mirror of
https://github.com/privacyguides/privacyguides.org.git
synced 2025-07-22 19:31:07 +00:00
Compare commits
1 Commits
kpham42-ge
...
kpham42-ge
| Author | SHA1 | Date | |
|---|---|---|---|
|
37068aa587 |
@@ -2,68 +2,3 @@
|
||||
title: Avoiding Big Tech
|
||||
icon: material/domain
|
||||
---
|
||||
|
||||
If you hop on YouTube or scroll through Amazon nowadays, you can tell how reliant Big Tech companies are on advertising. After all, [almost $500 billion](https://www.dentsu.com/news-releases/ad-spend-growth-tracks-ahead-of-the-economy) was spent on online advertising in 2024 alone. This figure demonstrates the extent to which these companies depend on targeted ads to increase profit margins, often at the expense of privacy and security.
|
||||
|
||||
Online advertisements are not like older television commercials. Modern digital technologies such as cookies, recommendation algorithms, and browser fingerprinting help these companies create [individualized profiles of their users](https://www.amnesty.org/en/latest/campaigns/2022/02/what-is-big-techs-surveillance-based-business-model/). By obtaining information on your browsing activity and interests, you may receive increasingly relevant advertisements. Given enough time, [Big Tech will know you more than you know yourself](https://www.forbes.com/sites/kashmirhill/2012/02/16/how-target-figured-out-a-teen-girl-was-pregnant-before-her-father-did/).
|
||||
|
||||
Creep factor aside, Big Tech tracking goes far beyond targeted advertising. These companies may also collect analytics data to improve their products, implement quality-of-life features that increase data collection, or record user activity to prevent abuse. Despite being an obvious business decision for most corporate executives, all this could be exploited by bad actors to harm your safety. Excessive data collection supports government surveillance through [legal subpoenas](https://www.nytimes.com/interactive/2019/04/13/us/google-location-tracking-police.html) and scammers through [data breaches](https://blog.knowbe4.com/scam-of-the-week-fbi-warns-against-data-breach-extortion)
|
||||
|
||||
In short, there is no such thing as **free** when using Big Tech services.
|
||||
|
||||
## What is Big Tech?
|
||||
|
||||
There is no strict definition of what constitutes "Big Tech". Generally, the term refers to these [five American corporations](https://www.nytimes.com/interactive/2019/11/13/magazine/internet-platform.html): Alphabet, Amazon, Apple,
|
||||
Meta, and Microsoft. Unlike other companies, they have established near-monopolies across different software and hardware markets. It has become almost impossible to not have some point used their services regardless of where you live. However, there are countless tech alternatives with comparable functionality, with [many being located outside the United States](https://www.privacyguides.org/articles/2025/03/19/private-european-alternatives/).
|
||||
|
||||
Interested in learning more? This table includes a simplified overview of each Big Tech corporation and their user-facing services.
|
||||
|
||||
**Alphabet** - Browser, Email, Cloud Storage, Hardware, Operating System, Messaging, Social Media, Entertainment, Music, Navigation
|
||||
|
||||
**Meta** - Social Media, Hardware, Messaging, E-Commerce, Entertainment
|
||||
|
||||
**Apple** - Browser, Email, Hardware, Cloud Storage, Messaging, Operating System, Entertainment, Music, Navigation
|
||||
**Amazon** - Hardware, Cloud Storage, Entertainment, Music, E-Commerce
|
||||
|
||||
**Microsoft** - Operating System, Browser, Email, Hardware, Cloud Storage, Entertainment, Search Engine
|
||||
|
||||
## Why Avoid Big Tech?
|
||||
|
||||
Let's be honest, escaping Big Tech is difficult. Perhaps you oppose Big Tech based on [ideology](https://www.gnu.org/philosophy/floss-and-foss.en.html), or you could be scared of the [capabilities of targeted advertising](https://www.privacyguides.org/en/basics/common-threats/#surveillance-as-a-business-model). Removing yourself from Big Tech could also mean missing out on [shared group chats](https://ieeexplore.ieee.org/document/7958575/) or [tailored social media feeds](https://www.nytimes.com/2021/12/05/business/media/tiktok-algorithm.html). Remember that everyone's journey is different; there is no need to transition from Big Tech at the expense of your comfort or productivity. Any effort, no matter how small, takes us one step closer to digital freedom.
|
||||
|
||||
## Best Practices
|
||||
|
||||
### 1. Harm Reduction
|
||||
|
||||
This approach allows you to retain some level of privacy without abandoning certain Big Tech services or products. While not a perfect solution, harm reduction can minimize data collection if a complete transition is not possible.
|
||||
|
||||
#### Reconfigure Account Settings
|
||||
|
||||
Take some time to figure out which apps or accounts you must keep. Go to their settings and disable anything that may be privacy-harmful. Ensure that your location data, usage history, and targeted advertising is turned off.
|
||||
|
||||
#### Use a VPN
|
||||
|
||||
A [VPN provider](https://www.privacyguides.org/en/basics/vpn-overview/) could protect your browsing habits. A VPN helps obscure your real IP address from the website you are visiting. Providers like [Mullvad and Proton](https://www.privacyguides.org/en/vpn/) have a DNS filtering feature that blocks advertisements and trackers.
|
||||
#### Change Browsers
|
||||
|
||||
Even with a VPN, Big Tech corporations can still spy on you with techniques such as fingerprinting and advertising cookies. While [clearing your browsing data](https://www.privacyguides.org/articles/2025/02/13/clearing-browsing-data/) is an obvious remediation, you should switch browsers entirely. Privacy Guides recommends [Brave Browser](https://www.privacyguides.org/en/desktop-browsers/#brave-browser) and [Mullvad Browser](https://www.privacyguides.org/en/desktop-browsers/#mullvad-browser) for everyday use.
|
||||
### 2. Consider Alternatives
|
||||
|
||||
You can't just delete your accounts without finding suitable alternatives! If you are ready to make the final push, these tips can help you fully decouple yourself from Big Tech ecosystems.
|
||||
|
||||
#### Providers
|
||||
|
||||
Chances are, Apple and Google are the main providers for your [cloud storage](https://www.privacyguides.org/en/cloud/), photo management, [email](https://www.privacyguides.org/en/email/), and [search engine](https://www.privacyguides.org/en/search-engines/) needs. Thankfully, Privacy Guides has a detailed list of [recommendations](https://www.privacyguides.org/en/tools/) to replace them with.
|
||||
|
||||
#### Software
|
||||
|
||||
Imagine going a day without Microsoft Office, Google Maps, OneNote, or even iMessage! Whether you are a [working professional](https://www.privacyguides.org/en/office-suites/), [hiking enthusiast](https://www.privacyguides.org/en/maps/), [university student](https://www.privacyguides.org/en/notebooks/), or [activist](https://www.privacyguides.org/en/real-time-communication/), these apps can bolster your productivity and keep you connected with hobbies.
|
||||
|
||||
#### Hardware
|
||||
|
||||
Thankfully, you can completely replace your computer's [operating system](https://www.privacyguides.org/en/os/) with a free and open source alternative called [Linux](https://www.privacyguides.org/en/desktop/). Since there are hundreds of Linux distributions, beginners can become confused when choosing one. For the best security and timely updates, We recommend first-time Linux users to install [Fedora](https://fedoraproject.org/). If you are planning to buy a new computer, learn more [here](https://www.privacyguides.org/en/basics/hardware/).
|
||||
As for smartphones, Privacy Guides advises [purchasing supported Google Pixel models](https://www.privacyguides.org/en/mobile-phones/) and [replacing the stock operating system with Graphene OS](https://www.privacyguides.org/en/android/distributions/). This removes Google services from your phone entirely. If a new device is not possible, you should avoid installing other custom ROMs as [basic security features](https://www.privacyguides.org/en/os/android-overview/#security-protections) like Verified Boot would be disabled.
|
||||
|
||||
#### Delete Your Data
|
||||
|
||||
Now, it is time to [delete your accounts](https://www.privacyguides.org/en/basics/account-deletion/). Each company will have different procedures for data deletion; make sure to read through the appropriate customer support pages before doing so. If you live in a jurisdiction with a detailed deletion request policy, such as the European Union, follow the established procedures on their privacy policy for a straightforward deletion process.
|
||||
|
||||
@@ -2,3 +2,42 @@
|
||||
title: Targeted Attacks
|
||||
icon: material/target-account
|
||||
---
|
||||
title: Avoiding Targeted Surveillance
|
||||
icon: material/domain
|
||||
---
|
||||
|
||||
While mass surveillance collects vast amounts of data from the general population, [targeted attacks](https://www.amnesty.org/en/latest/campaigns/2020/10/stopspying/) are different. it focuses specifically on individuals or groups deemed "persons of interest" by governments, corporations, or malicious actors. This kind of surveillance can be far more invasive and precise; however, it is also less likely to occur for most people.
|
||||
|
||||
# How Do Targeted Attacks Work?
|
||||
|
||||
Targeted attacks uses several techniques to infiltrate a person's digital and physical life. It often involves direct attacks on devices, network interception, and even human intelligence.
|
||||
|
||||
[Device Exploitation](https://www.kaspersky.com/resource-center/definitions/what-is-zero-click-malware) is one of the most common methods. Attackers might use malware, spyware, or vulnerabilities in your phone, computer, or IoT devices to gain persistent access. Tools like [Pegasus](https://www.theverge.com/2021/7/18/22582532/pegasus-nso-spyware-target-phones-journalists-activists-investigation) have shown how even encrypted apps can be compromised once the device itself is under control.
|
||||
|
||||
[Network surveillance](https://www.rapid7.com/fundamentals/man-in-the-middle-attacks/) targets the transmission of your data. By attacking the infrastructure between you and your services, adversaries can conduct man-in-the-middle attacks, monitor unencrypted traffic, or inject malicious payloads.
|
||||
|
||||
[Social engineering](https://www.crowdstrike.com/en-us/cybersecurity-101/social-engineering/) remains one of the most effective ways to target a device. Phishing emails, malicious attachments, impersonation, and psychological manipulation are used to trick targets into handing over sensitive information or installing malware themselves.
|
||||
|
||||
# Who Is At Risk?
|
||||
|
||||
Targeted attacks can be devastating. It can expose sensitive conversations, reveal confidential information, endanger lives, and destroy trust. Whether you are a journalist communicating with sources, a whistleblower exposing corruption, or simply someone advocating for civil rights, protecting yourself against targeted attacks is essential to maintaining your freedom and safety.
|
||||
|
||||
Victims often suffer from feelings of helplessness and anxiety. Recognizing your risk before a targeted attack and preparing accordingly is crucial for this threat model.
|
||||
|
||||
# Best Practices
|
||||
|
||||
## 1. Harden Your Devices
|
||||
|
||||
Ensure that your devices are secure: Keep your operating systems and apps up to date with the latest security patches. Ideally, you should purchase the latest [mobile devices](https://www.privacyguides.org/en/mobile-phones/) that are known for security, such as Pixel phones with GrapheneOS or iPhones with lockdown mode enabled. Install only trusted apps and limit permissions as much as possible.
|
||||
|
||||
As for your desktop and laptop computers, full-disk encryption should be enabled everywhere. For sensitive tasks, you should consider installing [Linux](https://www.privacyguides.org/en/desktop/). An amnesiac distribution like [Tails OS](https://www.privacyguides.org/en/desktop/#tails), or a security-focused distribution like [Qubes OS](https://www.privacyguides.org/en/desktop/#qubes-os) works well in this threat model. This step reduces the severity of a potential malware infection.
|
||||
|
||||
## 2. Encrypt Everything
|
||||
|
||||
Communicate using [end-to-end encrypted services](https://www.privacyguides.org/en/real-time-communication/) whenever possible. For messaging, rely on tools like [Signal](https://www.privacyguides.org/en/real-time-communication/#signal) or [SimpleX Chat](https://www.privacyguides.org/en/real-time-communication/#simplex-chat). For [emails](https://www.privacyguides.org/en/email/), prefer PGP-encrypted communications or use privacy-focused providers like [Proton Mail](https://www.privacyguides.org/en/email/#proton-mail) and [Tuta](https://www.privacyguides.org/en/email/#tuta). Use encrypted software such as [Cryptomator](https://www.privacyguides.org/en/encryption/#cryptomator-cloud) or [VeraCrypt](https://www.privacyguides.org/en/encryption/#veracrypt-disk) for sensitive files, and always [verify the identities](https://www.privacyguides.org/articles/2022/07/07/signal-configuration-and-hardening/?h=contact#signal-pin) of your contacts before sending anything.
|
||||
|
||||
## 3. Be Skeptical and Vigilant
|
||||
|
||||
Be suspicious of unexpected messages, links, and attachments that can be used to deploy zero-click attacks. Use [multi-factor authentication](https://www.privacyguides.org/en/multi-factor-authentication/) (preferably hardware tokens like [YubiKey](https://www.privacyguides.org/en/security-keys/)) to secure accounts. Regularly audit your [digital footprint](https://www.privacyguides.org/en/basics/account-deletion/): check what information about you is public, remove unnecessary exposure, and practice good operational security (OpSec) principles like minimizing what you share online.
|
||||
|
||||
This approach also applies to your family members and colleagues. Often, a threat actor will also target the [associates of their victims](https://www.pbs.org/wgbh/frontline/article/pegasus-spyware-jamal-khashoggi-wife-phone-washington-post/) even if the intended target practices good OpSec. If you believe that this could happen to you, communicate this possibility to potential victims and [educate them](https://www.privacyguides.org/en/basics/why-privacy-matters/) on mitigation steps.
|
||||
|
||||
Reference in New Issue
Block a user