I want to use a Linux distro for my PC that’s independent, meaning that it has no ties to Google. Any suggestions will be greatly appreciated.
any would do..
1 Like
It solely depends: Because accessing Google forces the connection anyway. If you use a Linux OS that has heavy restrictions on trackers, it might limit Google’s access to your device.
1 Like
Okay, thank you & I’ll keep searching for a good one.
Although Linux is much more secure than Windows, some OS systems seem to have more ties with them than others, so I’m concerned that some have inherently Google-friendly code written into their OS systems.
Glad you asked! Than I am not alone!
Possibly Mint or Tails.
But I recommend to just go with this hosts list
But if you are feeling extra radical you can use my sledgehammer approach (can break some websites):
#!/usr/bin/env bash
set -euo pipefail
if ! command -v curl >/dev/null 2>&1; then
echo "curl not found, please install curl and rerun."
exit 1
fi
if ! command -v jq >/dev/null 2>&1; then
echo "jq not found, please install jq and rerun."
exit 1
fi
TMPDIR="$(mktemp -d)"
GOOG_JSON="$TMPDIR/goog.json"
CLOUD_JSON="$TMPDIR/cloud.json"
OUT_CIDRS="$TMPDIR/google_cidrs.txt"
echo "Fetching Google IP ranges..."
curl -fsSL https://www.gstatic.com/ipranges/goog.json -o "$GOOG_JSON"
curl -fsSL https://www.gstatic.com/ipranges/cloud.json -o "$CLOUD_JSON"
echo "Computing goog minus cloud (CIDR equality subtraction)..."
jq -r '.prefixes[] | (.ipv4Prefix // .ipv6Prefix) // empty' "$GOOG_JSON" | sort -u > "$TMPDIR/g_set.txt"
jq -r '.prefixes[] | (.ipv4Prefix // .ipv6Prefix) // empty' "$CLOUD_JSON" | sort -u > "$TMPDIR/c_set.txt"
comm -23 "$TMPDIR/g_set.txt" "$TMPDIR/c_set.txt" > "$OUT_CIDRS"
if [ ! -s "$OUT_CIDRS" ]; then
echo "No CIDRs generated. Exiting."
rm -rf "$TMPDIR"
exit 1
fi
echo "Select firewall backend: 1) nftables 2) iptables+ipset 3) ufw"
read -r -p "Enter 1, 2 or 3: " CHOICE
if [ "$CHOICE" = "1" ]; then
if ! command -v nft >/dev/null 2>&1; then
echo "nft not found. Install nftables and rerun."
rm -rf "$TMPDIR"
exit 1
fi
echo "Creating nftables table/sets and adding CIDRs..."
sudo nft add table inet filter 2>/dev/null || true
sudo nft add set inet filter google_ips4 '{ type ipv4_addr; flags interval; }' 2>/dev/null || true
sudo nft add set inet filter google_ips6 '{ type ipv6_addr; flags interval; }' 2>/dev/null || true
while read -r cidr; do
if [[ $cidr == *:* ]]; then
sudo nft add element inet filter google_ips6 { "$cidr" } 2>/dev/null || true
else
sudo nft add element inet filter google_ips4 { "$cidr" } 2>/dev/null || true
fi
done < "$OUT_CIDRS"
sudo nft list chain inet filter output >/dev/null 2>&1 || sudo nft add chain inet filter output '{ type filter hook output priority 0; policy accept; }'
sudo nft insert rule inet filter output ip daddr @google_ips4 counter drop 2>/dev/null || true
sudo nft insert rule inet filter output ip6 daddr @google_ips6 counter drop 2>/dev/null || true
echo "nftables rules applied. Enable nftables service to persist."
elif [ "$CHOICE" = "2" ]; then
if ! command -v ipset >/dev/null 2>&1 || ! command -v iptables >/dev/null 2>&1; then
echo "ipset or iptables missing. Install them and rerun."
rm -rf "$TMPDIR"
exit 1
fi
echo "Creating ipset(s) and applying iptables rules..."
sudo ipset create googlehash hash:net family inet hashsize 1024 maxelem 65536 2>/dev/null || true
sudo ipset create googlehash6 hash:net family inet6 hashsize 1024 maxelem 65536 2>/dev/null || true
while read -r cidr; do
if [[ $cidr == *:* ]]; then
sudo ipset add googlehash6 "$cidr" 2>/dev/null || true
else
sudo ipset add googlehash "$cidr" 2>/dev/null || true
fi
done < "$OUT_CIDRS"
sudo iptables -C OUTPUT -m set --match-set googlehash dst -j DROP 2>/dev/null || sudo iptables -I OUTPUT -m set --match-set googlehash dst -j DROP
if command -v ip6tables >/dev/null 2>&1; then
sudo ip6tables -C OUTPUT -m set --match-set googlehash6 dst -j DROP 2>/dev/null || sudo ip6tables -I OUTPUT -m set --match-set googlehash6 dst -j DROP
fi
echo "iptables/ipset rules applied. Persist with ipset-persistent/iptables-persistent."
elif [ "$CHOICE" = "3" ]; then
if ! command -v ufw >/dev/null 2>&1; then
echo "ufw not found. Install UFW and rerun."
rm -rf "$TMPDIR"
exit 1
fi
echo "Applying UFW deny out rules for each CIDR..."
while read -r cidr; do
sudo ufw deny out to "$cidr" || true
done < "$OUT_CIDRS"
sudo ufw reload || true
echo "UFW rules applied."
else
echo "Invalid selection."
rm -rf "$TMPDIR"
exit 1
fi
rm -rf "$TMPDIR"
echo "Done."
(Google publishes it’s crap here and here)
If you go with my script you will need to enable that manually (like ufw enable). If you don’t know about firewalls, just go with first solution and just paste it’s content into your hosts file.
1 Like
@datadrvn What do you use your computer for? i.e. Just browsing? Multimedia? Coding? Research? School? …?
1 Like
Thank you. Although I REALLY appreciate your response, I’m not a developer, so I can’t implement what you’re instructing me to do.
I use my computer for searching the Internet, studying and creating docs.
Than go with this approach from here
It is really easy:
- open terminal
- run cd
- Then run nano no-google.sh
- In window opened paste this:
#!/bin/bash
set -e
TMPFILE=$(mktemp)
curl -fsSL https://raw.githubusercontent.com/nickspaargaren/no-google/refs/heads/master/google-domains -o "$TMPFILE"
if [ ! -s "$TMPFILE" ]; then
rm -f "$TMPFILE"
exit 1
fi
HOSTS_FILE="/etc/hosts"
BACKUP="${HOSTS_FILE}.bak.$(date +%s)"
cp "$HOSTS_FILE" "$BACKUP"
awk '!/^($|#)/ {print "0.0.0.0 " $1}' "$TMPFILE" | sort -u > "${TMPFILE}.hosts"
grep -Fq "### no-google block start" "$HOSTS_FILE" && sed -n '1,/### no-google block start/p' "$HOSTS_FILE" > "${HOSTS_FILE}.tmp" || cp "$HOSTS_FILE" "${HOSTS_FILE}.tmp"
{
cat "${HOSTS_FILE}.tmp"
echo "### no-google block start"
cat "${TMPFILE}.hosts"
echo "### no-google block end"
} > "${HOSTS_FILE}.new"
mv "${HOSTS_FILE}.new" "$HOSTS_FILE"
rm -f "$TMPFILE" "${TMPFILE}.hosts" "${HOSTS_FILE}.tmp"
systemctl restart NetworkManager 2>/dev/null || true
exit 0
- Then press ctrl+o
- Then press enter
- Then press ctrl+x
- Then run sudo bash no-google.sh
- Done.
@datadrvn Then try this distro: Trisquel GNU/Linux - Run free!
Debian is another one. Slackware, if you are feeling ambitious.
Thank you BIG time! and I’ve tried Cinnamon Mint in the past and it was too steep of a learning curve for me, but I looked at Tails and hopefully sites won’t stop me from using them because I’m on TOR.
1 Like
Thank you, I’m ambitious, but I read its review and although it seems really good, it’s out of my league for a beginner.
Slackware has the utilities you need after install. If you want additional software, it is not so difficult and the IRC channel is superb as support. But based on what you told me (internet and docs), the default packages will get you going. I am not sophisticated Linux user, but I learned a lot about Linux using it. If you want to feel confident about Linux moving forward, it is a great distro to go with.
Thank you for your input.
@US3R I know that you recommended Tails or Mint, but at this point, sadly, I’m very UI, etc. Windows-dependent, so is it possible for me to also implement your google-resistant code in https://reactos.org/?
@US3R I just saw that https://reactos.org/ is still considered to be in the Alpha development stage, so I’d need to install it on a virtual machine & I really don’t want to do that, so my quest to find a Linux distro for newbies continues.
We all start somewhere. It is like learning to read. “Can you just show me pictures instead?” Will only take you so far. Try Ubuntu, which is the most user friendly of them all and you can go to the ‘#ubuntu’ IRC on Libera Chat for support. That will get you on your way. A support community is key.
ReactOS will never gain traction, it is around for years and will be in Alpha for years more and will always be obscure. You do not want something based on the worst OS in the world.
Install Ubuntu and get this book: Linux Phrasebook | Scott Granneman
Yes, everything will be hard and first. But you know what? Bit by bit, you will start to understand and grasp concepts and become literate. You can wring your hands for weeks and get nowhere or start getting somewhere in days.
1 Like
The only Linux distros that depend on Google are Android and ChromeOS. This is because they are Google products, people use them because of their ties with Google. All the others only connect to Google if you request it, same as Windows.
You don’t even need to use Linux, the method US3R suggested simply forbids all known connections to Google things on the internet, which can also be done in Windows. To learn more about this, read about HOSTS files.
And to fully disconnect from Google, you must also make sure your router (the machine that many call a “modem”) does not use Google DNS. Read the manual that came with it (or look for it online), go into its settings and change the DNS provider to one you trust.
You should not use Linux to escape Google but to escape MicroSoft/Windows. The only advantage of using Linux for this is that you can readily change everything about the system, as it can be more difficult in Windows if you can’t deal with the technical/legal restrictions.
…
And in the end, none of this matters if you are forced to use Google products to interact with other humans, such as your Android phone (which you must have, as this forum is for Android software).
Just saying, it’s very difficult to avoid Google when you live in a society that depends on it. As mentioned above, many websites will break if you can’t load the Google components that they use. It’s not really for everyone.
…
As for which Linux distro I recommend, I suggest trying Artix (the XFCE version). Do not be intimidated by needing to use the command line for certain things, it’s not difficult. Just look for a cheatsheet to learn to how to use pacman and you’ll be set.