My number one enemy (like most) is Google. I have been completely Google free for 1-2 years now (with the exception of YouTube on iOS, as the alternatives ultimately require a Mac to install, which I don’t have), but I haven’t used Google as a search engine in over 4 years. Besides trying to give as little information as possible
...
I also try to give as little information to other companies (Microsoft, etc.) as I can. Now, certain authorities have the permission to request data from companies, not just privacy disrespecting ones. That means that part of my threat model entails certain defenses against such agencies, to make it hard enough to correlate that data with my person. I don’t go overboard, in case anyone is worried. I’ve seen the bondage between paranoia and privacy, and I’ve set myself clear boundaries I won’t cross. So, my main goal is to protect against companies trying to collect my data (bleh, how cliche), but it doesn’t hurt to put in place some decent practices in case the world turns for the worst. I am protecting against attacks from the government towards low hanging fruit, but when it comes to large corporations, I don’t play nice.
Thank you for the elaborate clarification! But, perhaps I have to clarify as well; with "be protected from attacks targeted towards low(er) hanging fruit”, I actually meant any mass-surveillance, data collection and plain attacks from governments, corporations and adversaries that don't qualify as a (more sophisticated) targeted attack.
SecureBlue (Soon!)
Great pick! 🤣
ProtonVPN on all devices 24/7 except when using Tor (for speed)
I don't know the complete specifics of your threat model, but if you haven't yet, then perhaps it's worth reviewing what Privacy Guides has to say on this. Note, I don't necessarily view them as the de facto authority, but more often than not, their views hold more truth than falsehood.
or large downloads/torrents
Vaild reason to (momentarily) not use Tor, but please consider to review Proton VPN on port forwarding in hopes of alleviating the issue of speed without foregoing the VPN connection.
(may look into Mullvad VPN)
Unfortunately, at least for torrents, you're no longer able to rely on Mullvad VPN.
Firefox for streaming some videos that require a specific DNS configuration (Soon looking into how to put an extreme sandbox on it)
Easiest (and also one of the best options) is probably the use of a VM 😅.
ProtonMail + Anonaddy, use disposable emails for accounts that “don’t matter”
FWIW, since SimpleLogin has been acquired by Proton, there is merit in forsaking Anonaddy for SimpleLogin if decreasing the amount of trusted parties is desired. However, this comes at the cost at moving more into the the direction of putting all your eggs in one basket. So, ultimately, it's your choice to make.
Very, very strong and unique passwords + 2FA/FIDO for everything applicable
I hope an offline password manager is involved to some capacity. FWIW, if you're not doing it yet, you can always uniquely 'salt' every password.
Signal as my main messenger (to help bridge the gap for my friends) until GrapheneOS, then SimpleX (Please take a look at https://privacyspreadsheet.com/messaging-apps !)
I like that SimpleX is less platform-dependent. But it has been hard to let go of Briar. Do you happen to know how they currently fare against each other in security/privacy features (beyond what's found on the linked spreadsheet)? FWIW, IT security expert Mike Kuketz' review of SimpleX wasn't quite raving. Which is in clear contrast to his review on Briar. Of course, substantial time has passed since, but his 'non-approval' is something what's bothering me.
Bitwarden as my password manager until GrapheneOS, then KeePass
Ah, we've found the password manager, KeePass (be it DX/XC) is indeed excellent.