Em Adespoton

LibreOffice is offline; each person can run the software in their own device to create and edit documents.

It’s features are equivalent to 2010 Office. That’s not necessarily bad, but it’s not how people usually work today.

Collabora lets you host documents on a central server and have multiple people edit at once, dynamically tracking changes and allowing full revision management. Or, you can keep your documents local and not host them if you don’t want to.

Yes it is… but it actually allows for collab features that LibreOffice doesn’t have.

I wonder why they chose LibreOffice instead of Collabora?

The one I use is part of a hardware UTM, but I also use Lockdown VPN on iOS, and https://pi-hole.net/ in a container on my LAN, and then VPN all my devices to my home network when I’m not at home.

Depends on the browser/OS.

My go-to for general browsing is Firefox with uBlock Origin and NoScript, which I also use in Edge; I have a few browsers that are still using uMatrix, and I have a proxy filter that strips calls to .js URLs by default except for specifically allowed URLs.

This is why using a local web proxy is a good idea; it can standardize those responses (or randomize them) no matter what you’re actually using.

Personally, I keep JavaScript disabled by default specifically because of this, and turn on those features per-site. So if a website has a script that requires the accelerometer for what it does, that script gets to use it. Other sites keep asking for it? I suppress the requests on that site and if it fails to operate (throws one of those ad blocker or “you have JS disabled errors), I just stop going to the site.

I’ve found that with everything disabled by default, browsing the web is generally a pleasant experience… until it isn’t.

This of course requires using a JS management extension. What I’d really like to see is a browser that defaults to everything disabled, and if a site requests something, have the browser ask for permission to turn on the feature for that particular script, showing the URL for the script and describing what the code does that needs the permission. This seems like an obvious use for locally run AI models.

Thing is, privacy isn’t binary; it isn’t even a spectrum. It’s an amorphous 3-dimensional cloud.

Total privacy means that nobody else knows you even exist. Nobody wants total privacy, even if they think they do.

What most people want is for governments and corporations to not be able to track their day to day activity, malicious actors to not have access to their identity and financial data, and individuals to only have the information about them needed to connect and relate in society.

The first thing anyone needs to do is create their own privacy and threat models. Identify your personal risks within those models and adapt as needed.

For instance, using a cellphone of any type means you’re using a location tracker. Same goes for any vehicle with a built in cellular device. That information is available to specific corporations as well as government agencies and sometimes third parties with money.

Is it worth giving up that level of privacy to be connected to other people in most places you’d be likely to go? That’s up to the individual.

Same goes for libre software and hardware.

Torrenting means you’re sending copies of the files to anyone with a magnet link. Great for quickly sharing legitimate software with a wide group. If you’re trying to download stuff you don’t have a license for, torrenting is a bad solution. Better to find a small community where you can just share files directly, peer to peer or on a private server.

Torrenting has a very obvious digital fingerprint, so even if you’re using a VPN, your ISP knows you’re torrenting. And if your VPN provider gets served with a notice and their country is a member of any international trade agreement, they know who you are and have a responsibility to take action against you.

I keep all my traffic encrypted, use my own DNS, and run a VPN so that anytime I’m away from my place, my traffic is tunnelled through my home setup, which includes a piHole.

If I need more than that to obscure the traffic source, it goes through TOR.

I also run a few public web services off the same IP, so the traffic coming out of my address has plausible deniability.

Plus, I use tracker and ad blockers in all my browsers/devices, of course, as well as block JavaScript by default.

Generally, it’s best to go by capability, not by policy.

Any company has to do what the government of its country says. This goes both for the VPN company, AND any exit node country. So you have to always assume that whatever country your exit node is in has full access to the data exiting the VPN there.

Then there’s the technology being used, the expertise with which it is configured, and finally the policies in place for handling and storing your PII.

Mullvad has a strong record on all accounts, even as far as just giving a year’s notice that it will stop supporting OpenVPN.

AirVPN has virtually no track record, fewer details on hardware, configuration, expertise and PII handling, and it’s in the EU, so has to comply with EU laws as well as Italian laws.

Being in the EU means it has to comply with the GDPR, which does have its benefits. But it also means an EU member state could put a gag order on your account and be monitoring all your data without you ever knowing.

So it all comes down to who you want your data to be private from and why.

Personally, I avoid all public VPN services as much as possible, and assume that the only thing they’re really doing is tricking the next service in the hop as to what country I’m connecting from.