You don’t even need to do that, all you have to do is hold shift when you right click, and it circumvents any hijacking.

Depends, but yes in most cases. Also just adds attack surface and consumes extra resources, so its generally a good practice to keep extensions to a minimum and only use what you need.

I prefer Calyx on my phone, for the sake of the extra privacy of Micro-G vs sandboxed Google Play Services.

You should give DivestOS a try tbh if you prefer microG to Sandboxed Play Services, since Divest’s implementation of microG is sandboxed/unprivileged unlike Calyx’s, which is a massive privacy and security benefit. Divest in general is a lot more private and secure then stock or Calyx, since it includes a lot of hardening and patches from Graphene, so I’d recommend it as the second best option to Graphene in general, and definitely by far the best option for using microG. Divest also covers most of the same phones Calyx and Graphene do, unfortunately no Pixel Tablet support though.

(I’m not trying to shill Divest or anything btw lol, I just think its a great underrated project that deserves a lot more recognition and support than it has, and seems to fit your use case)

Not all of it is carrier related. I had an S21 unlocked (from US) and it still included Facebook and their garbage services, Netflix, OneDrive, etc. Also all of Samsung’s first party bloatware and nonsense is prevalent regardless. Not to mention Samsung selling data and their tracking, crippling your phone if you root it or install a custom OS (and in the US outright preventing it entirely), etc. Can’t recommend them or their phones at all, but its unfortunate because they have great hardware, just terrible software.

My biggest issue with Jellyfin is the downloads. I hate not being able to downscale or compress files. Its really the main reason I still leave Plex up in conjunction to it. Though I hope to be able to get rid of Plex entirely in the future, Jellyfin just needs more time.

It does, it works better and covers more sites, but at the cost of security (increasing attack surface) and using more resources. Pros and cons to both.

Yes, this has been a major issue for NewPipe, see here.

Is the culprit “firebaseinstallations.googleapis.com”?

Sensors and Network access aren’t on Stock Android unfortunately (though they should be!), only on other OSes like GrapheneOS and DivestOS atm. Everything else besides those 2 however is present on Stock.

Proton VPN is probably one of the best VPNs out there. Has open source clients, is based in Switzerland so under their strong jurisdiction for privacy and data protection, doesn’t keep logs or sell data, has good speeds, includes useful features, etc. I’d definitely recommend it, as well as Proton’s other products.

I generally avoid Cloudflare where possible personally because at the the end of the day, they’re a giant big tech company based in the US, with pretty much unprecedented control over the internet.

With that said, last time I looked into their privacy policy, I thought it was acceptable, but that’s been a while ago, so not entirely sure nowadays. Either way I’m not a huge fan.

If you buy an Apple product, you don’t actually own it.

On Windows, just use the built-in Windows Defender. On Linux, I recommend ClamAV + ClamTK. On Android, Hypatia.

If you think you have malware, this is a pretty good guide to remove it.

I’d also strongly recommend using and configuring a content blocker like uBlock Origin in your browser, as well as using a DNS level blocker like NextDNS.

If you have a multilayered setup like this, then I think you’re pretty good and it’ll be not impossible, but much harder to get malware or be infected. Just use common sense as always.

Firefox with uBlock Origin is by far the best option, the only other browser that comes close is Brave, their content blocking and such is pretty good, so I’d recommend trying them if you’re hellbent on not using FF. I’d also recommend looking into NextDNS for system-wide ad/tracker blocking in conjuction with the browser.

That tool is pretty inaccurate, see here

There’s so many I could list, I’ll just mention 2 underrated ones I don’t see mentioned as much:

• LibreTube - Best YouTube client imo, has a very nice and modern interface, proxies videos through Piped for maximum privacy (No direct connections to Google are made), No ads/tracking, SponsorBlock + Return YouTube Dislikes, support for downloading videos, etc. It’s everything I’d want and more out of a YouTube client.

• URLCheck - Excellent app that allows you to preview what a URL is before you click it, includes tons of features such as scanning for malware, removing any tracking parameters, upgrading links from HTTP to HTTPS, etc. I can’t recommend this app enough for the security, privacy, and general peace of mind it gives you.

I’d say as long as it isn’t harming a small independent artist, then its generally ethical.

gone like the wind

I recommend Jellyfin for most cases, since its free and open source, and is pretty easy and simple to set up, maybe just a little harder than something like Plex, but not by much. The clients can be a bit hit or miss (though mostly work well) depending on the types of files and codecs you plan on using and your device you want to stream on, but you can use it directly in Kodi which works flawlessly.