Ultimately your concerns stem from the philosophy of privacy, but you are weak on what practical privacy means. You have to give up a certain amount of privacy to participate in society at all. This is the case regardless of any technology. Once you decide you need a cell phone, you now have a tracking device on your person that can be used by anyone that wants to track you, specifically. You cannot prevent this regardless of what you do. Assuming you are not a person of interest for a nation-state, this exchange of privacy for convenience is rational.

There are things you can do in-order to increase your privacy in any un-trusted network though. For example: MAC-address randomization. DNS Proxies, VPNs, Privacy focused Browsers block-lists no-script etc etc.

Not all of these are relevant in all situations, and all of them can be made moot as soon as you login to some place. i.e. logging into a lemmy instance means that you now are uniquely identifiable and information can start being collected about you.

Now the question of “trust.” i.e. you don’t “trust” your friends network? Why not? Any argument that you can make about not knowing their network applies 10-fold to the cell network that you have absolutely chosen to trust. So the measures that you take with your own device to protect it from the public phone network, are equally effective on any wireless network. And that is where privacy advocates start getting squirrely.

tl;dr, if you have already taken the above steps, all untrusted networks should be treated the same according to your personal privacy envelope.

This is a great example of someone who has a lot of fear in their life that stems from ignorance, but tries to pass it off as something else. But make no mistake, you have a large gap in knowledge, and that knowledge gap combined with the paranoia of what you read from “privacy advocates” means your life is much harder and more insecure then you realize.

As a senior Network engineer, Macbook Pro is my goto. Jack Black Label is good, but I still prefer Lagavulin 16yr or founders All Day IPA.

Self-approval leads to a road of sadness. For example, a theoretical company needs to self-renew an ssl cert. No problem, the cert will be stored with the rest of the secrets and retrieved in a secure way on deployment. Unfortunately if you don’t store the cert key in a secure way, the deployment still works fine and you don’t need to figure out the “onerous” encryption process.

So you push the private key to the company git repo, and then deploy the cert! Done and Done.