- Google is bad on so many levels, but whichever browser you, whichever search engine you
are using, I will say this, there are some things you can
do within that search engine to increase your privacy. First of all, you should
not be using autofill, because when you're using autofill and it's coming up with
those search suggestions, even if you don't press enter, that search engine is
collecting what you're saying, because that's how they're able to feed you those suggestions. (electronic music) - Everyone, it's David Bombal back with a very special guest. Naomi, welcome. - Thank you so much for having me. It's great to be here. - Yeah, it is. I mean, we won't get into
talking about cricket and rugby because you're
originally from Australia. Is that right? - That I am indeed, yeah. - Yeah, we won't get into that. So, for all of my Australians or my Australian friends watching, we won't talk about rugby and cricket. We're gonna talk about
privacy in this interview. Naomi, why are you such
an advocate for privacy? 'Cause I'll start with this, you know, sort of point that a lot of
people perhaps might make is I'm not stealing, I'm not doing drugs, I'm not doing anything illegal. So, why would I care if
I get tracked online? - I hear that a lot, and
that's the main pushback I get. And that's the reason why so many people are very complacent about their privacy. But the fact is that, well, first of all, societal norms change, right? So, what's acceptable today might not be acceptable tomorrow. Regimes come and go, but
your data is forever. So, if your data is being collected and I'll tell you now everything that you are doing on the internet, unless you're taking specific precautions to stop it being collected,
it is being collected. It is being stored in a database. It is been housed by the NSA. It's also been stored in multiple servers, whatever companies you're using. But all of that stuff is
consolidated by the government. It's searchable by basically
their version of Google, which is called XKeyscore. So, all of this stuff is easily searchable and it's all tagged and it's all sorted. And if in the future,
there's a regime that perhaps doesn't like someone who
is a privacy advocate, doesn't like someone
who uses cryptocurrency. Doesn't like someone who ties their shoes the wrong way, right? They could go back in history
and just go through all of this data they've been collected. So, it's important that people
preemptively stop their data being collected because we
don't know how societal norms are going to change in the future. We don't know what regime
may come into power that will have access to all of this data. So it's important to be cautious and be aware that things
like that can happen. The other thing I would say is that, you know, people, when they say, well, I don't break the law, right? It always makes me laugh
'cause it makes me think like, well, you know, not all laws are good. And I say that with a little
bit of caution, right? Because if you look back through history, we've had some pretty
atrocious laws and actually, it's the civil disobedience as the people who have pushed
back against these things that have allowed bad laws to change. Now, what happens when you have a society where everyone is forced to be
a hundred percent compliant? Well, no one would've ever tried marijuana and discovered that it's
a really great treatment for people with epilepsy. It can really stop, you know,
the effects of chemotherapy, hurting people, you know,
where they have awful nausea. We wouldn't have been able
to discover those things without people actually trying this stuff. So, a hundred percent
completely obedient society is actually not desirable if you want to keep pushing society
forward and keep progressing. So, just a couple of things
right off the bat there that you know, when people are saying, well, I'm not a criminal,
I'm not doing anything. You know, the other thing is that if you start using
privacy enhancing tools, you are helping to protect those who do have something to hide. And they're not always bad people. You can have civil rights lawyers. You can have people who work for NGOs. You can have activists, whistleblowers, people who want to hold
the government accountable or hold companies accountable. These people need their privacy. For them, it's a matter of life and death. And if only those people are the ones who are using all of these
tools to protect themselves, it can make them pretty easy to spot. So actually, making these
tools pervasive in society is a great step forward because it means that we're protecting the people
who are putting their life on the line to protect us
and to fight for our rights. So it's important to
just embrace these tools. Just a matter of respect out
of what they're doing as well. - That's interesting,
I mean, I saw a video on your YouTube channel and I'll, for everyone who's watching,
please go and subscribe. Naomi's, I've linked it below,
Naomi's YouTube channel. She's got fantastic content there. You did a presentation and
correct me if I'm wrong. I can't remember exactly. It was something about the
graph was going like this and then suddenly it spiked like crazy. Was that interest in as like
special messaging applications because of what is happening in Ukraine? Is that right? - Yeah, so that was actually
a graph that shows TOR usage. - [David] Okay. - TOR, it stands for The Onion Router. I'm sure a lot of your viewers are probably well-versed in that. If anyone isn't, it's basically
a tool that allows you to hide your identity
when you are browsing. It basically encrypts this package of data and bounces it around to
all these different places before actually taking you
to your search destination so that it hides who you are
from where you are going. You know, no single node
knows both of those things. TOR usage in the Ukraine when
they were invaded by Russia went through the roof because
suddenly people realized, oh goodness, this hostile
entity is just invaded. If I say things that are
against this government, perhaps my life is now
gonna be on the line. You know, now I'm considered a dissident. Whereas moments earlier, I
wasn't, I was all compliant. New people who have come in
and to them, I am a dissident. And so people are finally
realizing the importance of privacy and taking actions
to protect their privacy. If you look at the graphs for Signal usage in the area as well, also
went through the roof. Suddenly people are realizing, well, they don't want their communications to just be unencrypted
and out there in the wild. They want to protect that
so that only the recipient and the sender actually
can read those messages. So, when you are in a situation
that is higher stakes, suddenly you think about these things. But the problem is, we
can't always predict when these high-stakes
situations will arise. Suddenly, things can happen
and we're not familiar with privacy tools. We don't know how to use TOR. We don't know how to use
Signal or any of these things. We don't know what the best
search engine to use is, the best email, and suddenly we're in this hostile environment,
things are moving very fast and we need to protect ourselves. It's so important for people
to familiarize themselves with these tools now and start to use them in their life so that when it actually becomes a life or death situation, you know, if that ever happens, goodness, heaven forbid, you are
better prepared to handle it. It's all about your proactive privacy. And it doesn't mean that you
need to throw out your devices and live in the woods and
never connect to the internet. You know, some people will tell you, well, you can't ever achieve real privacy so why should I bother? And they throw their hands up in the air. But the fact of the matter is
you can do a tremendous amount to severely curtail the amount of data that you are sending out
there that's accessible and collectible by people. You can make a huge difference just by making small changes in your life. Just by choosing a better search engine, choosing a better
browser, using a good VPN. You're learning how to use TOR. Like different tools that are super easy can make a huge difference
in your privacy. - So let's get technical. I want to, you know, share
less data with Google or the government or whatever. So let's start. Naomi, do you wanna start
with operating systems or should we start with browsers? Which one do you wanna start with? - Oh, well, I'd first of
all, explain the principle of why there's such a blurry line between government and companies. - Okay, let's go there. - Right now. - No, that's fine. - So, there's this thing called
the third-party doctrine. And if you think about like how all of your data is collected, like
how the government gets out, how these companies go,
like all of this stuff, and you think about, well,
how is this system enabled? Well, often we have to
realize that it's our choices that are enabling it. We're opting to use platforms
and services like Gmail that explicitly tell us
in their privacy policies in the terms of conditions, you know, we're collecting your data and you're giving us permission to do whatever you want with it. And, we tick that box and we use it. So, already we understand
that by our own volition, we're handing over a lot of this data. We can just opt out. We could choose not to hand that over. But the reason that the government is able to get that information and
the reason why these companies are then able to sell that data to a tremendous amount of people, it ends up on the dark web. It ends up, you know, putting people in threatening situations is because once we hand over our data, we're not technically considered
to own that data anymore. The third-party doctrine
says that if you give data to a third party, you don't own that. You don't control that anymore. So the government can, they
don't need to get a warrant and get it directly from
you and get your permission or anything like that. They can just ask that company and the company can decide whether or not they wanna hand over that data. They can decide to sell that data. There's so many things that
could be done with our data because of this really,
really bad principle. - And that's a US thing, is it? Sorry to interrupt. - It's a US thing, yeah. And, but the problem is, is that a lot of things
that happen in the US, it just carries over into other states, like even in the EU
where they have, I think, good privacy laws like GDPR. If you actually look at
how it's enforced, I mean, for example, Google gives all of the data. I think they is over a thousand companies that they give the data to, that they collect through
their advertising mechanism. So, even though they have like non-consensual
data arrangements in the EU where you're not allowed
to hand over data, companies like Google
are still doing this. They find work around and
they technically classify it as well, we're not selling
this data technically, but they're broadcasting it
to thousands of companies. So, it gets really important to start to be aware of how you're
giving away your data. So to your question, I would start simple. I would start what are like tools we use in our everyday life, you know, on whatever computer you're on. So, I think email, that's like a cornerstone
of our internet life. Maybe we'll start there. - Yeah, I was gonna start with browsers, but let's start with email. - Right, browsers. - Oh, it doesn't matter. I mean, let's start browsers. Okay, so, I think your favorite is Chrome. Is that right? - (laughs) Get outta here! I'm leaving, I am done! So Chrome is one of the
absolute worse offenders when it comes to privacy breaches. - Yeah. - Edge is actually really bad too. - Yeah. - When you're browsing using Edge. And so this is, first of all, let's differentiate between
search engines and browsers. Browsers are like the little, you know, apps that you open that helping, you know, actually populate this. 'Cause I get a lot of comments when I'm talking about these
things and I'll be like, here are some good
browsers and people say, what about search engine X? And I'm like, no, no, they're different. So, for browsers, I love Brave. And here's the reason why I love Brave. - I also use Brave. - You know, those tracking? - Sorry, go ahead. - Yeah, you know, those tracking links that you get like everywhere. For example, if you go to Twitter, you're sharing a link. You can copy it from the URL. Looks like a normal tweet. As soon as you hit that, share this tweet or copy link to tweet, if you look at what you're
actually given, it has like, well, here's your URL,
and then there's a slash and a question mark and
like a billion digits that come after that. And so anyone that you
now share that link with, they'll be immediately
tracked back to you. They'll be linked to you. So tracking links are everywhere. Tracking links are also
when you, you know, you click on a page and suddenly you look at the bottom left hand corner and all these little websites pop up, like before it takes you
to the page and like, what's happening there? It's called bounce tracking where they're bouncing you
through trackers, right? There are all of these
ways that we are tracked and Brave does an incredible
job with blocking those. Not only do they immediately
strip out any identifiers from the URL itself that they know to be tracking identifiers, but they'll also do
things like debouncing. Debouncing is where
instead of bouncing you through like all of these different sites, the browser will learn,
well, usually when we, when the person starts from here, a bunch of suspect things
happen and they end up here, let's learn over time that
they always end up here and let's just bounce them directly there and cut out all these trackers. The other thing they do
is unlinkable bouncing. So sometimes they can't figure out where the ultimate destination
is, but they'll go, okay, well, at least if
you have to be bounced through all these tracking
links before you get to your destination, let's
have the user visit them in this throwaway container. That means that, you know, no profile can be built up
over time about this person, because this container only used once. So, you go to this
tracker, it's thrown away. You go to the next
tracker, it's thrown away. You go to the next. So they're not learning anything
about you by being bounced through these trackers. So they do tools like this. They're the most aggressive. - That's default, sorry,
I just wanted to ask you, sorry, that's done by
default, is that right? - That is. And a lot of people they'll
say, well, Firefox is great too. And Firefox is great. Firefox is great if you're
someone who likes to tinker, if you like to download your own plugins. There are some great plugins, like different Facebook
containers available for Firefox. I always direct people directly to Brave because first of all,
everything, as you said, it comes default in the browsers. So out of the box, I think
it's the best privacy preserving browser, but also they just do a tremendous amount of great work, you know, pushing the
envelope when it comes to aggressively pursuing
privacy for their users. So, no other browser that I know of actually create tracking
rules to help people, you know, fight off tracking links that specifically target companies. And what I mean by that
is that most browsers will create rules that are
universal and they'll say, well, here's a rule to stop this type of tracking link and all this. Brave says, no, we know
that Facebook in particular tracks people like this. We wouldn't put a normal
company in this box, but we will do it to
Facebook 'cause we know that they're doing malicious
things to their users. we know that Google tracks
people specifically like this when another company does this, it's okay. But we know that Google
does this to track people. We're gonna put them in a box. So the fact that they go out of their way to actually name the bad
players and create rules that target them, I think
speaks a lot about them. I like that about them. So, they're another tool. I would say like, even Safari is a privacy-preserving browser, but if you're really
interested in privacy, I wouldn't choose Safari as
my browser 'cause Apple does, you know, send a lot of
information back about you. But I will say that Apple does do work for people who aren't privacy focused and Apple's helping them regardless. So, Apple's is doing things
to help the average person who's not gonna actively
seek privacy tools. If you are someone who
actively seeks privacy tools, I would probably go with Brave or Firefox if you wanted to tinker some more. - So let's, I wanted, I just had an idea. How about like, Naomi's like
out of 10, how would you rate? So, I mean, let's play a game. Chrome is that zero out of 10, where 10 is great and zero is bad. - Yeah, Chrome's terrible. They don't, I think
they're the only browser, large browser that doesn't
block third party cookies now. And they keep saying,
oh, we're gonna do it. And then they keep pushing
it back and pushing it back. They, Chrome is so bad for
your privacy, it's atrocious. Zero, zero! - So then I mean I just zero, zero, yeah? Edge? - Listen, I we're gonna get,
if we're getting that granular, I don't know whether we
should do a thumbs up or a thumbs down. - Okay, let's do a
thumbs up or thumbs down. Let's do that. Yeah, we'll say rubbish, yeah? Safari, maybe? Maybe like halfway? - Safari is pretty good, but
like go for something better. - And then Firefox, maybe
if you can tinker, yeah? - Yeah, if you wanna tinker. - And then Brave is your best, yeah? - Yeah, and there are other smaller ones. There are things like the
Vivaldi that's a browser that I sometimes use. The problem, like, and there's Opera. The problem with some
of the smaller browsers is that you need to have
website compatibility. And sometimes when you're
building a website, you're just gonna say, okay, like Google has 80% of the market share. I'm gonna make sure it's
compatible for Google. And then maybe I'll add Firefox
and Brave and maybe Safari. But as you start to get
to the smaller ones, they don't often check
that it's compatible with a lot of these smaller ones. I haven't had too many issues like that, but that is something to keep in mind. If you are using a smaller one. It's not a reason to
not use them completely. I actually really like some
of these other browsers, it's just something to keep in mind. - So, here's a technical question. Isn't Brave built on Chrome? So, isn't it vulnerable to
the same stuff as Chrome? - So, it's built on Chromium. So behind a browser, you
have a browser engine which is basically the thing
that's translating everything into the things that
you see on the screen. And yes, Chromium overwhelmingly has a majority of the market share. And I think it is like
upwards of 80% of all browsers are Chromium-based. The reason why it's not as bad as, I mean, Chrome for
example is not Chromium. They're different things, but they are both managed by Google, but Chromium is an
open-source browser engine. So, it's a big difference. Chrome obviously, is not
an open-source browser. We don't know what they're doing there. We don't know what kind of malicious code they're plugging in, what kind of trackers and all of that. But Chromium, the only
reason why I sometimes recommend people use browsers
that don't use Chromium is because it can be
dangerous to allow one entity, whether it's open-source
or not to get too much of a market share because then people stop developing alternatives. - Yeah. - And if a company has a
lot of power and influence over an open source, they may not be using that power and influence at the moment. It may be a big open-source project, but it's possible that could be co-opted and then you won't really
have any other choice because there won't be other options, browser options out there. So that's the only reason
why I think that people should be mindful, maybe opt
for other browser engines, but otherwise Chromium, I mean, it's a really solid search browser engine and it's heavily vested and lot of people are contributing to it. So, I don't think that's
a huge issue for me. - That's good, I mean, so for normal browsing
you would use Brave. Would you use TOR? - So, for normal browsing, I don't use TOR and that's
because I am not doing things that I'm particularly
concerned about hiding. Now, the reason why I say that is because there are
trade-offs with using TOR. A lot of the products I'll talk about, there are really no
discernible trade-offs. You could switch out
different email providers and really see no difference. So, you're just getting
a whole lot of privacy for not much of a sacrifice there. With TOR, I'm sacrificing
speed tremendously. I'm also sacrificing, depending
on my settings in TOR, it might be stopping certain
scripts on certain pages if I have those settings on. So it might make pages not load correctly. But the main thing is the
speed that if you think about this package being
like bounced around to a bunch of servers before
it goes to the exit node, it does delay your search and
it can get a little annoying. So, day-to-day, I don't do that. I use a VPN and we can dive
into why a VPN might be useful and why it's not a panacea. Why people don't need to not think that that's a big like privacy cure. - Yeah, I definitely wanna
talk about VPNs as well. Yeah, sorry, go on. - Yeah, but, short answer from after a very long-winded answer is no, I don't use TOR day-to-day,
but I do use it. It is something that I'm
very comfortable using and I enjoy and very grateful for. - I heard you mention that
you prefer TOR the product, like separate browser
to using TOR with Brave 'cause what I like about Brave is it does have TOR built in, but is
what's the disadvantages of using that versus like just downloading Tor
itself and using that? - So, I love Brave and I love that they come with that option. If you have higher stake situation, I would definitely go with the TOR browser just because it's a specialized product. They specifically designed
that with TOR in mind. Brave has a lot of other
things that they're giving you. And so, there are a lot of
other features they're adding on and I love those features. But if something is not designed with one particular use case, there's more room for
security hole, all of that. I'm not saying that
there are security holes, but I trust the TOR browser more than I would trust someone
else's plugin for TOR or you know, a browser
that's integrated it. So for, if you are really
serious about your privacy, go with the TOR browser, but the feature adding TOR to Brave, I think is a great way to put
it in the hands of more people so more people can get
comfortable with it. I think that's great. Just be aware of your own risk assessment, like where you fall. - Yeah, so I use Brave a
lot and what I like about with the TOR part is,
I'm with you on that. It's like, it's nice when
you just want to test it as if you, that you're not being tracked. 'Cause if you go to like
YouTube or some other website, Google knows it's you. But, if you open up that
little window in TOR, then it's like private. So it's great for like quick tests. But I agree with you,
it's like really slow. That's a problem with
TOR, but it, you know, I think you've mentioned it. What do you want? Do you want, I think a lot of
humans go for ease, isn't it? It's much easier to use
some of these products, but the problem with that is
you're sacrificing privacy. - Yeah, and that's a
really hard trade-off. And it's funny when I ask for privacy tips from some of my friends, 'cause some of my friends are
really extreme and I love that because then I find out what's
at the end of the spectrum. But the problem is that
there's privacy fatigue. And if you tell someone
who's just starting out, well, in order to have real privacy, you need to be wearing this tin foil hat, but it needs to be this
special grade of tin foil. And you kind of go on all
this things they need to, it's like, you need to wipe your phone. Then you need to wipe it again while you're standing on your head. People are just gonna be like, okay, I don't care about privacy anymore. I'm just gonna keep using it. But if you give them
very easy, simple steps, they can take incrementally. They're really helping their privacy. And they don't need to have robust privacy because not everyone's being
targeted with the same tools. A lot of people will
come at me and be like, well, this isn't gonna
protect me from Pegasus. It's like, right, but
what does protect you from Pegasus is that
25 million price point or billion dollar price point on, you know, using that zero-day. If you're average Joe, you know, no one's gonna target you with that. So that's not in your threat model. It doesn't mean that it's off the table, that that could never
happen, of course it could. But you need to be weighing
like convenience in your life. What's something that's
sustainable for you as a privacy-conscious person? What's something that's realistic? What's something like a level
of privacy you can maintain? And that's critical because
privacy fatigue is real. And I encourage you to figure out a level that is sustainable for you. Not to feel like you have
to go a hundred percent like some of my friends out there. That's great that they wanna do that. And it's great that they have the discipline to maintain that. It's not for the average person though. And I don't want people
to feel like they're not getting an improvement in their privacy because they're not airtight. Because at the end of the day,
nothing is actually airtight. - Yeah, that's a good point. No, that's a good point. I mean, if a government
wants to come after you and they've got enough money, it's gonna be very,
very difficult to hide. - Yeah. - It's a really good point. Okay, search, let's get to search engines. So again, I'm gonna make you upset. Your favorite is Google, is that right? - Ha, so I, Google is
bad on so many levels, but whichever browser you, whichever search engine you
are using, I will say this. There are some things you can
do within that search engine to increase your privacy. First of all, you should
not be using autofill because when you're using autofill and it's coming up with
those search suggestions, even if you don't press enter, that search engine is
collecting what you're saying, because that's how they're able to feed you those suggestions. And they're storing that. Google is a huge offender of that. So, don't be using autofill
when you do these things. My go-to is Brave. And now everyone's like,
but Naomi, that's a browser. You said browsers and search
engines are different. They are. Brave used to just be a browser. Now, Brave is also a search engine. The reason why I like
them, it's for two reasons, privacy-focused and neutral. So, if you, let's unpack
what it means to be neutral. If you go to Google, Google
will show you search results according to what they prioritize. So let's say that they
decide that Naomi Brockwell is a terrible person. You know, they could earmark any notes about the like searches about
Naomi Brockwell and say, well, prioritize these ones, the ones that say you, Naomi
Brockwell is a scammer. Naomi Brockwell is an Australian in the worst sense of the word! Like whatever they wanna say. Or, if they really like
me, they could say, well, Naomi Brockwell is flawless. She is a privacy goddess! Like whatever, but what
just know that whatever you are searching, Google is
filtering that according to their algorithm,
according to what they think is information you shouldn't get. I take a lot of issue with that. I don't want someone deciding for me what's truth and what's not. I wanna see everything out
there and decide for myself, 'cause I think that I'm
a rational human being who has the capacity to do that. And I think most people do. I used to recommend DuckDuckGo as my search engine top choice. But then DuckDuckGo started
to filter results in this way. DuckDuckGo also had the privacy and the neutrality thing going for them. Now, they no longer have
the neutrality thing. They announced a couple of
months ago that they would start to sort to get rid of disinformation. But I'm sorry, I don't think that they're the arbiters of truth. I don't think that they
even have the resources to determine what's true and what's not. So I'm not gonna trust
a sourcing algorithm that prioritizes certain content, you know, according to
their ideas of truth. So, I now use Brave. Brave is both a metasearch
engine and a pure search engine. What that means is, a pure search engine is
one where the search engine has its own web crawlers that
go out and index everything and finds all of the sites. Metasearch engine is one that basically pulls results from someone else. So, they will use their
own bots to index things, show results based on that. But when they feel like the
results aren't good enough, then they will also pull results. But they tell you what
percentage of the results are pulled from somewhere else. So, there will actually
be like a little marker in your Brave search that says, you know, this is 10% from Bing because they had better
images or whatever. So it just is, they're very
transparent with that stuff and I really appreciate that. The reason why metasearch
engines aren't always the answer. First of all, you're
still getting the filter from wherever they're pulling. So there's another search
engine called Startpage. It is a metasearch engine. I actually really like Startpage. They are a privacy-focused
page and their whole schtick is we allow you to
search Google privately. So, they're pulling
everything from Google. You still get all of the, you know, filtering that Google does,
but let's say for example, I'm on a different search engine and I'm looking for something
obscure, no results come up. I'm like, well, Google would
probably find this for me, but I don't wanna go to Google 'cause it's collecting all my data. It's not a private tool. I can use something like Startpage, get the Google search results, but I can access that privately. And what Startpage does is sometimes they'll like archive it so you don't even have to see it directly. So, there are lots of different
tools that they use there. So, I like them as a proxy
when Brave doesn't suit. But honestly, 90% of the time,
at least Brave suits me fine. - It's interesting 'cause DuckDuckGo was always the preferred
choice, it seemed. Wasn't there something recently
where there was a big hoo-ha on Twitter where they, Microsoft ads or sorry, Microsoft trackers were getting allowed through or something? - Yeah, that was complicated. And I have to admit, I don't know, I don't understand the details, but I did see a conversation
with the CEO pushing back against people's complaints, saying it's all a little overblown, we're basically saying that, you know, there are certain instances where we have to use these trackers from Microsoft. People were saying, well, you know, see they're compromised because they're a big corporate
interest involved with them. And he was saying, well, no
it's not really how it worked. But to be honest, I'm not even thinking about DuckDuckGo anymore. It's not in my privacy toolbox anymore because when they started the filtering, that was such a foundational pillar of why people liked
them because they really pushed this neutrality
perspective that when they decided to backtrack on that, it
just made me not trust them. So, I just can't, I just can't trust the
narrative anymore from them. And maybe they're still
doing good stuff, but I just, I just steer clear of them. - I think that's a really good
point that you raised there. It's not only the stuff, it's not only the tracking is it? It's like they filtering
the world that you see and that's a really good point. Yeah, so I mean, that's interesting 'cause I've always used DuckDuckGo as my sort of like privacy thing. But I see that Brave. So, Brave is both a browser
and a search engine. I saw that by default, they
use their own search engine. You have to change it to someone else. But I mean, I think you've
also raised the point. The problem often is with,
when you go to Google, you get better results
sometimes than you do with some of these other search engines and that's where you'd
use Startpage, right? - Yeah, I mean, Google has such an astronomical
amount of resources. If you look at the resources Brave has, they could perhaps argue that they have 1% of the browser share on the
internet, which seems big, but it's a drop in the
bucket when you compare that to Chrome, for example. So, I think it was first
quarter of this year, Google made $54 billion
just from advertising and collecting data about people. I think it was like 60
something billion dollars just from Q1 of this year. They have astronomical
resources at their disposal. So yes, they can have great
trackers that, I mean, spiders that go out
there and index things, so their results can find
these pages that other sites, other search engines
just haven't indexed yet. So, Startpage is a great tool
for getting access to those without the privacy invasion. But most sites that you visit
will be indexed pretty well by most search engines and
Brave does a great job most of the time I found. - That's great. I mean, that's great advice. So what I also like about Brave
is if I wanted to get like, someone let's say my
grandmother as an example, or someone who's not that tech savvy, it's not that difficult. Brave is very simple compared to like Tor. Trying to get someone to
use Tor is a bigger hurdle. So, I like the way that you like saying don't sacrifice too much
because then someone's not gonna implement privacy. So Brave is your choice for browser. Brave is your choice for search engine. You were gonna say email and I think your, I think you quoted like
Edward Snowden saying that he know he doesn't use email. Is that correct? Something along those lines? - Yeah, yeah, the first
thing I would say about email is understand that is an
inherently insecure protocol. - Yeah. - And so, if you are sending
sensitive information, if it's really sensitive, I would think twice about
sending it via email at all. I would use an end-to-end
encrypted messaging app like Signal for example. But if I am using email, you have to realize if you're using Gmail, which most people do or
you're using Outlook, all of the contents of
your email are visible to Google or to Microsoft. They're completely stored in the clear. They're accessible to people
who work at these companies. And not only that, Google
has been found in the past to have, you know, used
data and made it available from your private email
that you think is private, made it available to third parties. - [David] That's crazy. - So, the fact that all of this, what we think of private
communication is just out there for people to collect,
and that's a huge step that you can take if you
switch to a private one. Now, what does a private one entail? Well, for example, there are end-to-end
encrypted email providers, but the caveat is that, for example, let's say I'm using Tutanota or let's say I'm using
Proton Mail, for example. We'll go with that. And I send an email to
Bob and he's using Gmail. Sure, I might be using a email that says that it's privacy-preserving. I think I'm good. It's literally going to
their email Gmail account. So, my email is still visible and stored in the Google servers and accessible. So, if you want actually
end-to-end encrypted emails, you need to be on Proton Mail and sending to Proton Mail, for example, or you need to be on Tutanota
and sending to Tutanota. They're the two email providers
that I would recommend. I use both of them. I like both of them. There are different trade-offs and set up for why you might choose
one over the other. Like for example,
Tutanota, I can't sign up for an account using a VPN, which means that when I
first sign up for an account, I go to a public wifi. But again, you gotta be careful with that. Do you trust the public wifi? Do you think that someone is malicious on there intercepting stuff? But the problem with Proton Mail is that you can't set it
up without a phone number. So there are two different trade-offs. Of course you can buy a,
I have many phone numbers. I have many throwaway phone numbers. I often use these when
I sign up for accounts, it's very easy in the United States to get an anonymous SIM card. You just go into a store
and you buy a prepaid SIM, as simple as that. So, and both of those problems
are not insurmountable, but both are, you know, worth weighing when you're choosing which one to use. And also, there's the network effect. Can you convince any of your friends to get Proton Mail or Tutanota? And it's important to
find one that you think will have the most likelihood
of other people using as well. - So, I mean, if I think the Proton Mail is the one I hear the most about, is that like a good one
to start with perhaps? - Well, the reason why Proton Mail has some perks of Tutanota
and it has been a few months since I've looked into this. So, I'm not sure where
Tutanota not has updated this, but Proton Mail also enables
you that it doesn't have to necessarily be Proton
Mail in order for it to be end-to-end encrypted. You can also, if it notices
that it has your, you know, PGP key in there, then
it will encrypt it with that person's key that
you're sending it to. Or it will look for that and Tutanota, last time I checked doesn't, so that's a reason why I like Proton Mail, but as I said, I like both of
them for different reasons. - But if I get a VPN I'm safe, aren't I? VPNs like solve all my problems, right? - Well, here's a thing. And it actually, it's a good caveat, a good segue going from
Proton Mail into VPNs. So, a lot of people will say
Proton Mail's compromised because there was a
climate activist in France and they got access to all
of his Proton Mail stuff. And it's so completely false. Let's talk about what
actually happened there. - [David] Okay. - So, Proton Mail, Proton, the company, which runs Proton VPN, Proton Mail, it's based in Switzerland. And in Switzerland, there
are no rules from the country saying that the government
or someone can't compel you to log IP addresses for email. So what happened in this situation was, France told Switzerland, listen, this is a person that we wanna catch. They use Proton Mail. We need their IP address. Proton Mail's policy at the time was we do not log IP addresses. So they did not have that information. They could not hand it over. So then France said, okay, Switzerland, we need you to compel Proton Mail to start logging this person's IP address. - Wow. - So, Proton Mail changed
their terms of service and the Swiss government,
they didn't have to comply, but they looked at it and said, this is a big enough case that we agree and we will compel Proton Mail. Now, be aware that any
company would be compelled. If anyone gets compelled by
the government to do something, they have to do it, right? So it doesn't matter which
email provider, yeah. But the thing is so, and second of all, no content was even provided. It was just their IP address. That's the only thing that was revealed. The content was still
end-to-end encrypted. Proton Mail could not get access to it and has not gotten access to it and will not be able to get access to it. So, that's a big thing to keep in mind. But here's the thing. Swiss laws around VPNs are really great. So, when I'm looking for a VPN provider, ones based in Switzerland
are actually great. Here's the thing. If that person had used Proton VPN, as well as using Proton Mail, their IP address never
would've been revealed. And that's because Swiss
law says that the government cannot compel a company to a VPN company to log someone's IP address. - Okay. - So, it's great. Now when you're choosing a
VPN, a lot of people say, well, take jurisdiction
with a grain of salt because the long arm of the
US law reaches far and wide, and you have all of these
data sharing treaties and all of this and I agree with that. Yeah, exactly. All of these, you know, arrangements, while I agree with
that, it does seem that, and this is based on Proton
Mail doing a lot of work, sorry, Proton VPN, like
doing a lot of work, fighting government orders and Proton Mail doing a lot of work fighting orders. It seems that the laws in Switzerland are pretty great for VPNs. And so based on that, and based on the company's own reputation, that's how I'd make my
decision about which VPN to use or which email and all of that. So, when it comes to VPN,
basically you want one that has a no logging policy. You want one that collects
as little data as possible about you preferably, in a good jurisdiction like Switzerland. And it has to be using very
specific encryption standards. And I always send people to
Freedom of the Press Foundation for these, they have a
great article that says, use these standards for the handshake, for the private encryption, like all of these different things. And if they deviate from that, they have to have a really good reason. And that's because when
it comes to encryption, the tried-and-true methods are the ones that have been attacked the most and have shown their robustness. The best. So if they're using
something experimental, they've gotta have a reason and are they technically savvy enough to implement that correctly? And so, it's just a big question
when you're choosing VPNs. I actually stay away from like, I get affiliate requests all the time. - All the time, yeah. - From, oh my God. - Sponsor us, yeah, yeah. - Yeah, they're always VPN providers too. And I always stay away from them 'cause I want people to know
that like when I suggest a VPN, it's because I really like them. They're not sponsored. I know that different, you know, channels will do different
things, that's totally fine. I think that for me, when I get companies reaching out to me, that's always a red flag for me. I don't know why, maybe
that makes me silly. It just makes me skeptical of them because if I'm hearing their name because so many people have
been paid to talk about them, actually makes me trust them less. And it makes me scrutinize them more. I reached out to the Freedom
of the Press Foundation as to why they didn't
include Nord in their list of a company that hit
all their prerequisites. They did hit all the prerequisites, but there were like some
strange things they cited about a weird security breach. And then when they had audits come in, they were auditing a part of it that really wasn't to do with security. It was this other part. It was just a lot of weird
things that was enough for them to not add them to the list. So, all of this stuff gets very nuanced. I would dig into the details,
do research yourself. But I think that Proton VPN is a great one because it's based in Switzerland. It's also what Michael Bazzell recommends. He's one of my favorite security experts. If he's promoting something, I always take a good look
at that because he just has, yeah, great advice, especially
for extreme privacy people. - So that's great. I mean, I'll say this, this video is sponsored by no one, so. - This video sponsored
by (chuckles) Snowden! - That's right, I like that. No, there we go. Yeah, we should talk about him as well 'cause you've interviewed him. Okay, so browser Brave,
search engine Brave, email, probably Proton Mail, or was it Tutanota that you mentioned? - Tutanota, yeah. - And then your favorite, and this is just like your opinion. So, I mean it's, whatever
you say, it's fine. Proton VPN would be a good one. I think the problem is
there's so many options that if you don't have
the time or, you know, you don't want to go and like research and research and research, it's so much easier if you
just give us your opinion 'cause you're into this. So I really appreciate you sharing that. You wanna say anything else about VPNs or should we talk about messaging apps? - Well, one thing I will say
about VPNs is keep in mind that it's not, the reason
why you would use a VPN. A lot of people will use it,
be like, well I'm protected, all my activity's protected, it's not. The VPN provider will
see your activity, right? They're not gonna see granularly what you're doing on a site,
but they will see the base URL that you're going to. So, don't think that
your privacy is secure and they get subpoenaed all the time. Again, if it's in the wrong country, it's gonna be trivially
easy for a government to be able to get those records and a lot of VPNs sell data as well. So make sure you find a good one, right? So it's not, don't be relying on that as like a privacy tool. Why your VPN is helpful is because every website you're going to is collecting your IP address, it's collecting all this
information about you and using a VPN can shield you from that. So for example, I don't
know what trackers, GreatShoesForNaomi.com
have on their website. But I do know that if
I go to their website, there's a possibility they could be scraping all kinds of data
about like me specifically where I am including IP address. Whereas if I'm using a VPN
and I trust Proton VPN more than I trust GreatShoesForNaomi.com,
then I would rather, you know, put my eggs in
the Proton VPN basket. A lot of people will say,
well, it's better that it's, you know, you don't trust one thing. It's like now actually it's worse if you don't trust one thing because you're spreading that information
across all these websites. And it only takes one of them to take that and sell it and proliferate it. So, it's a great tool for protecting your IP
address from websites. And it's a great tool for
protecting your activity from your ISP. I trust my VPN provider a lot more than I trust my Internet Service Provider because Internet Service Providers have been shown again and again, to just be selling data
about their users, right, about like their activity
and obviously they know what your IP address is. With the VPN, you're shielding that, and you're placing this VPN
as this buffer between you. So, I think it's a great tool. I don't trust Internet Service Providers most of the time. And so I think that it's smart to try to add layers of privacy
to protect where you can. - Mainly, in the UK there's this law that where the government is basically compelling all ISPs to track or keep a log of every website you've
been to, it's crazy. - Well, the UK has some
of the worst privacy laws. They have what's called like
complete Dragnet capture of everything, right? - [David] Yeah. - So it means that everything, they have these data centers
where the internet cables leave and enter the UK. They have these data collection sites that collect every
single thing that passes through any server in
the UK, which is crazy. I think it's called Tempora
is the name of this project. Like, whereas in the United States, they have to go through,
jump through all these hoops and go through all these roundabout ways to pretend they're not
collecting your data, they are, but they're like, at least pretending. In the UK, they don't
even have that pretense. They're like, yeah, we're
Dragnet-capturing everything and Tempora and obviously
through the Five Eyes program, the United States government
gets access to all of that. So I would be aware of
using things that are based in the UK as well, but just
something to keep in mind. - So would you use a
VPN, like permanently? Do you have that on all the
time or is it only when you go to like an internet cafe or someplace? - So, I use it permanently. There are some websites
that don't like VPNs. The reason why they're able
to see that you're using a VPN is because often you'll have
one VPN or one IP address and a hundred thousand
people are coming from it. So, sites will often just, you know, shut down access to that
when they notice that. There are services, I
believe it's called PIA, which enables you to buy
a dedicated IP address. Again, I wouldn't use that
for all of my searches because you would be undoing your privacy and creating all that stuff within this one IP address again. But occasionally, when there's a website that doesn't allow VPN,
you could switch it out for something like that,
that can be helpful. But a lot of people they'll
put VPNs on their routers, they'll put like, they're
all different things that you can do. I think if you are just getting into this, just getting familiar with
using a VPN on your phone and on your computer
is a great first step. - So, let's talk about like, I could keep you here for hours, but just to, I don't
wanna make it too long, messaging systems or applications you, I think you recommend don't using SMSs and you definitely recommend
using Facebook Messenger. Sorry, I keep joking, I keep joking. - Oh my God! You're killing me every time you say it. - I'm just winding you up, you know that. I know you hate it. So, tell everyone why SMSs are bad, why Facebook Messenger is terrible and what you recommended is. 'Cause I think when I
heard you talk about this, it's surprising 'cause a lot of people would recommend one app that
you actually don't recommend. - So, don't use SMS, it's completely open. Your texts are not only
easily interceptable by people, by hackers, all kinds of ways that
they could be intercepted, SMS, you know, the company, the, you know, telecom provider can also
get access to those messages. It's just, it's completely insecure. So don't use SMS at all. Now, there are a bunch of
apps that promote themselves as being privacy-focused. I will start off with the
one that I would recommend. I would recommend Signal. I think that it is the best
app for secure messaging. It's all end-to-end encrypted. If you look at how they like, right down to the way they
handle stickers and gifs and all of that, it's
all privacy-preserving. They go out of their way
to not collect, you know, to collect as little metadata
as possible about anything. They're just a really robust tool. It's also great for group chats. I'm in a lot of chats that
handle lots of participants. It's also great for like video calls, encrypted voice and video calling. So lots of functionality. And I found that it, I actually prefer it. So a lot of the messaging apps,
just in terms of usability. I've actually found that it's great. So when I've pushed my friends
onto it or family onto it, they've enjoyed it. They haven't been like, oh,
this is an annoying thing that you're forcing me to do. They've actually been like,
oh, I actually like this. You know, I can do individual responses with all these emojis to all these things. There's a lot of things
they can do in there. And so they like Signal and
I just, I really trust it. The people, a fun backstory, right? 'Cause a lot of people like WhatsApp. Now, let me give you a little history of how Signal was created. There was a guy called Brian Acton who's an awesome privacy
advocate and he created WhatsApp. He basically, he turned
on encrypted messaging using the Whisper Systems
protocol for a billion people. That's how many people were using WhatsApp and he decided I'm gonna
end-to-end encrypt this by default, awesome move,
push privacy forward. He's just, he's an awesome legend. Facebook buys WhatsApp
and Brian's like, okay, well it's still okay because you know, we have these certain conditions. Anyway, as time goes
on, he became so unhappy with being part of Facebook that he had, I can't remember the exact
amount, but it's like, it was like a hundred million dollars or even more vested options that were about to be vested
in like a couple of months, meaning that like if he had hung around Facebook a couple of months longer, he would've gotten all of this money. He was so unhappy with
what they were doing and the amount of data
that was being collected in terms of metadata and all
of that behind the scenes that he left in outrage. Leaving all of those options on the table. So what does he do? He then goes and joins Moxie Marlinspike, who was the developer of this
open Whisper Systems protocol. And together, they form
the Signal Foundation. And so, he gives 50, it was $50 million to the Start the Signal Foundation and then they they build Signal together. He's the current acting CEO of Signal. So that's a bit of a
backstory about Signal. Awesome, like really steadfast
privacy advocates behind it. I really like what both of them stand for. So WhatsApp, I would not
recommend for that reason, but also because there
was a leaked document from the FBI that looked at all of the different privacy apps, how much metadata was able
to be collected about them. WhatsApp is one of the worst. So I wouldn't recommend them. You can do encrypted
messages within Facebook. I just wouldn't trust Facebook. They just have some privacy
violations and overreach. I wouldn't go near it. A lot of people use Telegram. That's gonna telegram. And they, well, Telegram
is end-to-end encrypted. It's not end-to-end encrypted by default. Every message you're starting
with someone is in clear text, unless you specifically
click on their name, click on, start secret conversation, wait for them to come online, and then you can start a new
chat that isn't end encrypted. A lot of people don't realize this. And I think Telegram
has done a terrible job because I think they're
misleading their consumers. If almost every person that
I speak to is not aware that they have to go that extra step to set up that encrypted conversation. The fact that they don't know that and they think that by
merely using Telegram, they have encrypted communications. That is an egregious violation
of like of misleading people. So, Telegram not end-to-end
encrypted by default, you have to set it up. End-to-End encryption is not
available for group chats. So all of those chats you're in, completely stored in clear text and service in Russia, right? So, be careful. There are Telegram bots. There's like malware as a
service on Telegram where you can go into these like dodgy
Telegram groups and say, I wanna target X user and
just pay a few hundred dollars and actually be able to,
you know, hack people through the Telegram accounts. Lot of ways that it's insecure. On top of that, they use their own like homespun encryption
method called empty.proto. And when it first came out, you know, encryption experts were
looking at it and just like, why are they using it? - [David] Exactly, why not
just use proper stuff, yeah? - Yeah, why are they not going with like the standard tried-and-true one? So that was a big red
flag for a lot of people when they did that. And also, there's a weird thing where they labeled end-to-end
encryption the same name as like transport encryption, which are very different things. So it misleads people where they're like, no, no, it's all end-to-end encrypted. It's like, no, no, it uses empty.proto or
different versions of it. So it's like, there's so
many red flags with Telegram. I definitely would not use it if I wanted any semblance of privacy. I, you know, use Telegram
for other things. And I have it siloed on specific devices. And I think that's important
to do if you're using things that have a lot of dodgy red flags waving. So, yeah. - It's really interesting. I mean it's a rabbit hole, isn't it? And I mean, do you have time? I wanted to ask you one more thing, and we might have to leave
that for another discussion. Android, iOS? Is there a phone that you could recommend because that seems to be the worst. Phones seem to just leak data. - Yeah, I would recommend Graphene OS. So, Graphene from security experts, they say that it is the go-to if you actually want real privacy. It's basically like hardened Android. A lot of the security features that get added to an Android actually come downstream from Graphene OS, which I would interesting
phrase as like a security, an elite security team that is focused on hardening this
Android operating system. Their version is called Graphene OS. And then they send their
recommendations to Android. Sometimes they implement
'em, sometimes they don't. So eventually, they make their way. Some of them make their way to Android. If I were to rank in terms
of privacy, I would say, you know, obviously there are lots of other operating systems there, but just between those three, I would say Graphene, absolutely, iOS, stock iOS is far more
secure than stock Android, which I'd put right at the bottom. So for the average
person, if you don't want, like if you're gonna be
using your social media apps and you're going to be
doing all kinds of things that are tracking you anyway, and you're giving away your location data, and you're clicking accept when apps say that they wanna find out where you are, then I would say iOS is
probably good option for you. Android, I would say is way too leaky. It's really customizable
but the other side of that is that it's not as locked
down as the iOS system. iOS is a lot more secure and they do it. Apple does go out of their way to take a lot of the
data out of their hands. But I think if you're
really privacy conscious, I wouldn't trust Apple to do that. I would go for a system that
doesn't take that information in the first place. You know, like for example,
Apple Maps does a lot of stuff to anonymize your data. Google Maps is just ingesting
everything you ever do, you know, and asking you to do more things and giving you suggestions and
selling you ads and whatnot. Apple uses this technique called fuzzing where they like even first of all, there are all of these random
identifiers attached to you so they can't actually see
who's requesting which route. You know, Apple also
has like privacy tags. They do a lot of things that are good for the average person for privacy. Private relay, great for the average user. If you actually are really
interested in privacy, I wouldn't settle for that because they still
transmit way too much data. Even if it is just in-house,
even if they don't sell it, I just wouldn't trust them for that. I would go with Graphene
OS, which I think is great. Graphene OS is only for Pixel phones. This is because Pixel allows
for a thing called secure boot. And so, basically a way to show that your operating system
not being tampered with, all this stuff. A lot of phones don't have that. And so, they designed
Graphene specifically for Pixel devices, but you
might wanna choose like Lineage is another operating
system that could be used on any Android phone. It can be a lot more difficult to install. It's a lot more techy because
obviously it's not one phone for one operating system. It could be applicable to any
'cause it gets more fiddley. But if you are willing
to buy a Pixel device or if you have a Pixel
device, I think that Graphene is just a really awesome operating system. It cuts out all of the bloatware that you would find on a normal, you know, cheap Android device, where you have like
Facebook pre-installed, you have Google Play
Services and all of that. And Graphene doesn't have any of that. You use things like the F-Droid Store, which is an alternative
to the Google Play Store. You can also use things like Aurora Store, which is basically a way for
you to use Google Play Services without ever having to access
Google Play Services yourself. It does it all for you. So, I just, I found that
it's very easy to use. And if you are someone who's
more concerned about privacy, it's a great way to go. But again, if you are just
adding your Facebook app onto your phone and your
Twitter app, all of that anyway, I don't know what are you really doing? - You're kind of defeating it, aren't you? Yeah. - Right. (chuckles) - So one last thing. I know we we're running outta time. Do you use cloud services or would you recommend any
cloud service like Dropbox or AWS or that's just
another can of worms? - Yeah, it's a whole, that's a whole thing
that we could get into. So, I think that there are
very few services that compete with something like Google Drive. The usability just isn't there yet. There a lot of things that it's just not, you know, they do a great job with the Google Drive
apps and all of that. But, if you are willing to
sacrifice some usability, there are other things that you can use. I would say first off, don't
be using iCloud Backup. It's all unencrypted. Apple wanted to encrypt iCloud Backup and the FBI fought them on
it and Apple said, okay. And this was like 2019, I
think, around 2018, 2019. It was like after the
San Bernardino pushback where they were saying, we won't install malware, like backdoors on all our devices, the FBI's like, you will! And they had this big fight. A year later, that was the
time when they were also trying to encrypt iCloud Backups. Like a year later, they just
pulled the plug on it entirely and just said, okay, well,
none of that's encrypted, which is terrible. So I would not be doing that because that's gonna be
uploading your WhatsApp, you know, to your backup. It's gonna be uploading your photos. It's gonna be uploading like
everything on your system. And it's all unencrypted. So what's the point of
having a private phone, if it's all just backed up in the cloud and anyone can access it exactly? Dropbox, again, I wouldn't, I mean, it's, that's not end-to-end encrypted either. No, Dropbox can access all your stuff. If you're gonna be
using like the documents and things built into the online storage, Skiff is actually really good product, which is just like a
collaborative document that you can work with someone else on. And it's end-to-end encrypted. Proton actually just
release this holistic system where now you can basically
have storage, cloud storage that's end-to-end encrypted through them. So, that's really great to see them, but they don't yet have Sheets
and Docs and all of these, you know, tools where
you can actually populate those documents to begin with, but you can upload pre-made documents in this end-to-end encrypted service. So yeah, that's a new thing. So I'm just still exploring that. I'm doing, I'm currently doing a deep dive into these options. So hopefully I'll have a video
out soon kind of going like into the details of that. But, that's what I know on the outset. And I'd just be very aware that almost every cloud storage system is not gonna be end-to-end encrypted and just be wary of them before using them and actually seek out the
ones that like the, you know, Proton or whatever else that are, that's what they do first and foremost, that they're privacy-focused. -Naomi, there's so much to talk about. I mean, let's, I'll say this. You've got a whole bunch
of stuff on your website. Like for instance, you show how to change the operating
system on an Android phone. You talk about each of these
in lots and lots of details. So, if anyone's interested, they can subscribe to
your YouTube channel. Is there any other places
where they can follow you or, you know, learn more about
you, get more information? - Well, ironically, I put
all of my stuff on some of the least privacy-preserving platforms. - [David] Like Twitter. - 'Cause I feel, yeah. I feel
like the people on TikTok are in most need of the privacy services. So I also have a series
of videos I put out there. Just little tidbits for
people who are like, I don't wanna watch a whole two minutes, so I'll just watch this 30 second clip. So I have stuff there. I'm on all of the usual, like
Naomi Brockwell on Twitter, I'm on Facebook. But then I'm on a bunch of
alternative platforms too. I'm on a peer-to-peer
video platform called LBRY. You can visit it through
actually the Odysee website. - [David] I was gonna say,
you're very big on Odysee, aren't you? Sorry. - Yeah, yeah. I have a big platform there. O-D-Y-S-E-E.com. So, I love that also because just merely by watching videos on there, you can earn money and by
merely you watching my videos, I can earn money and actually
get more income from there than I do from like Google ads. And it's less privacy invasive
for my viewers as well. So, there's a lot of
reasons why I like people on that platform. I'm also on things like
minds.com and read.cash, and memo.cash and noise.cash, like all of these that
are the alternatives. - [David] You'll have
to send me the links. - Yeah, for sure, for sure. A lot of alternative platforms
out there Float, for example, you know, a lot of them, but I generally put the same
content on most platforms with the exception of like
the Tiktoks and all that. But I wouldn't encourage
you to download TikTok in the first place, so. - The problem is, I think you,
you said in the beginning, the problem is it's difficult
to, it's a lot of pain if you like to really be private. It's a lot of hard work. So, I think if I understand right, you've given us a lot of great, easy ways to at least
start improving our privacy like using Brave, using Proton VPN. There's a lot of options
that aren't that difficult, but at least get us started. Is that right? And then I think we'll
have to get you back for like some extreme privacy stuff, because it sounds like you can really go down the rabbit hole if you want to be like Edward Snowden. That's like a whole next level of work. Is that right? - Oh gosh, oh wow. Yeah, no, I think if you
want extreme privacy, the book I'd recommend
is by Michael Bazzell. - Yep. - He's ex-law enforcement, I believe. And he just has such granular in-depth technical understanding. Like, he works with clients
who are high net worth or high profile people that do have people
actively attacking them. So he works with them to really lock down what they're doing. And he gives away a lot of
those tips in his books. So, I recommend that for, you
know, all the extreme stuff. But you're right, that is what I'm saying. Like, a lot of the ways
your privacy is invaded is because we're voluntarily using services that are collecting this data. We're voluntarily opting
in when a company says, we're taking this and we're
selling it to 50 other, you know, people or
that's in a good scenario, we're selling it to 5,000
other companies, right? And what we can do is make
more conscious choices about these services we're using. Opt for a better email provider, better search engine, better browser. Start to just substitute. And that reduces the
amount of data leakage by drastic amounts, just
drastic amounts just because you are not of your own volition giving away that data anymore. So definitely worth just
making these initial steps and it goes a long way. - I really appreciate it. Thanks so much for sharing. And for everyone watching, please go and subscribe
to Naomi's channel. Support her for all the work she's doing, 'cause it's not always
easy to do this stuff. Naomi, thanks so much. - Thank you so much for
having me, I appreciate it. (electronic music)
