Privacy and Security


  • Desktop OS

    Don't use Windows, MacOS, or Chrome OS. None of them are open source and all of them are loaded with spywa

  • Qubes OS

    Free Linux Fedora Xen Website

    A security-oriented operating system that uses "security by compartmentalization".

     

    Qubes OS icon
  • Whonix

    Free Linux Website

    Whonix is a desktop operating system designed for advanced security and privacy. Whonix mitigates the threat of common attack vectors while maintaining usability. Online anonymity is realized via fail-safe, automatic, and desktop-wide use of the Tor network. A heavily reconfigured Debian base is run inside multiple virtual machines, providing a substantial layer of protection from malware and IP address leaks. Commonly used applications are pre-installed and safely pre-configured for immediate use. The user is not jeopardized by installing additional applications or personalizing the desktop. Whonix is under active development and is the only operating system designed to be run inside a VM and paired with Tor.

    Based on Tor
    Whonix utilizes Tor's free software, which provides an open and distributed relay network to defend against network surveillance.

    Isolation
    Connections through Tor are enforced. DNS leaks are impossible, and even malware with root privileges cannot discover the user's real IP address.

    Compatibility
    Whonix is available for all major operating systems. Most commonly used applications are compatible with the Whonix design.

     

    Whonix icon
  • Void Linux

    Free Linux Website

    Void is a general purpose operating system, based on the monolithic Linux kernel.

     

    Void Linux icon
  • Mobile Apps

    Stay away from mobile devices as much as possible. Do not use iOS. If you can, install a custom OS like GrapheneOS or LineageOS. Otherwise use the stock OS and keep it minimal, only using it for what cannot be done on a computer.

  • F-Droid

    Free Web Android Android Tablet Website

    F-Droid is an installable catalogue of FOSS (Free and Open Source Software) applications for the Android platform.

     

    F-Droid icon
  • SuperFreezZ

    Free Android Android Tablet Website

    Android app making it possible to entirely freeze all background activities of any app.

    • Get back control over what runs on your phone
    • Enhance battery life and reduce mobile data usage by freezing rarely used apps
    • Especially useful while you are on a tour, where you need only some apps but a long battery life

    SuperFreezZ is not yet another task manager promising to delete 10 GB of data per month or making your device 2x as fast. This is impossible.
    Instead, SuperFreezZ is honest about its disadvantages: Freezing daily used apps probably drains your battery a little faster. Also, these apps will take longer to start when you use them the next time: SuperFreezZ will super freeze your apps, it takes about 1-3 seconds to defrost them. Greenify has the same disadvantages, except that the author of Greenify does not warn you about it. So: Just do not overdo it, and SuperFreezZ will be super useful.

    Examples for apps that deserve to be frozen:

    • Untrusted apps (that you do not want to run in the background)
    • Apps you rarely use
    • Annoying apps

    Features:

    • Optionally works without accessibility service as this slows down the device
    • Can freeze only apps not used for a week (can be configured)
    • Choose a white list (freeze all by standard) or a black list (do not freeze anything by standard)
    • Can freeze apps when the screen goes off
    • Options to freeze system apps and even SuperFreezZ itself
    • Completely open source and free software

     

    SuperFreezZ icon
  • PilferShush Jammer

    Free Android Website

    Features a passive jammer technique that engages the microphone thereby blocking other apps from using it. But does NOT listen to or record any of the audio from the microphone. It uses 0% CPU and no noticeable battery use. However is not intended to be left on permanently due to the variety of triggers that can cause audio_focus_state changes (VOIP etc).

    Also features an active jammer that emits tones constrained to the NUHF range of 18 kHz to 24 kHz range. User determined carrier frequency and drift limits with rate for random tone emissions depending on the device capabilities. For instance 20000 Hz carrier, drift limit 1000 Hz and rate slow - will output random frequency between 19 kHz and 21 kHz approximately every second.

    Audible artifacts are present during the NUHF tones but this may be changed in a future release. Experimental white noise output may not be very effective at blocking and is a somewhat annoying sound. The device speaker output may not have enough amplitude to block unwanted NUHF signals - testing will determine.

    • Manual start
    • Notification post when running
    • Auto stop and restart when telephony interrupts
    • Currently relies on audio_focus_state changes for auto-switching
    • Active jammer

     

    PilferShush Jammer icon
  • NetGuard

    Freemium Android Android Tablet Website

    NetGuard provides simple and advanced ways to block certain apps' access to the internet without the help of root privileges.

     

    NetGuard icon
  • Browser

    Avoid Chromium-based browsers and disable or remove DRM, WebRTC, and Javascript.

  • Tor Browser

    Free Mac Windows Linux Android Android Tablet ... OpenBSD Website

    The Tor software protects you by bouncing your communications around a distributed network of relays run by volunteers all around the world: it prevents somebody watching your Internet connection from learning what sites you visit, it prevents the sites you visit from learning your physical location, and it lets you access sites which are blocked.

    The Tor Browser lets you use Small Tor iconTor on Windows, Mac OS X, or Linux without needing to install any software. It can run off a USB flash drive, comes with a pre-configured web browser to protect your anonymity, and is self-contained.

     

    Tor Browser icon
  • GNU IceCat

    Free Windows Linux Android Website

    Latest version is still 60.7 as of November 2020. Void Linux does have an updated version in it's repositories, but users of other distros should just stick with Tor Browser instead.

     

    GNU IceCat icon
  • uBlock Origin

    Free Web Android Microsoft Edge Vivaldi Browser Chrome ... Pale Moon Thunderbird Opera Chromium Firefox Website

    Use this to block Javascript on a per-site basis

     

    uBlock Origin icon
  • Messenger

  • XMPP

    Free Mac Windows Linux Web Android ... iPhone Windows Phone Self-Hosted Website

    is the open standard for messaging and presence. XMPP powers emerging technologies like IoT, WebRTC, and social.

     

    XMPP icon
  • Email

    Do not use ProtonMail or Tutanota because they require you to use their JavaScript webmail. If you can, self-host your email. Otherwise use Disroot (free) or Posteo (paid).

  • Claws Mail

    Free Windows Linux BSD Website

    Claws Mail is an email client (and news reader), based on GTK+, featuring

    Quick response
    Graceful, and sophisticated interface
    Easy configuration, intuitive operation
    Abundant features
    Extensibility
    Robustness and stability

     

    Claws Mail icon
  • GnuPG

    Free Mac Linux PortableApps.com Xfce OpenPGP Website

    GnuPG allows to encrypt and sign your data and communication, features a versatile key management system as well as access modules for all kinds of public key directories. GnuPG, also known as GPG, is a command line tool with features for easy integration with other applications. A wealth of frontend applications and libraries are available. Version 2 of GnuPG also provides support for S/MIME.

    Small GPG4Win iconGPG4Win provides a Windows version of GnuPG.

    Small GPGTools iconGPGTools provides a Mac OS X version of GnuPG.

     

    GnuPG icon
  • Other Software

  • Tor

    Free Mac Windows Linux BSD Website

    Tor is free software and an open network that helps you defend against traffic analysis, a form of network surveillance that threatens personal freedom and privacy, confidential business activities and relationships, and state security.

     

    Tor icon
  • VeraCrypt

    Free Mac Windows Linux BSD PortableApps.com Website

    Use to encrypt hard drives and usb drives

     

    VeraCrypt icon
  • Firejail

    Free Linux Website

    Firejail is a SUID security sandbox program that reduces the risk of security breaches by restricting the running environment of untrusted applications using Linux namespaces and seccomp-bpf.

     

    Firejail icon
  • pass

    Free Mac Linux BSD Git GnuPG Website

    Pass is the standard unix password manager, a lightweight password manager that uses Small GnuPG iconGnuPG and Small Git iconGit for Linux, BSD, and Mac OS X. With pass, each password lives inside of a gpg encrypted file whose filename is the title of the website or resource that requires the password. These encrypted files may be organized into meaningful folder hierarchies, copied from computer to computer, and, in general, manipulated using standard command line file management utilities.

     

    pass icon
  • rsync

    Free Linux BSD Cygwin Haiku Website

    rsync is a software application for Unix which synchronizes files and directories from one location to another while minimizing data transfer using delta encoding when appropriate. An important feature of rsync not found in most similar programs/protocols is that the mirroring takes place with only one transmission in each direction. rsync can copy or display directory contents and copy files, optionally using compression and recursion.

    In daemon mode, rsync listens on the default TCP port of 873, serving files in the native rsync protocol or via a remote shell such as RSH or SSH. In the latter case, the rsync client executable must be installed on both the local and the remote host.

     

    rsync icon
  • searx

    Free Linux Web Android Self-Hosted Cloudron Website

    Searx is a metasearch engine, aggregating the results of other search engines while not storing information about its users.

    Why use Searx?

    • Searx may not offer you as personalised results as Google, but it doesn't generate a profile about you
    • Searx doesn't care about what you search for, never shares anything with a third party, and it can't be used to compromise you
    • Searx is free software, the code is 100% open and you can help to make it better. See more on GitHub

    If you do care about privacy, want to be a conscious user, or otherwise believe in digital freedom, make Searx your default search engine or run it on your own server

    Technical details - How does it work?

    Searx is a metasearch engine, inspired by the seeks project.
    It provides basic privacy by mixing your queries with searches on other platforms without storing search data. Queries are made using a POST request on every browser (except chrome*). Therefore they show up in neither our logs, nor your URL history. In case of Chrome* users there is an exception, Searx uses the search bar to perform GET requests.
    Searx can be added to your browser's search bar; moreover, it can be set as the default search engine.

     

    searx icon
  • QEMU

    Free Mac Windows Linux BSD Website

    Use to run virtual machines to compartmentalize. Virt-Manager is a graphical frontend for this.

     

    QEMU icon

Things to avoid:

  • VPNs - they do not provide any anonymity or security and in many cases are worse than not using anything at all. If you must, use Mullvad, but Tor is recommended.
  • Any Social Media - just no
  • Cloud Storage - store everything locally and use USB drives for backups
  • Any Antivirus software - they are all bloated and scare you into buying their premium products.



Comments on Privacy and Security

Echo echo ... Feels empty in here

Maybe you want to be the first to submit a comment?

Sign up to comment, it's simple!