UnfortunateShort

Connecting to any trustworthy VPN at the very least:

1. Encrypts your connection entirely and ensures you are connected to a party you trust
2. Limits snooping in your traffic to one party you trust

Which is objectively not a scam and a desirable thing to do. Not as desirable as hosting your own VPN, but 100% better than not having one, no matter what some guy on the internet says.

… That’s because it comes with vanilla android, unless you buy the e/OS version or flash it yourself

Probably don’t want to play graphics heavy games on it. For everything else it’s pretty much like any other phone. Although of course it’s not quite as premium as flagship phones. Hardware wise, a Pixel 8 leaves it in the dust. But you can’t swap your battery or really anything on that one.

Yeah, Element is super easy to use.

You just need to chose a Matrix instance, create an account with username and password that have nothing to do with what follows, log in (not that), generate keys, ideally back up those keys (which you could ignore, but you are prompted to), then it bothers you with cross-signing (which you can also ignore, except you kinda can’t, depending on you contacts, so log in again and confirm the devices), then chose another, unrelated instance to be discoverable via mail/phone (which again is optional, except if you want to be or don’t want to explain how adding via domain + name works), than add mail or phone number and activate it and boom, you are golden. Except you are not, because if you want Element X, well, you still have no push notifications, which just require you to… Oh, create another account, neat!

Meanwhile on Signal you do what? Punch in your number, confirm, optionally set a PIN, optionally enable backups, done. Yeah, that’s not as private, and missing online massage backups, I know, but it’s also a 1-3 step setup without any alarming prompts, telling you to do non-straightforward stuff that could very well compromise your privacy. Or having to dig through options and make choices and handle keys you don’t understand.

Do you need a reminder that 123456789 is a popular password and 2FA commonly considered a nuisance? Matrix is complicated enough to confuse even (non-ITSec) IT people.

As a professional software developer, I consider Matrix/Element to be quite user-unfriendly (and anecdotally also quite buggy)

Edit: Some clarifications. Describing this easy process was kinda confusing for silly ol’ me

Does borg support rclone? Might be an interesting addition to adapt that chain for cloud storage solutions

Conversations is very simple

There are some fairly good solutions tho. Matrix is still kinda half-baked (specifically thinking about 2.0 and Element X) and Conversations has limited capabilities, but they are fairly easy to use

Edit: Although I would really wish Matrix had a ‘normie-mode’, with secure and reasonably easy to handle defaults

The GDPR is definitely neither wits end, nor applied reasonably under all circumstances. I have my doubts that these “cutbacks” will be the adequate reforms however.

If you are talking about online services, Proton is a Swiss option and for what it’s worth, Bitwarden offers an EU instance. Both are freemium OSS. You could also self-host Bitwarden. If you are looking for offline options, there are plenty. KeePass2 comes to mind.

Probably doesn’t help for recovery, but you can set an empty password and use polkit-based access control for wallets. You just need to check the box that says programs need to ask for access in Settings > KDE Wallet > Access Control Tab (not KWalletManager). Afterwards you will get a popup the first time they do and can then choose to give them permanent access.