moz-extension://aab243c0-6f20-4d68-a01d-c53a7...

privacytools.io

You are being watched. Private and state-sponsored organizations are monitoring and recording your
online activities. privacytools.io provides knowledge and tools to protect your privacy against global
mass surveillance.

Language: 繁體中⽂ Español Deutsch Italiano Русский

Privacy? I don't have anything to hide.

Over the last 16 months, as I've debated this issue
around the world, every single time somebody has said
to me, "I don't really worry about invasions of privacy
because I don't have anything to hide." I always say the
same thing to them. I get out a pen, I write down my
email address. I say, "Here's my email address. What I
want you to do when you get home is email me the
passwords to all of your email accounts, not just the
nice, respectable work one in your name, but all of
them, because I want to be able to just troll through
what it is you're doing online, read what I want to read
and publish whatever I find interesting. After all, if you're not a bad person, if
you're doing nothing wrong, you should have nothing to hide." Not a single
person has taken me up on that offer.

Read also:

Global Mass Surveillance - The Fourteen Eyes

The UKUSA Agreement is an agreement between the
United Kingdom, United States, Australia, Canada, and
New Zealand to cooperatively collect, analyze, and share
intelligence. Members of this group, known as the Five
Eyes, focus on gathering and analyzing intelligence from
different parts of the world. While Five Eyes countries
have agreed to not spy on each other as adversaries,
leaks by Snowden have revealed that some Five Eyes members monitor each other’s citizens and
share intelligence to avoid breaking domestic laws that prohibit them from spying on their own
citizens. The Five Eyes alliance also cooperates with groups of third party countries to share
intelligence (forming the Nine Eyes and Fourteen Eyes), however Five Eyes and third party countries
can and do spy on each other.
 moz-extension://aab243c0-6f20-4d68-a01d-c53a7...

Five Eyes

1. Australia
2. Canada
3. New Zealand
4. United Kingdom
5. United States of America

Nine Eyes

6. Denmark
7. France
8. Netherlands
9. Norway

Fourteen Eyes

10. Belgium
11. Germany
12. Italy
13. Spain
14. Sweden

Why is it not recommended to choose a US based service?

Services based in the United States are not recommended because
of the country’s surveillance programs, use of National Security
Letters (NSLs) and accompanying gag orders, which forbid the
recipient from talking about the request. This combination allows
the government to secretly force companies to grant complete
access to customer data and transform the service into a tool of
mass surveillance.

An example of this is Lavabit – a discontinued secure email service

created by Ladar Levison. The FBI requested Snowden’s records
after finding out that he used the service. Since Lavabit did not
keep logs and email content was stored encrypted, the FBI served a subpoena (with a gag order) for
the service’s SSL keys. Having the SSL keys would allow them to access communications (both
metadata and unencrypted content) in real time for all of Lavabit’s customers, not just Snowden's.

Ultimately, Levison turned over the SSL keys and shut down the service at the same time. The US
government then threatened Levison with arrest, saying that shutting down the service was a violation
of the court order.

Related Information
 moz-extension://aab243c0-6f20-4d68-a01d-c53a7...

VPN providers with extra layers of privacy

All providers listed here are outside the US, use encryption, accept Bitcoin, support OpenVPN
and have a no logging policy.

Sortable VPN Yearly Free #

Providers Table Price Trial Servers Jurisdiction Website

54 € Yes 162 Italy AirVPN.org

45 € Yes 5 Sweden AzireVPN.com

99 € Yes 27 Hong Kong blackVPN.com

$ 52 Yes 18 Iceland Cryptostorm.is

39,99 € No 432 Northern EarthVPN.com

Cyprus

$ 99.95 Yes 145 British Virgin ExpressVPN.com

Islands

$ 35.88 No 27 Sweden FrootVPN.com

$ 65.04 Yes 88 Malaysia hide.me

 moz-extension://aab243c0-6f20-4d68-a01d-c53a7...

Sortable VPN Yearly Free #

Providers Table Price Trial Servers Jurisdiction Website

$ 100 Yes 21 Gibraltar IVPN.net

60 € Yes 168 Sweden Mullvad.net

$ 69 Yes 475 Panama NordVPN.com

$ 84 Yes 39 Sweden OVPN.com

124.95 € No 41 Panama Perfect-

Privacy.com

Free Yes 249 Switzerland ProtonVPN.com

$ 90 No 300 Seychelles Proxy.sh

$ 39.95 Yes 48 Seychelles Trust.Zone

$ 39.99 No 122 Hong Kong VPN.ht

 moz-extension://aab243c0-6f20-4d68-a01d-c53a7...

Sortable VPN Yearly Free #

Providers Table Price Trial Servers Jurisdiction Website

$ 59.00 Yes 204 Bulgaria VPNArea.com

$ 35.88 No 80 Seychelles VPNTunnel.com

Note: Using a VPN provider will not make you anonymous. But it will give you a better privacy.
A VPN is not a tool for illegal activities. Don't rely on a "no log" policy.

Our VPN Provider Criteria

Operating outside the USA or other Five Eyes countries.
More: Avoid all US and UK based services.
OpenVPN software support.
Accepts Bitcoin, cash, debit cards or cash cards as a payment method.
No personal information is required to create an account. Only username, password and Email.

We're not affiliated with any of the above listed VPN providers. This way can give you honest
recommendations.

More VPN Provider

Spreadsheet with unbiased, independently verifiable data on over 100 VPN services. (Join the
discussion on Reddit)

Related VPN information

What is a warrant canary?

 moz-extension://aab243c0-6f20-4d68-a01d-c53a7...

A warrant canary is a posted document stating that an organization has not received any secret
subpoenas during a specific period of time. If this document fails to be updated during the specified
time then the user is to assume that the service has received such a subpoena and should stop using
the service.

Warrant Canary Examples:

Related Warrant Canary Information

Browser Recommendation

Tor Browser

Tor Browser is your choice if you need an extra layer of anonymity. It's a
modified version of Firefox, it comes with pre-installed privacy add-ons,
encryption and an advanced proxy.

OS: Windows, macOS, Linux, iOS, Android, OpenBSD.

Mozilla Firefox

Firefox is fast, reliable, open source and respects your privacy. Don't forget to
adjust the settings according to our recommendations: WebRTC and
about:config and get the privacy add-ons.

OS: Windows, macOS, Linux, Android, iOS, BSD.

Brave

The new open source browser "Brave" automatically blocks ads and trackers,
making it faster and safer than your current browser. Brave is based on
Chromium.

OS: Windows, macOS, Linux, Android, iOS.

Browser Fingerprint - Is your browser configuration unique?

Your Browser sends information that makes you unique amongst millions of users and
therefore easy to identify.
 moz-extension://aab243c0-6f20-4d68-a01d-c53a7...

When you visit a web page, your browser voluntarily sends information about its configuration, such
as available fonts, browser type, and add-ons. If this combination of information is unique, it may be
possible to identify and track you without using cookies. EFF created a Tool called Panopticlick to test
your browser to see how unique it is.

You need to find what most browsers are reporting, and then use those variables to bring your
browser in the same population. This means having the same fonts, plugins, and extensions installed
as the large installed base. You should have a spoofed user agent string to match what the large
userbase has. You need have the same settings enabled and disabled, such as DNT and WebGL.
You need your browser to look as common as everyone else. Disabling JavaScript, using Linux, or
even the TBB, will make your browser stick out from the masses.

Modern web browsers have not been architected to assure personal web privacy. Rather than
worrying about being fingerprinted, it seems more practical to use free software plugins like Privacy
Badger, uBlock Origin and Disconnect. They not only respect your freedom, but your privacy also. You
can get much further with these than trying to manipulate your browser's fingerprint.

Related Information

WebRTC IP Leak Test - Is your IP address leaking?

WebRTC is a new communication protocol that relies on JavaScript that can leak your actual
IP address from behind your VPN.

While software like NoScript prevents this, it's probably a good idea to block this protocol directly as
well, just to be safe.

How to disable WebRTC in Firefox?

In short: Set "media.peerconnection.enabled" to "false" in "about:config".
 moz-extension://aab243c0-6f20-4d68-a01d-c53a7...

Explained:

1. Enter "about:config" in the firefox address bar and press enter.

2. Press the button "I'll be careful, I promise!"
3. Search for "media.peerconnection.enabled"
4. Double click the entry, the column "Value" should now be "false"
5. Done. Do the WebRTC leak test again.

If you want to make sure every single WebRTC related setting is really disabled change these
settings:

1. media.peerconnection.turn.disable = true
2. media.peerconnection.use_document_iceservers = false
3. media.peerconnection.video.enabled = false
4. media.peerconnection.identity.timeout = 1

Now you can be 100% sure WebRTC is disabled.

How to fix the WebRTC Leak in Google Chrome?

WebRTC cannot be fully disabled in Chrome, however it is possible to change its routing settings (and
prevent leaks) using an extension. Two open source solutions include WebRTC Leak Prevent (options
may need to be changed depending on the scenario), and uBlock Origin (select "Prevent WebRTC
from leaking local IP addresses" in Settings).

What about other browsers?

Chrome on iOS, Internet Explorer and Safari does not implement WebRTC yet. But we recommend
using Firefox on all devices.

Excellent Firefox Privacy Add-ons

Improve your privacy with these excellent Firefox add-ons.

Stop Tracking with "Privacy Badger"

Privacy Badger is a browser add-on that stops advertisers and
other third-party trackers from secretly tracking where you go and
what pages you look at on the web. Privacy Badger learns about
trackers as you browse by inspecting external resources websites
request. Please be aware that Google Analytics is considered first-
party by Privacy Badger, which means that Google Analytics will not be blocked if you do not use
another blocker, such as uBlock Origin. https://www.eff.org/privacybadger/

Block Ads and Trackers with "uBlock Origin"

An efficient wide-spectrum-blocker that's easy on memory, and yet can load and enforce thousands
 moz-extension://aab243c0-6f20-4d68-a01d-c53a7...

more filters than other popular blockers out there. It has no

monetization strategy and is completely open source. We
recommend Firefox but uBlock Origin also works in other browsers
such as Safari, Opera, and Chromium. Unlike AdBlock Plus, uBlock
does not allow so-called "acceptable ads".
https://addons.mozilla.org/firefox/addon/ublock-origin/

Automatically Delete Cookies with "Cookie AutoDelete"

Automatically removes cookies when they are no longer used by
open browser tabs. With the cookies, lingering sessions, as well as
information used to spy on you, will be expunged.
https://addons.mozilla.org/firefox/addon/cookie-autodelete/

Encryption with "HTTPS Everywhere"

A Firefox, Chrome, and Opera extension that encrypts your
communications with many major websites, making your browsing
more secure. A collaboration between The Tor Project and the
Electronic Frontier Foundation.
https://www.eff.org/https-everywhere

Block Content Delivery Networks with "Decentraleyes"

Emulates Content Delivery Networks locally by intercepting
requests, finding the required resource and injecting it into the
environment. This all happens instantaneously, automatically, and
no prior configuration is required. Source code: GitLab (self-
hosted).
https://addons.mozilla.org/firefox/addon/decentraleyes/

The following add-ons require quite a lot of interaction from user to get things working. Some
sites will not work properly until you have configured the add-ons.

Stop cross-site requests with "uMatrix"

Many websites integrate features which let other websites track
you, such as Facebook Like Buttons or Google Analytics. uMatrix
gives you control over the requests that websites make to other
websites. This gives you greater and more fine grained control over
the information that you leak online.
https://addons.mozilla.org/firefox/addon/umatrix/

Be in total control with "NoScript Security Suite"

Highly customizable plugin to selectively allow Javascript, Java, and Flash to run only on websites you
 moz-extension://aab243c0-6f20-4d68-a01d-c53a7...

trust. Not for casual users, it requires technical knowledge to

configure.
https://addons.mozilla.org/firefox/addon/noscript/

Firefox: Privacy Related "about:config" Tweaks

This is a collection of privacy related about:config tweaks. We'll show you how to enhance the
privacy of your Firefox browser.

Preparation:
1. Enter "about:config" in the firefox address bar and press enter.
2. Press the button "I'll be careful, I promise!"
3. Follow the instructions below...

Getting started:
1. privacy.firstparty.isolate = true
A result of the Tor Uplift effort, this preference isolates all browser identifier sources (e.g.
cookies) to the first party domain, with the goal of preventing tracking across different
domains. (Don't do this if you are using the Firefox Addon "Cookie AutoDelete" with
Firefox v58 or below.)
2. privacy.resistFingerprinting = true
A result of the Tor Uplift effort, this preference makes Firefox more resistant to browser
fingerprinting.
3. privacy.trackingprotection.enabled = true
This is Mozilla’s new built in tracking protection. It uses Disconnect.me filter list, which is
redundant if you are already using uBlock Origin 3rd party filters, therefore you should set
it to false if you are using the add-on functionalities.
4. browser.cache.offline.enable = false
Disables offline cache.
5. browser.safebrowsing.malware.enabled = false
Disable Google Safe Browsing malware checks. Security risk, but privacy improvement.
6. browser.safebrowsing.phishing.enabled = false
Disable Google Safe Browsing and phishing protection. Security risk, but privacy
improvement.
7. browser.send_pings = false
The attribute would be useful for letting websites track visitors’ clicks.
8. browser.sessionstore.max_tabs_undo = 0
Even with Firefox set to not remember history, your closed tabs are stored temporarily at
Menu -> History -> Recently Closed Tabs.
9. browser.urlbar.speculativeConnect.enabled = false
Disable preloading of autocomplete URLs. Firefox preloads URLs that autocomplete
when a user types into the address bar, which is a concern if URLs are suggested that the
user does not want to connect to. Source
 moz-extension://aab243c0-6f20-4d68-a01d-c53a7...

10. dom.battery.enabled = false

Website owners can track the battery status of your device. Source
11. dom.event.clipboardevents.enabled = false
Disable that websites can get notifications if you copy, paste, or cut something from a web
page, and it lets them know which part of the page had been selected.
12. geo.enabled = false
Disables geolocation.
13. media.eme.enabled = false
Disables playback of DRM-controlled HTML5 content, which, if enabled, automatically
downloads the Widevine Content Decryption Module provided by Google Inc. Details
DRM-controlled content that requires the Adobe Flash or Microsoft Silverlight NPAPI
plugins will still play, if installed and enabled in Firefox.
14. media.gmp-widevinecdm.enabled = false
Disables the Widevine Content Decryption Module provided by Google Inc., used for the
playback of DRM-controlled HTML5 content. Details
15. media.navigator.enabled = false
Websites can track the microphone and camera status of your device.
16. network.cookie.cookieBehavior = 1
Disable cookies
0 = Accept all cookies by default
1 = Only accept from the originating site (block third party cookies)
2 = Block all cookies by default
17. network.cookie.lifetimePolicy = 2
cookies are deleted at the end of the session
0 = Accept cookies normally
1 = Prompt for each cookie
2 = Accept for current session only
3 = Accept for N days
18. network.http.referer.trimmingPolicy = 2
Send only the scheme, host, and port in the Referer header
0 = Send the full URL in the Referer header
1 = Send the URL without its query string in the Referer header
2 = Send only the scheme, host, and port in the Referer header
19. network.http.referer.XOriginPolicy = 2
Only send Referer header when the full hostnames match. (Note: if you notice
significant breakage, you might try 1 combined with an XOriginTrimmingPolicy
tweak below.) Source
0 = Send Referer in all cases
1 = Send Referer to same eTLD sites
2 = Send Referer only when the full hostnames match
20. network.http.referer.XOriginTrimmingPolicy = 2
When sending Referer across origins, only send scheme, host, and port in the
Referer header of cross-origin requests. Source
0 = Send full url in Referer
1 = Send url without query string in Referer
 moz-extension://aab243c0-6f20-4d68-a01d-c53a7...

2 = Only send scheme, host, and port in Referer

21. webgl.disabled = true
WebGL is a potential security risk. Source
22. browser.sessionstore.privacy_level = 2
This preference controls when to store extra information about a session: contents of
forms, scrollbar positions, cookies, and POST data. Details
0 = Store extra session data for any site. (Default starting with Firefox 4.)
1 = Store extra session data for unencrypted (non-HTTPS) sites only. (Default before
Firefox 4.)
2 = Never store extra session data.
23. network.IDN_show_punycode = true
Not rendering IDNs as their punycode equivalent leaves you open to phishing attacks that
can be very difficult to notice. Source

Related Information
ffprofile.com - Helps you to create a Firefox profile with the defaults you like.
mozillazine.org - Security and privacy-related preferences.
user.js Firefox hardening stuff - This is a user.js configuration file for Mozilla Firefox that's
supposed to harden Firefox's settings and make it more secure.
Privacy Settings - A Firefox addon to alter built-in privacy settings easily with a toolbar panel.

Privacy-Conscious Email Providers - No Affiliates

All providers listed here are operating outside the US and support SMTP TLS. The table is
sortable. Never trust any company with your privacy, always encrypt.

Price
Email / Own
Service URL Since Server Storage Year Bitcoin Encryption Domain

2013 Switzerland 500 MB Free Accepted Built-in Yes

2015 Netherlands 2 GB Free Accepted Built-in Yes

2011 Germany 1 GB Free No Built-in Yes

2013 Belgium 500 MB Free Accepted Built-in Yes

 moz-extension://aab243c0-6f20-4d68-a01d-c53a7...

Price
Email / Own
Service URL Since Server Storage Year Bitcoin Encryption Domain

2014 Germany 2 GB 12 € Accepted Built-in Yes

2009 Germany 2 GB 12 € No Built-in No

1999 Norway 1 GB $ No No Yes

19.95

2003 Switzerland 1 GB $ Accepted Built-in Yes

49.95

2014 Netherlands 10 GB $ Accepted Built-in Yes

59.95

2010 Switzerland 2 GB $ 60 Accepted No Yes

Interesting Email Providers Under Development

Confidant Mail - An open-source non-SMTP cryptographic email system optimized for large file
attachments. It is a secure and spam-resistant alternative to regular email and online file drop
services. It uses GNU Privacy Guard (GPG) for content encryption and authentication, and TLS
1.2 with ephemeral keys for transport encryption.

Become Your Own Email Provider with Mail-in-a-Box

Take it a step further and get control of your email with this easy-to-
deploy mail server in a box. Mail-in-a-Box lets you become your
own mail service provider in a few easy steps. It’s sort of like
making your own gmail, but one you control from top to bottom.
Technically, Mail-in-a-Box turns a fresh cloud computer into a
working mail server. But you don’t need to be a technology expert to set it up. More:
https://mailinabox.email/

Privacy Email Tools

gpg4usb - A very easy to use and small portable editor to encrypt and decrypt any text-
message or -file. For Windows and Linux. GPG tutorial.
Mailvelope - A browser extension that enables the exchange of encrypted emails following the
 moz-extension://aab243c0-6f20-4d68-a01d-c53a7...

OpenPGP encryption standard.

Enigmail - A security extension to Thunderbird and Seamonkey. It enables you to write and
receive email messages signed and/or encrypted with the OpenPGP standard.
TorBirdy - This extension configures Thunderbird to make connections over the Tor anonymity
network.
Email Privacy Tester - This tool will send an Email to your address and perform privacy related
tests.

Related Information
Aging ‘Privacy’ Law Leaves Cloud E-Mail Open to Cops - Data stored in the cloud for longer
than 6 months is considered abandoned and may be accessed by intelligence agencies without
a warrant. Learning: Use an external email client like Thunderbird or Enigmail, download your
emails and store them locally. Never leave them on the server.
With May First/Riseup Server Seizure, FBI Overreaches Yet Again
Autistici/Inventati server compromised - The cryptographic services offered by the
Autistici/Inventati server have been compromised on 15th June 2004. It was discovered on 21st
June 2005. One year later. During an enquiry on a single mailbox, the Postal Police may have
tapped for a whole year every user's private communication going through the server
autistici.org/inventati.org.

Email Clients

Thunderbird

Mozilla Thunderbird is a free, open source, cross-platform email, news, and chat
client developed by the Mozilla Foundation. Thunderbird is an email,
newsgroup, news feed, and chat (XMPP, IRC, Twitter) client.

OS: Windows, macOS, Linux, BSD.

Claws Mail

Claws Mail is a free and open source, GTK+-based email and news client. It
offers easy configuration and an abundance of features. It is included with
Gpg4win, an encryption suite for Windows.

OS: Windows, macOS, Linux, BSD, Solaris, Unix.

Worth Mentioning
K-9 Mail - An independent mail application for Android. It supports both POP3 and IMAP
mailboxes, but only supports push mail for IMAP.
 moz-extension://aab243c0-6f20-4d68-a01d-c53a7...

GNU Privacy Guard - Email Encryption. GnuPG is a GPL Licensed alternative to the PGP suite
of cryptographic software. Tutorial. Use GPGTools for macOS.
Mailpile (Beta) - A modern, fast web-mail client with user-friendly encryption and privacy
features.

Email Alternatives

I2P-Bote

I2P-Bote is a fully decentralized and distributed email system. It supports

different identities and does not expose email headers. Currently (2015), it is still
in beta version and can be accessed via its web application interface or IMAP
and SMTP. All bote-mails are transparently end-to-end encrypted and,
optionally, signed by the sender's private key.

OS: Windows, macOS, Linux, Android, BSD / Solaris.

Bitmessage

Bitmessage is a P2P communications protocol used to send encrypted

messages to another person or to many subscribers. It is decentralized and
trustless, meaning that you need-not inherently trust any entities like root
certificate authorities. It uses strong authentication which means that the sender
of a message cannot be spoofed, and it aims to hide "non-content" data.

OS: Windows, macOS, Linux.

RetroShare

Retroshare creates encrypted connections to your friends. Nobody can spy on

you. Retroshare is completely decentralized. This means there are no central
servers. It is entirely Open-Source and free. There are no costs, no ads and no
Terms of Service.

OS: Windows, macOS, Linux.

Privacy Respecting Search Engines

If you are currently using a search engines like Google, Bing or Yahoo you should pick an
alternative here.

searx

An open source metasearch engine, aggregating the results of other search engines while not storing
information about its users. No logs, no ads and no tracking.
 moz-extension://aab243c0-6f20-4d68-a01d-c53a7...

StartPage

Google search results, with complete privacy protection. Behind StartPage is an

european company that has been obsessive about privacy since 2006.

DuckDuckGo

The search engine that doesn't track you. Some of DuckDuckGo's code is free
software hosted at GitHub, but the core is proprietary. The company is based in
the USA.

Firefox Addon
Google search link fix - Firefox extension that prevents Google and Yandex search pages from
modifying search result links when you click them. This is useful when copying links but it also
helps privacy by preventing the search engines from recording your clicks. (Open Source)

Worth Mentioning
findx - Open Source. No logging. No tracking. Transparent algorithms. Hosted in Europe.
Qwant - Qwant's philosophy is based on two principles: no user tracking and no filter bubble.
Qwant was launched in France in February 2013. Privacy Policy.
MetaGer - An open source metasearch engine, which is based in Germany. It focuses on
protecting the user's privacy.
ixquick.eu - Returns the top results from multiple search engines. Based in the Netherlands.

Encrypted Instant Messenger

If you are currently using an Instant Messenger like WhatsApp, Viber, LINE, Telegram or
Threema you should pick an alternative here.

Mobile: Signal
 moz-extension://aab243c0-6f20-4d68-a01d-c53a7...

Signal is a mobile app developed by Open Whisper Systems. The app provides
instant messaging, as well as voice and video calling. All communications are
end-to-end encrypted. Signal is free and open source, enabling anyone to verify
its security by auditing the code. The development team is supported by
community donations and grants. There are no advertisements, and it doesn't
cost anything to use.
Warning: Requires a mobile number to register but you can securely use a
disposable number.

OS: Android, iOS, macOS, Windows, Debian-based Linux

Wire

Wire is an app developed by Wire Swiss GmbH. The Wire app allows users to
exchange end-to-end encrypted instant messages, as well as make voice and
video calls. Wire is free and open source, enabling anyone to verify its security
by auditing the code. The development team is backed by Iconical and they will
monetize in the future with premium features/services.
Caution: The company keeps a list of all the users you contact until you delete
your account.

OS: Android, iOS, macOS, Windows, Linux, Web

Desktop: Ricochet

Ricochet uses the Tor network to reach your contacts without relying on
messaging servers. It creates a hidden service, which is used to rendezvous
with your contacts without revealing your location or IP address. Instead of a
username, you get a unique address that looks like ricochet:rs7ce36jsj24ogfw.
Other Ricochet users can use this address to send a contact request - asking to
be added to your contacts list.

OS: Windows, macOS, Linux.

Worth Mentioning
ChatSecure - ChatSecure is a free and open source messaging app that features OTR
encryption over XMPP.
Cryptocat - Encrypted open source messenger. Supports file sharing and multiple devices.
Available for Windows, Linux and macOS.
Kontalk - A community-driven instant messaging network. Supports end-to-end encryption. Both
client-to-server and server-to-server channels are fully encrypted.
Conversations - An open source Jabber/XMPP client for Android 4.4+ smart phones. Supports
end-to-end encryption with either OMEMO or openPGP. There is also Conversations Legacy
which still supports OTR.
List of OTR Clients - Wikipedia
The Matrix protocol and it's various clients such as Riot.im. A successor of XMPP.
 moz-extension://aab243c0-6f20-4d68-a01d-c53a7...

Related Information

Encrypted Video & Voice Messenger

If you are currently using an Video & Voice Messenger like Skype, Viber or Google Hangouts
you should pick an alternative here.

Mobile: Signal

Signal is a mobile app developed by Open Whisper Systems. The app provides
instant messaging, as well as voice and video calling. All communications are
end-to-end encrypted. Signal is free and open source, enabling anyone to verify
its security by auditing the code. The development team is supported by
community donations and grants. There are no advertisements, and it doesn't
cost anything to use.

OS: iOS, Android.

Wire

Wire is an app developed by Wire Swiss GmbH. The Wire app allows users to
exchange end-to-end encrypted instant messages, as well as make voice and
video calls. Wire is free and open source, enabling anyone to verify its security
by auditing the code. The development team is backed by Iconical and they will
monetize in the future with premium features/services.
Caution: The company keeps a list of all the users you contact until you delete
your account.

OS: Android, iOS, macOS, Windows, Linux, Web

Linphone

Linphone is an open source SIP Phone and a free voice over IP service,
available on mobile and desktop environments and on web browsers. It
supports ZRTP for end-to-end encrypted voice and video communication.

OS: iOS, Android, Windows Phone, Linux, Windows, macOS, Browser (Web)

Worth Mentioning
Jitsi - Jitsi is a free and open source multiplatform voice (VoIP), videoconferencing and instant
messaging application.
Tox - A free and open-source, peer-to-peer, encrypted instant messaging and video calling
software.
Ring (formerly SFLphone) - Gives you a full control over your communications and an
 moz-extension://aab243c0-6f20-4d68-a01d-c53a7...

unmatched level of privacy.

Related Information
Advanced users with special needs can download the Signal APK directly. Most users should
not do this under normal circumstances.
Secure Messaging App Wire Stores Everyone You've Ever Contacted in Plain Text |
Motherboard

File Sharing

OnionShare

OnionShare is an open source tool that lets you securely and anonymously
share a file of any size. It works by starting a web server, making it accessible
as a Tor onion service, and generating an unguessable URL to access and
download the files. It doesn't require setting up a server on the internet
somewhere or using a third party filesharing service. You host the file on your
own computer and use a Tor onion service to make it temporarily accessible
over the internet.

OS: Windows, macOS, Linux.

Magic Wormhole

Get things from one computer to another, safely. This package provides a library
and a command-line tool named wormhole, which makes it possible to get
arbitrary-sized files and directories (or short pieces of text) from one computer to
another. The two endpoints are identified by using identical "wormhole codes":
in general, the sending machine generates and displays the code, which must
then be typed into the receiving machine. The codes are short and human-
pronounceable, using a phonetically-distinct wordlist. The receiving side offers
tab-completion on the codewords, so usually only a few characters must be typed. Wormhole codes
are single-use and do not need to be memorized.

OS: cross-platform (python)

Encrypted Cloud Storage Services

If you are currently using Cloud Storage Services like Dropbox, Google Drive, Microsoft
OneDrive or Apple iCloud you should pick an alternative here.
 moz-extension://aab243c0-6f20-4d68-a01d-c53a7...

Nextcloud - Choose your hoster

Similar functionally to the widely used Dropbox, with the difference being that
Nextcloud is free and open-source, and thereby allowing anyone to install and
operate it without charge on a private server, with no limits on storage space or
the number of connected clients.

Client OS: Windows, macOS, Linux, BSD, Unix, iOS, Android, Fire OS. Server:
Linux.

Least Authority S4 - For Experts

S4 (Simple Secure Storage Service) is Least Authority's verifiably secure off-site

backup system for individuals and businesses. 100% client-side encryption and
open source transparency. 250GB for $9.95/month or 5TB for $25.95/month.
Servers are hosted with Amazon S3 in the US.

OS: Linux, Windows, macOS, OpenSolaris, BSD. (Installation for advanced

users)

Muonium

Free encrypted cloud storage for your files.

Client: Webclient. Server: Linux

Related Information
Cryptomator - Free client-side AES encryption for your cloud files. Open source software: No
backdoors, no registration.

Self-Hosted Cloud Server Software

If you are currently using a Cloud Storage Services like Dropbox, Google Drive, Microsoft
OneDrive or Apple iCloud you should think about hosting it on your own.

Pydio

Pydio is open source software that turns instantly any server (on premise, NAS, cloud IaaS or PaaS)
into a file sharing platform for your company. It is an alternative to SaaS Boxes and Drives, with more
control, safety and privacy, and favorable TCOs.

OS: Windows, macOS, Linux, iOS, Android.

 moz-extension://aab243c0-6f20-4d68-a01d-c53a7...

Tahoe-LAFS

Tahoe-LAFS is a Free and Open decentralized cloud storage system. It

distributes your data across multiple servers. Even if some of the servers fail or
are taken over by an attacker, the entire file store continues to function correctly,
preserving your privacy and security.

OS: Windows, macOS, Linux.

Nextcloud

Similar functionally to the widely used Dropbox, with the difference being that
Nextcloud is free and open-source, and thereby allowing anyone to install and
operate it without charge on a private server, with no limits on storage space or
the number of connected clients.

Client OS: Windows, macOS, Linux, BSD, Unix, iOS, Android, Fire OS. Server:
Linux.

Worth Mentioning
Muonium - Free encrypted cloud storage for your files.

Secure File Sync Software

SparkleShare

SparkleShare creates a special folder on your computer. You can add remotely
hosted folders (or "projects") to this folder. These projects will be automatically
kept in sync with both the host and all of your peers when someone adds,
removes or edits a file.

OS: Windows, macOS, Linux.

Syncthing

Syncthing replaces proprietary sync and cloud services with something open, trustworthy and
decentralized. Your data is your data alone and you deserve to choose where it is stored, if it is shared
with some third party and how it's transmitted over the Internet.

OS: Windows, macOS, Linux, Android, BSD, Solaris.

 moz-extension://aab243c0-6f20-4d68-a01d-c53a7...

Worth Mentioning
git-annex - Allows managing files with git, without checking the file contents into git. While that
may seem paradoxical, it is useful when dealing with files larger than git can currently easily
handle, whether due to limitations in memory, time, or disk space.

Password Manager Software

If you are currently using a password manager software like 1Password, LastPass, Roboform
or iCloud Keychain you should pick an alternative here.

Master Password - Cross-platform

Master Password is based on an ingenious password generation algorithm that

guarantees your passwords can never be lost. Its passwords aren't stored: they
are generated on-demand from your name, the site and your master password.
No syncing, backups or internet access needed.

OS: Windows, macOS, Linux, iOS, Android, Web.

KeePass / KeePassX - Local

KeePass is a free open source password manager, which helps you to manage
your passwords in a secure way. All passwords in one database, which is
locked with one master key or a key file. The databases are encrypted using the
best and most secure encryption algorithms currently known: AES and Twofish.
See also: KeePassX (not regularly updated) and KeePassXC.

OS: Windows, macOS, Linux, iOS, Android, BSD.

LessPass - Browser

LessPass is a free and open source password manager that generates unique
passwords for websites, email accounts, or anything else based on a master
password and information you know. No sync needed. Uses PBKDF2 and
SHA-256. It's advised to use the browser addons for more security.

OS: Windows, macOS, Linux, Android

 moz-extension://aab243c0-6f20-4d68-a01d-c53a7...

Worth Mentioning
Secure Password Generator - generates a unique set of custom, high quality, cryptographic-
strength password strings which are safe for you to use.
SuperGenPass - A master password and the domain name of the Web site you are visiting is
used as the “seed” for a one-way hash algorithm (base-64 MD5). The output of this algorithm is
your generated password. You remember one password (your “master password”), and SGP
uses it to generate unique, complex passwords for the Web sites you visit. Your generated
passwords are never stored or transmitted, so you can use SGP on as many computers as you
like without having to “sync” anything.
Password Safe - Whether the answer is one or hundreds, Password Safe allows you to safely
and easily create a secured and encrypted user name/password list. With Password Safe all
you have to do is create and remember a single "Master Password" of your choice in order to
unlock and access your entire user name/password list.

Related Information
Edward Snowden on Passwords - YouTube

Calendar and Contacts Sync

If you are currently using a calendar and or contacts synchronization service like Google Sync
or iCloud you should pick an alternative here.

Nextcloud

NextCloud is a suite of client-server software for creating and using file hosting
services. This includes calendar sync via CalDAV and contacts sync via
CardDAV. Nextcloud is free and open-source, thereby allowing anyone to install
and operate it without charge on a private server.

Client OS: Windows, macOS, Linux, BSD, Unix, iOS, Android, Fire OS. Server
OS: Linux.

Email Providers

Many email providers also offer calendar and or contacts sync services. Refer to
the Email Providers section to choose an email provider and check if they also
offer calendar and or contacts sync.

OS: depends on email provider.

EteSync

EteSync is a secure, end-to-end encrypted and journaled personal information (e.g. contacts and
 moz-extension://aab243c0-6f20-4d68-a01d-c53a7...

calendar) cloud synchronization and backup for Android and any OS that
supports CalDAV/CardDAV. It costs $14 per year to use, or you can host the
server yourself for free.

Client OS: Android, Web. Server OS: Linux.

Worth Mentioning
fruux - a unified contacts/calendaring system that works across platforms and devices.
Flock - a discontinued calendar and contacts sync service by Open Whisper Systems. Despite
being shut down the source code is still available on GitHub.
cloud backups - consider regularly exporting your calendar and or contacts and backing them
up on a separate storage drive or uploading them to cloud storage (ideally after encrypting
them).

Key disclosure law

Who is required to hand over the encryption keys to authorities?

Mandatory key disclosure laws require individuals to turn over encryption keys to law enforcement
conducting a criminal investigation. How these laws are implemented (who may be legally compelled
to assist) vary from nation to nation, but a warrant is generally required. Defenses against key
disclosure laws include steganography and encrypting data in a way that provides plausible
deniability.

Steganography involves hiding sensitive information (which may be encrypted) inside of ordinary data
(for example, encrypting an image file and then hiding it in an audio file). With plausible deniability,
data is encrypted in a way that prevents an adversary from being able to prove that the information
they are after exists (for example, one password may decrypt benign data and another password,
used on the same file, could decrypt sensitive data).

Key disclosure laws apply

Key disclosure laws don't apply

* (people who know how to access a system may be ordered to share their knowledge, however, this
doesn't apply to the suspect itself or family members.)

Related Information

File Encryption Software

 moz-extension://aab243c0-6f20-4d68-a01d-c53a7...

If you are currently not using encryption software for your hard disk, emails or file archives
you should pick an encryption software here.

VeraCrypt - Disk Encryption

VeraCrypt is a source-available freeware utility used for on-the-fly encryption. It

can create a virtual encrypted disk within a file or encrypt a partition or the entire
storage device with pre-boot authentication. VeraCrypt is a fork of the
discontinued TrueCrypt project. It was initially released on June 22, 2013.
According to its developers, security improvements have been implemented and
issues raised by the initial TrueCrypt code audit have been addressed.

OS: Windows, macOS, Linux.

GNU Privacy Guard - Email Encryption

GnuPG is a GPL Licensed alternative to the PGP suite of cryptographic

software. GnuPG is compliant with RFC 4880, which is the current IETF
standards track specification of OpenPGP. Current versions of PGP (and
Veridis' Filecrypt) are interoperable with GnuPG and other OpenPGP-compliant
systems. GnuPG is a part of the Free Software Foundation's GNU software
project, and has received major funding from the German government.
GPGTools for macOS.

OS: Windows, macOS, Linux, Android, BSD.

PeaZip - File Archive Encryption

PeaZip is a free and open-source file manager and file archiver made by Giorgio
Tani. It supports its native PEA archive format (featuring compression, multi
volume split and flexible authenticated encryption and integrity check schemes)
and other mainstream formats, with special focus on handling open formats. It
supports 181 file extensions (as of version 5.5.1).

macOS alternative: Keka is a free file archiver.

OS: Windows, Linux, BSD.

Worth Mentioning
Cryptomator - Free client-side AES encryption for your cloud files. Open source software: No
backdoors, no registration.
miniLock - Browser plugin for Google Chrome / Chromium to encrypt files using a secret
passphrase. Easy to use. From the developer of Cryptocat.
AES Crypt - Using a powerful 256-bit encryption algorithm, AES Crypt can safely secure your
most sensitive files. For Windows, macOS, Linux and Android.
DiskCryptor - A full disk and partition encryption system for Windows including the ability to
 moz-extension://aab243c0-6f20-4d68-a01d-c53a7...

encrypt the partition and disk on which the OS is installed.

Linux Unified Key Setup (LUKS) - A full disk encryption system for Linux using dm-crypt as the
disk encryption backend. Included by default in Ubuntu. Available for Windows and Linux.

Self-contained Networks
If you are currently browsing the Clearnet and you want to access the Dark web this section is
for you.

Tor Project

The Tor network is a group of volunteer-operated servers that allows people to

improve their privacy and security on the Internet. Tor's users employ this
network by connecting through a series of virtual tunnels rather than making a
direct connection, thus allowing both organizations and individuals to share
information over public networks without compromising their privacy. Tor is an
effective censorship circumvention tool.

OS: Windows, macOS, Linux, iOS, Android, OpenBSD.

I2P Anonymous Network

The Invisible Internet Project (I2P) is a computer network layer that allows
applications to send messages to each other pseudonymously and securely.
Uses include anonymous Web surfing, chatting, blogging and file transfers. The
software that implements this layer is called an I2P router and a computer
running I2P is called an I2P node. The software is free and open source and is
published under multiple licenses.

OS: Windows, macOS, Linux, Android, BSD / Solaris.

The Freenet Project

Freenet is a peer-to-peer platform for censorship-resistant communication. It

uses a decentralized distributed data store to keep and deliver information, and
has a suite of free software for publishing and communicating on the Web
without fear of censorship. Both Freenet and some of its associated tools were
originally designed by Ian Clarke, who defined Freenet's goal as providing
freedom of speech on the Internet with strong anonymity protection.

OS: Windows, macOS, Linux.

Worth Mentioning
 moz-extension://aab243c0-6f20-4d68-a01d-c53a7...

ZeroNet - Open, free and uncensorable websites, using Bitcoin cryptography and BitTorrent
network.
RetroShare - Open Source cross-platform, Friend-2-Friend and secure decentralised
communication platform.
GNUnet - GNUnet provides a strong foundation of free software for a global, distributed network
that provides security and privacy.
IPFS - A peer-to-peer hypermedia protocol to make the web faster, safer, and more open.
(important privacy warning)

Decentralized Social Networks

If you are currently using Social Networks like Facebook, Twitter or Google+ you should pick
an alternative here.

diaspora*

diaspora* is based on three key philosophies: Decentralization, freedom and

privacy. It is intended to address privacy concerns related to centralized social
networks by allowing users set up their own server (or "pod") to host content;
pods can then interact to share status updates, photographs, and other social
data.

Friendica

Friendica has an emphasis on extensive privacy settings and easy server

installation. It aims to federate with as many other social networks as possible.
Currently, Friendica users can integrate contacts from Facebook, Twitter,
Diaspora, GNU social, App.net, Pump.io and other services in their social
streams.

GNU social

While offering functionality similar to Twitter, GNU social seeks to provide the
potential for open, inter-service and distributed communications between
microblogging communities. Enterprises and individuals can install and control
their own services and data. Notable public deployments are quitter.se and
gnusocial.no.

Worth Mentioning
Mastodon - An open sourced, free and decentralized social network built on top of GNU Social.
 moz-extension://aab243c0-6f20-4d68-a01d-c53a7...

Related Information
Facebook Container by Mozilla - Prevent Facebook from tracking you around the web.
Delete your Facebook account - Direct link to delete your Facebook account without being able
to reactivate it again.
How To Permanently Delete A Facebook Account - This guide will take you through a smooth
and successful Facebook account deletion.

Domain Name System (DNS)

Njalla - Domain Registration

Njalla only needs your email or an jabber address in order to register a domain
name for you. Created by people from The Pirate Bay and IPredator VPN.
Accepted Payments: Bitcoin, Litecoin, Monero, DASH, Bitcoin Cash and
PayPal. A privacy-aware domain registration service.

DNSCrypt - Tool

A protocol for securing communications between a client and a DNS resolver.

The DNSCrypt protocol uses high-speed high-security elliptic-curve
cryptography and is very similar to DNSCurve, but focuses on securing
communications between a client and its first-level resolver.

OS: Windows, macOS, Linux, iOS, Android, BSD

OpenNIC - Service

OpenNIC is an alternate network information center/alternative DNS root which

lists itself as an alternative to ICANN and its registries. Like all alternative root
DNS systems, OpenNIC-hosted domains are unreachable to the vast majority of
the Internet. Only specific configuration in one's DNS resolver makes these
reachable, and very few Internet service providers have this configuration.

Worth Mentioning
NoTrack - A network-wide DNS server which blocks Tracking sites. Currently works in Debian
and Ubuntu.
Namecoin - A decentralized DNS open source information registration and transfer system
based on the Bitcoin cryptocurrency.
Pi-hole - A network-wide DNS server for the Raspberry Pi. Blocks advertising and tracking
domains for all devices on your network.
 moz-extension://aab243c0-6f20-4d68-a01d-c53a7...

Digital Notebook
If you are currently using an application like Evernote, Google Keep or Microsoft OneNote you
should pick an alternative here.

Laverna

Laverna is a JavaScript note-taking web application with a Markdown editor and

encryption support. The application stores all your notes in your browser
databases, which is good for security and privacy reasons, because only you
have access.

OS: Windows, macOS, Linux, Web.

Turtl

Turtl lets you take notes, bookmark websites, and store documents for sensitive
projects. From sharing passwords with your coworkers to tracking research on
an article you're writing, Turtl keeps it all safe from everyone but you and those
you share with.

OS: Windows, macOS, Linux, Android.

Standard Notes

Standard Notes is a simple and private notes app that makes your notes easy
and available everywhere you are. Features end-to-end encryption on every
platform, and a powerful desktop experience with themes and custom editors.

OS: Windows, macOS, Linux, iOS, Android, Web.

Worth Mentioning
Paperwork - Open source and self-hosted solution. For PHP / MySQL servers.

Org-mode - A major mode for GNU Emacs. Org-mode is for keeping notes, maintaining TODO
lists, planning projects, and authoring documents with a fast and effective plain-text system.

Paste Services

PrivateBin

PrivateBin is a minimalist, open source online pastebin where the server has zero knowledge of
pasted data. Data is encrypted/decrypted in the browser using 256bit AES. It is the improved version
 moz-extension://aab243c0-6f20-4d68-a01d-c53a7...

of ZeroBin.

Zerobin.net

Zerobin is a minimalist, open source online pastebin where the server has zero
knowledge of pasted data. Data is encrypted/decrypted in the browser using
256bit AES.

Ghostbin

Ghostbin supports encryption, expiration, sessions, grant users to edit your

notes and pastes up to one megabyte. You can also create your own account to
keep track of your pastes.

The software is good but ghostbin.com's security is worrisome.

Worth Mentioning
disroot.org - Free privacy friendly service that offers PrivateBin and other applications.

Productivity Tools

Etherpad

Etherpad is a highly customizable Open Source online editor providing

collaborative editing in really real-time. Etherpad allows you to edit documents
collaboratively in real-time, much like a live multi-player editor that runs in your
browser. Write articles, press releases, to-do lists, etc.

OS: Windows, macOS, Linux.

Write.as

Write.as is a cross-platform, privacy-oriented blogging platform. It's anonymous by default, letting you
publish without signing up. If you create an account, it doesn't require any personal information. No
ads, distraction-free, and built on a sustainable business model.
 moz-extension://aab243c0-6f20-4d68-a01d-c53a7...

OS: Windows, macOS, Linux, Android, iOS, Chrome OS, Web.

ProtectedText

ProtectedText is an open source web application. It encrypts and decrypts text

in the browser, and password (or its hash) is never sent to the server - so that
text can't be decrypted even if requested by authorities. No cookies, no
sessions, no registration, no users tracking.

OS: All Browsers.

Worth Mentioning
EtherCalc - EtherCalc is a web spreadsheet. Data is saved on the web, and people can edit the
same document at the same time. Changes are instantly reflected on all screens. Work together
on inventories, survey forms, list management, brainstorming sessions.
disroot.org - Free privacy friendly service that offers Etherpad, EtherCalc and PrivateBin.
dudle - An online scheduling application, which is free and OpenSource. Schedule meetings or
make small online polls. No email collection or the need of registration.

PC Operating Systems
If you are currently using a operating system like Microsoft Windows or Apple macOS you
should pick an alternative here.

Qubes OS

Qubes is an open-source operating system designed to provide strong security

for desktop computing. Qubes is based on Xen, the X Window System, and
Linux, and can run most Linux applications and utilize most of the Linux drivers.

Debian

Debian is a Unix-like computer operating system and a Linux distribution that is composed entirely of
free and open-source software, most of which is under the GNU General Public License, and
packaged by a group of individuals known as the Debian project.
 moz-extension://aab243c0-6f20-4d68-a01d-c53a7...

Trisquel

Trisquel is a Linux-based operating system derived from Ubuntu. The project

aims for a fully free software system without proprietary software or firmware
and uses Linux-libre, a version of the Linux kernel with the non-free code (binary
blobs) removed.

Warning
Don't use Windows 10 - It's a privacy nightmare

Worth Mentioning
OpenBSD - A project that produces a free, multi-platform 4.4BSD-based UNIX-like operating
system. Emphasizes portability, standardization, correctness, proactive security and integrated
cryptography.
Arch Linux - A simple, lightweight Linux distribution. It is composed predominantly of free and
open-source software, and supports community involvement. Parabola is a completely open
source version of Arch Linux.
Whonix - A Debian GNU/Linux based security-focused Linux distribution. It aims to provide
privacy, security and anonymity on the internet. The operating system consists of two virtual
machines, a "Workstation" and a Tor "Gateway". All communication are forced through the Tor
network to accomplish this.
Subgraph OS - Another Debian based Linux distribution, it features security hardening which
makes it more resistant to security vulnerabilities. Subgraph runs many desktop applications in
a security sandbox to limit their risk in case of compromise. By default, it anonymizes Internet
traffic by sending it through the Tor network. Note: It is still in alpha, and much testing and bug
fixing still has to be done.

Live CD Operating Systems

Tails

Tails is a live operating system, that starts on almost any computer from a DVD, USB stick, or SD
card. It aims at preserving privacy and anonymity, and helps to: Use the Internet anonymously and
circumvent censorship; Internet connections go through the Tor network; leave no trace on the
 moz-extension://aab243c0-6f20-4d68-a01d-c53a7...

computer; use state-of-the-art cryptographic tools to encrypt files, emails and

instant messaging.

KNOPPIX

Knoppix is an operating system based on Debian designed to be run directly

from a CD / DVD (Live CD) or a USB flash drive (Live USB), one of the first of
its kind for any operating system. When starting a program, it is loaded from the
removable medium and decompressed into a RAM drive. The decompression is
transparent and on-the-fly.

Puppy Linux

Puppy Linux operating system is a lightweight Linux distribution that focuses on

ease of use and minimal memory footprint. The entire system can be run from
RAM with current versions generally taking up about 210 MB, allowing the boot
medium to be removed after the operating system has started.

Worth Mentioning
Tiny Core Linux - A minimal Linux operating system focusing on providing a base system using
BusyBox and FLTK. The distribution is notable for its size (15 MB) and minimalism, with
additional functionality provided by extensions.

Mobile Operating Systems

Even though the source code of the following OS is provided, installing Google Apps may
compromise your setup. The MicroG project can serve as a FLOSS replacement, depending on
your threat model.

LineageOS

LineageOS is a free and open-source operating system for smartphones and

tablets, based on the official releases of Android by Google. It is the
continuation of the CyanogenMod project.
 moz-extension://aab243c0-6f20-4d68-a01d-c53a7...

Sailfish OS

Sailfish OS is a mobile operating system combining the Linux kernel for a

particular hardware platform use, the open-source Mer core middleware, a
proprietary UI contributed by Jolla, and other third-party components.

Worth Mentioning
Replicant - An open-source operating system based on Android, aiming to replace all
proprietary components with free software.
OmniROM - A free software operating system for smartphones and tablet computers, based on
the Android mobile platform.
MicroG - A project that aims to reimplement the proprietary Google Play Services in the Android
operating sytem with a FLOSS replacement.

Android Privacy Add-ons

Improve your privacy with these add-ons for Android.

Control your traffic with "NetGuard"

NetGuard provides simple and advanced ways to block certain
apps' access to the internet without the help of root privileges.
Applications and addresses can individually be allowed or denied
access to your Wi-Fi and/or mobile connection, allowing you to
control which apps are able to call home or not.
https://www.netguard.me/

The following add-ons require root access, which makes your device more vulnerable.
Proceed with caution.

Manage your apps' permissions with XPrivacyLua

Revoking Android permissions from apps often let apps crash or
malfunction. XPrivacyLua solves this by feeding apps fake data
instead of real data. https://lua.xprivacy.eu/

Requirements: Magisk (xda-developers) Xposed Framework (xda-

developers)

Open Source Router Firmware

 moz-extension://aab243c0-6f20-4d68-a01d-c53a7...

OpenWrt

OpenWrt is an operating system (in particular, an embedded operating system)

based on the Linux kernel, primarily used on embedded devices to route
network traffic. The main components are the Linux kernel, util-linux, uClibc and
BusyBox. All components have been optimized for size, to be small enough for
fitting into the limited storage and memory available in home routers.

pfSense

pfSense is an open source firewall/router computer software distribution based

on FreeBSD. It is installed on a computer to make a dedicated firewall/router for
a network and is noted for its reliability and offering features often only found in
expensive commercial firewalls. pfSense is commonly deployed as a perimeter
firewall, router, wireless access point, DHCP server, DNS server, and as a VPN
endpoint.

LibreCMC

LibreCMC is a GNU/Linux-libre distribution for computers with minimal

resources, such as the Ben Nanonote, ath9k-based Wi-Fi routers, and other
hardware with emphasis on free software. The project's current goal is to aim for
compliance with the GNU Free System Distribution Guidelines (GNU FSDG)
and ensure that the project continues to meet these requirements set forth by
the Free Software Foundation (FSF).

Worth Mentioning
OpenBSD - A project that produces a free, multi-platform 4.4BSD-based UNIX-like operating
system. Emphasizes portability, standardization, correctness, proactive security and integrated
cryptography.
DD-WRT - A is Linux-based firmware for wireless routers and wireless access points. It is
compatible with several models of routers and access points.

Don't use Windows 10 - It's a privacy nightmare

Microsoft introduced a lot of new features in Windows 10 such as Cortana. However, most of
them are violating your privacy.

1. Data syncing is by default enabled.

Browsing history and open websites.
Apps settings.
WiFi hotspot names and passwords.
2. Your device is by default tagged with a unique advertising ID.
Used to serve you with personalized advertisements by third-party advertisers and ad
 moz-extension://aab243c0-6f20-4d68-a01d-c53a7...

networks.
3. Cortana can collect any of your
data.
Your keystrokes, searches
and mic input.
Calendar data.
Music you listen to.
Credit Card information.
Purchases.
4. Microsoft can collect any
personal data.
Your identity.
Passwords.
Demographics.
Interests and habits.
Usage data.
Contacts and relationships.
Location data.
Content like emails, instant
messages, caller list, audio and video recordings.
5. Your data can be shared.
When downloading Windows 10, you are authorizing Microsoft to share any of above
mentioned data with any third-party, with or without your consent.

This tool uses some known methods that attempt to disable major tracking features in Windows 10.

Some good news

More bad news

Quotes
Arguing that you don't care about the right to privacy because you have nothing to
hide is no different than saying you don't care about free speech because you have
nothing to say.

The NSA has built an infrastructure that allows it to intercept almost everything.
With this capability, the vast majority of human communications are automatically
ingested without targeting. If I wanted to see your emails or your wife's phone, all I
have to do is use intercepts. I can get your emails, passwords, phone records,
credit cards. I don't want to live in a society that does these sort of things... I do
not want to live in a world where everything I do and say is recorded. That is not
something I am willing to support or live under.
 moz-extension://aab243c0-6f20-4d68-a01d-c53a7...

We all need places where we can go to explore without the judgmental eyes of
other people being cast upon us, only in a realm where we’re not being watched
can we really test the limits of who we want to be. It’s really in the private realm
where dissent, creativity and personal exploration lie.

Recommended Privacy Resources

Guides
Surveillance Self-Defense by EFF - Guide to defending yourself from surveillance by using
secure technology and developing careful practices.
The Crypto Paper - Privacy, Security and Anonymity for Every Internet User.
Email Self-Defense by FSF - A guide to fighting surveillance with GnuPG encryption.
The Ultimate Privacy Guide - Excellent privacy guide written by the creators of the
bestVPN.com website.
IVPN Privacy Guides - These privacy guides explain how to obtain vastly greater freedom,
privacy and anonymity through compartmentalization and isolation.
The Ultimate Guide to Online Privacy - Comprehensive "Ninja Privacy Tips" and 150+ tools.

Information
r/privacytoolsIO Wiki - Our Wiki on reddit.com.
Security Now! - Weekly Internet Security Podcast by Steve Gibson and Leo Laporte.
TechSNAP - Weekly Systems, Network, and Administration Podcast. Every week TechSNAP
covers the stories that impact those of us in the tech industry.
Keybase.io - Get a public key, safely, starting just with someone's social media username.
Freedom of the Press Foundation - Supporting and defending journalism dedicated to
transparency and accountability since 2012.
Erfahrungen.com - German review aggregator website of privacy related services.
Terms of Service; Didn't Read - “I have read and agree to the Terms” is the biggest lie on the
web. We aim to fix that.

Tools
ipleak.net - IP/DNS Detect - What is your IP, what is your DNS, what informations you send to
websites.
The ultimate Online Privacy Test Resource List - A collection of Internet sites that check
whether your web browser leaks information.
PRISM Break - We all have a right to privacy, which you can exercise today by encrypting your
communications and ending your reliance on proprietary services.
Security in-a-Box - A guide to digital security for activists and human rights defenders
throughout the world.
AlternativeTo.net - Great collection of open source online and self-hosted software sorted by
likes.
SecureDrop - An open-source whistleblower submission system that media organizations can
 moz-extension://aab243c0-6f20-4d68-a01d-c53a7...

use to securely accept documents from and communicate with anonymous sources. It was
originally created by the late Aaron Swartz and is currently managed by Freedom of the Press
Foundation.
Reset The Net - Privacy Pack - Help fight to end mass surveillance. Get these tools to protect
yourself and your friends.
Security First - Umbrella is an Android app that provides all the advice needed to operate
safely in a hostile environment.
Block Cloudflare MiTM Attack - Firefox add-on to detect and block corporate MITM attack.

Spread the word and help your friends

Copy URL and Description

For easy copy and paste. Share this text snippet.

Participate with suggestions and constructive criticism

It's important for a website like privacytools.io to be up-to-date. Keep an eye on software updates of
the applications listed here. Follow recent news about providers that are recommended. We try our
best to keep up but we're not perfect and the internet is changing fast. If you find an error, or you think
a provider should not be listed here, or a qualified service provider is missing or a browser plugin is
not the best choice anymore and anything else... Talk to us please.

Make suggestions on reddit

Our active community subreddit to stay up to date or to make suggestions. Join

now! (Info)

Follow on Twitter

Get the latest privacy related updates from our Twitter Feed. Follow now!

Develop on GitHub
 moz-extension://aab243c0-6f20-4d68-a01d-c53a7...

The complete website source code is available on GitHub. Join our developer
team!

This is a community project and we're aiming to deliver the best information
available for a better privacy. Thank you for participating. This project needs
you.

No Ads, No Google Analytics, No Affiliates, No Cross-Site Requests

WTFPL kopimi (copyme) Donate: 1N4bKCx3kpvUTBhsvbmthPDssN8ATPEhgt or

use PayPal.

privacytools.io is a socially motivated website that provides information for protecting your data
security and privacy. never trust any company with your privacy, always encrypt.