you should always use internet with zero trust

TL;DR - No trust. None. For anyone or anything.

Extreme you say? Sure, maybe. But we’ve been burned so many times, yet we still say things like “oh but its convenient”. That simply means most people dont care or dont have the time to deal with it, which is fair.

I don’t blame them, in this day and age, we have PLENTY to worry about, other than our online privacy and anonimity.

Personally, I’ve went with the scorched earth approach. Foss, privacy respecting, self-hosted, encrypted. If I don’t have control of it, I will keep it in a different place than the things I have control over.

Unfortunately, for most, this comes at a very large technical overhead. Frankly, I don’t see other ways forward. Look at france, sweeden, UK, they all want backdoors and the encryption keys to everything.

The way forward will be trustless, self-hosted services. The next steps are to simply lower the technical bar, because even as a skilled engineer, sometines I hit my head against things that need a serious amount of figuring out.

Making these services easy to host and use would be amazing. Trust nothing.

No, mostly because the main tenet of data security is that nobody should ever be trusted - not fully, at least.

Aren’t we supposed to be checking the code?

Just make sure that when you uncheck all telemetry and don’t use an account, they don’t send your personal data. Its open source so it should be verifiable. You don’t need to “trust” them if there’s no data being sent in the first place.