Cloud is pretty cool but internet’s business model was Ads so whatever you do online is tracked and monetized. Almost everything we do, is now online. There are a very few courageous people left who store stuff offline.
But what if I told you, there is a way? This post is all about that.
Pay
If you are a paying customer, chances are, your data is not sold (No Shit). I recommend getting a iCloud+ with 50GB storage, and switch on Advanced Data Protection (ADP). Just make sure you store the secret key in a safe place and recovery contact is updated.
Your emails and calendar aren't encrypted - you should use proton instead for that. I have yet to find a no-frills solution for encrypted contacts that syncs natively to our devices, so bad luck I guess. (If you can make a good product for this, I can fund you)
Portable Laptop
For battery life and lightness nothing beats a MacBook (get a hard shell protective sleeve though) but ThinkPad X series are quite portable too, I personally use this model. Live USB stick’s are nice but they are slow, the ideal method is to install the OS on an external SSD and carry that instead.
If you are in an environment that needs rugged stuff I recommend this laptop with a hard shell briefcase like this.
Battery Pack
TODO
A battery or Portable Generator or Solar Panels
You can apparently DIY it
Something like Anker Powerhouse 90 could work, but HAVEN’T tested it hence can’t recommend.
Live USB Stick
Get a 128 GB pen drive and flash an OS with persistence and encryption. You can use windows (I recommend win10 LTSC), but Linux is ideal. You may switch on BitLocker on the live install but the OS will be slow.
The distro of choice for this use-case is knoppix, though its not maintained anymore so you can checkout puppy linux. The easiest and the most familiar system to install is Kali for some reason, here is a guide. Always switch on encryption during installation.
If you are brave enough, download the knoppix iso from here (V7.2.0bootonly-2013-07-28-EN.iso) and flash it with Etcher.
Browser
If you want a out-of-box solution, I would go with Mullvad’s Browser. But I know some sites may not work so the tradeoff seems to be a hardened brave, kindly follow this guide to bullet proof it.
External SSD
Use Veracrypt
SSD should have:
Encrypted Partition (95%)
A tiny FAT32 partition for storing portable veracrypt and other utilities.
Media and Stuff
I don’t recommend having anything you need long-term in the live usb, just get another USB (64GB?) and add all the material there.
You can use veracrypt here just like before.
Tails
Carry a 3rd usb that contains tails for TOR level shit or booting something disposable quickly.
Mobile
Carry a Bootlocked Pixel with Graphene OS. Your 2FA’s will live on this. The privacy community uses Aegis and I use authenticator pro.
Buy 2 Series-5-NFC yubikies, carry one with you and keep the other at a safe place.
Accounts
The post below is quite important, just make sure your work is saved online and is End-to-End Encrypted.
Mobile lost and Backups
Your backup yubikey will save you in most cases. So keep it in a safe place.
These are the steps you must take after loosing your primary mobile:
Call carrier company, block the SIM and get a new one.
Remotely erase the mobile.
You should keep long-term media not on the phone but in the encrypted drive. You can backup the drive you carry to an HDD at home.
Internet
Get a starlink and a big battery pack (with a solar panel kit?)