Privacy is not binary. There are degrees of privacy that can be achieved. Where you would like to be is totally based on your personal situation. If you are a beginner, understand that privacy is a journey.

Regarding which OSes you could use for your computer if Linux is not an option:

Windows in my experience is the worst offender when it comes to telemetry. It is so ingrained in the OS that you'll never be certain there isn't any telemetry regardless of the measures you take. MacOS on the other hand can be configured in such of way that Apple will have very little if any telemetry on you. It also has good permission controls which would cover things like screen capture and logging of keystrokes which you mentioned above. You could do the following:

• Purchase a Macbook
• Opt out of using an Apple Account (as of today it's optional)
• Opt out of using iCloud
• Opt out of any telemetry
• Turn on built-in firewall
• Turn on disk encryption
• Install Lulu or Little Snitch to block any Apple telemetry

This alone will probably put you in a better position than 99% of people (not an actual statistic).

You have some margin to work with. Of course it's not going to be as effective than switching OS but you can use privacy focused firewall. For example Portmaster on windows or tracker control on Android.

These firewall will try to block as much telemetry as possible.

You should also be cautious about what you install on your system, opensource app usually have a better track record regarding privacy.

Default OSs are very invasive. Windows, Mac and iOS are constantly spying on everything you do and stock Android is only as private as the apps it comes with which include things like Google Play Services - an app so baked into the system it can only be disabled through adb/root

If you want to read into this - Louis Rossmann made a video on this and this is the paper he mentioned.

possible for the average person who doesn't feel comfortable messing with installing operating systems to have any privacy?

Yes, depends on how far you are willing to take it.

Replace default apps with FOSS (F-droid)

Delete or disable defaut apps through developer options/adb

Limit the number of permissions you give to apps (your calculator shouldn't have access to internet or your camera)

Don't install apps that you don't trust/need

Block app's access to the internet with a firewall

Check out r/degoogle on Reddit for many useful resources

For Windows/iOS, etc.: change settings to be more private: give less permissions and turn off telemetry wherever possible.

If you think that's not enough, consider dual booting a Linux distro like Linux Mint Cinnamon (easy to set up and very beginer-friendly). If you do that you can learn Linux and keep your private data there instead of on Windows/iOS

Mac is less intrusive than Windows. Windows 10 is a whole lot less intrusive than Windows 11. You can lock Windows 10 down even more if you use Shut Up 10. It's an amazing piece of freeware. Just be aware that Windows will reset a lot of your options after major updates.

Duck Duck Go is more secure than any other search engine and browser. Firefox is next in the list if you're not on a Mac. Get uBlock Origin and NextDNS.io.

Don't give your real information to companies when possible. Don't browse the web logged into Google, Facebook, Reddit, TikTok, etc.

You can buy computers and phones with those OSes preinstalled, so it's not necessarily "custom". Otherwise, no.

Linux is not like a custom ROM, it's just an OS like any other (but many distros do respect your privacy). But yeah, custom Roms are the only way to have privacy on phones other than just using dumb phones. Support open source projects and manufacturers that make devices that use open source software!

No

Privacy is not a black & white thing. Every step you take matters. And being entirely private without digital footprint is impossible unless you isolate yourself from the internet entirely.

To answer your question. Yes, they spy on you. To what degree depends on the OS and your settings. But they always cost you some privacy.

But it's never useless to take other steps just because you don't want to or can't switch OS. Because you'll still give them less data if you do. They might still have info on you. But the less, the better.

Taking easier steps like switching mail provider and other services you use to privacy-minded ones are a good and easy start anyone can do. Replacing apps/programs on your system with FOSS or privacy-minded ones is another good one.

Even the biggest noob can make a Proton account and use it instead of Gmail/Outlook. Use 1Password instead of your device/browser's password manager. Use LibreOffice instead of MS Office. Check F-droid for apps before Google Play (and perhaps even use Aurora when you do need it). Use FireFox instead of Edge or Chrome. Install a FOSS keyboard on your phone. Get rid of Social Media. Use Signal instead of WhatsApp. Those are just some example of easy my-grandpa-can-do-this level of difficulty options that already greatly improve your privacy (in fact, after I installed it for him, my grandpa does many of these!). Is it as private as an extremely hardened custom device by a security expert? Nah, but it's definitly much beter than a default device full of big-tech apps. Even if you just do 1 of them!

Since every step counts, I think we should apploud people for caring and starting to take steps instead of deminish them for not going in to the max. Changes like this are slow, especially with a big mass of people. The more people show they care, the more privacy-minded alternatives grow and show up and the more normal it becomes to care about privacy.

I’m not as worried by data logged by the os as such, but don’t want it sold to third party ad networks.

I use both macOS and Windows daily for combined work/personal stuff so hard to avoid. I trust Apples use of my data a little more than I trust Microsoft.

All my devices are always behind a VPN and always behind a DNS filter that blocks most vendor tracking from Apple, Microsoft etc. You have to allow a fair bit through for some functionality to work though.

This is a highly loaded question.

You are making a number of very poor assumptions based on a number of ridiculous misconceptions.

The average, everyday, human adult is fully capable of understanding their own personal "threat landscape". How they deal with that will vary.

For most; if not all, average consumers; their concerns are still very limited. They're not so much concerned with the provenance, the history, of companies...they just want to duck for the oncoming threats in their landscape. These metaphorical tree branches are what they're ducking under. They have no logical need to fear the entire tree.

Personally, I choose not to live like Stallman, nor do I have fears of big state repercussions like Snowden does. Neither does your average consumer. Functionality is the top priority. Functionality on-par with the CSSC (Closed-Source Software, Corporate) competitor is critical. If the FLOSS (Free/Libre Open Source Software) version can do exactly what people typically want and expect it to do AND cost less monetarily AND can impact their privacy way less than using the CSSC competitor would, then it will be adopted by many and loved by all who use it.

This isn't to say that privacy does not matter.

It simply means that privacy is a spectrum; and everyone has varying privacy wants and needs. For some reason, a large potion of the "tech-savvy" people in the FLOSS community feel the need to measure their superiority in "How private their systems are." The average user does not give a damn about that dick measuring contest; and really would rather not be bothered. They just want the amount of privacy that is right for them, and their specific situation.

It is best to put your ego aside when discussing privacy, or helping someone else to discover and improve their own privacy.

You'll be a lot less private, but it's not black and white.

You can definitely harden operating systems like Windows and Android to be better for privacy and security. I've used some of Techlore's videos to make my Windows system a bit more secure and private, and he's made one for Android and other OSes too. Of course, this isn't perfect, but it's something if you don't want to install a different OS, it's better than nothing.

For computers, you dont have to switch to linux, I'm currently using ReviOS (a custom version of windows) but I might try AME 10 later. But sure, it's still messing with installing operating system since it needs a clean windows install, alternatively you can use software like O&O Shutup10 but I noticed that some options doesn't exist in Windows 11 as compared to Windows 10, I've also tried winutil but it caused task manager to close really slowly for me

true all the way down to the silicon really. Unless you are prepared to do you own lithography you are on an untrusted platform.

It depends on what you consider spying. The vast majority of devices want some form of push notification capability, which requires being connected to Microsoft/Google/Apple servers, and thus the company knows your IP address. But doing pretty much anything on the internet and you expose your IP address.

If what you mean by spying you think it is looking at what app/program you are doing, recording your keystrokes, recording what your camera sees, the vast majority of devices don't do any of this. Those are done on hacked laptops and school laptop admins that are either creepy and unchecked or overly intrusive.

Somewhere between these two extremes you would say it crosses the boundary into spying. You don't need a custom OS to stop it unless you your threshold is all the way to the push notification level.

There are user friendly options if you're willing to use them. There's /e/ foundation's Murena phone that you can buy. It's based on LineageOS for microG with a custom launcher much like iOS. It works out of the box, no tinkering. There's also GrapheneOS that has a web interface for installation. It is only for Google Pixel phones and takes a different approach to privacy than LineageOS for microG. They both work in protecting your privacy. As far as computer OSes, there are many "easy to use" options for the novice - PopOS & Linux Mint are the best two that come to mind.

for mobile a low effort approach is to simply buy a dumbphone and a faraday bag and you're good to go.

We don't know if they do, but they certainly can. Especially if you are on x86. I'm sure Android (which comes from OEMs) and iOS devices spy on you.

No, you have no respite unless you switch to custom. The good part is that this process is much easier than before (especially on the desktop), and will keep getting easier. Graphene already has their Web installer when you plug your mobile into your computer and let it do its job. Installing Linux is the easiest it has ever been, and I would argue that this trend has creeped into even the more advanced distributions like Gentoo/Funtoo (their guide is extremely well written and easy to follow + forums).

The only thing you are losing is time. If you don't have the time, then no, you should stick with the easier ROMs/Distributions. I would never espouse using Windows/MacOS/OEM Android/iOS unless forced to by circumstance.