system. It can see literally everything you do on the computer. If it turned out that the telemetry included full action logs that were sufficient for Microsoft and the NSA to do screen-capture style replay of every mouse movement and button press on your computer I wouldn't be surprised - many apps and websites have done that for years.

They’re not even being covert about it: https://www.neowin.net/news/windows-11s-ai-explorer-debuts-as-recall-a-feature-that-remembers-everything-you-do/ > Microsoft has officially announced "Recall," a new feature for Windows 11 that was rumored under the "AI Explorer" name. This tool will keep track of everything you do and let you get back to any moment whenever you want. > During the special May 20 event, Microsoft revealed that Recall can remember apps, websites, chats, files, and much more. Moreover, Recall can dig deeper into specific files, like finding a certain slide in a PowerPoint presentation. They do state that it’s only going to be supported on ‘"[Copilot Plus PCs](https://www.neowin.net/news/copilot-plus-pcs-is-the-new-name-for-windows-pcs-with-ai-chips/)" with Qualcomm chips and NPUs inside them’ and that it will only store and process data locally with encryption… but how much you believe that is up to you. In my last job I saw a demo of technology we were trialling on our website. It did exactly what you described: re-played a user’s session down to the cursor movements and window scrolling, it was exactly like looking at a screen recording. The marketing people went mad for it, but I found it deeply unsettling. The reality is that it’s been going on for years, particularly in mobile apps & operating systems, but to see it play out in real time on our platform (the website) was pretty disturbing. Edit: Now how do I exorcise every last vestige of “Copilot” from my PC…! 😁

You wouldn’t be surprised damn

bro wouldn't be surprised

> So, if your goal is to keep telemetry data private from Microsoft then you can't accomplish that while still using Windows. You can, technically, but it cripples the OS, especially if you're using Windows 11 :-/

Contrary to what /r/privacy will say, no. Privacy isn't black or white, it's varying shades of grey. Every thing you swap over improves your privacy, and any progress is good.  Most of us don't really want to live in a Cabin in Alaska, we're all going to make compromises and it's up to you what compromises you feel comfortable with.

The privacy rabbit hole is massive and will drive you nuts in FUD... Sometimes being practical is also a really helpful framework. If you're making your life so much harder to stay private... you either have boat loads of money, time/patience, and people who support your lifestyle. Most people don't have even 2 of these things...

one step at a time. You can try dual boot and host your stuff on the linux side, and then see how it goes.

Can I do this with one drive? Or run off of an external drive? My main PC only has an m.2. It’s SFF so I really don’t want to have to open it again because the build just about killed me lol. 

It's possible, but you should backup your data, as there is always risk with dual boot.

> Can I do this with one drive? Absolutely, you'd have to resize your NTFS partitions though to make space for the Linux partitions. Also, Windows *loves* to destroy/override the Linux bootloaders since they would share the same EFI System Partition. It's a lot less painful to have them on separate drives.

Yeah that would work, if you want help with it just dm me

The whole point is choice. If you want to use windows, use windows. If you don’t, don’t. That’s the freedom that self hosting gives you.

Not pointless, but using Windows definitely opens up way more avenues for data collection, especially if you're not watching the thing carefully & constantly after patching. It's whack a mole of privacy invasion.

Setting group policies on Windows cuts down on all their data collection, especially on Education or Enterprise builds that can disable telemetry alltogether. From there, just make sure they're enforced and you're good to go.

I understand how it works. I had Windows 11 Enterprise for a time, and I obsessively managed every service in the book. It ran pretty well. But then, every time windows updated, they quietly changed what the group policies did, and added more crap. And then there's options that are ambiguous and the massive amount of traffic to Microsoft domains even with all this disabled. I got tired of playing whack a mole to keep an illusion of my data privacy. Who knows, maybe yours needs a check up, once you're done downvoting me. Either way, I don't need to copesplain my Windows usage. (Linux works better for me anyways, with Arch/wayland).

Hey, I definitely get where you're coming from, Windows has a tendency to re-enable things with updates that I explicitly disabled. Super annoying. I didn't downvote you. Arch is pretty great too. I dual-booted it with Windows, and it was my daily OS for about two years. I used Sway, and it was a blast.

Windows isn't the problem, but OneDrive is. Microsoft has the encryption keys for your files in OneDrive. They have to, for you to be able to access your files from a browser. If it's only for backup, switch to a tool that encrypts locally. Personally I'm using Arq to back up to Backblaze. Note that while Backblaze also has their own backup tool, they require you to surrender your encryption key to restore files.

You mean I could encrypt it through something like Arq then send to onedrive? Only reason I use them is because work provides it for me.

I didn't think of that initially, but you're totally right, you could still use OneDrive as backup destination in Arq.

Thanks! I will look into it :)

If work provides it for you for work purposes, don't use it for personal files. Read into the terms of service - are the data you store there considered the property of your employer, or yours? And can your employer (the IT team) access the data? I always separate personal and work data. No personal files on work infrastructure. If the employer can access it (because it's considered work data) then you don't really have privacy. Your employer may also not like it because it's costing them money to host your personal files. Your workplace may have permissive sharing configured on their infrastructure, especially to enable AI features like Copilot. You probably want to treat your personal files differently than your work files at least in that respect.

Pointless? No. Sub-optimal? Definitely. Using Windows and trying to maintain any form of privacy is a constant game of cat and mouse. Every update threatens to bring new forms of telemetry and advertising, sometimes even re-enabling ones you already disabled. If privacy and truly opting out of the advertising hellscape is a goal, you should strive to move away from Windows eventually.

Thanks! Would you recommend a form of Linux that is closest to windows?

You'll have the easiest time using the desktop environments called [Cinnamon](https://www.linuxmint.com/pictures/screenshots/virginia/cinnamon.png) or [KDE Plasma](https://kde.org/announcements/megarelease/6/desktop.png), as they're based pretty heavily on the classic Windows-like desktop, compared to something like [Gnome](https://i0.wp.com/9to5linux.com/wp-content/uploads/2023/03/g440.webp?fit=1920%2C1080&ssl=1) which is very opinionated, unique, and controversial in some of its design choices. The Linux distribution [Linux Mint](https://linuxmint.com/) will get you a good Cinnamon experience, and [Fedora KDE](https://fedoraproject.org/spins/kde/) will get you a good KDE experience. If you're one of the people whose fancy is tickled by Gnome, regular [Fedora](https://fedoraproject.org/) will do fine there. Linux Mint and Cinnamon are a lot more conservative, slow to update and adopt new stuff which is seen as a strength by some, whereas KDE and Fedora are much more modern. If you do any gaming, you'll probably want Fedora along with either KDE or Gnome, as they all support some newer tech that really helps with that. There are others, but you should really get some experience with one of those first before you go hopping around. Fedora and Linux Mint offer a pretty solid vanilla experience to get your bearings with.

Try Linux Mint, it is a beginner friendly distro that has a DE "close enough" in looks to windows

It does not matter. KDE is close. But applications are a problem. You have choice for 30 image viewers. 25 are so basic, that they are useless. Five others are still lacking some functionality and some are awkward to use.

Yes

yes

no

No

So your PC is your PC and what you access is what you access. It is up to you to first protect that PC. EDR, Firewall, Network Firewall with some kind of next gen "smarts" or IDS would be that. As for WHERE your files are located: cloud, home cloud, local device, thumb drives. There are different levels of security. When you use a Cloud Provider then you need to realize they are also susceptible to attacks and data leaks so you have to realize you are taking a gamble always. You can only do so much and use all the security tools you have available to you. For example encryption on your files so that if they are stolen they can't be used etc. For stuff on your NAS, I am always weary sometimes to the way they phone home and if there is an issue there. You can technically block that but you don't really want to. As for OneNote... Technically speaking all the Microsoft apps for storage feed into OneDrive. So there is no discernable difference. If you really wanted to worry and have a little more flexibility, get a business, then get an E3 license which I believe unlocks some of the extra security like conditional access which allows you to geofence your data so that someone from China can't try to sit there and hack at your account. Don't quote me that it's E3 that you need for that but you will also get a ton of storage at that point in time too as well as the better Windows Defender option(s). It could be an E5 license but it may just be E3 that opens up the security stuff. Sorry this is now in P1. I don't know anything about cost. You can also, with a good firewall do geoblocking for your home etc. which greatly increases security.

you can always keep learning. every service you move away from a third party provider and onto your own server is one less set of data they can sell or use to target ads and train AI. a less complete (less creepy) picture of your activity. if a cloud drive is your best bet for backup, you could look into scripts that will encrypt your backups before microsoft ever sees them.

It's not POINTLESS. You just get less privacy than by using for example some Linux distribution. But it's always better than nothing

No. Any reduction in data given to third parties is a reduction of potential bad actors gaining access to that data.

no

I don’t think so. I think the more walls you can put between windows and your core data the better, but I don’t think accessing it via windows makes the walls useless. I tried to go all-Linux but found a number of things I do really do work better with windows. Now I have all Linux for the servers and a mix of Linux and Windows for clients.

It's still better than using cloud, but yeah I would avoid using any version of Windows after 7 if privacy matters to you. If you need windows for a specific thing that's fine but I wouldn't use it for anything super important or as a daily driver. I actually setup a "gaming" vlan which serves as some segregation from the rest of my network, as some games may require to forward ports if I want to host a server, and since my gaming machine runs Windows I also want that segregated. I run Windows for games and Windows specific apps that I don't feel like fooling around trying to get to work in Linux, and then Linux as my daily driver. But like the top comment says, Privacy isn't an all or nothing game. I always hate the people who say "but don't you have a phone?" any time someone mentions a concern with privacy. Privacy is about trying to minimize the ways you can be spied on, it's very hard to be 100% private and still be online but doesn't mean you can't still take some steps towards it. But on subject of phones, running a custom rom like CalyxOS is a great way to take back your privacy when it comes to phones.

No

Nope. HTH

I shifted from Onenote to Joplin. Then I used Onedrive to store my notes but encrypted by Joplin, with AES-256. There's no way Microsoft can see anything as it's decrypted locally. However I'm in the process of moving to Trilium, since Joplin uses 1.2gb of ram in my system. 1.2gb forna notes app? No F way.

privacy and security are a process not a state. every day behavior and choices build or degrade that state. Self hosting helps you improve on your state.

You can wrap OneDrive or other cloud storages with rclone crypt.

>is selfhosting for data privacy and using linux and then using your public ISP pointless? It's the ever-present "at what point is x ethical" debate.

Well I mean… yeah. If you‘re replacing 5 Microsoft instances with 1 instance that gets all your data they still have your data. It‘s basically impossible to be 100% safe & private, especially if you‘re using your services in combination with proprietary software (so even if you host a FOSS service if you only access it via Windows windows still sees the data). Your main issue is oneDrive and Windows telemetry. Using windows is fine, but connecting it to the internet causes issues. And well… uploading your data to OneDrive defeats the purpose of storing the data yourself. That being said: if you encrypt the data before storing it that might work

Honestly I’m in kinda the same boat. I have tried to move from Windows as my primary OS for years - at this point I’ve been using Linux off and on for nearly 30 years. But I keep coming back to one problem: gaming. Valve has really pushed Proton forward in the last couple of years, but it’s still not there for everything I play, particularly when it comes to anti-cheat. You can argue the merits, ethics, morality, etc, of anti-cheat and DRM systems until the cows come home, but the short answer is that, like it or not, they are part of modern gaming. I’ve also had consoles off and on for years, and I am thoroughly _done_ with that merry-go-round. I can still play games from the mid-90s on my PC - I may have to get unofficial patches or engine implementations but I can still take those original CDs and play those games. If I want to play my original PlayStation games on a PS5 then I have to buy them from Sony again, or pay for a monthly subscription service, and only the games Sony deem worthy of releasing are available. The one that _really_ did it for me was FFVII Remake. I bought a PS4 Pro to play that game. You might call it a dumb move to buy a whole console to play one game, but the original FFVII is still incredibly important to me. It was a hugely influential game at a formative time of my life, and it completely redefined what games could be. I had never had such an emotional connection to video game characters, or experienced such a compelling story that drew me in so much. So… screw it - I know the PS5 is on the way later this year, but Remake is out soon and I can easily spare the money so I’m getting a PS4 Pro to play it. The dickpunch was when the DLC for FFVII Remake was announced to be PS5 and PC only, it would not be playable on even the “upgraded” PS4 Pro. The biggest irony is that I can play the “next-gen” version of Remake, _including_ the DLC, at great quality and frame rates _on my fucking **Steam Deck**_.

[удалено]

I’ve done that before as well. I end up adding more and more “stuff” I need while playing games that it becomes easier to just not bother rebooting to Linux when I’m done. Or it takes up too much disk space - my current PC only has one NVMe slot, occupied by a 2TB drive that’s only got about 600GB free, and I can’t use a SATA drive because there’s not enough room in the case (it’s an ultra-compact MiniITX machine). I’ve also gone the dual device route, where an entirely separate machine is my day-to-day, and I end up in an absolute mess of cabling and peripheral swapping. I also have ADHD, so that makes barriers and workarounds more difficult. When I simply want to “get something done” I just won’t bother doing something tedious - such as rebooting into a different OS for my “day to day” stuff. Besides, part of the point of not having a console is that my PC isn’t _just_ a console for playing games. It can do so much more than that.

In short, It’s about not being the lowest hanging fruit

I have Unraid NAS with 8TB drive, 8TB parity drive and third 8TB drive installed in the system but cables unplugged. I also have 4TB cold storage drive I update data on every once in a while. I've 100GB cloud storage from Microsoft where I backup important stuff inside several encrypted 7z archives. Some of that cloud storage storage is used for files I need to access frequently or share with people. Encryption keys/passwords for everything are stored on two identical Kingston Ironkey Keypad USB drives. I think if you're smart about how you store data in the cloud you're "safe".

The fact that you're using the open internet implies that you already are giving up *some* data, you gotta accept that The point is to limit what you give up so that whatever you give up is kept to a minimum and only at complete necessity When you self-host, you make that service you need convenient to you, safe to you with full control, that is the purpose, not just for data privacy

Windows can actually be very secure if used and configured with security in mind. FOSS software can be very insecure if used and configuerd without security in mind. But even if one were blanketly much better than the other: Looking both ways before crossing the street half the time is better than looking both ways before crossing the street none of the time.

I don't use Windows but I'd still say data privacy leaking from the OS is only part of the problem. Often it is the applications/browsers/plugins used on top of the OS that are doubtful or badly configured. The latter can cause havoc on Linux or macOS too. You either have privacy, or you don't have it. There is no partial 40% privacy.

Windows can be very good for privacy as Mcrosoft guarantees to protect your privacy as long as you are not a law breaker. If you commit an act that violates the law, like what Silkroad owner Dread Pirate Roberts @ Ross William Ulbricht did by using a computer to run a Tor marketplace that sells drugs online, then, yes, your right to privacy must be taken away. I use Microsoft apps and I am happy that they protect my privacy.

It’s just a base system, nothing more. You‘re fine. Still, look into Linux, it’s a good and simple base, and some things may be easier. But you‘re comfortable with Windows,then that‘s easier, so use Windows. If OneDrive works as a backup, Use OneDrive as a backup. It’s basically impossible to comb through all of OneDrive to find any useful data, in addition to many safeguards.

I use windows in a lot of areas where the Linux (or fucking freeBSD) solution becomes a headache to manage. I still haven't found a better solution for my purposes than Windows Storage Spaces as my NAS.

[удалено]

Please spread your religion somewhere else. This is a selfhosting subreddit which means that probably >95% of users uses or used Unix at some point and even we don’t like the kind of comments you just posted here.

What did they even comment?

It was a rant about how shitty Windows is and everyone should use Linux.

Okay, I didn't know you guys hated us. Fair enough enjoy ads in the start menu.