Saturday, May 24, 2025
The Nordic Times

Polaris of Enlightenment

Saturday, May 24, 2025

Polaris of Enlightenment

Breaking News
Ad:

https://nordictimes.com/tech/the-most-dangerous-thing-in-your-browser/

Tech

The most dangerous thing in your browser

Naomi Brockwell

The dark side of browser extensions.

Published 26 April 2025
– By Naomi Brockwell
You’re browsing the web, trying to make life a little easier. Maybe you install an extension to block annoying popups, write better emails, or even just save a few bucks with coupon codes.

Seems harmless, right?

Extensions are way more permissive and dangerous than people realize.

They might be spying on you, logging your browsing history, injecting malicious code, even stealing your passwords and cookies – all without you even realizing it.

Let’s talk about the dark side of browser extensions. Because once you see what they’re capable of, you might think twice before installing another one.

Real-world attacks: From spyware to crypto theft

This isn’t a “worst-case scenario”. It’s already happening.

  • North Korean hackers have used malicious browser extensions to spy on inboxes and exfiltrate sensitive emails.
  • The DataSpii scandal exposed the private data of over 4 million users—collected and sold by innocent-looking productivity tools.
  • Mega.nz, a privacy-respecting file storage service, had its Chrome extension hacked. Malicious code was pushed to users, silently stealing passwords and crypto wallet keys. It took them four hours to catch it—more than enough time for real damage.
  • Cyberhaven, a cybersecurity company, was breached in late 2024. Their extension was hijacked and used to scrape cookies, session tokens, and authentication credentials—compromising over 400,000 users.

How is this even allowed to happen?

  1. Extensions can silently update themselves. The code running on your device can change at any time—without your knowledge or approval.
  2. Permissions are ridiculously broad. Even if a malicious extension has the same permissions as a good one, it can abuse them in ways the browser can’t distinguish. Once you grant access, it’s basically an honor system.
  3. Extensions can’t monitor each other. If you think that installing a malware-blocking extension is going to protect you, think again. Your defense extensions have no way of knowing what your other extensions are up to. Malicious ones can lurk undetected, even alongside security tools.

A Shadow market for extensions

Extensions aren’t just targets for hackers—they’re targets for buyers. Once an extension gets popular, developers often start getting flooded with offers to sell. And because extensions can silently update, a change in ownership can mean a complete change in behavior—without you ever knowing.

Got an extension with 2 million Facebook users? Buy it, slip in some malicious code, and suddenly you’re siphoning data from 2 million people.

There are entire marketplaces for buying and selling browser extensions—and a thriving underground market too.

Take The Great Suspender, for example. It started as a widely trusted tool that saved memory by suspending unused tabs. Then the developer quietly sold it. The new owner injected spyware, turning it into a surveillance tool. Millions of users were compromised before it was finally flagged and removed.

The danger is in the permissions

One of the biggest challenges? Malicious extensions often ask for the same permissions as good ones. So it’s helpful to understand exactly what each permission is capable of, so that you realize how vulnerable it could make you in the wrong hands.

We spoke to Matt Frisbie, author of Building Browser Extensions, to explain the capabilities of some of these permissions:

Browsing history

Matt Frisbie:

The browser will happily dump out your history as an array.

The browsing history permission grants full access to every site you visit—URLs, timestamps, and frequency. This can help build out a detailed profile on you.

Cookies

The cookie permission exposes your browser’s cookies—including authentication tokens. That means a malicious extension can impersonate you and access your accounts without needing a password or 2FA.

Matt Frisbie:

“If someone steals your cookies, they can pretend to be you in all sorts of nasty ways.”

This is exactly how Linus Tech Tips had their YouTube account hijacked.

Screen capture

Allows extensions to take screenshots of what you’re viewing. Some types trigger a popup, but tab capture does not—it silently records the visible browser tab, even sensitive pages like banking or crypto dashboards.

Matt Frisbie:

“It just takes a screengrab and sends it off, and you will never know what’s happening.”

Web requests

This lets the extension monitor all your browser’s traffic, including data sent to and from websites. Even if the data is being sent over HTTPS, to the extension it’s all in the clear. They can read form data, credit card details, everything.

Matt Frisbie:

“It’s basically a man-in-the-middle… I can see what you’re sending to stripe.com—even if their security is immaculate.”

Web navigation

Provides a live feed of your browsing behavior—what pages you visit, how you get there, and when.

Keystroke logging

Records everything you type—searches, passwords, messages—without needing any special permissions. All it takes is a content script, which runs invisibly on websites.

Matt Frisbie:

“It’s incredibly dangerous and very easy to do.”

Input capture

Watches for changes in form fields, allowing extensions to steal autofilled passwords or credit card numbers—even if you don’t type anything.

Matt Frisbie:

“Anytime an input changes—login box, search bar, credit card entry—this extension can capture what’s changed.”

Geolocation

Extensions can’t access your location in the background. But they can render a user interface—like a popup window—and collect your location when you interact with it. If you’ve granted the extension geolocation permission, it can capture your location every time you open that popup.

Even sneakier? Extensions can piggyback off websites that already have location access. If you’ve allowed a site like maps.google.com or hulu.com to use your location, an extension running on that site can silently grab it—no popup required.

Matt Frisbie:

“If the user goes to maps.google.com and they’ve previously said maps.google.com can read my location… then the extension can piggyback on that and grab their location. No pop-ups generated.”

Other Piggybacking

If you’ve granted a site permission—like location, notifications, or potentially even camera and microphone—an extension running on that same site can sometimes piggyback off that access and silently collect the same data.

Matt Frisbie:

“It is actually possible to piggyback off the page’s permissions. … It really shouldn’t work that way.”

So… How Do You Protect Yourself?

Here are some smart rules to follow:

  • Understand permissions
    Know what you’re granting access to, and what that permission might be capable of.
  • Be careful granting any permissions
    Whether it’s a browser setting, a site request, or an extension prompt, even a single permission can open the door to surveillance.
  • Use extensions sparingly
    The more extensions you install, the larger your attack surface—and the more unique your browser fingerprint becomes.
  • Use a privacy-first browser instead
    Browsers like Brave build privacy protections—like ad and tracker blocking—directly into the browser itself, so you don’t need extensions just to stay private.
  • Follow the principle of least privilege
    Only allow an extension to run when you click it, instead of “on all websites.”
  • Use code review tools
    Sites like Extension Total and Secure Annex can help you vet extensions before you install them.

Takeaway

We all want our browser to be faster, cleaner, and more functional. Extensions can help—but they can also turn into powerful surveillance tools. Even a single line of malicious code, slipped in through an update or new owner, can put your most sensitive information at risk.

So before you install that next extension, ask yourself:
Do I really trust this extension not to be hacked, sold, or misused—and is the extra risk worth it?

Stay sharp. Stay private. Stay safe out there.

 

Yours in privacy,
Naomi

Naomi Brockwell is a privacy advocacy and professional speaker, MC, interviewer, producer, podcaster, specialising in blockchain, cryptocurrency and economics. She runs the NBTV channel on Youtube.

TNT is truly independent!

We don’t have a billionaire owner, and our unique reader-funded model keeps us free from political or corporate influence. This means we can fearlessly report the facts and shine a light on the misdeeds of those in power.

Consider a donation to keep our independent journalism running…

https://nordictimes.com/tech/this-isnt-the-internet-we-were-promised/

Tech

This isn’t the internet we were promised

Naomi Brockwell

But decentralized tech is breaking the chains of control and giving you back your digital freedom.

Published today 7:25
– By Naomi Brockwell

Let’s get one thing straight:

Decentralization is not the goal.

The goal is freedom. The goal is autonomy. The goal is human dignity in the digital age.

Decentralization is just one way, often the best way right now, to get us closer to those outcomes.

In a perfect world, we wouldn’t need decentralized systems. If governments weren’t able to pressure companies into silence, or force them to hand over your private data… if corporations weren’t constantly monetizing your every move… if centralized platforms could be trusted to operate in the interest of users… then maybe centralized systems would be fine.

They’re efficient. They reduce friction.

There’s no denying the impact these platforms have had. They connected the world. They brought billions of people online, enabled global communication, and revolutionized how we share ideas and build movements.

But they also created new dangers.

We now live in a world where control over your data is a leverage point for power. Where a single company can unilaterally decide what speech is acceptable. Where massive data breaches happen regularly because your life is stored in one convenient server.

Centralized systems have become centralized vulnerabilities.

And so, decentralization has emerged, not as an ideology, but as a solution. A way to take some of that power back. A way to distribute risk, enable resilience, and restore individual choice.

A brief history of the web

We’ve lived through three major internet eras so far:

  • Web 1.0: The early internet was made up of static websites, self-hosted pages, and personal blogs. There were no algorithms deciding what you saw. Just raw HTML and a whole lot of freedom. It was gloriously messy, decentralized, and user-owned.
  • Web 2.0: Then came the rise of centralized platforms. Facebook, YouTube, and X (formerly Twitter) made publishing easy and social. These platforms helped bring billions of people online, but at a cost. In exchange for convenience, we gave up control. Our data became trapped in platforms we couldn’t leave. Surveillance and censorship scaled. Cloud storage followed the same trend: easy access, but centralized vulnerability.
  • Web 3.0: Now we’re entering a new era. One that takes the best of both worlds. We’re combining the usability and scale of the modern internet with decentralized protocols that restore individual control. We no longer need to be locked into platforms or ecosystems. We can own our data, preserve our identity, and move freely between services. This isn’t just a return to the past. It’s a leap forward. A better model is finally being built.

Why decentralization matters

It’s not that decentralization is inherently good — it’s that centralization has made us vulnerable. The Web2 world comes with serious problems:

  • Targeted control: A government only needs to pressure one company to censor millions.
  • Censorship: Say the wrong thing and get kicked off a platform. Poof, your voice disappears.
  • Data monopolies: Corporations collect and sell your personal information because they control the servers and the systems. This includes cloud storage. Your private documents, photos, and messages are often just a policy change or government request away from being inaccessible.
  • Lock-in: Your content and identity are trapped on whatever platform you chose. You don’t own anything.

Decentralized systems distribute that risk.

They make it harder to shut things down. Harder to surveil everyone at once. Easier to move, fork, remix, or migrate without losing everything in the process.

They don’t guarantee freedom, but they make it harder to take freedom away.

The protocols powering the shift

The movement toward decentralization is about changing the foundation of how the internet works. Here are some tools leading the way:

Decentralized storage: Keeping files online without a single gatekeeper

Right now, most of our files — photos, documents, backups — live in cloud services owned by a handful of big companies. That means those companies decide how long your files stay online, who gets access to them, and whether they get deleted, censored, or handed over to someone else.

Decentralized storage flips that model.

Instead of uploading your files to a single company’s server, decentralized storage lets you store data across a network of independent operators. Sometimes your file is split up and distributed across many nodes. Other times, it’s stored as a whole on a specific server, but that server is part of a peer-to-peer network, not a centralized platform. Either way, no single company controls access to everyone’s data, which makes your data more resilient and less vulnerable to censorship or loss.

  • IPFS helps you share files in a way that doesn’t depend on one website or server. If anyone on the network has a copy of the file, you can still access it.
  • Filecoin is a network where people get paid to store your files securely. You choose how long your files should be kept, and the system ensures they’re really there.
  • Arweave is focused on long-term storage. You pay once, and the goal is to keep your data online for decades. It’s especially useful for archiving important documents and creative work that needs to be preserved.

Decentralized social media: You keep your identity, even if the app changes

Traditional social media apps own everything: your account, your posts, your followers. If they ban you or shut down, everything’s gone.

Decentralized social platforms are trying to change that. They separate your identity and content from the app you use. That way, if one app disappears or kicks you off, you can just log into another app and pick up where you left off.

  • Mastodon is like Twitter, but instead of one giant site, it’s made up of many smaller communities. Each one sets its own rules, but they all talk to each other.
  • Bluesky is building a system where your posts and followers stay with you, not the platform. If you don’t like the app you’re using, you can switch without losing anything.
  • Nostr is a protocol that’s decentralized by design. It uses cryptographic keys instead of usernames, and many apps integrate with Bitcoin’s Lightning Network for tipping.

This is just the beginning: There’s decentralized finance, decentralized search, decentralized governance, even decentralized AI. This new world of possibilities is just opening up. And the more we explore what it has to offer, the better it becomes.

We may be frustrated at the current state of the internet, but we’re entering an entirely new era. And I think things can become radically different. We have to keep exploring, building, and supporting this tech.

Beyond storage and social

It’s not just your files or your feeds. Trust in centralized systems is eroding everywhere.

From messaging apps quietly backdoored, to identity systems that can cut you off without appeal, to governments and corporations that leak your most personal data into the hands of criminals, it’s no surprise people are looking for alternatives.

We’ve seen government ID databases, health systems, and credit agencies breached, with entire identities dumped onto the dark web. Names, locations, biometrics. Everything needed for fraud. Lost because it was all stored in one convenient place.

That’s why decentralized tools have gained momentum. They don’t promise perfection, but they offer a way to reduce risk, reclaim control, and opt out of systems that keep failing us.

Encrypted messaging. Self-owned identities. Private money. Anonymous search. Community-led governance.

People aren’t waiting for permission. They’re choosing systems that put them back in charge.

Takeaways

  • Decentralization is not a rejection of structure. It’s a rebalancing of control.
  • The goal isn’t to replace everything. It’s to diversify what’s possible.
  • You don’t have to go all in. You can start with just one tool, one switch.
  • Sometimes the most powerful thing is knowing how something works, and choosing better.

Dive in and try out some of these bourgeoning systems. A lot of them a really early stages — We may not get everything right on the first try, but if we keep moving forward, we can build a radically different internet.

 

Yours in privacy,
Naomi

Naomi Brockwell is a privacy advocacy and professional speaker, MC, interviewer, producer, podcaster, specialising in blockchain, cryptocurrency and economics. She runs the NBTV channel on Youtube.

https://nordictimes.com/tech/teuton-systems-offers-smart-privacy-focused-technology-without-compromise/

Tech

Teuton Systems offers smart privacy-focused technology – without compromise

Advertising partnership with Teuton Systems

  • Teuton Systems, based in Sweden, is developing a unique concept for privacy-oriented computers and mobile phones that does not compromise user-friendliness or security.
  • We take the fight against corporate snooping, mass government surveillance and criminal phone tapping through firm open source principles and secure products.
Published yesterday 15:01
Both computers and phones from Teuton Systems come with interfaces you will recognize and with pre-installed apps for all your everyday needs.

Digitalization has given humanity superpowers – and opened the door to a whole jungle of new threats.

We see it every day: news headlines about breaches, scandals, and surveillance of ordinary people. Teuton Systems works for those who refuse to accept a reality where someone else owns their data. That’s why we offer hardware and software that gives you full control over your digital life.

Healthy skepticism about data collection is anything but paranoia – it’s perfectly justified. Here are just a few examples that should make anyone think twice about their everyday digital environment:

  • Mass surveillance: After Edward Snowden’s historic revelations, it became public knowledge that government programs were massively eavesdropping on both corporate and private communications. This is an important reminder that conscious action is required to preserve privacy. Since the revelations, this mass surveillance has continued in other forms.
  • Data leaks and scandals: Everything from the Cambridge Analytica scandal (where a company collected data on millions of Facebook users to influence elections) to the Apoteket leak (sensitive customer data was sent to Facebook without their knowledge) proves time and again how easily our data can be sold, lost, or misused.
  • Dependence on big business: Our digital everyday lives are dominated by a few tech giants, raising concerns about how much power they have over our data and infrastructure. Almost half of Swedes believe that Google and Facebook threaten privacy, according to recent figures. Allowing a few giant companies to dominate information about our private lives is simply not a decent option.
  • Spying apps: Common smartphone apps can access large amounts of private data – location, contacts, microphone, and more – which is then shared for profit or even more obscure purposes. In fact, 8 out of 10 Swedes know that apps can track their location via GPS, according to a national privacy report, which shows how widespread the phenomenon is. Collected app data has led to everything from targeted advertising to privacy scandals. Yet the flow of software that silently snoops in the background continues.

Against this backdrop, Teuton Systems launched the Nordic region’s first fully Linux-based computer system for everyday users back in 2020. Since then, the concept has evolved: 100 percent open source, encryption as standard, and hardware optimized for security. The philosophy is simple: strong privacy should be the starting point for your devices, not a hidden option.

All devices are delivered pre-configured with privacy-preserving software and documentation in English. You can unpack the products and start using them right away, confident that the systems are already optimized to protect your privacy.

Image of the premium Matrix 8 Pro model equipped with 256 GB of storage space and a very powerful camera that has received top marks in tests.

The Matrix phone – the tracking-free smartphone

Perhaps the most important product is called the Matrix phone. A powerful smartphone with the operating system replaced by GrapheneOS – the world’s most secure mobile operating system according to industry experts. It comes completely free of Google apps – which means the phone does not automatically “call home” to Google and share data about your usage.

Instead, open alternatives are pre-installed: web browser, email, maps, chat, everything you need. Most popular apps and services (including the Swedish BankID, for example) work. The result is a smartphone that works much like any Android phone – but without you having to worry about your phone spying on you in the background.

The Nordic region’s first preconfigured Linux computers

The computer range includes both laptop and desktop models, where Windows has been replaced with Linux, an open and more secure operating system free from data collection by large corporations. Each system is specially configured for high security while maintaining a high level of user-friendliness. From the first start-up, the computer runs with full disk encryption and a secure VPN, embedded in a modern desktop environment with a traditional start menu and taskbar that will be familiar to all Windows users – all included in the TS PC concept. No digging around in settings, no bloatware. You get a familiar user experience but without the surveillance.

Why open source is smarter – and safer

Thanks to open-source code, anyone can review the software; no hidden backdoors, no secret data collection. This makes the systems more transparent than mainstream platforms – and we have the world’s open developer community backing us with quality assurance instead of a closed-off corporation. When a vulnerability appears, it gets fixed quickly – without lobbying or shareholder politics. By combining open source, hardware-level security, and privacy-focused configuration, we create an alternative that gives everyday users digital self-determination.

So break free from dependence on tech giants – take control of your technology and your information. These types of solutions should be a given in today’s IT landscape, but as we’ve seen, they are far from standard in the industry. Change is needed, and together we can make a difference.

The starting point is and remains the same: technology should be completely controlled by the user, not by authorities or greedy large corporations. With Teuton Systems’ products, you get security and freedom – without compromising on user-friendliness. In addition, you can always contact our telephone support team at our office in the heart of Sweden. They are ready to assist you before and after your purchase. In other words: Technology by the people, for the people.

Welcome to Teuton Systems – where personal privacy is standard and surveillance is a thing of the past!

 

Visit Teuton Systems

https://nordictimes.com/tech/specialist-doctor-warns-social-media-is-hacking-our-brains/

Tech

Specialist doctor warns: Social media is hacking our brains

The rise of technocracy

Published 17 May 2025
– By Editorial Staff
In 15 years, eating disorders have almost doubled - largely attributed to morbid trends on social media.
Editorial Staff
editorial@nordictimes.com

Users are not the customers of social media giants – they are the product itself, where the most important thing is to capture our attention for as long as possible and at any cost.

This is the conclusion of psychiatrist Anders Hansen, who points to TikTok as an example of a platform that “creates information that our brains cannot look away from”.

On the Swedish public television channel SVT, he explains what happens to users’ brains when they use social media and how harmful much of the content actually is – especially for young users.

– We humans want to belong to a group at any cost. It’s pure survival. We constantly ask ourselves: ‘Am I good enough for the group, am I attractive enough, or smart enough, or thin enough?’ When we are exposed to this two to three hours a day, we perceive that we are not good enough, that we are not worthy.

– Our brains register this as a threat to our survival, which is why it makes us feel so bad. Some people then try to do something about it, such as starving themselves… These are deeply biological mechanisms within us that are being hacked by this extremely advanced and sophisticated technology.

“The companies don’t care”

Although it is actually prohibited on most platforms to target weight loss tips and similar ideals of thinness to children and young people, this is still very common.

Although eating disorders are a complex illness with many potential causes, Hansen says it cannot be ignored that they have almost doubled since 2010 across the Western world – and that this is likely due to the ideals promoted on social media.

– Companies don’t care if you develop a distorted self-image, they just want to squeeze every last second out of you. If you think about it, maybe you can awaken your inner rebel and not let companies take up your time, he explains.

Profit lost from restrictions

The psychiatrist also points out that all types of regulations and restrictions on algorithms and content mean that users will spend less time on social media – and that this is why social media companies systematically oppose such requirements.

– They have no interest whatsoever in trying to stop this.

Although TikTok is highlighted as the clearest example, there are now a long list of competitors that work in a similar way – including Instagram Reels (Meta), YouTube Shorts (Google), and Snapchat Spotlight.

Editorial Staff
editorial@nordictimes.com

https://nordictimes.com/tech/lock-down-your-mac/

Tech

Lock down your Mac

Naomi Brockwell

No Apple ID, no tracking, no nonsense.

Published 17 May 2025
– By Naomi Brockwell

Apple markets itself as a privacy-focused company. And compared to Google or Microsoft, it is. But let’s be clear: Apple is still collecting a lot of your data.

If you want the most private computer setup, your best option is to switch to Linux. Not everyone is ready to take that step though, and many might prefer to keep their existing computer instead.

If you want to keep your current device but make it more private, what are your options?

Windows is basically a privacy disaster. Privacy expert Michael Bazzell says in his book Extreme Privacy:

I do not believe any modern Microsoft Windows system is capable of providing a secure or private environment for our daily computing needs. Windows is extremely vulnerable to malicious software and their telemetry of user actions is worse than Apple’s. I do not own a Windows computer and I encourage you to avoid them for any sensitive tasks”.

If you want to keep your Mac without handing over your digital life to Apple, there are ways to lock it down and make it more private.

In this article, I’ll walk you through how to set up a Mac for better privacy—from purchasing the computer to tweaking your system settings, installing tools, and blocking unwanted data flows.

We’ll be following the setup laid out by Michael Bazzell in Extreme Privacy, with some added tips from my own experience.

We also made a video tutorial that you can follow along.

You don’t need to do everything. Each chapter is modular. But if you follow the full guide, you’ll end up with a Mac that doesn’t require an Apple ID, doesn’t leak constant data, and gives you control over your digital environment.

Buying your Mac

Choose a model that still gets security updates

Apple eventually drops support for older devices. A privacy-hardened system isn’t useful if it doesn’t receive security updates.

Two helpful sites:

Pay with cash in a physical store

If you buy a Mac with a credit card, the serial number is forever linked to your identity.
Cash keeps you anonymous. You might get strange looks, but it’s completely within your rights. Be polite. Be firm. They’ll grumble. That’s fine.

Fresh install of macOS

If it’s a refurbished Mac—or even brand new—it’s worth doing a clean install.

Update macOS

  • System Settings > General > Software Update
  • Install updates, reboot, and reach the welcome screen.

Erase all content

  • System Settings > General > Transfer or Reset > Erase All Content and Settings
  • Enter your password, confirm warnings
  • Your Mac will restart and erase itself

This restores factory defaults: user data and settings are gone, but the OS remains installed.

Optional: Wipe the disk completely (advanced)

If you want a truly clean install, you’ll need to manually erase the entire internal disk. Only do this if you’re comfortable in recovery mode.

Modern Macs split the system into two parts—a sealed system volume and a data volume—tied together with something called firmlinks. If you don’t erase both correctly, you can end up with phantom volumes that clog your disk and break things silently.

Steps:

  • Enter Recovery Mode:
    • Apple Silicon: Hold power > click “Options”
    • Intel: Hold Command + R on boot
  • Open Disk Utility
  • Click View > Show All Devices
  • Select the top-level physical disk (e.g., “Apple SSD”)
  • Click Erase
    • Name: Macintosh HD
    • Format: APFS
    • Scheme: GUID Partition Map

Warning: Skip “Show All Devices” or erase the wrong item and you could brick your Mac. Only do this if you understand what you’re doing.

Once erased, return to the recovery menu and choose Reinstall macOS.

First boot setup

macOS wants to immediately link your device to iCloud and Apple services. Stay offline as long as possible.

Setup tips:

  • Region: Choose your location
  • Accessibility: Skip
  • Wi-Fi: Click “Other Network Options” > “My computer does not connect to the internet”
  • Data & Privacy: Continue
  • Migration Assistant: Skip (we’re starting fresh!)
  • Apple ID: Choose “Set up later”
  • Terms: Agree
  • Computer Name: Use a generic name like Laptop or Computer
  • Password: Strong and memorable. No hint. Write it down somewhere safe.
  • Location Services: Off
  • Time Zone: Set manually
  • Analytics: Off
  • Screen Time: Skip
  • Siri: Skip
  • Touch ID: Optional
  • Display Mode: Your choice

Harden system settings

Wi-fi & bluetooth

  • System Settings > Wi-Fi: Turn off
    • Disable “Ask to join networks” and “Ask to join hotspots”
  • System Settings > Bluetooth: Turn off

Firewall (built-In)

  • System Settings > Network > Firewall: Turn on
    • Disable “Automatically allow built-in software…”
    • Disable “Automatically allow downloaded signed software…”
    • Enable Stealth Mode
    • Remove any pre-approved entries

Notifications

  • System Settings > Notifications
    • Show Previews: Never
    • Turn off for Lock Screen, Sleep, and Mirroring
    • Manually disable for each app

Sound settings

  • System Settings > Sound
    • Alert Volume: Minimum
    • Disable sound effects and interface feedback

AirDrop & sharing

  • System Settings > General > AirDrop & Handoff: Turn everything off
  • System Settings > General > Sharing: Disable all toggles

Siri & Apple Intelligence

  • System Settings > Siri & Dictation: Disable all
  • Disable Apple Intelligence and per-app Siri access

Switch time server

Your Mac pings Apple to sync the time—leaking your IP every time it does.
Switch to a decentralized time server instead.

How:

  • System Settings > General > Date & Time
  • Click “Set…” > Enter password
  • Enter: pool.ntp.org
  • Click Done

Spotlight & gatekeeper

Spotlight

  • System Settings > Spotlight: Turn off “Help Apple improve search”

Gatekeeper

Gatekeeper prevents you from opening non-Apple-approved apps and sends app data to Apple.

If you’re a confident user, disable it:

  • Terminalsudo spctl --master-disable
  • System Settings > Privacy & Security: Allow apps from anywhere

FileVault & lockdown mode

FileVault

Encrypt your entire disk:

  • System Settings > Privacy & Security > FileVault: Turn on
  • Choose “Create a recovery key and do not use iCloud”
  • Write down your recovery key. Store it OFF your computer.

Lockdown mode (Optional)

Restricts features like USB accessories, AirDrop, and others. Useful for high-risk users.

Customize appearance & finder

Desktop & dock

  • Disable “Show Suggested and Recent Apps”
  • Disable “Recent apps in Stage Manager”

Wallpaper

Use a solid color instead of version-specific defaults to reduce your system’s fingerprint.

Lock screen

  • Screensaver: Never
  • Require password: Immediately
  • Sleep timer: Your preference (e.g. 1 hour)

Finder preferences

  • Show all file extensions
  • Hide Recents and Tags
  • Set default folder to Documents
  • View hidden files: Shift + Command + .

Block outbound connections

macOS and many apps connect to servers without asking. You’ll want to monitor and block them.

Use Little Snitch (or LuLu)

Browser

Install a privacy-respecting browser like Brave or Mullvad.

Compare options at privacytests.org

VPN

Use trusted providers like Mullvad or ProtonVPN.

Be careful which VPN you download — they’re often scamware and data collection tools.
Watch this video for more

Optional: Use Homebrew

Instead of the App Store, install software via Homebrew.

We’ll cover this more in a future guide.

Final takeaways

If you followed this guide, you now have:

  • A Mac with no Apple ID
  • No iCloud tether
  • Full disk encryption (FileVault)
  • A silent firewall
  • Blocked outbound connections
  • A private browser and VPN setup

You’ve taken serious steps to reclaim your digital autonomy. Well done.

In an upcoming guide, we’ll explore how to take the next step: switching to Linux.

Thanks again to Michael Bazzell for his work.

Find his book Extreme Privacy at: inteltechniques.com/book7.html

 

Yours in privacy,
Naomi

Naomi Brockwell is a privacy advocacy and professional speaker, MC, interviewer, producer, podcaster, specialising in blockchain, cryptocurrency and economics. She runs the NBTV channel on Youtube.

N

Polaris of Enlightenment

News

Other

Subscribe to our newsletter!

Follow TNT socials!

X-twitter Facebook Telegram Instagram

© 2022-2025 The Nordic Times TNT.
All rights reserved.

Our independent journalism needs your support!
We appreciate all of your donations to keep us alive and running.

Donate

Our independent journalism needs your support!
Consider a donation.

You can donate any amount of your choosing, one-time payment or even monthly.
We appreciate all of your donations to keep us alive and running.

Donate
Dont miss another article!

Sign up for our newsletter today!

Take part of uncensored news – free from industry interests and political correctness from the Polaris of Enlightenment – every week.