This is akin to what you are used to, and what google was intended to be.
On the other hand, convenience is what is killing "obtaining knowledge and experience". No one NEEDS all things in one place. You can do it yourself, or, secure it yourself in the cloud with different methods.
Technically, there are at least three buckets: your shit, collaboration, everything else. Certain things in each bucket may be a member of another bucket, too. So, make an analysis. Each bucket has it's own thread model. And each bucket requires a different solution and, most importantly: behavior!
Diversity is indeed a strength if you apply it to risk. The below is not exhaustive but just pointers to learn more.
Salient
first off, email is a legacy medium. it is totally open, insecure way of communication. There is really no need for email.
Certain platforms will require you to have an email address. For this: tuta, proton, the likes is ok. But since, many platforms have not implemented secure communication, all emails sent back and forth are open to be read, or betray meta data. However, many platform will allow burner addresses. Just search for temporary email.
For secured comms, there is signal, Element, Ricochet, XMPP, etc. If you need to send a document, make the document, print it, sign it, copy it, send it. And if dealing with .gov: Make Analogue Great Again! and reject emails, digital communications.
Cellphone: you do not need it in reality. What is needed is the mobile data package.
In many places you can get unlimited for 30 bucks or so. In the EU, there is this pesky agreement, that roaming is set to 30Gigs per period free. So you could get a phone-number & data-package for 8 bucks. The fun part is, if they wanted to break the 5G encryption, they can only go to the host-state, and do a request, which is playing one bureaucracy against another.
There are routers and access points available to facilitate connection. If you really want to go exotic, consider Star Link. It is a steep price initially, however, it is a nice piece of access and payable with BITCOIN.
Browser:
This is somewhat of a contentious subject as everyone has their favorite and thinks by having such, being secure. You are not.
First: visit eff.org to learn what can be gleaned form your current setup. Then take appropriate steps to remedy.
What they will not tell you, if you want to look like all other sheep, is that differences in communication style, word usage, geolocation etc, can be used to identify you. In effect, this is just another ploy to homogenize you.
you could employ this trick but just be aware, it takes a different kind of mind to play a role and be consistent. Breaking role is not allowed.
Second: each browser has plusses and minuses. So, you need to go back to your threat model, your buckets and consider which browser is most fit for a particular function.
Search_Engine:
Again, this is a contentious subject. There are engines that strip identifying information from your searches and scrap the logs, and there are those with varying degree of anonymizing and privacy oriented features.
Then there are those which are self hosted, and not self hosted, search engine that are based on google searches and those that are not. This latter group either has their own crawler and indexer and/or use a different crawlers and indexers than google.
Consider your buckets, your thread model and the means by which you go on the internet.
Each time you enter an address of a website, a request is sent to a so called telephone book of the internet, called DNS. This stands for: domain name server. As you will probably know: greatawakening.win is the name, and it has an IP-address.
DIY:
If you want to know, try this: open the command line (Windows = search: CMD, Linux: ALT + CTRL + T:
Ok, so now you are going by the name of XO Vasilly, and you hear your Captain Ramus say:
verify range to target, one ping only.
commands:
ping -n 1 -a greatawakening.win (win: bping -n 1 greatawakening.win)
You may substitute greatawakening.win for any websitename you know.
Since some years, there is the opportunity to have this information sent with https enabled. This means that the contents of your request is encrypted but not the meta data. The browser may have a setting to activate this, or is packed with it.
Since each website has an ip-address, there is the option to gather this information, (see ping-command) and put it into a hosts-file.
DIY:
Create a file with wordpad, or on linux CLI: touch hosts
when open, simply enter the following according to this format:
#IP-address DOMAIN-NAME
172.67.132.58 greatawakening.win
You could for instance resolve facebook, google, and other baddies to your localhost, or 127.0.0.1. This hosts-file will then act as its own DNS. Another option is to self host a DNS.
There are quite a number of DNS options available. Each DNS will influence the search results and name resolution.
VPN
A Virtual Private Network means that between you and an exit node the information sent is encrypted, so a virtual tunnel. What happens inside the tunnel is seen but not comprehended by potential watchers, like your Internet Service Provider.
However, your purpose to restrict the access to your information is defeated when your VPN provider keeps extensive logs of your activity. Hence,you would want to use a NO LOG POLICY VPN. MULLVAD is such a provider.
A new phenomenon is SPN, Safing.io approaches it from 2 angles: no logs and for every app you get a different IP to the outside world.
This is very nice and all, but just like with VPN, payment processors systems are now trained to watch for it and raise a red flag. It may mean that a mandated KYC process fails, or, you may be locked out of your account due to "suspicious activity" and not probable cause.
Tor acts as a VPN in that it does show an exit IP-address as your IP address. The more exit points there are, the better. However, tor is notoriously slow. To mess around with it, you can try: Tor Browser.
The same goes for Lokinet what goes for Tor, though faster. However, Lokinet does not have many exits, and once security systems are aware of it, they may raise a red flag of "suspicious activity".
Lokinet offers a connection app, and then you need to decide how to proceed from there. However, it offers a better experience when it comes to secure cloud interaction.
Of course, you could intersperse your connections to websites with proxies. An nice example is the following:
DIY:
go to: swisscows.com, search for anything you want, and then look to the right side of your results. Click on preview.
another option: Goto: metager.de, search for anything you want, then look below each result to the right, there you will find a button: open anonymously.
Effectively, this is what a proxy is.
However, you could program your internet connection such that is uses proxies to request the pages you want, and then serve it to your browser. With this, you get what you pay for, and, pay peanuts, get monkeys ....
Password_Manager:
this is added: Many browsers allow you to store passwords for websites. How convenient! However, it is more secure to use KeepassXC, as you browser can be easily compromised. Keepass is an encrypted database and allows you to:
access a website from keepass
copy a username to the website login and is erased from memory after 10 seconds or whatever you set.
copy your passphrase to the website login and is erased from memory after 10 seconds.
allows you to apply passphrases that are quite unusual, and can be set to any strength you need.
As long as you remember 1 thing: Change passwords on regular basis. Data-breaches have shown billions of usernames and passwords to be available for brute force attacks. On top, there are dictionaries available for brute force attacks. Why? People are basically lazy and stupid, and use the same stuff all over.
clicking links:
One of the ways in which pishing is performed is by providing a link that looks like what you are used to. A famous example: exampIe.
Spot the difference.
DIY
Copy a link into wordpad or txt-writer and set font to newcourier and the difference becomes easy to spot.
That is why you evade using browser supported password managers.
Consider this as a pointer, as there really is no reason to bother yourself with the burden of arranging everything yourself, lest you have a personal IT interest.
You could try e/ project.
This is akin to what you are used to, and what google was intended to be.
On the other hand, convenience is what is killing "obtaining knowledge and experience". No one NEEDS all things in one place. You can do it yourself, or, secure it yourself in the cloud with different methods.
Technically, there are at least three buckets: your shit, collaboration, everything else. Certain things in each bucket may be a member of another bucket, too. So, make an analysis. Each bucket has it's own thread model. And each bucket requires a different solution and, most importantly: behavior!
Diversity is indeed a strength if you apply it to risk. The below is not exhaustive but just pointers to learn more.
Salient
first off, email is a legacy medium. it is totally open, insecure way of communication. There is really no need for email.
Certain platforms will require you to have an email address. For this: tuta, proton, the likes is ok. But since, many platforms have not implemented secure communication, all emails sent back and forth are open to be read, or betray meta data. However, many platform will allow burner addresses. Just search for temporary email.
For secured comms, there is signal, Element, Ricochet, XMPP, etc. If you need to send a document, make the document, print it, sign it, copy it, send it. And if dealing with .gov: Make Analogue Great Again! and reject emails, digital communications.
Cellphone: you do not need it in reality. What is needed is the mobile data package. In many places you can get unlimited for 30 bucks or so. In the EU, there is this pesky agreement, that roaming is set to 30Gigs per period free. So you could get a phone-number & data-package for 8 bucks. The fun part is, if they wanted to break the 5G encryption, they can only go to the host-state, and do a request, which is playing one bureaucracy against another.
There are routers and access points available to facilitate connection. If you really want to go exotic, consider Star Link. It is a steep price initially, however, it is a nice piece of access and payable with BITCOIN.
Browser:
This is somewhat of a contentious subject as everyone has their favorite and thinks by having such, being secure. You are not.
First: visit eff.org to learn what can be gleaned form your current setup. Then take appropriate steps to remedy.
What they will not tell you, if you want to look like all other sheep, is that differences in communication style, word usage, geolocation etc, can be used to identify you. In effect, this is just another ploy to homogenize you.
you could employ this trick but just be aware, it takes a different kind of mind to play a role and be consistent. Breaking role is not allowed.
Second: each browser has plusses and minuses. So, you need to go back to your threat model, your buckets and consider which browser is most fit for a particular function.
Search_Engine:
Again, this is a contentious subject. There are engines that strip identifying information from your searches and scrap the logs, and there are those with varying degree of anonymizing and privacy oriented features.
Then there are those which are self hosted, and not self hosted, search engine that are based on google searches and those that are not. This latter group either has their own crawler and indexer and/or use a different crawlers and indexers than google.
Consider your buckets, your thread model and the means by which you go on the internet.
I refer to this post: https://greatawakening.win/p/17txVtwVmK/x/c/4ZDsC8shpYe
Online Security:
DNS:
Each time you enter an address of a website, a request is sent to a so called telephone book of the internet, called DNS. This stands for: domain name server. As you will probably know: greatawakening.win is the name, and it has an IP-address.
DIY:
If you want to know, try this: open the command line (Windows = search: CMD, Linux: ALT + CTRL + T:
Ok, so now you are going by the name of XO Vasilly, and you hear your Captain Ramus say:
You may substitute greatawakening.win for any websitename you know.
Since some years, there is the opportunity to have this information sent with https enabled. This means that the contents of your request is encrypted but not the meta data. The browser may have a setting to activate this, or is packed with it.
Since each website has an ip-address, there is the option to gather this information, (see ping-command) and put it into a hosts-file.
DIY:
Create a file with wordpad, or on linux CLI: touch hosts when open, simply enter the following according to this format: #IP-address DOMAIN-NAME 172.67.132.58 greatawakening.win
You could for instance resolve facebook, google, and other baddies to your localhost, or 127.0.0.1. This hosts-file will then act as its own DNS. Another option is to self host a DNS.
There are quite a number of DNS options available. Each DNS will influence the search results and name resolution.
VPN
A Virtual Private Network means that between you and an exit node the information sent is encrypted, so a virtual tunnel. What happens inside the tunnel is seen but not comprehended by potential watchers, like your Internet Service Provider.
However, your purpose to restrict the access to your information is defeated when your VPN provider keeps extensive logs of your activity. Hence,you would want to use a NO LOG POLICY VPN. MULLVAD is such a provider.
A new phenomenon is SPN, Safing.io approaches it from 2 angles: no logs and for every app you get a different IP to the outside world.
This is very nice and all, but just like with VPN, payment processors systems are now trained to watch for it and raise a red flag. It may mean that a mandated KYC process fails, or, you may be locked out of your account due to "suspicious activity" and not probable cause.
Tor acts as a VPN in that it does show an exit IP-address as your IP address. The more exit points there are, the better. However, tor is notoriously slow. To mess around with it, you can try: Tor Browser.
The same goes for Lokinet what goes for Tor, though faster. However, Lokinet does not have many exits, and once security systems are aware of it, they may raise a red flag of "suspicious activity".
Lokinet offers a connection app, and then you need to decide how to proceed from there. However, it offers a better experience when it comes to secure cloud interaction.
Of course, you could intersperse your connections to websites with proxies. An nice example is the following:
DIY:
go to: swisscows.com, search for anything you want, and then look to the right side of your results. Click on preview.
another option: Goto: metager.de, search for anything you want, then look below each result to the right, there you will find a button: open anonymously.
Effectively, this is what a proxy is.
However, you could program your internet connection such that is uses proxies to request the pages you want, and then serve it to your browser. With this, you get what you pay for, and, pay peanuts, get monkeys ....
Password_Manager:
this is added: Many browsers allow you to store passwords for websites. How convenient! However, it is more secure to use KeepassXC, as you browser can be easily compromised. Keepass is an encrypted database and allows you to:
As long as you remember 1 thing: Change passwords on regular basis. Data-breaches have shown billions of usernames and passwords to be available for brute force attacks. On top, there are dictionaries available for brute force attacks. Why? People are basically lazy and stupid, and use the same stuff all over.
clicking links:
One of the ways in which pishing is performed is by providing a link that looks like what you are used to. A famous example: exampIe.
Spot the difference.
DIY
Copy a link into wordpad or txt-writer and set font to newcourier and the difference becomes easy to spot.
That is why you evade using browser supported password managers.
Consider this as a pointer, as there really is no reason to bother yourself with the burden of arranging everything yourself, lest you have a personal IT interest.
https://hacker10.com/internet-anonymity/lelantos-a-secure-anonymous-email-provider-through-tor/
Kudos on getting rid of Google!