If you are an avid Apple user, you are probably locked (trapped?) in the 'closed garden' of Apple. However, over the course of chapter 19 (this is 3rd piece in the 'apple pie') we have learned that you can anonymize yourself a little.
Firstly, by starting with a brand-new identity:
After this, we locked the experience down a little more, just to be certain that you have a mix between privacy and the Apple experience:
Today we want to go over the fine-tuning.
So start by creating a separate account, one which has no admin privilege. This way, you have taken a big step when it comes to security.
Remember to fine tune your firewall and privacy settings in the new profile as well.
I recommend to use Librewolf as your browser.
If you do so, an essential add-on would be LibRedirect:
With this add-on, you can redirect traffic to more privacy protected frontends, so Twitter to Nitter, YouTube to Piped etc...
If you want to stick with Safari, you can also use the paid app, Privacy Redirect, which automatically can redirect your browser to Nitter, Piped etc.
And even though this might sound like a small thing to do, if you are using Safari, change your search engine to DuckDuckGo. If you leave the search engine on Google, it will continue to receive metadata from you.
Apple also connects to token.safebrowsing.apple, so block this domain with your firewall and/or AdGuard. This domain is basically Google Safe Browsing (Apple proxied). Block safebrowsing.googleapis.com as well.
Click Safari -> Preferences -> Security
And disable fraudulent sites, while this is optional it is Google Safe Browsing, and I just don't recommend Google knowing anything about your browsing.
Click Safari -> Preferences -> Privacy
Switch off Web advertising and Apple Pay and Apple Card
Even though I prefer LibreWolf, keep in mind that Safari (except the Google Safe browsing) is a decent and privacy-friendly browser that does not connect to too many intrusive services (except Google safe browsing). I would use a combination between LibreWolf and Safari. Keep in mind that Safari is used by most Apple users, so your fingerprinting will be unique to Apple, but not to many other companies. So, this is an advantage to using it as your main browser.
For your most private browser experience, you can install the Tor Browser:
As with any OS I do recommend using a password manager. You have a great option with Bitwarden, which works on any device, regardless of if it's Mac, Android, Windows or a browser. Chose it over the built-in Apple Keychain. You don't want your keychain backup running over iCloud, even if Apple claims they can't read it. Additionally, you will be able to keep your password manager if you ever decide to leave Apple.
Keep in mind, Bitwarden also works on iOS, so you do not need to pay per subscription on iOS and macOS. Bitwarden also works with Firefox and any other browser.
Another great Apple only password manager is Strongbox which is not free (as with most great apps on Apple). Strongbox, however, is compatible with Keepass, so you can use that on other devices, and if you ever switch from Apple, you are good to go with a backup.
Strongbox works 'out of the box' with Safari. It also has a separate (subscription-based) iOS version.
Overall, macOS will never be as private and free (as in freedom) as Linux is. But if you use Apple because you need to, for example FaceTime and iMessaging (with colleges), or you have any other reason to stick with Apple, Video Editing or being heavily invested in Apple already, you can get some privacy out of the devices.
This 3-step guide is designed to allow all Apple services to work. You can lock down more if you desire, for example, with firewalls and/or AdGuard. The sky's the limit, and it's easy to use.
I would not use iCloud if you don't need it for any specific reason!? If you need a cloud, use Nextcloud and host it yourself. If you use iCloud, use Cryptomator to encrypt your files.
Attempt to block as many unnecessary connections as possible with your firewall. This will be a challenge at the beginning, as you will have many pop-ups. But over time, the firewall won't bother you too many times. And you have an experience that you can enjoy.
Stay safe (even when on an Apple device ;).
The Privacy Advocate