Ask HN: How have you deGoogled your life?
By limiting the data you send to Google and other big companies, you ensure your Right to Privacy is in place. It takes time to embrace this life, but once you do, you will appreciate not having ads targeted to you or your devices constantly connecting to transmit data to servers.
*Benefits of deGoogling your devices*
1. Privacy for your devices.
2. De-Googled Operating Systems usually are open-source and can be actively checked for bugs and vulnerabilities.
3. De-Googled OS’ is based on stock Android.
4. There aren’t a bunch of trackers running in the background, and you can expect a much better battery life on your phone.
*The best alternative to Google Apps*
• Google Chrome
— Firefox - Safari
• Google Search
— Duckduckgo - Startpage - Neeva
• Google Chrome Passwords
— BitWarden - 1Password - KeePass
• Google Analytics
— Matomo - Fathom - Simple Analytics - GoatCounter - Counter.dev
• Google Mail
— ProtonMail - Fastmail - Zoho Mail
• Google Docs
— Beat Writer - Workflowy - Open Document Reader - Collabora
• Google sheets
— Airtable - Zoho - Coda
• YouTube
— Vimeo - PeerTube - Dailymotion - Newpipe
• Google Maps for Websites
— Leaflet - Mapbox - Nextzen
• Google Adwords
— BuySellAds
• Google Authenticator
— Authy - 1Password - AndOTP - Aegis
• Google Blogger
— WordPress - Medium - Squarespace
• Google DNS
— OpenDNS - NextDNS - Quad9
• Google Drive
— Internxt - Nextcloud - SyncThing
• Google Hangouts
— Telegram - Slack
• Google Images
— Unsplash - Pexels - Simple Gallery Pro
• Google Maps
— OpenStreetMap - Magic Earth
• Google Translate
— Deepl - WordReference - Lingva
• Google Maps
— Dark Sky - Weather Underground - OsmAnd
• Google Calendar
— Proton Calendar - Simple Calendar Pro - OpenTasks - DAVx5
• Google Keyboard
— OpenBoard - AnySoftKeyboard - Florisboard
• Google Keep
— Standard Notes - Joplin - Obsidian - Simple Notes Pro
• Google Podcast
— AntennaPod
• Ad-blocker
— Pi-hole
• Media
— Plex - Plexamp
• Netflix
— Sonar - Jellyfin
• Cloud
— NAS
• WeTransfer
— Internxt Send
These are the best alternatives that you can use if you would like to deGoogle your devices. Using Google on your device stores your location every time you turn it on. It stores your search history across all your devices in a separate database, meaning even if you were to delete said history on all your devices, Google would still have a record of it.
That’s the same for anything you’ve watched on YouTube, every app and extension you’ve used. How often you’ve used them. Where you were and who you interacted with. We would like you to understand that we want to give you back the power of protecting and controlling your data. Detaching from Google would be challenging, but to protect your data privacy, you have to be careful in using the internet and the apps that you use.
Update: We will continue to update the list with every comment and suggestions!
167 comments
[ 2.6 ms ] story [ 228 ms ] threadGot my own domain, starting to change over accounts to new email. My webservers are at home, my NAS is being built.
I'm getting GrapheneOS because I love my PinePhones but can't quite use one exclusively yet.
There are unofficial versions.
As it happens, I'm being gifted a Pixel 4, so full steam ahead.
Check their site/wiki for info, if this interests you.
What is the alternative? Running some chinese hardware and chips? I guess iPhones would work but you have no real softwarecontrol over those. And what do you worry about regarding the hardware if I may ask? That there is some way the hardware bypases the software running on the device and send out information?
Yes, the firmware.
No. Stop using smartphones. GNU/Linux and FOSS only.
(As a side note, you can use a FOSS smartphone like PinePhone)
How are the gmail alternatives? Can I use my custom domain for free on any? Have self-hosting solutions come close to gmail with spam filters?
I really wish PeerTube was more of a thing.
You saw the same effect with Gab. These spaces become polarized very fast based on who is already there and what the admins believe is adequate moderation.
Odysee seems more right leaning. I don't see queer content creators on there, for instance, despite YouTube heavily demonetizing and recommendation-banning them too.
This is why I really want federated spaces, because they can serve different margins of society without becoming isolated islands.
Folding Ideas made this point (about VidMe) half a decade ago: https://www.youtube.com/watch?v=r3snVCRo_bI
I have a problem with federated platforms where you just get scalled down youtubes where every local sheriff gets to terrorize the people under his domain with his whims and if youtube's are driven by ad sales these are perhaps even worse because they're just ego driven.
Federative approach is terrible, it combines the downsides of decentralized and centralized solutions, it's far from neturality or increasing inclusion or escaping censorship.
Thank you for reading my blog.
Analytics - GoatCounter, Counter.dev
Keyboard - Unexpected Keyboard (A very cool keyboard)
Search - Neeva
Translate - Lingva
Some notes on the post:
- Protonmail as a company doesn’t have a very stellar reputation. I recommend hosting an e-mail server by yourself, or just use providers like Disroot Mail
- K9 Mail is an email client, not an email provider
As someone who did this from about 2001 until three years ago, I strongly suggest most people don't bother with this route.
GMail, Outlook, etc, all throw so many arbitrary and ever-changing security conditions to accept mail, it really isn't worth the hassle - or the lost clients from mails that don't reach their walled-garden end-points.
I've used Fastmail for a few years now, and I'm 99% sure that when I respond to an email sent from GMail, they'll actually receive it (So, I'm not talking about cold-emails, which I could just about begin to understand).
Rolling your own is fine until you're explaining to your spouse why the realtor never received the email they're waiting for to adjust the closing documents.
I still host my personal email address, but I lost a few jobs sent to my work address by inadvertently being 'rude' in not responding to cold emails from GMail addresses I had in fact responded to. THAT was the situation that really irked. Such a stupid logic, or lack thereof.
• Google Chrome
— Firefox - Safari - Vivaldi
• Google Chrome Passwords
— BitWarden - 1Password - KeePass - Enpass
• Google Authenticator
— Authy - 1Password - AndOTP - Aegis - Enpass
• Google Translate
— Deepl - WordReference - Lingva - bab.la
• Google Maps
— Dark Sky - Weather Underground - OsmAnd - Guru Maps
• WeTransfer
— Internxt Send - filetransfer.kpn.com
[1] https://github.com/dani-garcia/vaultwarden/
For Android, to be specific. I'd love for an alternative to SwiftKey after Microsoft acquired them.
So take /etc/hosts or little snitch or whatever and hard block .google., googletagmanager etc. - all sorts of domains that you come across from google.
Then, when you run into something that doesn't work, figure it out at that moment.
Any solutions to make the transition easier outside of manually updating email everywhere?
Also, what’s the best alternative to Gmail currently that will support using my own domain name?
If you're concerned about privacy I would evaluate fastmail.com
As for alternatives, I have iCloud+ with my Apple One subscription I already pay for. That lets you setup five custom domains, with up to three emails each[1].
I think even if you don't switch yet, it's a good idea to change your domain name while you still can because most services ask for confirmation on the old email and we've all heard the horror stories with Gmail locking you out of nowhere
[1] https://support.apple.com/en-us/HT212514
Visit each site in your password manager and knock over a couple a day.
You'll never get anything that fully automates this because every site does the change differently. Even LastPass's automated password changer could only ever do a handful of sites fully automatically.
I've seen everything from full self service, to manual approval, to begging their privacy/legal department, to sites claiming allowing me to change my email address would represent an unacceptable security risk. I ask those sites that make up reasons like that to delete my personal information and move to someone who understands why email addresses are bad primary keys.
If you use your own domain, you'll never have to do this ever again, no matter how many times you change your email provider.
You need to start today, if you wait it's only a matter of time before Google does it for you by locking you out of your account for reasons they won't explain. Browse the GMail subreddit and observe the sea of hundreds of people locked out each week.
[0] https://en.wikipedia.org/wiki/Canary_trap
Worst case you'd raise a ticket (how good is actual support!) and they would be able to change the domain contact information for you because you can already authenticate with the user account that owns the domain.
If this wasn't possible all those domains that have self referencing contact information (eg. abuse@this-same-domain.example) could never be verified.
Using google accounts with a non gmail non gsuite email suuucks
I just changed the email in the owner field in namecheap. I did not receive a confirmation email. (At the old one, I did to the new one)
> Ultimately, in case of domain theft/dispute or similar, the domain's owner record has highest authority.
I would highly suspect in a court of law that is not true. You see, you have a contract with the registar for the domain. You can put whatever information you want there it doesn't change your contract with the registar. That is why your registar account is important.
> "I would highly suspect in a court of law that is not true."
OK, but why, and in what court and in what legal system?
> "You see, you have a contract with the registar for the domain."
It's not the registrar that sells the domain. They are brokers between registrant and the entity owning the TLD, and registrars also have domestic laws to abide to.
> "You can put whatever information you want there ..."
No you can't, not in European nations part of the EU. While not legally enforced, registrars based here are required to request and urge customers to put accurate and truthful information there. Some of them (e.g. OVH) even require personal identification documents in order to register a domain. In my case, with my .se domain, I cannot change anything in the contact records without providing verifiable identification data - part of which goes into my contact records.
I mean, I literally went and changed the email on a domain to check if what you said was true. And validated that your claim was false.
Secondly, contracts are a thing. I am not sure why you think that you would have a contract with the registar is something that is guess work or made up. I'm also confused as to why contract law 101 isn't a thing you know.
> OK, but why, and in what court and in what legal system?
Why? Because contracts are a thing. And pretty much all of them. You know the first thing a judge will ask if it's being question who owns a domain? Who paid for it. The second thing will ask is what registar account it belongs to. The email address on the domain record would get ignored for the more important aspects that obtain to the fundamentals of law. It's like if you pay for a book but someone else writes their name on it. The judge isn't going to say "Oh but he wrote his name on it."
So many people think that judges care about small little details. They don't the case would be happened quickly and swiftly. It would be a minor case and the judge would literally ask basic information to obtain who owns it. Paying for it and having it in your domain regsitar account would statsify them that it belongs to you. If you honestly think a judge would listen to a claim of "But your honor my client came into possession of this email address and that email address is listed as a contact email for a domain so it belongs to my client" I don't really know what to tell you. It's not how the world works.
> It's not the registrar that sells the domain. They are brokers between registrant and the entity owning the TLD, and registrars also have domestic laws to abide to.
So here is how contracts work. You have a contract with the registar and they have a contract with the registery. There are obivously some clauses in there. But there will not be a clause that allows them to transfer that domain to another user/registar without your approval and that often comes from you going to their site and requesting the transfer code. And I don't remember when I did a transfer I had to confirm the email on the record.
> No you can't, not in European nations part of the EU. While not legally enforced, registrars based here are required to request and urge customers to put accurate and truthful information there.
That legally enforced part is a major thing. And request and urging is different from requiring. In fact, go do some whois and I'll be you find you can't find the information for any of domains you whois since they have whois privacy.
Quite simply, the idea that forgetting to update an email in a domain record means someone else owns your domain is ignorant of the law and how thing things work.
> "I mean, I literally went and changed the email on a domain to check if what you said was true. And validated that your claim was false."
You changed it on your domain, on your registrar. This doesn't the slightest invalidate the requirements and procedures that I am faced with when doing the same with my domain/TLD, on my registrar, abiding to domestic laws in my country.
> "Quite simply, the idea that forgetting to update an email in a domain record means someone else owns your domain is ignorant of the law and how thing things work."
It means what I said: the contact in the record is the legal owner of the domain, and also has rights to confirm a domain transfer, to alter the other contact records, and to change the NS records of the domain, no matter if that contact/e-mail is still me or someone else.
In the case of my TLD (.se) that contact is also the only one who's legally allowed to obtain an unredacted WHOIS from the registry. This information is not public for .se.
> abiding to domestic laws in my country.
Just to confirm, you country is Sweden, right? The Court of Justice of the European Union ruled that a domain name is property. All member states of the EU must implement and have laws that follow EU laws. This means that the Court Of Justice of the European Union's decision must be upheld in all EU countries of they face penalties. This is echod by the Swedish Supreme court's deicision that domains are property that can be seized in The Pirate Bay case. Sweden like every other country has written laws and case law on the ownership of property. This stuff was solved and settled so many years ago it's hard to even guess when.
So let's put a line under this. In the country of Sweden your domain name is property of you, by law. Ownership of property doesn't change hands because you registered an gmail address. Just like ownership of property doesn't change hands because you move into an address that someone was previously there. I'm sure Sweden has laws about mail. Just because it arrived at your address does not make it yours.
I have no motivation to de-Google except how horrible Google has been about this transition, so far making it impossible through circular logic.
I guess I'd have to do a takeout of the business domain, then delete that domain. Then open a new workspaces account and import the takout. Then handwave magic, I somehow get Google's attention to get the personal workspaces free instead of just automatically shutoff as their support docs claim will happen. Since I might have to migrate this one domain to some other service anyway, I might as well move the other domain too because it's easier to manage the two domains with a single interface even if they are separate accounts. So yeah, Google themselves are the how I will deGoogle, seems like.
I should move away from Gmail too but that's the hardest part imo. I mostly have trust issues if that make sense. Not that I trust Google that much but I just don't know if any other email service will be around in 20 years or so. Probably Microsoft and Apple? iCloud Mail sounds good just don't have any experience with it (and it only works with custom domains afaik)
Since I started using a smartphone/Android, I've been on CyanogenMod/LineageOS without Play services installed. I use FOSS apps from f-droid (Firefox, K-9 Mail, osmand~, DAVx5, Gadgetbridge, Signal) exclusively, and self-host the server-side of all my email (postfix/dovecot/amavis/opendkim) and CalDAV/CardDAV (radicale) stuff. I even set up my own public-ish DNS recursor that all networks I take care of use.
Never regretted any of it, but I'm aware few will find it enjoyable taking care of some of this infrastructure. I am lucky that I do :)
[0] https://kagi.com/
I can't overstate how frustrating Google's search quality has gone down, and DDG just wasn't cutting it.
> Our searching includes anonymized requests to traditional search indexes like Google and Bing as well as vertical sources like Wikipedia and DeepL or other APIs.
It's a fucking google proxy with some nice css
However they do it, I get different search results from Kagi than I do from say DuckDuckGo and I have no reason to believe my privacy is compromised.
Subsribtion business model annoys me quite a lot. I want be charged for actuall use.
The day I could replace that too, I'll try my best not to touch a Google product ever again.
Startpage uses Google results.
Search results are great + additional features for developers
[1] https://tinylist.app
I use Fastmail for email and calendar, DuckDuckGo & StartPage for searching, Firefox as a web browser, and a Synology NAS for storage over Google Drive.
I use Google Drive / Docs / Sheets occasionally for collaborating. Most people aren't de-Googled so it's more of a hassle to ask them to use a different service. Additionally, I don't use Google services for anything particularly important so I don't mind if Google knows about it.
Fastmail isn't the most private service out there, but it is an amazing service to use for email, calendar, contacts, file storage, and notes. It works with 1Password with masked emails [0].
You can also use sieve [1] to fine tune your filter rules. I'm not aware of other email services that provide this (unless of course you are hosting your own).
I've played with it a bit. You don't really need to do it because the interface they have can generate sieve code for you, but it's nice that it is an option.
[0]: https://www.fastmail.com/1password/ [1]: http://sieve.info/
Quant for search makes sense in Europe.
Trying hard but I still find stuff where my auth is gmail. Some sites won't let you change email. The ones of those that I can, I have left for other services.
What is most frustrating is that I have a Google phone so they snoop even bank auth.
I could not live without WhatsApp in Spain and, weirdly, that requirement forces me to have a gPhone or iPhone.
most of these services are inferior to the google service imo. and many of these alternatives may leak or sell your data too.
if you're paranoid then DTA. it's far better to hide in the crowd then to use some browser developed by 4 people with anime emojis on github.
also, I trust google won't get hacked far more than the others.
better solution would be to obfuscate your data as much as possible.
I still have a gmail account, which is kinda needed for YouTube Premium, which is a service I do enjoy.
Pixel 4a with Graphene OS, only GCam Services Provider (https://github.com/lukaspieper/Gcam-Services-Provider) to be able to use Google Camera. Implementation is super simple and it shouldn't take long to see that it actually does nothing.
Browser:
Firefox - followed https://blackgnu.net/firefox-hardening-guide.html; Fennec on Android
Search - https://searx.space/ (plan on self hosting one)
Youtube - https://docs.invidious.io/instances/ (plan on self hosting one)
Passwords:
Bitwarden - backups done regularly to encrypted external storage and encrypted rclone mount
Email:
Tutanota/Protonmail + custom domain
2FA:
Aegis
Messaging:
Signal - easiest way to setup for non-technical friends and family. Used to use a few different apps, but only use this right now. I also use https://meet.jit.si/ occasionally for calls on the laptop/desktop.
VPN:
Mullvad - currently working on setting up my own.
Maps:
Organic Maps on Android/Open Street Maps on desktop/laptop.
Sync:
Syncthing - syncing desktop, laptop, a few phones to my home server on LAN only.
Notes:
Markdown files kept on devices, synced through syncthing.
Media:
Emby - had issues with Jellyfin, but might revisit in a few months as I have some plans there. Airsonic - music
Adblocker:
Mullvad + ublockorigin
Calendar:
Tutanota
Analytics for website:
C# console app that parses caddy logs and clears logs after parsing.
Cloud:
Create encrypted mount with rclone and dump backups there when needed.
It was a slow process to get here and I am lucky to have friends who followed me on this journey to be honest. The first step came while working for my final project at university and building something around my heavy dislike for Facebook. Once I had to research the subject more in depth I started to realize how wrong I was all these years entrusting troves of data to the highest bidder... I had a friend who had asked me about these things and I am sorry for not listening to him sooner, but I felt that he never went past "bro, you shouldn't trust google!". Which is I think what most of us do.
I am trying to have conversations about this with everyone and try to adjust my language to their level. It's good because it highlights how little I know and it works both ways as I have to learn myself a bit more about any given topic. It's quite nice. It's even better to have people who have followed me on this path, moving to devices with no google services at all on them, moving away operating systems and so on.
If you think you're stuck, try to get rid of an app or two and see how it goes. Most of them add little to NO value to your life and your tech stack so trust yourself and delete them. It took me about a year to fully get rid of any google related stuff (and I include micro G here to allow me to run stuff like WhatsApp/YT/Gmail/Maps). And I knew it's bad, so I imagine it's a lot harder if you don't think there are risks.
Some things are more difficult, but my phone is now a tool that quietly sits on a desk somewhere in the house and I use it to do something specific. It's also reassuring to know it's not constantly feeding off me to send info to whoever is interested in my particular demographic.
As an afterword, please, all of you who suggest open source alternatives, also keep in mind that most of these projects have very little financial support. A few dollars, euros, pounds might not mean much to you, but it could ma...
• Youtube
Too much content there to stop using. I almost never use it while logged in. I never subscribe: I bookmark the channel.
• Maps
Too useful to stop using. Haven't tried alternatives, but open to recommendations. Business locations and open/close times are must haves for me.
• Duo
It's a videophone that mostly works.
• Chrome
I never stopped using Firefox as my main browser since ~2005, but I'll use Chrome from time to time, mostly for website development and watching Youtube.
• GMail
I've almost completely moved off it about a year ago for Fastmail, but I keep checking my existing GMail. Probably should get around to moving over completely.
• Android
I'm a recent LineageOS convert, but still use it with the Play Store.
Source: https://en.wikipedia.org/wiki/NewPipe
Youtube channel subs etc can be handled with some privacy adds by using NewPipe on Android. Features are never ending.
People interested by LineageOS may also be interested in GrapheneOS, and their Play Store related handling.
Tangentially related: Aurora Store in place of "actual" Google Play app/Google Play Services.
Signal or meet.jit.si for video calling.
Chromium. Pain in the ass, but worth it. Change ALL relevant settings, Chrome or Chromium. Find a couple guides.
GrapheneOS looks cool, but it only supports Pixel phones? (I have a Moto X4)
I'll look into the Aurora Store.
Duo's call interface is practically identical to POTS calls on smartphones, so I use it to call my mom.
Signal can do video? Didn't know that.
I set up a private Jitsi meet server two years ago, but it insisted on directing mobile browsers to the app. I was able to configure it to not do that, but friends complained about high battery usage. Has that changed since? Regardless, I'm not sure how I could call someone on it, aside from sending them a link and hoping they open it. It's more of a videoconferencing system.
I've used Chromium on a few Linux installs, forgot it supported Windows, too.
My own goals/use cases:
- I'm unhappy with the current economics of the online world, that are based on advertising. I accept that developing products requires money, and getting money requires a business model, so if I don't like the incentives ad-based business creates, I should actively support alternative models
- I'm unhappy with the intrusiveness of tracking. I think consent is important -- not as a legal concept, but as a regular human being understands it. When I interact with a person or organization, I can meaningfully give consent for their actions. I can't meaningfully give consent to what some third party who isn't part of that interaction does, regardless of the legal fine print that says.
- I'm happy that the internet has become mainstream and people who aren't "tech people" use it.
- I'm not concerned with targeted attacks, but am concerned with opportunistic attacks against my online accounts and identities.
- Yes, "identities" -- I believe people should be able to have multiple identities online.
With those criteria, my current set up:
- password manager -- no reusued passwords. Whole family uses this.
- Fastmail. Because I use email so much, it's clearly a valuable service for me. So it' worth paying for -- I'm many years out from being a broke college student.
- A domain I purchased just for emails, and make use of subdomain addressing. I tend to use a different subdomain email per service. Goes to the goal of multiple identities, reducing tracking and reducing opportunistic attacks
- I've kept my gmail address and forward it to my fastmail, because I don't want to make my personal contacts use a different email address than they have for years. Maybe I'll change that some day, but I'm ok with _reducing_ rather than _eliminating_ google in my life
- FireFox. Also Mozilla VPN, to give Mozilla some money, though in practice I don't really have a frequent use for VPN.
- Duck Duck Go
- Ublock Origin
- Subscriptions to a handful of news outlets I read frequently. Print subscription for one of them!
- Separate computer for work vs personal
Biggest gap I'm still uncomfortable with: Shopping on Amazon.