Just FYI I installed the apk from the github repo (not the google play version) via Obtainium a few days ago and it tried to make a connection to 2 cloudflare IPs during setup of my account. Without prior consent or any mention. So just be aware that there is still some form of telemetry or unwanted connections happening, even though they removed the telemetry flowing to Mozilla’s own telemetry endpoint. K-9 had zero of this, it just spoke with your mail servers and that was it. So be careful and block outgoing app connections by default. I did not analyze the data being sent, just that there were those 2 unwanted connectiins. happening.

Larian’s publisher apparently likes DA: Veilguard. https://x.com/Cromwelp/status/1850949592667590700

Don’t use Onedrive, Dropbox or Google Drive (all privacy nightmares). Instead:

• Self-host https://nextcloud.com/ (this is the gold standard of self-hosting a secure and private cloud storage, you just need your own server with the disk space you need. Open source)
• P2P and/or self-host https://syncthing.net/ (this will automatically sync files in shared folders between several devices. Best if you have one device which is online all the time. Will use the space on your own devices. Open source)
• Storage on a trustworthy 3rd party host: https://proton.me/drive (this is the most similar to Onedrive/etc. where you sync your stuff to their servers, so you don’t need to host anything, but contrary to anything from Google/MS/Dropbox, this is at least a reputable and secure/private host which doesn’t abuse or sell your data. Data is encrypted by default. Also open source)

Furthermore, accessing Onedrive from Linux might be painfully inconvenient because there’s no official proprietary client for it by MS. There are 3rd party clients but I’m not sure how good they are, also MS could at any point change their API or even block unofficial clients, rendering your unofficial client useless at least for a time period.

Probably because Google is actively and frequently banning many Piped or Invidious hosts, and is generally currently at war with “alternative frontends” to YouTube in an effort to make users browse YouTube directly and consume ads there, or buy YouTube Premium. This is in line with their current fight for more ad revenues across their products and services. You probably have to either search for another public instance which isn’t banned (yet) from accessing YouTube, or host your own instance.

I’ll do a (simplified) Windows analogy, if you’re already familiar with Windows.

Microsoft Windows is closed-source/proprietary, which means only Microsoft has the source code for it, and only Microsoft is legally allowed to create or distribute copies of Windows. “Windows 11” for example is a “distribution” of Windows containing the “Windows NT kernel” (core of the OS) alongside other important software to make the OS usable, like a boot loader, service layer, graphical interface, desktop environment, and lots of included “system” applications like a file explorer, a web browser, apps to adjust settings, apps to display menus and task bars, and so on.

“Linux” by itself is just the kernel, the core of the OS. Which is by itself not a “usable” operating system yet, just like holding a CPU in your hand doesn’t allow you to use it yet. More components are needed for that. Since Linux is open source and under a permissive license, anyone (even you) can go ahead and create an operating system made with the Linux kernel. If you do that, this is called a distribution or “distro” of Linux. Since there’s not just one company allowed to do that, many distributions exist. They all made their own operating system on top of the Linux kernel. Even though hundreds of distros exist, only a handful of them are actually popular, stable, secure and recommended for general use. They all use similar, but sometimes different software to include in the distribution. Like the Linux kernel, most of that software is open source so it can also be modified or extended.

Since “Linux distribution” is rather long to write, people often just write “Linux” but mean the whole distribution, not just the kernel. These are just common inaccuracies in communication, but what the person meant should be obvious from the context.

Common and recommendable Linux distributions (= full, usable operating systems) include: Linux Mint, Ubuntu, Fedora, OpenSuSE, Arch, Debian. These are full operating systems and they all include the Linux kernel at their core. Of course, the similarities go further than that. Most distros are similar enough that if you’ve learned one, you can also use any other with little additional things to learn. However, some distros are deliberately a bit more different or tailored to more specific users or use-cases, for example Arch targets more experienced Linux users because it’s a very minimalistic distro, it expects the user to know which packages he wants to install. It pre-installs almost nothing. You can think of this like “Windows Server Core” where it just boots into a minimalistic terminal by default, no usable GUI yet, but you can of course install the desktop environment and everything if you need it and make a full-featured desktop out of it. The distro just doesn’t want to preinstall anything which you later might not like, which is why it gives you the choice, but that makes it a minimalistic distro and it’s harder for beginners to use that way. Other distros like Mint are much more similar to the client editions of MS Windows in that they preinstall everything the user needs for a desktop OS and more, so that the user can boot into and use the desktop as quickly and easily as possible. And then there are even more special-purpose distributions like Kali Linux which includes things like penetration testing tools (i.e. “hacker tools”), which makes it a distribution for IT security people, so they can boot into it and have access to most needed tools right away without installing much else (also good on a bootable USB stick). But usually, in general threads like this one, people don’t talk about specific-use distros, but about generalist distros which you can install and use as a regular desktop OS.

Desktop environments also exist on Windows but there’s basically only one, made by Microsoft. In the Linux world there are several to choose from. The most common ones are: KDE Plasma, Gnome, Cinnamon, XFCE. These desktop environments contain window managers or compositors, task bars or panels, menus, various tools like file managers, process viewers and text editors, and various background programs. This is all needed for the user to have what is commonly known as “a desktop environment”, because if you didn’t have one, you’d be basically staring at a screen containing at most a cursor and a wallpaper, with no way for you to interact with anything. Of course, these can look and feel different from each other (just like Windows looks and feels different than MacOS), and they have different features and strengths and weaknesses, but their goal is always the same. And as usual in the open source world, there’s not just one project but multiple, and out of those multiple a couple are popular, viable and stable enough so that they are usually included in most Linux distributions. Which is why most distros also give the user the choice to have a specific variant of the distribution with a specific desktop preinstalled. For example, Ubuntu also has Kubuntu (= Ubuntu with preinstalled KDE Plasma) or Xubuntu (= Ubuntu with preinstalled XFCE). These can have various names but in the end it’s just the base distribution (“Ubuntu”) with a different preinstalled “face” so to say (and you can change those faces or desktops from within the same distro, of course). Most other things are exactly the same between those distribution variants.

As a new user, you don’t need to learn about everything. Just pick an easy to use generalist desktop distro like Linux Mint and use the default desktop environment or variant which they provide or recommend by default. You can start experimenting with more choices later on if you want, but you also don’t need to. If you have something you’re comfortable using, then you can just stick with that.

Won’t be like that much longer. Windows continues to become worse, Linux (desktop) is on a steep upwards trend. I’ve been using desktop Linux since 1998 and desktop Linux has always been at or around 1% market share, for 15-20 years it was just flat basically, which tells the story that only geeks and nerds used it, which is the story that everyone’s familiar with.

But these days? It’s approaching 5%, and most of that climb was just in the recent 5 years. That’s insane. At the same time, Windows continues regressing from about 95% market share in 2009 or so to something like 70% these days. And this tells the story that people are growing increasingly fed up with Windows (and rightfully so).

In all other areas, Linux is already the dominant OS. It dominates servers, supercomputers, mobiles and embedded systems. Since Microsoft doesn’t appear to get their sh!t together, it’ll soon dominate the desktop as well.

Default recommendation for new ex-Windows users is to use Linux Mint, it’s very simple and includes most things you need. Mint also has great documentation and community resources (forums, etc.), especially for beginners. It’s also based upon the most popular distro, which is Ubuntu. So there’s a high degree of Ubuntu compatibility, which is a plus.

After the distribution choice, there’s the desktop environment choice. Here, I’d recommend either the default one from Mint, which is called Cinnamon (use this if you don’t have a preference), or KDE Plasma as an alternative. Both are very similar to Windows, but more powerful in terms of customization and features. (Well, of course anything on Linux is very customizable already due to the open source nature, but these 2 already offer a lot of GUI customization options without any tinkering). It’s not recommended for a beginner to switch desktop environments, you can do that later on when you’re more comfortable with Linux. If you’re curious about the other desktop choices, try them out in a VM or separate system. At the beginning, always use the preinstalled desktop environment.

Only slight downside of Mint is that it still ships with X11 by default, which is the older graphical subsystem as the foundation of each desktop environment. Wayland is the new one [actually it’s just a set of protocols which the compositor implements, but that doesn’t matter here]. Many distros already use Wayland, but it’s still experimental on Mint. For many users, this will not make a difference in practice, which is good, but Wayland is more advanced and has more advanced features which will never land in X11, and also higher security. If you have any non-standard needs regarding things like HDR, adaptive VRR, different per-monitor refresh rates, no tearing, per-monitor scaling, good touch support, and other “advanced” things like that, chances are you’re better off with Wayland. Most users probably don’t need to care that much though.

Anyway, should you need a Wayland-based distro alternative, or generally a second distribution recommendation, I’d say Fedora. It’s also rather easy distro, maybe not as easy as Mint is, but also very user friendly and more ahead of the curve in comparison to Mint (newer kernel, newer packages, more frequent updates).

Most users will be fine using Mint as their first distro, though. Mint will also soon be updated to Wayland as well, it’s just a matter of time. Be sure to keep your system updated.

Gaming is actually easy on Linux but since most games are specifically written for Windows and the Windows stack (DirectX, etc.) and also primarily tested on Windows and many game devs don’t test on Linux, there are sometimes things that might not work out of the box or you might need to try different options or compatibility tool versions (e.g. experimental version of Proton, or GE-Proton, or things like that). But Valve and lots of other individuals are constantly improving the situation and fixing compatibility issues should any come up. Compatibility is generally super high these days (like around 90%) so most users will not have any problems, especially not if they are playing any kind of recent or popular games where there’s a lot of focus to get them to run well, but some specific things or titles still might not work. For example some unethical game studios (most notably Epic Games, Bungie, EA, Riot) utilize integrated anti-cheat tools in their games (most notably Fortnite, Valorant, LoL, Destiny 2, Battlefield) which deliberately block all Linux users, even though the games would technically run on Linux as well. You can and should check protondb.com for general Linux compatibility reports of a Steam game, and areweanticheatyet.com for Linux compatibility of games which include anti-cheat components. If you’re not sure, check both sites. An anti-cheat component often only exists for the multiplayer part of a game, not for the single-player part. Most single-player games do not have or need any anti-cheat components. Generally, do not install games on an NTFS partition or re-use your Windows-based NTFS partition for games. This can and will cause problems. Always install your games on Linux partitions like ext4, btrfs or xfs.

If you use dual-boot (Linux being installed on another partition alongside Windows), be sure to disable the “fast startup” option in Windows (somewhere in the power management settings). And if you have an issue of the clock being wrong after you boot the other OS, then you maybe want to configure Linux to write the time back into the hardware clock in your local time format, which is what Windows expects to find there. But you can also reconfigure Windows to write its time back in UTC format (registry setting), which might be the format Linux expects to read from the hardware clock. Not sure what Mint does by default. I’d say only look into this if you have problems of the clock being wrong after you boot from Windows to Linux or from Linux to Windows. If the clock is always right, then you don’t need to reconfigure anything. Just keep in mind that Windows by default writes back its time in local format, Linux in UTC format.

If you want to install additional software: If you come from Windows, you might be familiar with visiting websites of software then downloading a setup.exe/msi from there. That’s NOT how you install software on Linux. On Linux, you first look if there’s a package available for your distribution (use the preinstalled programs/tools for that). The primary place for this is your distro’s package repositories. Then you might check Flathub (the default Flatpak (distribution independent) package repository). You will find most software there already. If you don’t find it there, check any Mint community repositories. Afterwards, check if there’s an AppImage available (those are basically one file which contains all files needed for the program, no installation). If you still don’t find anything, ask on a Mint forum. You usually DO NOT install a software from its source code form or any installer/setup scripts, especially not as a beginner. This is an easy way to make it either too complicated or to break your system. Always try to find existing packages for your distro first (use the preinstalled programs/tools for that), then try the distro independent Flatpaks, then AppImages. You should find everything you need like that. When you think of installing software on Linux, think of how you’d install software on Android or iOS, you use an “App Store” or install an existing package (similar to .apk / .ipa) directly. Any other method is NOT recommended for a beginner. On Mint/Ubuntu/Debian, software package files have the .deb extension.

In that case, you probably have to:

• Use Tor respectively Tor Browser (without any additional extensions, and set the default security level to “Safer” if possible with Facebook) to create a completely new, anonymous account on Facebook. Don’t enter any data there that could be linked to your person, e.g. no real mail address (use an alias, ideally a completely new one), no real names, no real data, also no real billing or delivery address. Literally nothing that could be linked to your person. Only ever use Facebook’s site within the Tor Browser, to ensure that your real IP address and browser data aren’t leaked. Never use their apps, never use your regular browser for it, also don’t use PWAs because that’s similar to using a regular browser, which reveals your real current IP address to the site. Unless you use a VPN to have a different IP, but you’d have to minimize your VPN usage just for that app interaction. If you continue to use the same VPN IP for other stuff as well, you could de-anonymize yourself later on. Mullvad or Proton are commonly regarded as good choices for trustworthy VPNs which don’t log or sell any user data, or at least there are no known cases for it (yet).
• Don’t add any friends on the site, try to limit your interactions with the site so that it can’t create a big psychological profile from you and try to link that behavioral data to existing persons (the more you use the site the easier this method might become for them). Behave slightly differently than you would normally.
• When you buy something, remember that you’d have to conceal your real delivery and billing data/addresses as well. Which is hard to do when you actually want to buy and receive something. Your payment data and/or address data can EASILY and instantly de-anonymize you, also in front of Facebook. So my suggestion for something still practical would be to have a relative or friend buy it after you arrange that with them, have it delivered to their address, and you pay them for it and gather it from their place. So in essence you need a proxy person to do the receiving and paying for you. If you want to sell something, that’s more inconvenient of course, but you’d also have to do it similarly.

The most problematic de-anonymizing data about you is going to be your real current IP address (which is revealed when you use a regular browser, PWA or their app, all with a non-VPN or non-Tor IP address) as well as billing or address data. In case you’re using their app, they’ll be able to gather even more data to de-anonymize you more easily.

Experience with relatives who had no prior experience with Windows or Linux: installing Linux for them was great, painless and also facilitates troubleshooting for me. No problems here. Mostly using Linux Mint for those purposes, it’s a great distro for non-techy people.

Experience with relatives with prior Windows experience (but no Linux experience): a mixed bag. Some use Linux happily now (thankfully), some returned to Windows because they couldn’t change their habits or have weird specific incompatibility issues with niche hardware which they also don’t want to solve in a different way. I’ve kind of stopped giving support to those, since I don’t want to give Windows support in my free time. I sometimes have to do it work-related, that’s more than enough Windows contact for me. I also refuse to give buying advice on any products by Microsoft, Apple, Meta, Amazon or Google, with only very few exceptions (e.g. Pixel phones, because they’re very secure and with GrapheneOS installed they’re the best general mobile phone option). It’s a bit of an ethical dilemma because I’d like to help the people but also don’t want to directly or indirectly support those companies. I always offer them help if they use Linux or the things I recommend.

Normally, no.

You’d have to set up a completely new account which you only ever access via e.g. Tor, then use Tor Browser on iOS to log into that account and only ever use your account exactly like this or else you’ll leak your current IP address as well as related data about you or your device to Meta. Also you’d have to never give any kind of personally-identifiable info to them. Then you’d have an anonymous account, but the goal of Facebook is to connect to other people you know. Once you add and talk to friends on Facebook, they might already know who’s behind that account, especially if you already had a different account in the past which pretty much had the same set of friends already. Also, remember that many people use WhatsApp (also by Meta), and WhatsApp collects among other things the whole address book or contacts list from the phone of each user. And most normal users don’t use contact scopes or things like that to spoof their contacts to Meta, so they’ll most likely get the real contacts list. That means if let’s say you have 5 friends named A, B, C, D, and E, and those 5 friends all use WhatsApp and have each other and you saved as a contact in their address book, then it’s even easier for Meta to guess with high precision that you are this person that knows those 5 people and/or who is known by those 5 people. So there are even other factors to consider, some of which are outside of your own control, because all the persons you know and want to add to Facebook give a lot of data to Facebook themselves as well, and that data also might be used to identify you in various circumstances. So you’d also have to behave anonymously when using your anonymous account. Which kind of goes against the whole thing of social media like Facebook. Since they monitor every user’s interaction on their website or apps, it’s likely that they’ll be able to eventually identify you once they’ve gathered enough data about your usage patterns, visited links on Facebook, contacts you added or which have added you, messages to contacts or from contacts to you, and so on. Simply using Facebook means you’re actively giving tons of data based on your usage alone to Facebook. It’s even theoretically possible for them to guess who you are based on your usage patterns alone, e.g. what you look at, what you type, how fast you type, and so on.

So yes it’s possible to get an anonymous account on Facebook, but it’s inconvenient, and probably runs contrary to your goals on that platform. Which is why I recommend to not use such platforms at all, and instead keep in touch with your friends via secure and private open source based messengers like Signal or Threema (Libre?) or any Matrix client. After all, services like Facebook are mainly for Meta to sell data about their users, that’s their primary business model (they almost don’t sell any products or services, they almost solely sell data about their users, that is basically the only way they make (a lot of) money. Well, and ads of course, but that’s closely linked together because the ad industry wants personally targetable ads, so it needs user data to better place targeted ads). There also isn’t a real need for such platforms anymore, because you can connect to friends in other ways on various other platforms, the only hard part is getting your friends to stop being lazy and switch to something more secure or private. When Facebook got big, it might have been the only social network of its kind, but these days tons of other, better options exist. So get your friends and contacts to move to something else. Or if they don’t want to move with you, then maybe they aren’t that important to you to keep in contact with.

Using Facebook in any other way, shape or form (e.g., using their app, or using their website with your real IP address) is very likely not going to be anonymous to Meta. They’ll automatically receive your current IP address (which on its own might already be enough for them to establish a link to your person, since they also have trackers in place in lots of other apps and websites), and on top of that various information about your device or browser (which, again, can be a key factor to link your current usage data to your person), if you use their app (which you shouldn’t ever do) they get even more data on you (not just you, also your contact list, nearby devices, and things like that), because those apps require so many permissions and have so much tracking integrated that it’s a whole treasure trove of information that’s being sent about you and your device, and they’ll interconnect all that data with the other data they’ve gathered about you or your device(s) in the past (which, as a rule of thumb, will always be much more than you think they’d have). An app with integrated tracking is always more harmful to your privacy than using their service from within a web browser, because the app can read much more data about your device compared to the web browser. (But be mindful that some web browsers (especially the proprietary ones like Chrome, Edge and Opera) also have quite a lot of tracking capabilities inside them.) So using Facebook in a somewhat normal or convenient way and at the same time wanting to remain anonymous to them is basically impossible.

Also, you’ll never be anonymous to government-based mass surveillance (who are collecting almost all network traffic, constantly) when you use your real IP address online. Anywhere. Your real IP is always connectable to your real person for them (also in retrospect). Even if they can’t look into encrypted communication data, like the contents of chat messages or what you did on a specific website, they can see the metadata, among that is which hosts you contacted, and when, as well as more unencrypted details, and such metadata can already be very revealing. To quote the ex NSA chief “we kill based on metadata”. Protecting yourself against commercial-based surveillance by companies like Meta is more realistic to achive (at least partially), because it’s easier to avoid or evade commercial tracking (by blocking all or most of their tracking methods like app-integrated trackers, tracking Javascripts and cookies on countless of websites, and so on) than it is to evade someone who’s sitting directly at all relevant network cables AND buys additional data from companies. Lots of easy-to-use tools exist to counter or limit commercial surveillance, like ad/content blockers, blocking host lists, PiHole, ad-blocking DNS servers, open source software and operating systems (because they are almost always free of trackers and surveillance tech), and things like that. It all minimizes your exposure to these data hoarding companies. And the less data you transmit overall to such companies, the better. But if you also want to protect yourself against any government-based mass surveillance, you’ll have a much harder time than that. You’d need to always use different IP addresses (again, via Tor or VPN etc.) and avoid having anything leak out that can connect your other IP to your real IP. Which is hard.

It’s an important milestone as it’s the only effective way to make PC gaming available on operating systems other than Windows (i.e., reduce one of the Windows monopolies). Still, Linux gamers shouldn’t take it too far. I’d advise everyone to still not support game studios which are openly hostile towards Linux gamers. This especially includes the ones who rely on client-side anticheat tools and then use those to block Linux gamers even though the game would run perfectly fine on Linux as well. Please do not support such games or studios (e.g.: Epic Games, EA, Bungie, Riot). Thanks to Proton, there is still a massive number of Windows games that can be played instead.

Yes, it’s a dangerous combination of media/IT illiteracy/incompetence within the general public and profit-driven proprietary social media algorithms that only aim to keep people engaged for the longest time, no matter the content they are being served. And usually, the more extreme the content is, the higher the engagement, the more revenue to be made from serving ads to the users and selling their collected data. This currently leads to a rise of misinformation, anti-scientific thinking, and so on. Which just so happens to align with extreme right-wing ideologies.

• GUI: Thunderbird
• TUI: neomutt
• Android: K-9 (soon to be Thunderbird)

Answer is correct, I just want to clarify a bit more:

“Password protected” in your case probably just means that you have a bootloader password or a user account password. Both would not matter in this case. If you put your drive or partition anywhere else, and it’s not an encrypted partition, it can be read. Independently of user access rights. Any other OS accessing the same drive/partition can literally read everything if it’s not encrypted. Provided, of course, that there’s a file system driver available for the OS.

Windows by default doesn’t have any Linux filesystem driver installed. I’m not sure if that’s still the case when you install WSL. And there are 3rd party Linux filesystem drivers available as well.

But to protect yourself against robbery or a Windows which might in the future include a Linux filesystem driver, you should always encrypt all of your partitions. And when encrypting, use Bitlocker only for your Windows system partition, not for any data partitions, and certainly not for Linux partitions. For Linux partitons, use the integrated LUKS2. Bitlocker on Windows isn’t private encryption by the way, since a recovery key is being uploaded to MS’ servers automatically. That means MS has theoretical access, the US government has, and law enforcement has. As well as any hackers who manage to exfiltrate that key from somewhere. That’s why I’d use Bitlocker only for the C: partition, a 3rd party encryption tool like VeraCrypt for any other Windows partition, and LUKS2 for any Linux partiton.