privacyguides.org/index.html
Hugo Costa 35a1419ab8 Change dudle's link (#688)
Change the link to point to the anonymous mode (old one was deprecated and redirected to the main website)
2018-12-23 16:02:22 +01:00

2258 lines
144 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

---
layout: default
---
<div class="container" role="main">
<div class="jumbotron p-5">
<!-- header just below the navigation bar -->
<h1 class="display-4"><a href="https://www.privacytools.io/" title="privacytools.io"><img src="assets/img/layout/logo.png" class="img-fluid" alt="privacytools.io"></a></h1>
<p class="lead">You are being watched. Private and state-sponsored organizations are monitoring and recording your online activities. privacytools.io provides knowledge and tools to protect your privacy against global mass surveillance.</p>
<!-- end header just below the navigation bar -->
</div>
<!-- start language and darknet selection -->
<p>
<a data-toggle="tooltip" data-placement="bottom" data-original-title="Translations of privacytools.io were done by volunteers. They might be not up to date.">Language:</a>
<span class="flag-icon flag-icon-tw" style="margin-left:5px;"></span> <a href="https://privacytools.twngo.xyz/">繁體中文</a>
<span class="flag-icon flag-icon-es" style="margin-left:5px;"></span> <a href="https://victorhck.gitlab.io/privacytools-es/">Español</a>
<span class="flag-icon flag-icon-de" style="margin-left:5px;"></span> <a href="https://privacytools.it-sec.rocks/">Deutsch</a>
<span class="flag-icon flag-icon-it" style="margin-left:5px;"></span> <a href="https://privacytools-it.github.io/">Italiano</a>
<span class="flag-icon flag-icon-ru" style="margin-left:5px;"></span> <a href="https://privacytools.ru">Русский</a>
<span class="flag-icon flag-icon-fr" style="margin-left:5px;"></span> <a href="https://privacytools.dreads-unlock.fr">Français</a>
</p>
<!-- end language and darknet selection -->
<!-- quote by Glenn Greenwald located below the header -->
<div class="page-header">
<h1>Privacy? I don't have anything to hide.</h1>
</div>
<blockquote class="blockquote">
<p>
<a href="https://www.ted.com/talks/glenn_greenwald_why_privacy_matters" title="Glenn Greenwald - Why privacy matters - TED Talk"><img src="assets/img/layout/Glenn-Greenwald-Why-privacy-matters.jpg" class="img-fluid float-right ml-2" alt="Glenn Greenwald: Why privacy matters"></a>
Over the last 16 months, as I've debated this issue around the world, every single time somebody has said to me, "I don't really worry about invasions of privacy because I don't have anything to hide." I always say the same thing to them. I get out a
pen, I write down my email address. I say, "Here's my email address. What I want you to do when you get home is email me the passwords to all of your email accounts, not just the nice, respectable work one in your name, but all of them, because I
want to be able to just troll through what it is you're doing online, read what I want to read and publish whatever I find interesting. After all, if you're not a bad person, if you're doing nothing wrong, you should have nothing to hide." <strong>Not a single person has taken me up on that offer.</strong></p>
<footer class="blockquote-footer">Glenn Greenwald in <cite title="Why privacy matters - TED Talk"><a href="https://www.ted.com/talks/glenn_greenwald_why_privacy_matters">Why privacy matters - TED Talk</a></cite></footer>
</blockquote>
<h4>Read also:</h4>
<ul>
<li><a href="https://en.wikipedia.org/wiki/Nothing_to_hide_argument">Nothing to hide argument (Wikipedia)</a></li>
<li><a href="https://www.reddit.com/r/privacy/comments/3hynvp/how_do_you_counter_the_i_have_nothing_to_hide/">How do you counter the "I have nothing to hide?" argument? (reddit.com)</a></li>
<li><a href="https://papers.ssrn.com/sol3/papers.cfm?abstract_id=998565">'I've Got Nothing to Hide' and Other Misunderstandings of Privacy (Daniel J. Solove - San Diego Law Review)</a></li>
</ul>
<!-- end quote by Glenn Greenwald located below the header -->
<!-- Global Mass Surveillance - The Fourteen Eyes -->
<h1 id="ukusa" class="anchor"><a href="#ukusa"><i class="fas fa-link anchor-icon"></i></a> Global Mass Surveillance - The Fourteen Eyes</h1>
<img src="assets/img/layout/UKUSA.png" class="img-fluid float-right" alt="UKUSA Agreement" style="margin-left:10px;">
<p>The UKUSA Agreement is an agreement between the United Kingdom, United States, Australia, Canada, and New Zealand to cooperatively collect, analyze, and share intelligence. Members of this group, known as the <a href="https://www.giswatch.org/en/communications-surveillance/unmasking-five-eyes-global-surveillance-practices">Five Eyes</a>,
focus on gathering and analyzing intelligence from different parts of the world. While Five Eyes countries have agreed to <a href="https://www.pbs.org/newshour/world/an-exclusive-club-the-five-countries-that-dont-spy-on-each-other">not spy on each other</a> as adversaries, leaks by Snowden have revealed that some Five Eyes members monitor each others citizens and <a href="https://www.theguardian.com/uk/2013/jun/21/gchq-cables-secret-world-communications-nsa">share intelligence</a> to <a href="https://www.theguardian.com/politics/2013/jun/10/nsa-offers-intelligence-british-counterparts-blunkett">avoid breaking domestic laws</a> that prohibit them from spying on their own citizens. The Five Eyes alliance also cooperates with groups of third-party countries to share intelligence (forming the Nine Eyes and Fourteen Eyes), however Five Eyes and third-party countries can and do
spy on each other.</p>
<!-- Chart of Five Eyes, Nine Eyes, and Fourteen Eyes -->
<div class="row mb-3">
{% include panel.html color="danger"
title="Five Eyes"
body='
<ol class="card-ol">
<li>Australia <div class="float-right"><span class="flag-icon flag-icon-au"></span></div></li>
<li>Canada <div class="float-right"><span class="flag-icon flag-icon-ca"></span></div></li>
<li>New Zealand <div class="float-right"><span class="flag-icon flag-icon-nz"></span></div></li>
<li>United Kingdom <div class="float-right"><span class="flag-icon flag-icon-gb"></span></div></li>
<li>United States of America <div class="float-right"><span class="flag-icon flag-icon-us"></span></div></li>
</ol>
'
%}
{% include panel.html color="warning"
title="Nine Eyes"
body='
<ol class="card-ol">
<li>Denmark <div class="float-right"><span class="flag-icon flag-icon-dk"></span></div></li>
<li>France <div class="float-right"><span class="flag-icon flag-icon-fr"></span></div></li>
<li>Netherlands <div class="float-right"><span class="flag-icon flag-icon-nl"></span></div></li>
<li>Norway <div class="float-right"><span class="flag-icon flag-icon-no"></span></div></li>
</ol>
'
%}
{% include panel.html color="secondary"
title="Fourteen Eyes"
body='
<ol class="card-ol">
<li>Belgium <div class="float-right"><span class="flag-icon flag-icon-be"></span></div></li>
<li>Germany <div class="float-right"><span class="flag-icon flag-icon-de"></span></div></li>
<li>Italy <div class="float-right"><span class="flag-icon flag-icon-it"></span></div></li>
<li>Spain <div class="float-right"><span class="flag-icon flag-icon-es"></span></div></li>
<li>Sweden <div class="float-right"><span class="flag-icon flag-icon-se"></span></div></li>
</ol>
'
%}
</div>
<!-- end Chart of Five Eyes, Nine Eyes, and Fourteen Eyes -->
<!-- Key disclosure law -->
<h1 id="kdl" class="anchor"><a href="#kdl"><i class="fas fa-link anchor-icon"></i></a> Key Disclosure Law</h1> <h3>Who is required to hand over the encryption keys to authorities?</h3>
<p>Mandatory <a href="https://en.wikipedia.org/wiki/Key_disclosure_law">key disclosure laws</a> require individuals to turn over encryption keys to law enforcement conducting a criminal investigation. How these laws are implemented (who may be legally compelled to assist) vary from nation to nation, but a warrant
is generally required. Defenses against key disclosure laws include steganography and encrypting data in a way that provides plausible deniability.</p> <p><a href="https://en.wikipedia.org/wiki/Steganography">Steganography</a> involves hiding sensitive information (which may be encrypted) inside of ordinary data (for example, encrypting an image file and then hiding it in an audio file). With plausible deniability, data is encrypted in a way that prevents an
adversary from being able to prove that the information they are after exists (for example, one password may decrypt benign data and another password, used on the same file, could decrypt sensitive data).</p>
<!-- Chart of key disclosure law in some countries -->
<div class="row mb-2">
{% include panel.html color="danger"
title="Key disclosure laws apply"
body='
<ol class="card-ol">
<li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law#Antigua_and_Barbuda">Antigua and Barbuda</a> <div class="float-right"><span class="flag-icon flag-icon-ag"></span></div></li>
<li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law#Australia">Australia</a> <div class="float-right"><span class="flag-icon flag-icon-au"></span></div></li>
<li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law#Canada">Canada</a> <div class="float-right"><span class="flag-icon flag-icon-ca"></span></div></li>
<li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law#France">France</a> <div class="float-right"><span class="flag-icon flag-icon-fr"></span></div></li>
<li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law#India">India</a> <div class="float-right"><span class="flag-icon flag-icon-in"></span></div></li>
<li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law#Ireland">Ireland</a> <div class="float-right"><span class="flag-icon flag-icon-ie"></span></div></li>
<li><a href="https://edri.org/norway-introduces-forced-biometric-authentication/">Norway</a> <div class="float-right"><span class="flag-icon flag-icon-no"></span></div></li>
<li><a href="https://www.bloomberg.com/news/articles/2018-03-20/telegram-loses-bid-to-stop-russia-from-getting-encryption-keys">Russia</a> <div class="float-right"><span class="flag-icon flag-icon-ru"></span></div></li>
<li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law#South_Africa">South Africa</a> <div class="float-right"><span class="flag-icon flag-icon-za"></span></div></li>
<li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law#United_Kingdom">United Kingdom</a> <div class="float-right"><span class="flag-icon flag-icon-gb"></span></div></li>
</ol>
'
%}
{% include panel.html color="warning"
title="Key disclosure laws may apply"
body='
<ol class="card-ol">
<li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law#Belgium">Belgium *</a> <div class="float-right"><span class="flag-icon flag-icon-be"></span></div></li>
<li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law#Finland">Finland *</a> <div class="float-right"><span class="flag-icon flag-icon-fi"></span></div></li>
<li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law#New_Zealand">New Zealand</a> (unclear) <div class="float-right"><span class="flag-icon flag-icon-nz"></span></div></li>
<li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law#The_Netherlands">The Netherlands *</a> <div class="float-right"><span class="flag-icon flag-icon-nl"></span></div></li>
<li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law#United_States">United States</a> (see related information) <div class="float-right"><span class="flag-icon flag-icon-us"></span></div></li>
</ol>
'
%}
{% include panel.html color="success"
title="Key disclosure laws don't apply"
body='
<ol class="card-ol">
<li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law#Czech_Republic">Czech Republic</a> <div class="float-right"><span class="flag-icon flag-icon-cz"></span></div></li>
<li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law#Germany">Germany</a> <div class="float-right"><span class="flag-icon flag-icon-de"></span></div></li>
<li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law#Poland">Poland</a> <div class="float-right"><span class="flag-icon flag-icon-pl"></span></div></li>
<li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law#Sweden">Sweden</a> (proposed) <div class="float-right"><span class="flag-icon flag-icon-se"></span></div></li>
</ol>
'
%}
</div>
<p> * (people who know how to access a system may be ordered to share their knowledge, <strong>however, this doesn't apply to the suspect itself or family members.</strong>)</p>
<h3>Related Information</h3>
<ul>
<li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law">Wikipedia page on key disclosure law</a></li>
<li><a href="https://law.stackexchange.com/questions/1523/can-a-us-citizen-be-required-to-provide-the-authentication-key-for-encrypted-dat">law.stackexchange.com question about key disclosure law in US</a></li>
<li><a href="https://www.youtube.com/watch?v=Jt7D4AIfqlQ">DEFCON 20: Crypto and the Cops: the Law of Key Disclosure and Forced Decryption</a></li>
</ul>
<!-- end Chart of key disclosure law in some countries -->
<h3 id="usa" class="anchor">Why is it not recommended to choose a US-based service?</h3>
<img src="assets/img/layout/USA.png" class="img-fluid float-right" alt="USA" style="margin-left:10px;">
<p>Services based in the United States are not recommended because of the countrys surveillance programs, use of <a href="https://www.eff.org/issues/national-security-letters/faq">National Security Letters</a> (NSLs) and accompanying gag orders, which
forbid the recipient from talking about the request. This combination allows the government to <a href="https://www.schneier.com/blog/archives/2013/08/more_on_the_nsa.html">secretly force</a> companies to grant complete access to customer data and
transform the service into a tool of mass surveillance.</p>
<p>An example of this is <a href="https://en.wikipedia.org/wiki/Lavabit#Suspension_and_gag_order">Lavabit</a> a discontinued secure email service created by Ladar Levison. The FBI <a href="https://motherboard.vice.com/en_us/article/nzz888/lavabit-founder-ladar-levison-discusses-his-federal-battle-for-privacy">requested</a> Snowdens records after finding out that he used the service. Since Lavabit did not keep logs and email content was stored encrypted, the FBI served a subpoena (with a gag order) for the services SSL keys. Having the SSL keys would allow them to access
communications (both metadata and unencrypted content) in real time for all of Lavabits customers, not just Snowden's.</p>
<p>Ultimately, Levison turned over the SSL keys and <a href="https://www.theguardian.com/commentisfree/2014/may/20/why-did-lavabit-shut-down-snowden-email">shut down</a> the service at the same time. The US government then <a href="http://www.cnbc.com/id/100962389">threatened Levison with arrest</a>,
saying that shutting down the service was a violation of the court order.</p> <h3>Related Information</h3>
<ul>
<li><a href="https://www.bestvpn.com/the-ultimate-privacy-guide/#avoidus">Avoid all US and UK based services</a></li>
<li><a href="https://en.wikipedia.org/wiki/Surespot#History">Proof that warrant canaries work based on the surespot example.</a></li>
<li><a href="https://en.wikipedia.org/wiki/UKUSA_Agreement">The United Kingdom United States of America Agreement (UKUSA)</a></li>
<li><a href="https://en.wikipedia.org/wiki/Lavabit#Suspension_and_gag_order">Lavabit: Suspension and gag order</a></li>
<li><a href="https://en.wikipedia.org/wiki/Key_disclosure_law">Key disclosure law</a></li>
<li><a href="https://en.wikipedia.org/wiki/Portal:Mass_surveillance">Wikipedia Portal: Mass_surveillance</a></li>
</ul> <h1 id="vpn" class="anchor"><a href="#vpn"><i class="fas fa-link anchor-icon"></i></a> VPN providers with extra layers of privacy</h1>
<div class="alert alert-success" role="alert">
<strong>All providers listed here are outside the US, use encryption, accept Bitcoin, support OpenVPN and have a no logging policy.</strong>
</div>
<!-- START VPN TABLE -->
<div class="table-responsive">
<table class="table sortable-theme-bootstrap" data-sortable>
<thead>
<tr>
<th data-sortable="true">Sortable VPN Providers Table</th>
<th data-sortable="true">Yearly Price</th>
<th data-sortable="true">Free Trial</th>
<th data-sortable="true" title="Number of Servers"># Servers</th>
<th data-sortable="true">Jurisdiction</th>
<th data-sortable="false">Website</th>
</tr>
</thead>
<tbody>
<tr>
<td data-value="AirVPN">
<a href="https://airvpn.org/"><img alt="AirVPN" src="assets/img/provider/AirVPN.png" width="200" height="70"></a></td>
<td data-value="70">54 €</td>
<td><span class="label label-success">Yes</span></td>
<td>162</td>
<td><span class="flag-icon flag-icon-it"></span> Italy</td>
<td><a href="https://airvpn.org/">AirVPN.org</a></td>
</tr>
<tr>
<td data-value="AzireVPN">
<a href="https://www.azirevpn.com/"><img alt="AzireVPN" src="assets/img/provider/AzireVPN.png" width="200" height="70"></a>
</td>
<td data-value="58">45 €</td>
<td><span class="label label-success">Yes</span></td>
<td>5</td>
<td><span class="flag-icon flag-icon-se"></span> Sweden</td>
<td><a href="https://www.azirevpn.com/">AzireVPN.com</a></td>
</tr>
<tr>
<td data-value="blackVPN">
<a href="https://www.blackvpn.com/"><img alt="blackVPN" src="assets/img/provider/blackVPN.png" width="200" height="70"></a>
</td>
<td data-value="128">99 €</td>
<td><span class="label label-success">Yes</span></td>
<td>27</td>
<td><span class="flag-icon flag-icon-hk"></span> Hong Kong</td>
<td><a href="https://www.blackvpn.com/">blackVPN.com</a></td>
</tr>
<tr>
<td data-value="Cryptostorm">
<a href="https://cryptostorm.is/"><img alt="Cryptostorm" src="assets/img/provider/Cryptostorm.png" width="200" height="70"></a>
</td>
<td data-value="52">$ 52</td>
<td><span class="label label-success">Yes</span></td>
<td>18</td>
<td><span class="flag-icon flag-icon-is"></span> Iceland</td>
<td><a href="https://cryptostorm.is/">Cryptostorm.is</a></td>
</tr>
<tr>
<td data-value="ExpressVPN">
<a href="https://www.expressvpn.com/"><img alt="ExpressVPN" src="assets/img/provider/ExpressVPN.png" width="200" height="70"></a>
</td>
<td data-value="100">$ 99.95</td> <!-- USD on March 21, 2017 -->
<td><span class="label label-success">Yes</span></td>
<td>145</td>
<td><span class="flag-icon flag-icon-vg"></span> British Virgin Islands</td>
<td><a href="https://www.expressvpn.com/">ExpressVPN.com</a></td>
</tr>
<tr>
<td data-value="FrootVPN">
<a href="https://www.frootvpn.com/"><img alt="FrootVPN" src="assets/img/provider/FrootVPN.png" width="200" height="70"></a>
</td>
<td data-value="36">$ 35.88</td>
<td><span class="label label-warning">No</span></td>
<td>27</td>
<td><span class="flag-icon flag-icon-se"></span> Sweden</td>
<td><a href="https://www.frootvpn.com/">FrootVPN.com</a></td>
</tr>
<tr>
<td data-value="hide.me">
<a href="https://hide.me/"><img alt="hide.me" src="assets/img/provider/hide.me.png" width="200" height="70"></a>
</td>
<td data-value="65">$ 65.04</td>
<td><span class="label label-success">Yes</span></td>
<td>88</td>
<td><span class="flag-icon flag-icon-my"></span> Malaysia</td>
<td><a href="https://hide.me/">hide.me</a></td>
</tr>
<tr>
<td data-value="IVPN">
<a href="https://www.ivpn.net/"><img alt="IVPN" src="assets/img/provider/IVPN.png" width="200" height="70"></a>
</td>
<td data-value="100">$ 100</td>
<td><span class="label label-success">Yes</span></td>
<td>21</td>
<td><span class="flag-icon flag-icon-gi"></span> Gibraltar</td>
<td><a href="https://www.ivpn.net/">IVPN.net</a></td>
</tr>
<tr>
<td data-value="Mullvad">
<a href="https://mullvad.net/"><img alt="Mullvad" src="assets/img/provider/Mullvad.png" width="200" height="70"></a>
</td>
<td data-value="78">60 €</td>
<td><span class="label label-success">Yes</span></td>
<td>168</td>
<td><span class="flag-icon flag-icon-se"></span> Sweden</td>
<td><a href="https://mullvad.net/">Mullvad.net</a></td>
</tr>
<tr>
<td data-value="NordVPN">
<a href="https://nordvpn.com/"><img alt="NordVPN" src="assets/img/provider/NordVPN.png" width="200" height="70"></a>
</td>
<td data-value="69">$ 69</td>
<td><span class="label label-success">Yes</span></td>
<td>475</td>
<td><span class="flag-icon flag-icon-pa"></span> Panama</td>
<td><a href="https://nordvpn.com/">NordVPN.com</a></td>
</tr>
<tr>
<td data-value="OVPN.com">
<a href="https://www.ovpn.com/"><img alt="OVPN.com" src="assets/img/provider/OVPN.png" width="200" height="70"></a>
</td>
<td data-value="84">$ 84</td>
<td><span class="label label-success">Yes</span></td>
<td>39</td>
<td><span class="flag-icon flag-icon-se"></span> Sweden</td>
<td><a href="https://www.ovpn.com/">OVPN.com</a></td>
</tr>
<tr>
<td data-value="Perfect Privacy">
<a href="https://www.perfect-privacy.com/"><img alt="Perfect Privacy" src="assets/img/provider/Perfect-Privacy.png" width="200" height="70"></a>
</td>
<td data-value="162">124.95 €</td>
<td><span class="label label-warning">No</span></td>
<td>41</td>
<td><span class="flag-icon flag-icon-pa"></span> Panama</td>
<td><a href="https://www.perfect-privacy.com/">Perfect-Privacy.com</a></td>
</tr>
<!--
"Warning: It has come to our attention that Privatoria are no longer supporting their service its advised to try some other VPN provider." Source: https://www.deepdotweb.com/2016/01/03/privatoria-review/
<tr>
<td data-value="Privatoria">
<a href="https://privatoria.net/"><img src="assets/img/provider/Privatoria.png" width="200" height="70"></a>
</td>
<td data-value="23">$ 22.8</td>
<td><span class="label label-success">Yes</span></td>
<td>22</td>
<td><span class="flag-icon flag-icon-cz"></span> Czech Republic</td>
<td><a href="https://privatoria.net/">Privatoria.net</a></td>
</tr>
-->
<tr>
<td data-value="ProtonVPN">
<a href="https://protonvpn.com/"><img alt="ProtonVPN" src="assets/img/provider/ProtonVPN.png" width="200" height="70"></a >
</td>
<td data-value="0">Free</td>
<td><span class="label label-success">Yes</span></td>
<td>249</td>
<td><span class="flag-icon flag-icon-ch"></span> Switzerland</td>
<td><a href="https://protonvpn.com/">ProtonVPN.com</a></td>
</tr>
<tr>
<td data-value="Proxy.sh">
<a href="https://proxy.sh/"><img alt="Proxy.sh" src="assets/img/provider/Proxy.sh.png" width="200" height="70"></a>
</td>
<td data-value="90">$ 90</td>
<td><span class="label label-warning">No</span></td>
<td>300</td>
<td><span class="flag-icon flag-icon-sc"></span> Seychelles</td>
<td><a href="https://proxy.sh/">Proxy.sh</a></td>
</tr>
<tr>
<td data-value="Trust.Zone">
<a href="https://trust.zone/"><img alt="Trust.Zone" src="assets/img/provider/Trust.Zone.png" width="200" height="70"></a>
</td>
<td data-value="40">$ 39.95</td>
<td><span class="label label-success">Yes</span></td>
<td>48</td>
<td><span class="flag-icon flag-icon-sc"></span> Seychelles</td>
<td><a href="https://trust.zone/">Trust.Zone</a></td>
</tr>
<tr>
<td data-value="VPN.ht">
<a href="https://vpn.ht/"><img alt="VPN.ht" src="assets/img/provider/VPN.ht.png" width="200" height="70"></a>
</td>
<td data-value="40">$ 39.99</td>
<td><span class="label label-warning">No</span></td>
<td>122</td>
<td><span class="flag-icon flag-icon-hk"></span> Hong Kong</td>
<td><a href="https://vpn.ht/">VPN.ht</a></td>
</tr>
<tr>
<td data-value="VPNArea">
<a href="https://vpnarea.com/"><img alt="VPNArea" src="assets/img/provider/vpnarea.png" width="200" height="70"></a>
</td>
<td data-value="59">$ 59.00</td>
<td><span class="label label-success">Yes</span></td>
<td>204</td>
<td><span class="flag-icon flag-icon-bg"></span> Bulgaria</td>
<td><a href="https://vpnarea.com/">VPNArea.com</a></td>
</tr>
<tr>
<td data-value="VPNTunnel">
<a href="https://vpntunnel.com/"><img alt="VPNTunnel" src="assets/img/provider/VPNTunnel.png" width="200" height="70"></a>
</td>
<td data-value="36">$ 35.88</td>
<td><span class="label label-warning">No</span></td>
<td>80</td>
<td><span class="flag-icon flag-icon-sc"></span> Seychelles</td>
<td><a href="https://vpntunnel.com/">VPNTunnel.com</a></td>
</tr>
</tbody>
</table>
</div> <!-- END VPN TABLE -->
<!-- yellow warning box about vpns and "no log" policies. -->
<div class="alert alert-warning" role="alert">
<strong>Note: Using a VPN provider will not make you anonymous. But it will give you a better privacy. A VPN is not a tool for illegal activities. Don't rely on a "no log" policy.</strong>
</div> <div class="container">
<div class="row">
<div class="col-md-6">
<!-- bullet list of VPN Provider Criteria -->
<h3>Our VPN Provider Criteria</h3>
<ul>
<li>Operating outside the USA or other Five Eyes countries.<p>More: <a href="https://www.bestvpn.com/the-ultimate-privacy-guide/#avoidus">Avoid all US and UK based services.</a></p></li>
<li>OpenVPN software support.</li>
<li>Accepts Bitcoin, cash, debit cards or cash cards as a payment method.</li>
<li>No personal information is required to create an account. Only username, password and <a href="#email"><i class="fas fa-link"></i> Email.</a></li>
</ul>
<p>We're not affiliated with any of the above-listed VPN providers. This way can give you honest recommendations.</p>
<h3>More VPN Provider</h3>
<p>
<a href="https://thatoneprivacysite.net/vpn-comparison-chart/">
Spreadsheet with unbiased, independently verifiable data on over 100 VPN services.
</a>
<a href="https://www.reddit.com/r/privacytoolsIO/comments/43d4zs/you_guys_might_be_interested_in_this_a/">
(Join the discussion on Reddit)
</a>
</p>
</div>
<!-- bullet list of VPN articles -->
<div class="col-md-6">
<h3>Related VPN information</h3>
<ul>
<li><a href="https://torrentfreak.com/vpn-services-keep-anonymous-2018/">Which VPN Services Keep You Anonymous in 2018?</a><br />(<strong>Note:</strong> The providers listed first in the TorrentFreaks article are sponsored)</li>
<li><a href="https://torrentfreak.com/how-to-make-vpns-even-more-secure-120419/">How To Make VPNs Even More Secure</a></li>
<li><a href="https://vikingvpn.com/blogs/off-topic/beware-of-vpn-marketing-and-affiliate-programs">Beware of False Reviews - VPN Marketing and Affiliate Programs</a></li>
<li><a href="https://www.goldenfrog.com/take-back-your-internet/articles/7-myths-about-vpn-logging-and-anonymity">I am Anonymous When I Use a VPN - 7 Myths Debunked</a><br />(<strong>Note:</strong> While this is a good read, they also use the article for self-promotion)</li>
<li><a href="https://torrentfreak.com/proxy-sh-vpn-provider-monitored-traffic-to-catch-hacker-130930/">Proxy.sh VPN Provider Sniffed Server Traffic to Catch Hacker</a></li>
<li><a href="https://proxy.sh/panel/knowledgebase.php?action=displayarticle&id=5">Ethical policy - All of the reasons why Proxy.sh might enable logging</a></li>
<li><a href="https://www.ivpn.net/privacy">IVPN.net will collect your email and IP address after sign up</a><br />Read the <a data-toggle="tooltip" data-placement="top" data-original-title="The IP collected at signup is only used for a few seconds by our fraud module and then discarded, it is not stored. Storing them would significantly increase our own liability and certainly would not be in our interest. You're absolutely welcome to signup using Tor or a VPN.">Email statement</a> from IVPN.</li>
<li><a href="https://medium.com/@blackVPN/no-logs-6d65d95a3016">blackVPN announced to delete connection logs after disconnection</a></li>
<li><a href="https://gist.github.com/kennwhite/1f3bc4d889b02b35d8aa">Don't use LT2P IPSec, use other protocols.</a></li>
</ul>
</div>
</div>
</div>
<!-- warrant canary -->
<h1 id="wc" class="anchor"><a href="#wc"><i class="fas fa-link anchor-icon"></i></a> What is a warrant canary?</h1>
<img src="assets/img/layout/warrant-canary.jpg" class="img-fluid float-right" alt="Warrant Canary Example" style="margin-left:20px;">
<p>A warrant canary is a posted document stating that an organization has not received any secret subpoenas during a specific period of time. If this document fails to be updated during the specified time then the user is to assume that the service has
received such a subpoena and should stop using the service.</p>
<h4>Warrant Canary Examples:</h4>
<ol>
<li><a href="https://proxy.sh/canary">https://proxy.sh/canary</a></li>
<li><a href="https://www.ivpn.net/resources/canary.txt">https://www.ivpn.net/resources/canary.txt</a></li>
<li><a href="https://www.bolehvpn.net/canary.txt">https://www.bolehvpn.net/canary.txt</a></li>
<li><a href="https://lokun.is/canary.txt">https://lokun.is/canary.txt</a></li>
<li><a href="https://www.ipredator.se/static/downloads/canary.txt">https://www.ipredator.se/static/downloads/canary.txt</a></li>
</ol>
<h4>Related Warrant Canary Information</h4>
<ul>
<li><a href="https://www.eff.org/de/deeplinks/2014/04/warrant-canary-faq">Warrant Canary Frequently Asked Questions</a></li>
<li><a href="https://en.wikipedia.org/wiki/Warrant_canary#Companies_and_organizations_with_warrant_canaries">Companies and organizations with warrant canaries</a></li>
<li><a href="https://www.schneier.com/blog/archives/2015/03/australia_outla.html">Warrant canary criticism by Bruce Schneier and an example of a law against warrant canaries.</a></li>
</ul>
<!-- browsers -->
<h1 id="browser" class="anchor"><a href="#browser"><i class="fas fa-link anchor-icon"></i></a> Browser Recommendation</h1>
<div class="row mb-2">
{% include card.html color="success"
title="Tor Browser"
image="assets/img/tools/Tor-Project.png"
url="https://www.torproject.org/"
tor="http://expyuzz4wqqyqhjn.onion"
footer='OS: Windows, macOS, Linux, <a href="https://mike.tig.as/onionbrowser/">iOS</a>, <a href="https://www.torproject.org/docs/android.html.en">Android</a>, <a href="https://github.com/torbsd/openbsd-ports">OpenBSD.</a>'
description="Tor Browser is your choice if you need an extra layer of anonymity. It's a modified version of Firefox, it comes with pre-installed privacy add-ons, encryption and an advanced proxy."
%}
{% include card.html color="primary"
title="Mozilla Firefox"
image="assets/img/tools/Firefox.png"
url="https://www.firefox.com/"
footer="OS: Windows, macOS, Linux, Android, iOS, BSD."
description='Firefox is fast, reliable, open source and respects your privacy. Don\'t forget to adjust the settings according to our
recommendations: <a href="#webrtc"><i class="fas fa-link"></i> WebRTC</a> and <a href="#about_config"><i class="fas fa-link"></i> about:config</a> and get the <a href="#addons"><i class="fas fa-link"></i> privacy add-ons</a>.'
%}
{% include card.html color="warning"
title="Brave"
labels="warning:experimental:Brave is a good choice if you want to use a Chromium-based browser. But at this point in Brave's development&comma; it's not as good as Firefox with privacy addons."
image="assets/img/tools/Brave.png"
url="https://www.brave.com/"
footer="OS: Windows, macOS, Linux, Android, iOS."
description="The new open source browser \"Brave\" automatically blocks ads and trackers, making it faster and safer than your current browser. Brave is based on Chromium."
%}
<!-- IceCat removed
<div class="col-sm-4">
<div class="panel panel-info">
<div class="panel-heading">
<h3 class="panel-title">GNU IceCat</h3>
</div>
<div class="panel-body">
<p><img src="assets/img/tools/IceCat.png" align="right" style="margin-left:5px;">GNU IceCat is a good choice for privacy related matters. It is a free software rebranding of the Mozilla Firefox web browser distributed by the GNU Project. IceCat comes with pre-installed privacy add-ons.</p>
<p><a href="https://www.gnu.org/software/gnuzilla/"><button type="button" class="btn btn-info">Download: www.gnu.org</button></a></p>
<p>OS: Windows, macOS, Linux, Android.</p>
</div>
</div>
</div>
-->
</div>
<!-- Browser Fingerprint -->
<h1 id="fingerprint" class="anchor"><a href="#fingerprint"><i class="fas fa-link anchor-icon"></i></a> Browser Fingerprint - Is your browser configuration unique?</h1>
<!-- yellow warning message about the browser sending unique information -->
<div class="alert alert-warning" role="alert">
<strong>Your Browser sends information that makes you unique amongst millions of users and therefore easy to identify.</strong>
</div>
<!-- fingerprint image to the right of the paragraphs -->
<img src="assets/img/layout/browser-fingerprint.jpg" class="img-fluid float-right" alt="Fingerprint image" style="margin-left:20px;">
<!-- first paragraph -->
<p>When you visit a web page, your browser voluntarily sends information about its configuration, such as available fonts, browser type, and add-ons. If this combination of information is unique, it may be possible to identify and track you without using
cookies. EFF created a Tool called <a href="https://panopticlick.eff.org/">Panopticlick</a> to test your browser to see how unique it is.</p>
<!-- First orange "test your browser now" button -->
<p>
<a class="btn btn-warning" href="https://panopticlick.eff.org/">
Test your Browser now
</a>
</p>
<!-- second paragraph -->
<p>You need to find what <strong>most browsers</strong> are reporting, and then use those variables to bring your browser in the same population. This means having the same fonts, plugins, and extensions installed as the large installed base. You should
have a <a href="https://addons.mozilla.org/en-US/firefox/addon/uaswitcher/">spoofed user agent string</a> to match what the large userbase has. You need to have the same settings enabled and disabled, such as DNT and WebGL. You need your browser to
look as common as everyone else. Disabling JavaScript, using Linux, or even the TBB, will make your browser stick out from the masses.</p>
<!-- third paragraph -->
<p>Modern web browsers have not been architected to assure personal web privacy. Rather than worrying about being fingerprinted, it seems more practical to use <a href="#addons"><i class="fas fa-link"></i> free software plugins</a> like Privacy Badger, uBlock Origin and Disconnect.
They not only respect your freedom, but your privacy also. You can get much further with these than trying to manipulate your browser's fingerprint.</p>
<!-- related information links -->
<h3>Related Information</h3>
<ul>
<li><a href="https://panopticlick.eff.org/static/browser-uniqueness.pdf">How Unique Is Your Web Browser? Peter Eckersley, EFF.</a></li>
<li><a href="https://www.reddit.com/r/privacytoolsIO/comments/35pqyl/new_section_browser_fingerprint_is_your_browser/">Join our discussion on reddit.com about browser fingerprinting.</a></li>
<li><a href="#addons"><i class="fas fa-link"></i> Our Firefox privacy add-ons section.</a></li>
<li><a href="https://www.browserleaks.com/">BrowserLeaks.com</a> - Web browser security testing tools, that tell you what exactly personal identity data may be leaked without any permissions when you surf the Internet.</li>
</ul>
<!-- WebRTC IP Leak Test -->
<h1 id="webrtc" class="anchor"><a href="#webrtc"><i class="fas fa-link anchor-icon"></i></a> WebRTC IP Leak Test - Is your IP address leaking?</h1>
<!-- red alert message about WebRTC being a new communication protocol... -->
<div class="alert alert-danger" role="alert">
<strong>WebRTC is a new communication protocol that relies on JavaScript that can leak your actual IP address from behind your VPN.</strong>
</div>
<!-- first sentence -->
<p>While software like NoScript prevents this, it's probably a good idea to block this protocol directly as well, just to be safe.</p>
<!-- orange "Test your Browser now" button -->
<p>
<a class="btn btn-warning" target="_blank" rel="noopener noreferrer" href="https://ipleak.net">Test your Browser now</a>
</p>
<!-- heading: How to disable WRTC in Firefox? -->
<h3>How to disable WebRTC in Firefox?</h3>
<!-- steps on manually disabling WRTC in Firefox -->
<p>In short: Set "media.peerconnection.enabled" to "false" in "about:config".</p>
<p><strong>Explained:</strong></p>
<ol class="long-string-list">
<li>Enter "about:config" in the firefox address bar and press enter.</li>
<li>Press the button "I'll be careful, I promise!"</li>
<li>Search for "media.peerconnection.enabled"</li>
<li>Double click the entry, the column "Value" should now be "false"</li>
<li>Done. Do the WebRTC leak test again.</li>
</ol>
<p>If you want to make sure every single WebRTC related setting is really disabled change these settings:</p>
<ol class="long-string-list">
<li>media.peerconnection.turn.disable = true</li>
<li>media.peerconnection.use_document_iceservers = false</li>
<li>media.peerconnection.video.enabled = false</li>
<li>media.peerconnection.identity.timeout = 1</li>
</ol>
<p>Now you can be 100% sure WebRTC is disabled.</p>
<!-- the "Test your Browser again" button -->
<p>
<a class="btn btn-primary" target="_blank" rel="noopener noreferrer" href="https://ipleak.net">Test your Browser again</a>
</p>
<!-- steps to manually disable WebRTC in Chrome -->
<h3>How to fix the WebRTC Leak in Google Chrome?</h3>
<p>WebRTC cannot be fully disabled in Chrome, however it is possible to change its routing settings (and prevent leaks) using an extension. Two open source solutions include <a href="https://chrome.google.com/webstore/detail/webrtc-leak-prevent/eiadekoaikejlgdbkbdfeijglgfdalml">WebRTC Leak Prevent</a> (options may need to be changed depending on the scenario), and <a href="https://chrome.google.com/webstore/detail/ublock-origin/cjpalhdlnbpafiamejdnhcphjbkeiagm">uBlock Origin</a> (select "Prevent WebRTC from leaking local IP addresses" in Settings).</p>
<h3>What about other browsers?</h3>
<p>Chrome on iOS, Internet Explorer and Safari does not implement WebRTC yet. <a href="#browser"><i class="fas fa-link"></i> But we recommend using Firefox on all devices.</a></p> <!-- Firefox add-ons -->
<h1 id="addons" class="anchor"><a href="#addons"><i class="fas fa-link anchor-icon"></i></a> Excellent Firefox Privacy Add-ons</h1>
<div class="alert alert-success" role="alert">
<strong>Improve your privacy with these excellent Firefox add-ons.</strong>
</div>
<h3>Stop Tracking with "Privacy Badger"</h3>
<img src="assets/img/addons/Privacy-Badger.png" class="img-fluid float-left" alt="Privacy Badger" style="margin-right:30px;">
<p><strong>Privacy Badger</strong> is a browser add-on that stops advertisers and other third-party trackers from secretly tracking where you go and what pages you look at on the web. Privacy Badger learns about trackers as you browse by inspecting external resources websites request. Please be aware that Google Analytics is considered first-party by Privacy Badger, which means that Google Analytics will not be blocked if you do not use another blocker, such as uBlock Origin.
<a href="https://www.eff.org/privacybadger">https://www.eff.org/privacybadger/</a></p>
<h3>Block Ads and Trackers with "uBlock Origin"</h3>
<img src="assets/img/addons/uBlock.png" class="img-fluid float-left" alt="uBlock" style="margin-right:30px;">
<p>An efficient <a href="https://github.com/gorhill/uBlock/wiki/Blocking-mode">wide-spectrum-blocker</a> that's easy on memory, and yet can load and enforce thousands more filters than other popular blockers out there. It has no monetization strategy and
is completely <a href="https://github.com/gorhill/uBlock/">open source</a>. We recommend Firefox but uBlock Origin also works in other browsers such as Safari, Opera, and Chromium. Unlike AdBlock Plus, uBlock does not allow so-called <a href="https://adblockplus.org/acceptable-ads">"acceptable ads"</a>.
<br />
<a href="https://addons.mozilla.org/firefox/addon/ublock-origin/">https://addons.mozilla.org/firefox/addon/ublock-origin/</a>
</p>
<!--
<img src="assets/img/addons/Disconnect.png" class="img-fluid float-left" alt="Disconnect" style="margin-right:30px;">
<p>Founded in 2011 by former Google engineers and a consumer-and privacy-rights attorney. The addon is open source and loads the pages you go to 27% faster and stops tracking by 2,000+ third-party sites. It also keeps your searches private. If you are planning to install "uBlock Origin" make sure to install "Disconnect" first. <strong>Alternative to Disconnect:</strong> <a href="https://addons.mozilla.org/firefox/addon/privacy-badger-firefox/">Privacy Badger by EFF</a>
<br />
<a href="https://addons.mozilla.org/firefox/addon/disconnect/">https://addons.mozilla.org/firefox/addon/disconnect/</a>
</p>
<h3>Hinder Browser Fingerprinting with "Random Agent Spoofer"</h3>
<img src="assets/img/addons/Random-Agent-Spoofer.png" class="img-fluid float-left" alt="Random Agent Spoofer" style="margin-right:30px;">
<p>A privacy enhancing firefox addon which aims to hinder browser fingerprinting. It does this by changing the browser/device profile on a timer. Source code: <a href="https://github.com/dillbyrne/random-agent-spoofer">GitHub.</a>
<br />
<a href="https://addons.mozilla.org/firefox/addon/random-agent-spoofer/">https://addons.mozilla.org/firefox/addon/random-agent-spoofer/</a></p>
-->
<h3>Automatically Delete Cookies with "Cookie AutoDelete"</h3>
<img src="assets/img/addons/Cookie-AutoDelete.png" class="img-fluid float-left" alt="Cookie AutoDelete" style="margin-right:30px;">
<p>Automatically removes cookies when they are no longer used by open browser tabs. With the cookies, lingering sessions, as well as information used to spy on you, will be expunged.
<br />
<a href="https://addons.mozilla.org/firefox/addon/cookie-autodelete">https://addons.mozilla.org/firefox/addon/cookie-autodelete/</a></p> <h3>Encryption with "HTTPS Everywhere"</h3>
<img src="assets/img/addons/HTTPS-Everywhere.png" class="img-fluid float-left" alt="HTTPS Everywhere" style="margin-right:30px;">
<p>A Firefox, Chrome, and Opera extension that encrypts your communications with many major websites, making your browsing more secure. A collaboration between The Tor Project and the Electronic Frontier Foundation.
<br />
<a href="https://www.eff.org/https-everywhere">https://www.eff.org/https-everywhere</a></p>
<h3>Block Content Delivery Networks with "Decentraleyes"</h3>
<img src="assets/img/addons/Decentraleyes.png" class="img-fluid float-left" alt="Decentraleyes" style="margin-right:30px;">
<p>Emulates Content Delivery Networks locally by intercepting requests, finding the required resource and injecting it into the environment. This all happens instantaneously, automatically, and no prior configuration is required. <i>Source code: <a href="https://git.synz.io/Synzvato/decentraleyes">GitLab (self-hosted)</a>.</i>
<br />
<a href="https://addons.mozilla.org/firefox/addon/decentraleyes/">https://addons.mozilla.org/firefox/addon/decentraleyes/</a></p>
<div class="alert alert-warning" role="alert">
<strong>The following add-ons require quite a lot of interaction from the user to get things working. Some sites will not work properly until you have configured the add-ons.</strong>
</div>
<!--
<h3>Stop cross-site requests with "Request Policy"</h3>
<img src="assets/img/addons/Request-Policy.png" class="img-fluid float-left" alt="Request Policy" style="margin-right:30px;">
<p>Many websites integrate features which let other websites track you, such as Facebook Like Buttons or Google Analytics. Request Policy gives you control over the requests that websites make to other websites. This gives you greater and more fine grained control over the information that you leak online.
<br />
<a href="https://requestpolicycontinued.github.io/">https://requestpolicycontinued.github.io/</a>
</p>
-->
<h3>Stop cross-site requests with "uMatrix"</h3>
<img src="assets/img/addons/uMatrix.png" class="img-fluid float-left" alt="uMatrix" style="margin-right:30px;">
<p>Many websites integrate features which let other websites track you, such as Facebook Like Buttons or Google Analytics. uMatrix gives you control over the requests that websites make to other websites. This gives you greater and more fine-grained control
over the information that you leak online.
<br />
<a href="https://addons.mozilla.org/firefox/addon/umatrix/">https://addons.mozilla.org/firefox/addon/umatrix/</a>
</p>
<h3>Be in total control with "NoScript Security Suite"</h3>
<img src="assets/img/addons/NoScript.png" class="img-fluid float-left" alt="NoScript" style="margin-right:30px;">
<p>
Highly customizable plugin to selectively allow Javascript, Java, and Flash to run only on websites you trust. Not for casual users, it requires technical knowledge to configure.
<br />
<a href="https://addons.mozilla.org/firefox/addon/noscript/">https://addons.mozilla.org/firefox/addon/noscript/</a>
</p> <!-- about:config tweaks for Firefox -->
<h1 id="about_config" class="anchor"><a href="#about_config"><i class="fas fa-link anchor-icon"></i></a> Firefox: Privacy Related "about:config" Tweaks</h1>
<div class="alert alert-success" role="alert">This is a collection of privacy-related <strong>about:config</strong> tweaks. We'll show you how to enhance the privacy of your Firefox browser.</div>
<!-- preparation list -->
<h3>Preparation:</h3>
<ol>
<li>Enter "about:config" in the firefox address bar and press enter.</li>
<li>Press the button "I'll be careful, I promise!"</li>
<li>Follow the instructions below...</li>
</ol>
<!-- Getting started list -->
<h3>Getting started:</h3>
<ol class="long-string-list">
<li>privacy.firstparty.isolate = true
<ul>
<li>A result of the <a href="https://wiki.mozilla.org/Security/Tor_Uplift">Tor Uplift</a> effort, this preference isolates all browser identifier sources (e.g. cookies) to the first party domain, with the goal of preventing tracking across different domains. (Don't do this if you are using the Firefox Addon "Cookie AutoDelete" with Firefox v58 or below.)</li>
</ul>
</li>
<li>privacy.resistFingerprinting = true
<ul>
<li>A result of the <a href="https://wiki.mozilla.org/Security/Tor_Uplift">Tor Uplift</a> effort, this preference makes Firefox more resistant to browser fingerprinting.</li>
</ul>
</li>
<li>privacy.trackingprotection.enabled = true
<ul>
<li>This is Mozillas new built-in tracking protection. It uses Disconnect.me filter list, which is redundant if you are already using uBlock Origin 3rd party filters, therefore you should set it to false if you are using the add-on functionalities.</li>
</ul>
</li>
<li>browser.cache.offline.enable = false
<ul>
<li>Disables offline cache.</li>
</ul>
</li>
<li>browser.safebrowsing.malware.enabled = false
<ul>
<li>Disable Google Safe Browsing malware checks. Security risk, but privacy improvement.</li>
</ul>
</li>
<li>browser.safebrowsing.phishing.enabled = false
<ul>
<li>Disable Google Safe Browsing and phishing protection. Security risk, but privacy improvement.</li>
</ul>
</li>
<li>browser.send_pings = false
<ul>
<li>The attribute would be useful for letting websites track visitors clicks. </li>
</ul>
</li>
<li>browser.sessionstore.max_tabs_undo = 0
<ul>
<li>Even with Firefox set to not remember history, your closed tabs are stored temporarily at Menu -&gt; History -&gt; Recently Closed Tabs.</li>
</ul>
</li>
<li>browser.urlbar.speculativeConnect.enabled = false
<ul>
<li>Disable preloading of autocomplete URLs. Firefox preloads URLs that autocomplete when a user types into the address bar, which is a concern if URLs are suggested that the user does not want to connect to. <a href="https://www.ghacks.net/2017/07/24/disable-preloading-firefox-autocomplete-urls/">Source</a></li>
</ul>
</li>
<li>dom.battery.enabled = false
<ul>
<li>Website owners can track the battery status of your device. <a href="https://www.reddit.com/r/privacytoolsIO/comments/3fzbgy/you_may_be_tracked_by_your_battery_status_of_your/">Source</a></li>
</ul>
</li>
<li>dom.event.clipboardevents.enabled = false
<ul>
<li>Disable that websites can get notifications if you copy, paste, or cut something from a web page, and it lets them know which part of the page had been selected.</li>
</ul>
</li>
<li>geo.enabled = false
<ul>
<li>Disables geolocation.</li>
</ul>
</li>
<li>media.eme.enabled = false
<ul>
<li>Disables playback of DRM-controlled HTML5 content, which, if enabled, automatically downloads the Widevine Content Decryption Module provided by Google Inc. <a href="https://support.mozilla.org/en-US/kb/enable-drm#w_opt-out-of-cdm-playback-uninstall-cdms-and-stop-all-cdm-downloads">Details</a></li>
<li>DRM-controlled content that requires the Adobe Flash or Microsoft Silverlight NPAPI plugins will still play, if installed and enabled in Firefox.</li>
</ul>
</li>
<li>media.gmp-widevinecdm.enabled = false
<ul>
<li>Disables the Widevine Content Decryption Module provided by Google Inc., used for the playback of DRM-controlled HTML5 content. <a href="https://support.mozilla.org/en-US/kb/enable-drm#w_disable-the-google-widevine-cdm-without-uninstalling">Details</a></li>
</ul>
</li>
<li>media.navigator.enabled = false
<ul>
<li>Websites can track the microphone and camera status of your device.</li>
</ul>
</li>
<li>network.cookie.cookieBehavior = 1
<ul>
<li>Disable cookies</li>
<li>0 = Accept all cookies by default</li>
<li>1 = Only accept from the originating site (block third-party cookies)</li>
<li>2 = Block all cookies by default</li>
</ul>
</li>
<li>network.cookie.lifetimePolicy = 2
<ul>
<li>cookies are deleted at the end of the session</li>
<li>0 = Accept cookies normally</li>
<li>1 = Prompt for each cookie</li>
<li>2 = Accept for current session only</li>
<li>3 = Accept for N days</li>
</ul>
</li>
<li>network.http.referer.trimmingPolicy = 2
<ul>
<li>Send only the scheme, host, and port in the <code>Referer</code> header</li>
<li>0 = Send the full URL in the <code>Referer</code> header</li>
<li>1 = Send the URL without its query string in the <code>Referer</code> header</li>
<li>2 = Send only the scheme, host, and port in the <code>Referer</code> header</li>
</ul>
</li>
<li>network.http.referer.XOriginPolicy = 2
<ul>
<li>Only send <code>Referer</code> header when the full hostnames match. (Note: if you notice significant breakage, you might try <code>1</code> combined with an <code>XOriginTrimmingPolicy</code> tweak below.) <a href="https://feeding.cloud.geek.nz/posts/tweaking-referrer-for-privacy-in-firefox/">Source</a></li>
<li>0 = Send <code>Referer</code> in all cases</li>
<li>1 = Send <code>Referer</code> to same eTLD sites</li>
<li>2 = Send <code>Referer</code> only when the full hostnames match</li>
</ul>
</li>
<li>network.http.referer.XOriginTrimmingPolicy = 2
<ul>
<li>When sending <code>Referer</code> across origins, only send scheme, host, and port in the <code>Referer</code> header of cross-origin requests. <a href="https://feeding.cloud.geek.nz/posts/tweaking-referrer-for-privacy-in-firefox/">Source</a></li>
<li>0 = Send full url in <code>Referer</code></li>
<li>1 = Send url without query string in <code>Referer</code></li>
<li>2 = Only send scheme, host, and port in <code>Referer</code></li>
</ul>
</li>
<li>webgl.disabled = true
<ul>
<li>WebGL is a potential security risk. <a href="https://security.stackexchange.com/questions/13799/is-webgl-a-security-concern">Source</a></li>
</ul>
</li>
<li>browser.sessionstore.privacy_level = 2
<ul>
<li>This preference controls when to store extra information about a session: contents of forms, scrollbar positions, cookies, and POST data. <a href="http://kb.mozillazine.org/Browser.sessionstore.privacy_level">Details</a></li>
<li>0 = Store extra session data for any site. (Default starting with Firefox 4.)</li>
<li>1 = Store extra session data for unencrypted (non-HTTPS) sites only. (Default before Firefox 4.)</li>
<li>2 = Never store extra session data.</li>
</ul>
</li>
<li>network.IDN_show_punycode = true
<ul>
<li>Not rendering IDNs as their Punycode equivalent leaves you open to phishing attacks that can be very difficult to notice. <a href="https://krebsonsecurity.com/2018/03/look-alike-domains-and-visual-confusion/#more-42636">Source</a></li>
</ul>
</li>
<li>extensions.blocklist.url = https://blocklists.settings.services.mozilla.com/v1/blocklist/3/%20/%20/
<ul>
<li>Limit the amount of identifiable information sent when requesting the Mozilla harmful extension blocklist.</li>
<li>Optionally, the blocklist can be disabled entirely by setting <code>extensions.blocklist.enabled</code> to false for increased privacy, but decreased security. <a href="https://old.reddit.com/r/privacytoolsIO/comments/9uqeew/firefox_tip_sanitize_firefox_blocklist_url_so_it/">Source</a></li>
</ul>
</li>
</ol>
<!-- related information -->
<h3>Related Information</h3>
<ul>
<li><a href="https://ffprofile.com/">ffprofile.com</a> - Helps you to create a Firefox profile with the defaults you like.</li>
<li><a href="http://kb.mozillazine.org/Category:Security_and_privacy-related_preferences">mozillazine.org</a> - Security and privacy-related preferences. </li>
<li><a href="https://github.com/pyllyukko/user.js">user.js Firefox hardening stuff</a> - This is a user.js configuration file for Mozilla Firefox that's supposed to harden Firefox's settings and make it more secure.</li>
<li><a href="https://addons.mozilla.org/firefox/addon/privacy-settings/">Privacy Settings</a> - A Firefox add-on to alter built-in privacy settings easily with a toolbar panel.</li>
</ul>
<h1 id="email" class="anchor"><a href="#email"><i class="fas fa-link anchor-icon"></i></a> Privacy-Conscious Email Providers - No Affiliates</h1>
<div class="alert alert-success" role="alert">
<strong>All providers listed here are operating outside the US and support <a data-toggle="tooltip" data-placement="bottom" data-original-title="When sending or receiving emails, if both the sending and receiving servers support TLS encryption, the email is sent between servers using an encrypted connection.">SMTP TLS.</a> The table is sortable. Never trust any company with your privacy, always encrypt.</strong>
</div>
<div class="table-responsive">
<table class="table sortable-theme-bootstrap" data-sortable>
<thead>
<tr>
<th data-sortable="true">Email Service</th>
<th data-sortable="true">URL</th>
<th data-sortable="true">Since</th>
<th data-sortable="true">Server</th>
<th data-sortable="true">Storage</th>
<th data-sortable="true">Price / Year</th>
<th data-sortable="true">Bitcoin</th>
<th data-sortable="true">Encryption</th>
<th data-sortable="true">Own Domain</th>
</tr>
</thead>
<tbody>
<tr>
<td data-value="ProtonMail">
<img alt="Protonmail" src="assets/img/provider/ProtonMail.ch.png" width="200" height="70">
</td>
<td>
<a data-toggle="tooltip" data-placement="bottom" data-original-title="https://www.protonmail.ch" href="https://www.protonmail.ch"><img alt="WWW" src="assets/img/layout/www.png" width="35"></a>
<a data-toggle="tooltip" data-placement="bottom" data-original-title="https://protonirockerxow.onion. Requires specific software to access: torproject.org" href="https://protonirockerxow.onion"><img alt="Tor" src="assets/img/layout/tor.png" width="35"></a>
</td>
<td data-value="2013">2013</td>
<td><span class="flag-icon flag-icon-ch"></span> Switzerland</td>
<td data-value="500">500 MB</td>
<td data-value="0"><span class="label label-warning">Free</span></td>
<td data-value="1"><span class="label label-success">Accepted</span></td>
<td data-value="1"><span class="label label-success">Built-in</span></td>
<td data-value="1"><span class="label label-success">Yes</span></td>
</tr>
<tr>
<td data-value="disroot.org">
<img alt="Disroot" src="assets/img/provider/disroot.org.png" width="200" height="70">
</td>
<td>
<a data-toggle="tooltip" data-placement="bottom" data-original-title="https://disroot.org" href="https://disroot.org"><img alt="WWW" src="assets/img/layout/www.png" width="35"></a>
</td>
<td data-value="2015">2015</td>
<td><span class="flag-icon flag-icon-nl"></span> Netherlands</td>
<td data-value="2000">2 GB</td>
<td data-value="1"><span class="label label-warning">Free</span></td>
<td data-value="1"><span class="label label-success">Accepted</span></td>
<td data-value="1"><span class="label label-success">Built-in</span></td>
<td data-value="1"><span class="label label-success">Yes</span></td>
</tr>
<tr>
<td data-value="Tutanota">
<img alt="Tutanota" src="assets/img/provider/Tutanota.png" width="200" height="70">
</td>
<td>
<a data-toggle="tooltip" data-placement="bottom" data-original-title="https://www.tutanota.com" href="https://www.tutanota.com"><img alt="WWW" src="assets/img/layout/www.png" width="35"></a>
</td>
<td data-value="2011">2011</td>
<td><span class="flag-icon flag-icon-de"></span> Germany</td>
<td data-value="1000">1 GB</td>
<td data-value="0"><span class="label label-warning">Free</span></td>
<td data-value="0"><span class="label label-primary">No</span></td>
<td data-value="1"><span class="label label-success">Built-in</span></td>
<td data-value="1"><span class="label label-success">Yes</span></td>
</tr>
<tr>
<td data-value="Mailfence">
<img alt="Mailfence" src="assets/img/provider/Mailfence.png" width="200" height="70">
</td>
<td>
<a data-toggle="tooltip" data-placement="bottom" data-original-title="https://www.mailfence.com" href="https://www.mailfence.com"><img alt="WWW" src="assets/img/layout/www.png" width="35"></a>
</td>
<td data-value="2013">2013</td>
<td><span class="flag-icon flag-icon-be"></span> Belgium</td>
<td data-value="500">500 MB</td>
<td data-value="0"><span class="label label-warning">Free</span></td>
<td data-value="1"><span class="label label-success">Accepted</span></td>
<td data-value="1"><span class="label label-success">Built-in</span></td>
<td data-value="1"><span class="label label-success">Yes</span></td>
</tr>
<tr>
<td data-value="mailbox.org">
<img alt="mailbox.org" src="assets/img/provider/mailbox.org.png" width="200" height="70">
</td>
<td>
<a data-toggle="tooltip" data-placement="bottom" data-original-title="https://www.mailbox.org" href="https://www.mailbox.org"><img alt="WWW" src="assets/img/layout/www.png" width="35"></a>
</td>
<td data-value="2014">2014</td>
<td><span class="flag-icon flag-icon-de"></span> Germany</td>
<td data-value="2000">2 GB</td>
<td data-value="13">12 €</td>
<td data-value="1"><span class="label label-success">Accepted</span></td>
<td data-value="1"><span class="label label-success">Built-in</span></td>
<td data-value="1"><span class="label label-success">Yes</span></td>
</tr>
<tr>
<td data-value="Posteo">
<img alt="Posteo" src="assets/img/provider/Posteo.png" width="200" height="70">
</td>
<td>
<a data-toggle="tooltip" data-placement="bottom" data-original-title="https://www.posteo.de" href="https://www.posteo.de"><img alt="WWW" src="assets/img/layout/www.png" width="35"></a>
</td>
<td data-value="2009">2009</td>
<td><span class="flag-icon flag-icon-de"></span> Germany</td>
<td data-value="2000">2 GB</td>
<td data-value="13">12 €</td>
<td data-value="0"><span class="label label-primary">No</span></td>
<td data-value="1"><span class="label label-success">Built-in</span></td>
<td data-value="0"><span class="label label-primary">No</span></td>
</tr>
<tr>
<td data-value="Runbox">
<img alt="Runbox" src="assets/img/provider/runbox.png" width="200" height="70">
</td>
<td>
<a data-toggle="tooltip" data-placement="bottom" data-original-title="https://runbox.com" href="https://runbox.com"><img alt="WWW" src="assets/img/layout/www.png" width="35"></a>
</td>
<td data-value="1999">1999</td>
<td><span class="flag-icon flag-icon-no"></span> Norway</td>
<td data-value="1000">1 GB</td>
<td data-value="20">$ 19.95</td>
<td data-value="1"><span class="label label-primary">Yes</span></td>
<td data-value="0"><span class="label label-primary">No</span></td>
<td data-value="1"><span class="label label-success">Yes</span></td>
</tr>
<tr>
<td data-value="Neomailbox">
<img alt="Neomailbox" src="assets/img/provider/Neomailbox.png" width="200" height="70">
</td>
<td>
<a data-toggle="tooltip" data-placement="bottom" data-original-title="https://www.neomailbox.com" href="https://www.neomailbox.com"><img alt="WWW" src="assets/img/layout/www.png" width="35"></a>
</td>
<td data-value="2003">2003</td>
<td><span class="flag-icon flag-icon-ch"></span> Switzerland</td>
<td data-value="1000">1 GB</td>
<td data-value="50">$ 49.95</td>
<td data-value="1"><span class="label label-success">Accepted</span></td>
<td data-value="1"><span class="label label-success">Built-in</span></td>
<td data-value="1"><span class="label label-success">Yes</span></td>
</tr>
<tr>
<td data-value="StartMail">
<img alt="StartMail" src="assets/img/provider/StartMail.png" width="200" height="70">
</td>
<td>
<a data-toggle="tooltip" data-placement="bottom" data-original-title="https://www.startmail.com" href="https://www.startmail.com"><img alt="WWW" src="assets/img/layout/www.png" width="35"></a>
</td>
<td data-value="2014">2014</td>
<td><span class="flag-icon flag-icon-nl"></span> Netherlands</td>
<td data-value="10000">10 GB</td>
<td data-value="60">$ 59.95</td>
<td data-value="0"><span class="label label-success">Accepted</span></td>
<td data-value="1"><span class="label label-success">Built-in</span></td>
<td data-value="1"><span class="label label-success">Yes</span></td>
</tr>
<tr>
<td data-value="Kolab Now">
<img alt="Kolab Now" src="assets/img/provider/Kolab-Now.png" width="200" height="70">
</td>
<td>
<a data-toggle="tooltip" data-placement="bottom" data-original-title="https://www.kolabnow.com" href="https://www.kolabnow.com"><img alt="WWW" src="assets/img/layout/www.png" width="35"></a>
</td>
<td data-value="2010">2010</td>
<td><span class="flag-icon flag-icon-ch"></span> Switzerland</td>
<td data-value="2048">2 GB</td>
<td data-value="60">$ 60</td>
<td data-value="1"><span class="label label-success">Accepted</span></td>
<td data-value="0"><span class="label label-primary">No</span></td>
<td data-value="1"><span class="label label-success">Yes</span></td>
</tr>
</tbody>
</table>
</div>
<h3>Interesting Email Providers Under Development</h3>
<ul>
<li><a href="https://www.confidantmail.org/">Confidant Mail</a> - An open-source non-SMTP cryptographic email system optimized for large file attachments. It is a secure and spam-resistant alternative to regular email and online file drop services. It
uses <a href="https://theprivacyguide.org/tutorials/gpg.html">GNU Privacy Guard (GPG)</a> for content encryption and authentication, and TLS 1.2 with ephemeral keys for transport encryption.</li>
</ul> <h3>Become Your Own Email Provider with Mail-in-a-Box</h3>
<a href="https://mailinabox.email/"><img src="assets/img/provider/Mail-in-a-Box.png" class="img-fluid float-left" alt="Mail-in-a-Box" style="margin-right:10px;"></a>
<p>Take it a step further and get control of your email with this easy-to-deploy mail server in a box. Mail-in-a-Box lets you become your own mail service provider in a few easy steps. Its sort of like making your own Gmail, but one you control from top
to bottom. Technically, Mail-in-a-Box turns a fresh cloud computer into a working mail server. But you dont need to be a technology expert to set it up. <strong>More: <a href="https://mailinabox.email/">https://mailinabox.email/</a></strong></p>
<h3>Privacy Email Tools</h3>
<ul>
<li><a href="https://www.gpg4usb.org/">gpg4usb</a> - A very easy to use and small portable editor to encrypt and decrypt any text-message or -file. For Windows and Linux. <a href="https://theprivacyguide.org/tutorials/gpg.html">GPG tutorial</a>.</li>
<li><a href="https://www.mailvelope.com/">Mailvelope</a> - A browser extension that enables the exchange of encrypted emails following the <a href="https://theprivacyguide.org/tutorials/pgp.html">OpenPGP encryption standard</a>.</li>
<li><a href="https://www.enigmail.net/">Enigmail</a> - A security extension to Thunderbird and Seamonkey. It enables you to write and receive email messages signed and/or encrypted with the <a href="https://theprivacyguide.org/tutorials/pgp.html">OpenPGP standard</a>.</li>
<li><a href="https://addons.mozilla.org/thunderbird/addon/torbirdy/">TorBirdy</a> - This extension configures Thunderbird to make connections over the Tor anonymity network.</li>
<li><a href="https://emailprivacytester.com/">Email Privacy Tester</a> - This tool will send an Email to your address and perform privacy-related tests.</li>
</ul>
<h3>Related Information</h3>
<ul>
<li><a href="https://www.wired.com/2011/10/ecpa-turns-twenty-five/">Aging Privacy Law Leaves Cloud E-Mail Open to Cops</a> - Data stored in the cloud for longer than 6 months is considered abandoned and may be accessed by intelligence agencies without
a warrant. Learning: Use an external email client like Thunderbird or Enigmail, download your emails and store them locally. Never leave them on the server.</li>
<li><a href="https://www.eff.org/deeplinks/2012/04/may-firstriseup-server-seizure-fbi-overreaches-yet-again">With May First/Riseup Server Seizure, FBI Overreaches Yet Again</a></li>
<li><a href="https://www.autistici.org/ai/crackdown/">Autistici/Inventati server compromised</a> - The cryptographic services offered by the Autistici/Inventati server have been compromised on 15th June 2004. It was discovered on 21st June 2005. One year
later. During an enquiry on a single mailbox, the Postal Police may have tapped for a whole year every user's private communication going through the server autistici.org/inventati.org.</li>
</ul>
<h1 id="clients" class="anchor"><a href="#clients"><i class="fas fa-link anchor-icon"></i></a> Email Clients</h1>
<div class="row mb-2">
{% include card.html color="success"
title="Thunderbird"
image="assets/img/tools/Thunderbird.png"
url="https://mozilla.org/thunderbird"
website="mozilla.org"
footer="OS: Windows, macOS, Linux, BSD."
description="Mozilla Thunderbird is a free, open source, cross-platform email, news, and chat client developed by the Mozilla Foundation. Thunderbird is an email, newsgroup, news feed, and chat (XMPP, IRC, Twitter) client."
%} {% include card.html color="primary"
title="Claws Mail"
image="assets/img/tools/Claws-Mail.png"
url="https://www.claws-mail.org/"
footer="OS: Windows, macOS, Linux, BSD, Solaris, Unix."
description="Claws Mail is a free and open source, GTK+-based email and news client. It offers easy configuration and an abundance of features. It is included with Gpg4win, an encryption suite for Windows."
%} <!--
<div class="col-sm-4">
<div class="panel panel-warning">
<div class="panel-heading">
<h3 class="panel-title">Whiteout Mail</h3>
</div>
<div class="panel-body">
<p><img src="assets/img/tools/Whiteout-Mail.png" alt="Whiteout Mail" align="right" style="margin-left:5px;">Whiteout Mail is an open source email solution with strong end-to-end encryption that is really easy to use and runs on all of your devices. Keeping your emails safe has never been so easy. You can also get a new email address.</p>
<p><a href="https://whiteout.io/"><button type="button" class="btn btn-warning">Website: whiteout.io</button></a></p>
<p>OS: Chrome, Android, iOS, Web.</p>
</div>
</div>
</div>
-->
</div>
<h3>Worth Mentioning</h3>
<ul>
<li><a href="https://github.com/k9mail/k-9/releases">K-9 Mail</a> - An independent mail application for Android. It supports both POP3 and IMAP mailboxes, but only supports push mail for IMAP.</li>
<li><a href="https://www.gnupg.org/">GNU Privacy Guard</a> - Email Encryption. GnuPG is a GPL Licensed alternative to the PGP suite of cryptographic software. <a href="https://theprivacyguide.org/tutorials/gpg.html">Tutorial.</a> Use <a href="https://gpgtools.org/">GPGTools for macOS.</a></li>
<li><a href="https://www.mailpile.is/">Mailpile (Beta)</a> - A modern, fast web-mail client with user-friendly encryption and privacy features.</li>
</ul>
<h1 id="messaging" class="anchor"><a href="#messaging"><i class="fas fa-link anchor-icon"></i></a> Email Alternatives</h1>
<div class="row mb-2">
{% include card.html color="success"
title="I2P-Bote"
image="assets/img/tools/I2P.png"
url="https://i2pbote.xyz/"
footer="OS: Windows, macOS, Linux, Android, BSD / Solaris."
description="I2P-Bote is a fully decentralized and distributed email system. It supports different identities and does not expose email headers. Currently (2015), it is still
in beta version and can be accessed via its web application interface or IMAP and SMTP. All bote-mails are transparently end-to-end encrypted and, optionally, signed by the sender's private key."
%}
{% include card.html color="primary"
title="Bitmessage"
image="assets/img/tools/Bitmessage.png"
url="https://bitmessage.org/"
footer="OS: Windows, macOS, Linux."
description="Bitmessage is a P2P communications protocol used to send encrypted messages to another person or to many subscribers. It is decentralized and trustless,
meaning that you need-not inherently trust any entities like root certificate authorities. It uses strong authentication which means that the sender of a message cannot be spoofed, and it aims to hide \"non-content\" data."
%} {% include card.html color="warning"
title="RetroShare"
image="assets/img/tools/RetroShare.png"
url="http://retroshare.net"
footer="OS: Windows, macOS, Linux."
description="Retroshare creates encrypted connections to your friends. Nobody can spy on you. Retroshare is completely decentralized. This means there are no central servers. It is entirely Open-Source and free. There are no costs, no ads and no Terms of Service."
%}
</div>
<h1 id="search" class="anchor"><a href="#search"><i class="fas fa-link anchor-icon"></i></a> Privacy Respecting Search Engines</h1>
<div class="alert alert-warning" role="alert">
<strong> If you are currently using search engines like Google, Bing or Yahoo, you should pick an alternative here. </strong>
</div>
<div class="row mb-2">
{% include card.html color="success"
title="searx"
image="assets/img/provider/searx.jpg"
url="https://searx.me/"
tor="http://ulrn6sryqaifefld.onion"
extra_button='<a class="btn btn-success mb-1" href="https://github.com/asciimoo/searx/wiki/Searx-instances">List of Instances</a>'
description='An <a href="https://github.com/asciimoo/searx">open source</a> metasearch engine, aggregating the results of other search engines while not storing information about its users. No logs, no ads and no tracking.'
%}
{% include card.html color="primary"
title="StartPage"
image="assets/img/provider/StartPage.png"
url="https://www.startpage.com/"
description="Google search results, with complete privacy protection. Behind StartPage is a european company that has been obsessive about privacy since 2006."
%}
{% include card.html color="warning"
title="DuckDuckGo"
image="assets/img/provider/DuckDuckGo.jpg"
url="https://duckduckgo.com/"
tor="http://3g2upl4pq6kufc4m.onion"
description='The search engine that doesn\'t track you. Some of DuckDuckGo\'s code is free software hosted at <a href="https://github.com/duckduckgo">GitHub</a>, but the core is proprietary. <span class="flag-icon flag-icon-us"></span> <a href="#ukusa">The company is based in the USA.</a>'
%}
</div>
<h3>Firefox Addon</h3>
<ul>
<li>
<a href="https://addons.mozilla.org/firefox/addon/google-search-link-fix/">Google search link fix</a> - Firefox extension that prevents Google and Yandex search pages from modifying search result links when you click them. This is useful when
copying links but it also helps privacy by preventing the search engines from recording your clicks. (<a href="https://github.com/palant/searchlinkfix">Open Source</a>)
</li>
</ul>
<h3>Worth Mentioning</h3>
<ul>
<li>
<a href="https://www.qwant.com/">Qwant</a> - Qwant's philosophy is based on two principles: no user tracking and no filter bubble. Qwant was launched in France in February 2013. <a href="https://www.qwant.com/privacy">Privacy Policy.</a>
</li>
<li>
<a href="https://metager.de/en/">MetaGer</a> - An open source metasearch engine, which is based in Germany. It focuses on protecting the user's privacy.
</li>
</ul> <h1 id="im" class="anchor"><a href="#im"><i class="fas fa-link anchor-icon"></i></a> Encrypted Instant Messenger</h1>
<div class="alert alert-warning" role="alert">
<strong>If you are currently using an Instant Messenger like WhatsApp, Viber, LINE, Telegram or Threema, you should pick an alternative here.</strong>
</div>
<div class="row mb-2">
{% include card.html color="success"
title="Mobile: Signal"
image="assets/img/tools/Signal.png"
url="https://signal.org"
footer="OS: Android, iOS, macOS, Windows, Linux"
description="Signal is a mobile app developed by Open Whisper Systems. The app provides instant messaging, as well as voice and video calling.
All communications are end-to-end encrypted. Signal is free and open source, enabling anyone to verify its security by auditing the code. The development team is supported by community donations and grants. There are no advertisements,
and it doesn't cost anything to use."
%}
{% include card.html color="primary"
title="Riot.im"
image="assets/img/tools/riot.png"
url="https://riot.im/"
footer="OS: Android, iOS, macOS, Windows, Linux, Web"
labels="warning:beta:The software is currently in beta and the mobile client states 'End-to-end encryption is in beta and may not be reliable. You should not yet trust it to secure data.'"
description='Riot.im is a decentralized free-software chatting application based on the <a href="https://matrix.org/">Matrix</a> protocol, a recent open protocol for real-time communication offering E2E encryption. It can bridge other communications via others protocols such as IRC too.'
%}
{% include card.html color="warning"
title="Desktop: Ricochet"
image="assets/img/tools/Ricochet.png"
url="https://ricochet.im/"
footer="OS: Windows, macOS, Linux."
description='Ricochet uses the <a href="#browser"><i class="fas fa-link"></i> Tor network</a> to reach your contacts without relying on messaging servers. It creates a hidden service, which is used to rendezvous with
your contacts without revealing your location or IP address. Instead of a username, you get a unique address that looks like <em>ricochet:rs7ce36jsj24ogfw</em>. Other Ricochet users can use this address to send a contact request - asking to be
added to your contacts list.'
%}
</div>
<h3>Worth Mentioning</h3>
<ul>
<li><a href="https://www.chatsecure.org">ChatSecure</a> - ChatSecure is a free and open source messaging app that features OTR encryption over XMPP. </li>
<li><a href="https://crypto.cat/">Cryptocat</a> - Encrypted open source messenger. Supports file sharing and multiple devices. Available for Windows, Linux and macOS.</li>
<li><a href="https://kontalk.org/">Kontalk</a> - A community-driven instant messaging network. Supports end-to-end encryption. Both client-to-server and server-to-server channels are fully encrypted.</li>
<li><a href="https://play.google.com/store/apps/details?id=eu.siacs.conversations">Conversations</a> - An open source Jabber/XMPP client for Android 4.4+ smartphones. Supports end-to-end encryption with either OMEMO or openPGP. There is also <a href="https://play.google.com/store/apps/details?id=eu.siacs.conversations.legacy">Conversations Legacy</a> which still supports OTR.</li>
<li><a href="https://get.wire.com/">Wire</a> <span class="badge badge-warning" data-toggle="tooltip" title="Wire stores metadata such as your contacts in plaintext (= not encrypted).">experimental <i class="far fa-question-circle"></i> (<a href="https://motherboard.vice.com/en_us/article/secure-messaging-app-wire-stores-everyone-youve-ever-contacted-in-plain-text">more info</a>)</span> - A free software End-to-End Encrypted chating application that supports instant messaging, voice, and video calls.</li>
<li><a href="https://en.wikipedia.org/wiki/Off-the-Record_Messaging#Client_support">List of OTR Clients - Wikipedia</a></li>
</ul>
<h3>Related Information</h3>
<ul>
<li><a href="https://motherboard.vice.com/read/ricochet-encrypted-messenger-tackles-metadata-problem-head-on">Ricochet, the Messenger That Beats Metadata, Passes Security Audit | Motherboard</a></li>
<li><a href="https://firstlook.org/theintercept/2015/07/14/communicating-secret-watched/">Chatting in Secret While We're All Being Watched - firstlook.org</a></li>
<li><a href="https://signal.org/android/apk/">Advanced users with special needs can download the Signal APK directly. Most users should not do this under normal circumstances.</a></li>
<li><a href="https://security.stackexchange.com/a/49802">Telegram encryption isn't secure.</a></li>
<li><a href="https://www.reddit.com/r/privacytoolsIO/comments/6r655i/telegram_isnt_safe/">Telegram is marketed as a private messenger, but it's not private by default.</a></li>
</ul>
<h1 id="voip" class="anchor"><a href="#voip"><i class="fas fa-link anchor-icon"></i></a> Encrypted Video & Voice Messenger</h1>
<div class="alert alert-warning" role="alert">
<strong>If you are currently using a Video & Voice Messenger like Skype, Viber or Google Hangouts, you should pick an alternative here.</strong>
</div>
<div class="row mb-2">
{% include card.html color="success"
title="Mobile: Signal"
image="assets/img/tools/Signal.png"
url="https://signal.org"
footer="OS: Android, iOS, macOS, Windows, Linux"
description="Signal is a mobile app developed by Open Whisper Systems. The app provides instant messaging, as well as voice and video calling.
All communications are end-to-end encrypted. Signal is free and open source, enabling anyone to verify its security by auditing the code. The development team is supported by community donations and grants. There are no advertisements,
and it doesn't cost anything to use."
%}
{% include card.html color="primary"
title="Wire"
image="assets/img/tools/wire.png"
url="https://get.wire.com"
footer="OS: Android, iOS, macOS, Windows, Linux, Web"
description="Wire is an app developed by Wire Swiss GmbH.
The Wire app allows users to exchange end-to-end encrypted instant messages, as well as make voice and video calls. Wire is free and open source, enabling anyone to verify its security by auditing the code.
The development team is backed by Iconical and they will monetize in the future with premium features/services.<br>
<b>Caution:</b> The company keeps a list of all the users you contact until you delete your account."
%}
{% include card.html color="warning"
title="Linphone"
image="assets/img/tools/Linphone.png"
url="https://www.linphone.org/"
footer="OS: iOS, Android, Windows Phone, Linux, Windows, macOS, Browser (Web)"
description="Linphone is an open source SIP Phone and a free voice over IP service, available on mobile and desktop environments and on web browsers. It supports ZRTP for end-to-end encrypted voice and video communication."
%}
</div> <h3>Worth Mentioning</h3>
<ul>
<li><a href="https://jitsi.org/">Jitsi</a> - Jitsi is a free and open source multiplatform voice (VoIP), videoconferencing and instant messaging application.</li>
<li> <a href="https://tox.chat/">Tox</a> - <span class="badge badge-warning">Experimental</span> A free and open-source, peer-to-peer, encrypted instant messaging and video calling software. </li>
<li><a href="https://ring.cx/">Ring (formerly SFLphone)</a> - Gives you a full control over your communications and an unmatched level of privacy.</li>
</ul>
<h3>Related Information</h3>
<ul>
<li><a href="https://signal.org/android/apk/">Advanced users with special needs can download the Signal APK directly. Most users should not do this under normal circumstances.</a></li>
<li><a href="https://motherboard.vice.com/en_us/article/secure-messaging-app-wire-stores-everyone-youve-ever-contacted-in-plain-text">Secure Messaging App Wire Stores Everyone You've Ever Contacted in Plain Text | Motherboard</a></li>
</ul> <h1 id="filesharing" class="anchor"><a href="#filesharing"><i class="fas fa-link anchor-icon"></i></a> File Sharing</h1>
<div class="row mb-2">
{% include card.html color="success"
title="OnionShare"
image="assets/img/tools/OnionShare.png"
url="https://onionshare.org/"
tor="http://elx57ue5uyfplgva.onion/"
footer="OS: Windows, macOS, Linux."
description="OnionShare is an open source tool that lets you securely and anonymously share a file of any size. It works by starting a web server, making it accessible as a Tor onion service, and generating an unguessable URL to access and download the files. It doesn't require setting up a server on the internet somewhere or using a third-party filesharing service. You host the file on your own computer and use a Tor onion service to make it temporarily accessible over the internet."
%}
{% include card.html color="primary"
title="Magic Wormhole"
image="assets/img/tools/Magic-Wormhole.png"
url="https://github.com/warner/magic-wormhole"
footer='OS: cross-platform <a href="https://github.com/warner/magic-wormhole#license-compatibility">(python)</a>'
description='Get things from one computer to another, safely.This package provides a library and a command-line tool named wormhole, which makes it possible to get arbitrary-sized files and directories (or short pieces of text) from one computer to another. The two endpoints are identified by using identical "wormhole codes": in general, the sending machine generates and displays the code, which must then be typed into the receiving machine. The codes are short and human-pronounceable, using a phonetically-distinct wordlist. The receiving side offers tab-completion on the codewords, so usually only a few characters must be typed. Wormhole codes are single-use and do not need to be memorized.'
%}
</div>
<h1 id="cloud" class="anchor"><a href="#cloud"><i class="fas fa-link anchor-icon"></i></a> Encrypted Cloud Storage Services</h1>
<div class="alert alert-warning" role="alert">
<strong>If you are currently using Cloud Storage Services like Dropbox, Google Drive, Microsoft OneDrive or Apple iCloud, you should pick an alternative here.</strong>
</div>
<div class="row mb-4">
{% include card.html color="success"
title="Nextcloud - Choose your hoster"
image="assets/img/provider/Nextcloud.png"
description="Similar functionally to the widely used Dropbox, with the difference being that Nextcloud is free and open-source, and thereby allowing anyone to install and operate it without charge on a private server, with no limits on storage space or the number of connected clients."
url="https://nextcloud.com/"
footer="Client OS: Windows, macOS, Linux, BSD, Unix, iOS, Android, Fire OS. Server: Linux."
%}
{% include card.html color="primary"
title="Least Authority S4 - For Experts"
image="assets/img/provider/S4.jpg"
description="S4 (Simple Secure Storage Service) is Least Authority's verifiably secure off-site backup system for individuals and businesses. 100% client-side encryption and open source transparency. 250GB for $9.95/month or 5TB for $25.95/month. Servers are hosted with Amazon S3 in the US."
url="https://leastauthority.com/"
footer='OS: <a href="https://tahoe-lafs.org/trac/tahoe-lafs/wiki/Installation">Linux</a>, <a href="https://tahoe-lafs.org/trac/tahoe-lafs/browser/trunk/docs/quickstart.rst"> Windows, macOS, OpenSolaris, BSD.</a> (Installation for advanced users)'
%}
</div>
<h3>Related Information</h3>
<ul>
<li><a href="https://cryptomator.org/">Cryptomator</a> - Free client-side AES encryption for your cloud files. Open source software: No backdoors, no registration.</li>
</ul>
<h1 id="mycloud" class="anchor"><a href="#mycloud"><i class="fas fa-link anchor-icon"></i></a> Self-Hosted Cloud Server Software</h1>
<div class="alert alert-warning" role="alert">
<strong>If you are currently using a Cloud Storage Services like Dropbox, Google Drive, Microsoft OneDrive or Apple iCloud, you should think about hosting it on your own.</strong>
</div>
<div class="row mb-2">
{% include card.html color="success"
title="Pydio"
image="assets/img/tools/Pydio.png"
url="https://pydio.com/"
footer="OS: Windows, macOS, Linux, iOS, Android."
description="Pydio is open source software that turns instantly any server (on-premise, NAS, cloud IaaS or PaaS) into a file sharing platform for your company. It is an alternative
to SaaS Boxes and Drives, with more control, safety and privacy, and favorable TCOs."
%}
{% include card.html color="primary"
title="Tahoe-LAFS"
image="assets/img/tools/Tahoe-LAFS.png"
url="https://www.tahoe-lafs.org/"
footer="OS: Windows, macOS, Linux."
description="Tahoe-LAFS is a Free and Open decentralized cloud storage system. It distributes your data across multiple servers. Even if some of the servers fail or are
taken over by an attacker, the entire file store continues to function correctly, preserving your privacy and security."
%}
{% include card.html color="warning"
title="Nextcloud"
image="assets/img/provider/Nextcloud.png"
url="https://nextcloud.com/"
footer="Client OS: Windows, macOS, Linux, BSD, Unix, iOS, Android, Fire OS. Server: Linux."
description="Similar functionally to the widely used Dropbox, with the difference being that Nextcloud is free and open-source, and thereby allowing anyone to install and operate it without charge on a private server, with no limits on storage space or the number of connected clients."
%}
</div>
<h1 id="host" class="anchor"><a href="#host"><i class="fas fa-link anchor-icon"></i></a> Secure Hosting Provider</h1>
<div class="row mb-2">
{% include card.html color="success"
title="BAHNHOF"
image="assets/img/tools/bahnhof.png"
url="https://www.bahnhof.net/"
description="BAHNHOF is a widely known 'bullet-proof' hosting company utilized by Wikileaks."
%}
{% include card.html color="primary"
title="Colocation: DataCell"
image="assets/img/tools/datacell.png"
url="https://datacell.is/"
description="DataCell is a data center providing secure colocating in Switzerland and Iceland."
%}
{% include card.html color="warning"
title="VPS/Web Hosting: Orange Website"
image="assets/img/tools/orange_hosting.png"
url="https://www.orangewebsite.com/"
description="Orange Website is an Icelandic web hosting provider that prides themselves in protecting online privacy and free speech."
%}
</div>
<h1 id="sync" class="anchor"><a href="#sync"><i class="fas fa-link anchor-icon"></i></a> Secure File Sync Software</h1>
<div class="row mb-2">
{% include card.html color="success"
title="SparkleShare"
image="assets/img/tools/SparkleShare.png"
url="http://sparkleshare.org/"
footer="OS: Windows, macOS, Linux."
description="SparkleShare creates a special folder on your computer. You can add remotely hosted folders (or \"projects\") to this folder. These projects will be automatically
kept in sync with both the host and all of your peers when someone adds, removes or edits a file."
%} {% include card.html color="primary"
title="Syncthing"
image="assets/img/tools/Syncthing.png"
url="https://syncthing.net/"
footer="OS: Windows, macOS, Linux, Android, BSD, Solaris."
description="Syncthing replaces proprietary sync and cloud services with something open, trustworthy and decentralized. Your data is your data alone and you deserve to
choose where it is stored, if it is shared with some third-party and how it's transmitted over the Internet."
%} </div>
<h3>Worth Mentioning</h3>
<ul>
<li>
<a href="https://git-annex.branchable.com/">git-annex</a> - Allows managing files with git, without checking the file contents into git. While that may seem paradoxical, it is useful when dealing with files larger than git can currently easily handle,
whether due to limitations in memory, time, or disk space.
</li>
</ul>
<h1 id="pw" class="anchor"><a href="#pw"><i class="fas fa-link anchor-icon"></i></a> Password Manager Software</h1>
<div class="alert alert-warning" role="alert">
<strong>If you are currently using a password manager software like 1Password, LastPass, Roboform or iCloud Keychain, you should pick an alternative here.</strong>
</div>
<div class="row mb-2">
{% include card.html color="success"
title="Bitwarden - Cloud/Self-host"
image="assets/img/tools/bitwarden.png"
url="https://bitwarden.com/"
footer="OS: Windows, macOS, Linux, iOS, Android, Web."
description="Bitwarden is a free and open source password manager. It aims to solve password management problems for individuals, teams, and business organizations. Bitwarden is among the easiest and safest solutions to store all of your logins and passwords while conveniently keeping them synced between all of your devices. If you don't want to use the Bitwarden cloud, you can easily host your own Bitwarden server."
%} {% include card.html color="primary"
title="KeePass / KeePassXC - Local"
image="assets/img/tools/KeePass.png"
url="https://keepass.info/download.html"
website="keepass.info"
footer="OS: Windows, macOS, Linux, iOS, Android, BSD."
description='KeePass is a free open source password manager, which helps you to manage your passwords in a secure way. All passwords in one database, which is locked with one
master key or a key file. The databases are encrypted using the best and most secure encryption algorithms currently known: AES and Twofish. See also: <a href="https://keepassxc.org/">KeePassXC</a> with official native cross-platform support for Windows/macOS/Linux.'
%}
{% include card.html color="warning"
title="LessPass - Browser"
image="assets/img/tools/LessPass.png"
url="https://lesspass.com/"
footer="OS: Windows, macOS, Linux, Android."
description="LessPass is a free and open source password manager that generates unique passwords for websites, email accounts, or anything else based on a master password and information you know. No sync needed. Uses PBKDF2 and SHA-256. It's advised to use the browser addons for more security."
%} </div>
<h3>Worth Mentioning</h3>
<ul>
<li>
<a href="https://masterpassword.app">Master Password</a> - Master Password is based on an ingenious password generation algorithm that guarantees your passwords can never be lost. Its passwords aren't stored: they are generated on-demand from your name, the site and your master password. No syncing, backups or internet access needed.
</li>
<li>
<a href="https://pwsafe.org/">Password Safe</a> - Whether the answer is one or hundreds, Password Safe allows you to safely and easily create a secured and encrypted username/password list. With Password Safe all you have to do is create and remember
a single "Master Password" of your choice in order to unlock and access your entire username/password list.
</li>
</ul>
<h3>Related Information</h3>
<ul>
<li><a href="https://www.youtube.com/watch?v=yzGzB-yYKcc">Edward Snowden on Passwords - YouTube</a></li>
</ul>
<h1 id="calendar_contacts" class="anchor"><a href="#calendar_contacts"><i class="fas fa-link anchor-icon"></i></a> Calendar and Contacts Sync</h1>
<div class="alert alert-warning" role="alert">
<strong>If you are currently using a calendar and or contacts synchronization service like Google Sync or iCloud, you should pick an alternative here.</strong>
</div>
<div class="row mb-2">
{% include card.html color="success"
title="Nextcloud"
image="assets/img/provider/Nextcloud.png"
url="https://nextcloud.com/"
footer="Client OS: Windows, macOS, Linux, BSD, Unix, iOS, Android, Fire OS. Server: Linux."
description="NextCloud is a suite of client-server software for creating and using file hosting services. This includes calendar sync via CalDAV and contacts sync via CardDAV. Nextcloud is free and open-source, thereby allowing anyone to install and operate it without charge on a private server."
%}
{% include card.html color="primary"
title="Email Providers"
image="assets/img/misc/email.png"
url="#email"
website="Email Providers section"
footer="OS: depends on email provider."
description="Many email providers also offer calendar and or contacts sync services. Refer to the <a href=\"#email\">Email Providers section</a> to choose an email provider and check if they also offer calendar and or contacts sync."
%}
{% include card.html color="warning"
title="EteSync"
image="assets/img/provider/etesync.png"
url="https://www.etesync.com/"
footer="Client OS: Android, Web. Server OS: Linux."
description="EteSync is a secure, end-to-end encrypted and journaled personal information (e.g. contacts and calendar) cloud synchronization and backup for Android and any OS that supports CalDAV/CardDAV. It costs $14 per year to use, or you can host the server yourself for free."
%}
</div>
<h3>Worth Mentioning</h3>
<ul>
<li>
<a href="https://fruux.com/">fruux</a> - a unified contacts/calendaring system that works across platforms and devices.
</li>
<li>
<a href="https://signal.org/blog/flock/">Flock</a> - a discontinued calendar and contacts sync service by Open Whisper Systems. Despite being shut down the <a href="https://github.com/signalapp/Flock">source code</a> is still available on GitHub.
</li>
<li>
<a href="#cloud">cloud backups</a> - consider regularly exporting your calendar and or contacts and backing them up on a separate storage drive or uploading them to cloud storage (ideally after <a href="#encrypt">encrypting</a> them).
</li>
</ul>
<h1 id="encrypt" class="anchor"><a href="#encrypt"><i class="fas fa-link anchor-icon"></i></a> File Encryption Software</h1>
<div class="alert alert-warning" role="alert">
<strong>If you are currently not using encryption software for your hard disk, emails or file archives, you should pick an encryption software here.</strong>
</div>
<div class="row mb-2">
{% include card.html color="success"
title="VeraCrypt - Disk Encryption"
image="assets/img/tools/VeraCrypt.png"
url="https://veracrypt.fr/"
footer="OS: Windows, macOS, Linux."
description="VeraCrypt is a source-available freeware utility used for on-the-fly encryption. It can create a virtual encrypted disk within a file or encrypt a partition
or the entire storage device with pre-boot authentication. VeraCrypt is a fork of the discontinued TrueCrypt project. It was initially released on June 22, 2013. According to its developers, security improvements have been implemented and issues
raised by the initial TrueCrypt code audit have been addressed."
%}
{% include card.html color="primary"
title="GNU Privacy Guard - Email Encryption"
image="assets/img/tools/GnuPG.png"
url="https://gpgtools.org/"
footer="OS: Windows, macOS, Linux, Android, BSD."
description="GnuPG is a GPL Licensed alternative to the PGP suite of cryptographic software. GnuPG is compliant with RFC 4880, which is the current IETF standards track specification
of OpenPGP. Current versions of PGP (and Veridis' Filecrypt) are interoperable with GnuPG and other OpenPGP-compliant systems. GnuPG is a part of the Free Software Foundation's GNU software project, and has received major funding from the German
government. <a href=\"https://gpgtools.org/\">GPGTools for macOS</a>."
%}
{% include card.html color="warning"
title="PeaZip - File Archive Encryption"
image="assets/img/tools/PeaZip.png"
url="http://www.peazip.org/"
footer="OS: Windows, Linux, BSD."
description="PeaZip is a free and open-source file manager and file archiver made by Giorgio Tani. It supports its native PEA archive format (featuring compression, multi volume
split and flexible authenticated encryption and integrity check schemes) and other mainstream formats, with special focus on handling open formats. It supports 181 file extensions (as of version 5.5.1).</p>
<p><strong>macOS alternative:</strong> <a href=\"https://www.keka.io/\">Keka</a> is a free file archiver."
%}
</div>
<h3>Worth Mentioning</h3>
<ul>
<li><a href="https://cryptomator.org/">Cryptomator</a> - Free client-side AES encryption for your cloud files. Open source software: No backdoors, no registration.</li>
<li><a href="https://minilock.io/">miniLock</a> - Browser plugin for Google Chrome / Chromium to encrypt files using a secret passphrase. Easy to use. From the developer of Cryptocat.</li>
<li><a href="https://www.aescrypt.com/">AES Crypt</a> - Using a powerful 256-bit encryption algorithm, AES Crypt can safely secure your most sensitive files. For Windows, macOS, Linux and Android.</li>
<li><a href="https://diskcryptor.net/">DiskCryptor</a> - A full disk and partition encryption system for Windows including the ability to encrypt the partition and disk on which the OS is installed.</li>
<li><a href="https://gitlab.com/cryptsetup/cryptsetup/">Linux Unified Key Setup (LUKS)</a> - A full disk encryption system for Linux using dm-crypt as the disk encryption backend. Included by default in Ubuntu. Available for Windows and Linux.
</ul>
<h1 id="darknets" class="anchor"><a href="#darknets"><i class="fas fa-link anchor-icon"></i></a> Self-contained Networks</h1>
<div class="alert alert-warning" role="alert">
<strong>If you are currently browsing <a href="https://en.wikipedia.org/wiki/Surface_Web">clearnet</a> and want to access the <a href="https://en.wikipedia.org/wiki/Dark_web">dark web</a>, this section is for you.</strong>
</div>
<div class="row mb-2">
{% include card.html color="success"
title="Tor Browser"
image="assets/img/tools/Tor-Project.png"
url="https://www.torproject.org/"
tor="http://expyuzz4wqqyqhjn.onion"
footer='OS: Windows, macOS, Linux, <a href="https://mike.tig.as/onionbrowser/">iOS</a>, <a href="https://www.torproject.org/docs/android.html.en">Android</a>, <a href="https://github.com/torbsd/openbsd-ports">OpenBSD.</a>'
description="The Tor network is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Tor's users employ this network by connecting through a series of virtual tunnels rather than making a direct connection, thus allowing both organizations and individuals to share information over public networks without compromising their privacy. Tor is an effective censorship circumvention tool."
%}
{% include card.html color="primary"
title="I2P Anonymous Network"
image="assets/img/tools/I2P.png"
url="https://geti2p.net/"
footer="OS: Windows, macOS, Linux, Android, BSD / Solaris."
description="The Invisible Internet Project (I2P) is a computer network layer that allows applications to send messages to each other pseudonymously and securely. Uses include anonymous
Web surfing, chatting, blogging and file transfers. The software that implements this layer is called an I2P router and a computer running I2P is called an I2P node. The software is free and open source and is published under multiple licenses."
%}
{% include card.html color="warning"
title="The Freenet Project"
image="assets/img/tools/Freenet.png"
url="https://freenetproject.org/"
footer="OS: Windows, macOS, Linux."
description="Freenet is a peer-to-peer platform for censorship-resistant communication. It uses a decentralized distributed data store to keep and deliver information, and
has a suite of free software for publishing and communicating on the Web without fear of censorship. Both Freenet and some of its associated tools were originally designed by Ian Clarke, who defined Freenet's goal as providing freedom of speech
on the Internet with strong anonymity protection."
%}
</div>
<h3>Worth Mentioning</h3>
<ul>
<li><a href="https://zeronet.io/">ZeroNet</a> - Open, free and uncensorable websites, using Bitcoin cryptography and BitTorrent network.</li>
<li><a href="http://retroshare.net/">RetroShare</a> - Open Source cross-platform, Friend-2-Friend and secure decentralised communication platform.</li>
<li><a href="https://gnunet.org/">GNUnet</a> - GNUnet provides a strong foundation of free software for a global, distributed network that provides security and privacy.</li>
<li><a href="https://ipfs.io/">IPFS</a> - A peer-to-peer hypermedia protocol to make the web faster, safer, and more open. (<a href="https://github.com/privacytoolsIO/privacytools.io/pull/361#issuecomment-344414022">important privacy warning</a>)</li>
</ul> <h1 id="social" class="anchor"><a href="#social"><i class="fas fa-link anchor-icon"></i></a> Decentralized Social Networks</h1>
<div class="alert alert-warning" role="alert">
<strong> If you are currently using Social Networks like Facebook, Twitter or Google+, you should pick an alternative here. </strong>
</div>
<div class="row mb-2">
{% include card.html color="success"
title="Mastodon"
image="assets/img/tools/Mastodon.png"
url="https://joinmastodon.org"
website="mastodon.social"
description='Mastodon is a social network based on open web protocols and free, open-source software. It is decentralized like e-mail. It also has the most users, and the most diverse (in terms of interests) users, looks good, and is easy to setup.'
%}
{% include card.html color="primary"
title="diaspora*"
image="assets/img/tools/diaspora.png"
url="https://diasporafoundation.org/"
description="diaspora* is based on three key philosophies: Decentralization, freedom and privacy. It is intended to address privacy concerns related to centralized social
networks by allowing users set up their own server (or \"pod\") to host content; pods can then interact to share status updates, photographs, and other social data."
%}
{% include card.html color="warning"
title="Friendica"
image="assets/img/tools/Friendica.png"
url="https://friendi.ca/"
description="Friendica has an emphasis on extensive privacy settings and easy server installation. It aims to federate with as many other social networks as possible. Currently,
Friendica users can integrate contacts from Facebook, Twitter, Diaspora, GNU social, App.net, Pump.io and other services in their social streams."
%}
</div>
<h3>Worth Mentioning</h3>
<ul>
<li><a href="https://gnu.io/social/try/">GNU Social</a> - An open sourced, free and decentralized social network compatible with Mastodon and Friendica.</li>
</ul>
<h3>Related Information</h3>
<ul>
<li><a href="https://addons.mozilla.org/firefox/addon/facebook-container/">Facebook Container by Mozilla</a> - Prevent Facebook from tracking you around the web.</li>
<li><a href="https://www.facebook.com/help/delete_account">Delete your Facebook account</a> - Direct link to delete your Facebook account without being able to reactivate it again.</li>
<li><a href="https://deletefacebook.com/">How To Permanently Delete A Facebook Account</a> - This guide will take you through a smooth and successful Facebook account deletion.</li>
</ul> <h1 id="dns" class="anchor"><a href="#dns"><i class="fas fa-link anchor-icon"></i></a> Domain Name System (DNS)</h1>
<div class="row mb-2">
{% include card.html color="success"
title="Njalla - Domain Registration"
image="assets/img/provider/Njalla.png"
url="https://njal.la/"
tor="http://njalladnspotetti.onion"
description="Njalla only needs your email or jabber address in order to register a domain name for you. Created by people from The Pirate Bay and IPredator VPN. Accepted Payments: Bitcoin, Litecoin, Monero, DASH, Bitcoin Cash and PayPal. A privacy-aware domain registration service."
%}
{% include card.html color="primary"
title="DNSCrypt - Tool"
image="assets/img/tools/DNSCrypt.png"
url="https://dnscrypt.info/"
description="A protocol for securing communications between a client and a DNS resolver. The DNSCrypt protocol uses high-speed high-security elliptic-curve cryptography and
is very similar to DNSCurve, but focuses on securing communications between a client and its first-level resolver."
%}
{% include card.html color="warning"
title="OpenNIC - Service"
image="assets/img/tools/OpenNIC.png"
url="https://www.opennic.org/"
description="OpenNIC is an alternate network information center/alternative DNS root which lists itself as an alternative to ICANN and its registries. Like all alternative
root DNS systems, OpenNIC-hosted domains are unreachable to the vast majority of the Internet. Only specific configuration in one's DNS resolver makes these reachable, and very few Internet service providers have this configuration."
%}
</div>
<h3>Worth Mentioning</h3>
<ul>
<li><a href="https://github.com/quidsup/notrack">NoTrack</a> - A network-wide DNS server which blocks Tracking sites. Currently works in Debian and Ubuntu.</li>
<li><a href="https://namecoin.info/">Namecoin</a> - A decentralized DNS open source information registration and transfer system based on the Bitcoin cryptocurrency.</li>
<li><a href="https://pi-hole.net/">Pi-hole</a> - A network-wide DNS server for the Raspberry Pi. Blocks advertising and tracking domains for all devices on your network.</li>
</ul>
<h1 id="notebook" class="anchor"><a href="#notebook"><i class="fas fa-link anchor-icon"></i></a> Digital Notebook</h1>
<div class="alert alert-warning" role="alert">
<strong>If you are currently using an application like Evernote, Google Keep or Microsoft OneNote you should pick an alternative here.</strong>
</div>
<div class="row mb-2">
{% include card.html color="success"
title="Joplin"
image="assets/img/tools/Laverna.png"
image="assets/img/tools/Joplin.png"
url="https://laverna.cc/"
url="https://joplin.cozic.net/"
footer="OS: Windows, macOS, Linux, Web."
footer="OS: Windows, macOS, Linux, iOS, Android, Firefox/Chrome (Web Clipper)."
description="Laverna is a JavaScript note-taking web application with a Markdown editor and encryption support. The application stores all your notes in your browser databases, which is good for security and privacy reasons, because only you have access."
description="Joplin is a free, open source, fully featured note taking and to-do application, which can handle a large number of markdown notes organised into notebooks and tags. It offers E2EE encryption and can sync through Nextcloud, Dropbox and more. It also offers easy import from Evernote and plain text notes."
%}
{% include card.html color="primary"
title="Standard Notes"
image="assets/img/tools/StandardNotes.png"
url="https://standardnotes.org/"
footer="OS: Windows, macOS, Linux, iOS, Android, Web."
description="Standard Notes is a simple and private notes app that makes your notes easy and available everywhere you are. Features end-to-end encryption on every platform, and a powerful desktop experience with themes and custom editors."
%}
{% include card.html color="warning"
title="Turtl"
image="assets/img/tools/Turtl.png"
url="https://turtlapp.com/"
footer="OS: Windows, macOS, Linux, Android."
description="Turtl lets you take notes, bookmark websites, and store documents for sensitive projects. From sharing passwords with your coworkers to tracking research on an article you're writing, Turtl keeps it all safe from everyone but you and those you share with."
%} </div>
<h3>Warning</h3>
<ul>
<li>Note: As of Dec 2018, Joplin does not support password/pin protection for the application itself or individual notes/notebooks. Data is still encrypted in transit and at sync location using your master key. See <a href='https://github.com/laurent22/joplin/issues/289'>open issue</a>.</li>
</ul>
<h3>Worth Mentioning</h3>
<ul>
<li><a href="http://paperwork.rocks/">Paperwork</a> - Open source and self-hosted solution. For PHP / MySQL servers.</li>
<li><a href="https://orgmode.org">Org-mode</a> - A major mode for GNU Emacs. Org-mode is for keeping notes, maintaining TODO lists, planning projects, and authoring documents with a fast and effective plain-text system. </li>
</ul>
<h1 id="paste" class="anchor"><a href="#paste"><i class="fas fa-link anchor-icon"></i></a> Paste Services</h1>
<div class="row mb-2">
{% include card.html color="success"
title="PrivateBin"
image="assets/img/tools/PrivateBin.png"
url="https://privatebin.net/"
description="PrivateBin is a minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted in the browser using 256bit AES. It is the improved version of ZeroBin."
%}
{% include card.html color="primary"
title="Zerobin.net"
image="assets/img/tools/ZeroBin.png"
url="https://zerobin.net/"
tor="http://zerobinqmdqd236y.onion"
description="Zerobin is a minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted in the browser using 256bit AES."
%}
{% include card.html color="warning"
title="Ghostbin"
image="assets/img/tools/Ghostbin.png"
url="https://ghostbin.com/"
description="Ghostbin supports encryption, expiration, sessions, grant users to edit your notes and pastes up to one megabyte. You can also create your own account to keep track of your pastes.<br>
The software is good but ghostbin.com's security is <a href=\"https://github.com/privacytoolsIO/privacytools.io/issues/454\">worrisome</a>."
%}
</div>
<h3>Worth Mentioning</h3>
<ul>
<li><a href="https://disroot.org/">disroot.org</a> - Free privacy-friendly service that offers PrivateBin and other applications.</li>
</ul> <h1 id="productivity" class="anchor"><a href="#productivity"><i class="fas fa-link anchor-icon"></i></a> Productivity Tools</h1>
<div class="row mb-2">
{% include card.html color="success"
title="Etherpad"
image="assets/img/tools/Etherpad.png"
url="http://etherpad.org/"
footer="OS: Windows, macOS, Linux."
description="Etherpad is a highly customizable Open Source online editor providing collaborative editing in really real-time. Etherpad allows you to edit documents collaboratively in real-time, much like a live multi-player editor that runs in your browser. Write articles, press releases, to-do lists, etc."
%}
{% include card.html color="primary"
title="Write.as"
image="assets/img/tools/WriteAs.png"
url="https://write.as/"
tor="http://writeas7pm7rcdqg.onion"
footer="OS: Windows, macOS, Linux, Android, iOS, Chrome OS, Web."
description="Write.as is a cross-platform, privacy-oriented blogging platform. It's anonymous by default, letting you publish without signing up. If you create an account, it doesn't require any personal information. No ads, distraction-free, and built on a sustainable business model."
%}
{% include card.html color="warning"
title="ProtectedText"
image="assets/img/tools/ProtectedText.png"
url="https://www.protectedtext.com/"
footer="OS: All Browsers."
description="ProtectedText is an open source web application. It encrypts and decrypts text in the browser, and password (or its hash) is never sent to the server - so that text can't be decrypted even if requested by authorities. No cookies, no sessions, no registration, no users tracking."
%}
</div>
<h3>Worth Mentioning</h3>
<ul>
<li><a href="https://crypt.ee/">Cryptee</a> - Free privacy-friendly service for storing Documents, files and Photos</li>
<li><a href="https://ethercalc.net/">EtherCalc</a> - EtherCalc is a web spreadsheet. Data is saved on the web, and people can edit the same document at the same time. Changes are instantly reflected on all screens. Work together on inventories, survey forms, list management, brainstorming sessions.</li>
<li><a href="https://disroot.org/">disroot.org</a> - Free privacy-friendly service that offers Etherpad, EtherCalc and PrivateBin.</li>
<li><a href="https://dudle.inf.tu-dresden.de/anonymous/">dudle</a> - An online scheduling application, which is free and OpenSource. Schedule meetings or make small online polls. No email collection or the need of registration.</li>
<li><a href="https://www.libreoffice.org/">LibreOffice</a> - Free and open source office suite</li>
</ul>
<h1 id="os" class="anchor"><a href="#os"><i class="fas fa-link anchor-icon"></i></a> PC Operating Systems</h1>
<div class="alert alert-warning" role="alert">
<strong>If you are currently using a operating system like Microsoft Windows or Apple macOS, you should pick an alternative here.</strong>
</div>
<div class="row mb-2">
{% include card.html color="success"
title="Qubes OS"
image="assets/img/tools/Qubes-OS.png"
url="https://www.qubes-os.org/"
tor="http://qubesos4rrrrz6n4.onion"
description="Qubes is an open-source operating system designed to provide strong security for desktop computing. Qubes is based on Xen, the X Window System, and Linux, and can run most Linux applications and utilize most of the Linux drivers."
%}
{% include card.html color="primary"
title="Debian"
image="assets/img/tools/Debian.png"
url="https://www.debian.org/"
tor="http://sejnfjrq6szgca7v.onion"
description="Debian is a Unix-like computer operating system and a Linux distribution that is composed entirely of free and open-source software, most of which is under the GNU General Public License, and packaged by a group of individuals known as the Debian project."
%}
{% include card.html color="warning"
title="Trisquel"
image="assets/img/tools/Trisquel.png"
url="https://trisquel.info/"
description="Trisquel is a Linux-based operating system derived from Ubuntu. The project aims for a fully free software system without proprietary software or firmware and uses Linux-libre, a version of the Linux kernel with the non-free code (binary blobs) removed."
%}
</div>
<h3>Warning</h3>
<ul>
<li><a href="#win10"><i class="fas fa-link"></i> Don't use Windows 10 - It's a privacy nightmare</a></li>
</ul>
<h3>Worth Mentioning</h3>
<ul>
<li><a href="https://www.openbsd.org/">OpenBSD</a> - A project that produces a free, multi-platform 4.4BSD-based UNIX-like operating system. Emphasizes portability, standardization, correctness, proactive security and integrated cryptography.</li>
<li><a href="https://www.archlinux.org/">Arch Linux</a> - A simple, lightweight Linux distribution. It is composed predominantly of free and open-source software, and supports community involvement. <a href="https://www.parabola.nu/">Parabola</a> is a
completely open source version of Arch Linux.</li>
<li><a href="https://www.whonix.org/">Whonix</a> - A Debian GNU/Linux based security-focused Linux distribution. It aims to provide privacy, security and anonymity on the internet. The operating system consists of two virtual machines, a "Workstation"
and a Tor "Gateway". All communication are forced through the Tor network to accomplish this.</li>
<li><a href="https://subgraph.com/">Subgraph OS</a> - Another Debian based Linux distribution, it features security hardening which makes it more resistant to security vulnerabilities. Subgraph runs many desktop applications in a security sandbox to limit their risk in case of compromise.
By default, it anonymizes Internet traffic by sending it through the Tor network. Note: It is still in alpha, and much testing and bug fixing still has to be done.</li>
</ul>
<h1 id="live_os" class="anchor"><a href="#live_os"><i class="fas fa-link anchor-icon"></i></a> Live CD Operating Systems</h1>
<div class="row mb-2">
{% include card.html color="success"
title="Tails"
image="assets/img/tools/Tails.png"
url="https://tails.boum.org/"
description="Tails is a live operating system, that starts on almost any computer from a DVD, USB stick, or SD card. It aims at preserving privacy and anonymity, and helps to: Use the Internet anonymously and circumvent censorship; Internet connections go through the Tor network; leave no trace on the computer; use state-of-the-art cryptographic tools to encrypt files, emails and instant messaging."
%}
{% include card.html color="primary"
title="KNOPPIX"
image="assets/img/tools/KNOPPIX.png"
url="http://www.knopper.net/knoppix/"
website="knopper.net"
description="Knoppix is an operating system based on Debian designed to be run directly from a CD / DVD (Live CD) or a USB flash drive (Live USB), one of the first of its kind for any operating system. When starting a program, it is loaded from the removable medium and decompressed into a RAM drive. The decompression is transparent and on-the-fly."
%}
{% include card.html color="warning"
title="Puppy Linux"
image="assets/img/tools/Puppy-Linux.png"
url="http://puppylinux.org/"
description="Puppy Linux operating system is a lightweight Linux distribution that focuses on ease of use and minimal memory footprint. The entire system can be run from RAM with current versions generally taking up about 210 MB, allowing the boot medium to be removed after the operating system has started."
%}
</div>
<h3>Worth Mentioning</h3>
<ul>
<li><a href="http://distro.ibiblio.org/tinycorelinux/">Tiny Core Linux</a> - A minimal Linux operating system focusing on providing a base system using BusyBox and FLTK. The distribution is notable for its size (15 MB) and minimalism, with additional functionality
provided by extensions.</li>
</ul>
<h1 id="mobile_os" class="anchor"><a href="#mobile_os"><i class="fas fa-link anchor-icon"></i></a> Mobile Operating Systems</h1>
<!-- alert message about GApps -->
<div class="alert alert-warning" role="alert">
<strong>Even though the source code of the following OS is provided, installing Google Apps may compromise your setup. The MicroG project can serve as a FLOSS replacement, depending on your threat model.</strong>
</div>
<div class="row mb-2">
{% include card.html color="success"
title="LineageOS"
image="assets/img/tools/LineageOS.png"
url="https://www.lineageos.org/"
description="LineageOS is a free and open-source operating system for smartphones and tablets, based on the official releases of Android by Google. It is the continuation of the CyanogenMod project."
%}
</div>
<h3>Worth Mentioning</h3>
<ul>
<li><a href="https://www.replicant.us/">Replicant</a> - An open-source operating system based on Android, aiming to replace all proprietary components with free software.</li>
<li><a href="https://www.omnirom.org/">OmniROM</a> - A free software operating system for smartphones and tablet computers, based on the Android mobile platform.</li>
<li><a href="https://microg.org/">MicroG</a> - A project that aims to reimplement the proprietary Google Play Services in the Android operating system with a FLOSS replacement.
</ul>
<!-- Android add-ons -->
<h1 id="aaddons" class="anchor"><a href="#aaddons"><i class="fas fa-link anchor-icon"></i></a> Android Privacy Add-ons</h1>
<div class="alert alert-success" role="alert">
<strong>Improve your privacy with these add-ons for Android.</strong>
</div>
<h3>Control your traffic with "NetGuard"</h3>
<img src="assets/img/addons/netguard.png" class="img-fluid float-left" alt="NetGuard" style="margin-right:30px;">
<p><strong>NetGuard</strong> provides simple and advanced ways to block certain apps' access to the internet without the help of root privileges. Applications and addresses can individually be allowed or denied access to your Wi-Fi and/or mobile connection, allowing you to control which apps are able to call home or not.
<a href="https://www.netguard.me/">https://www.netguard.me/</a></p>
<div class="alert alert-warning" role="alert">
<strong>The following add-ons require root access, which makes your device more vulnerable. Proceed with caution.</strong>
</div>
<h3>Manage your apps' permissions with XPrivacyLua</h3>
<img src="assets/img/addons/xprivacylua.png" class="img-fluid float-left" alt="XPrivacyLua" style="margin-right:30px;">
<p>Revoking Android permissions from apps often let apps crash or malfunction. <strong>XPrivacyLua</strong> solves this by feeding apps fake data instead of real data.
<a href="https://lua.xprivacy.eu/">https://lua.xprivacy.eu/</a></p>
<p> Requirements: <a href="https://forum.xda-developers.com/apps/magisk/official-magisk-v7-universal-systemless-t3473445">Magisk (xda-developers)</a>
<a href="https://forum.xda-developers.com/xposed">Xposed Framework (xda-developers)</a>
</p> <h1 id="firmware" class="anchor"><a href="#firmware"><i class="fas fa-link anchor-icon"></i></a> Open Source Router Firmware</h1>
<div class="row mb-2">
{% include card.html color="success"
title="OpenWrt"
image="assets/img/tools/OpenWrt.png"
url="https://openwrt.org/"
description="OpenWrt is an operating system (in particular, an embedded operating system) based on the Linux kernel, primarily used on embedded devices to route network traffic. The main components are the Linux kernel, util-linux, uClibc and BusyBox. All components have been optimized for size, to be small enough for fitting into the limited storage and memory available in home routers."
%}
{% include card.html color="primary"
title="pfSense"
image="assets/img/tools/pfSense.png"
url="https://pfsense.org/"
description="pfSense is an open source firewall/router computer software distribution based on FreeBSD. It is installed on a computer to make a dedicated firewall/router for a network and is noted for its reliability and offering features often only found in expensive commercial firewalls. pfSense is commonly deployed as a perimeter firewall, router, wireless access point, DHCP server, DNS server, and as a VPN endpoint."
%}
{% include card.html color="warning"
title="LibreCMC"
image="assets/img/tools/LibreCMC.png"
url="https://librecmc.org"
description="LibreCMC is a GNU/Linux-libre distribution for computers with minimal resources, such as the Ben Nanonote, ath9k-based Wi-Fi routers, and other hardware with emphasis on free software. The project's current goal is to aim for compliance with the GNU Free System Distribution Guidelines (GNU FSDG) and ensure that the project continues to meet these requirements set forth by the Free Software Foundation (FSF).."
%}
</div>
<h3>Worth Mentioning</h3>
<ul>
<li><a href="https://www.openbsd.org/">OpenBSD</a> - A project that produces a free, multi-platform 4.4BSD-based UNIX-like operating system. Emphasizes portability, standardization, correctness, proactive security and integrated cryptography.</li>
<li><a href="https://dd-wrt.com/">DD-WRT</a> - A is Linux-based firmware for wireless routers and wireless access points. It is compatible with several models of routers and access points.</li>
</ul> <h1 id="win10" class="anchor"><a href="#win10"><i class="fas fa-link anchor-icon"></i></a> Don't use Windows 10 - It's a privacy nightmare</h1>
<div class="alert alert-warning" role="alert">
<strong>Microsoft introduced a lot of new features in Windows 10 such as Cortana. However, most of them are violating your privacy.</strong>
</div>
<img src="assets/img/layout/Windows-10-Privacy.jpg" class="img-fluid float-right" alt="Windows 10 Privacy" style="margin-left:10px;">
<ol>
<li><strong>Data syncing is by default enabled.</strong>
<ul>
<li>Browsing history and open websites.</li>
<li>Apps settings.</li>
<li>WiFi hotspot names and passwords.</li>
</ul>
</li>
<li><strong>Your device is by default tagged with a unique advertising ID.</strong>
<ul>
<li>Used to serve you with personalized advertisements by third-party advertisers and ad networks.</li>
</ul>
</li>
<li><strong>Cortana can collect any of your data.</strong>
<ul>
<li>Your keystrokes, searches and mic input.</li>
</ul>
<ul>
<li>Calendar data.</li>
</ul>
<ul>
<li>Music you listen to.</li>
</ul>
<ul>
<li>Credit Card information.</li>
</ul>
<ul>
<li>Purchases.</li>
</ul>
</li>
<li><strong>Microsoft can collect any personal data.</strong>
<ul>
<li>Your identity.</li>
</ul>
<ul>
<li>Passwords.</li>
</ul>
<ul>
<li>Demographics.</li>
</ul>
<ul>
<li>Interests and habits.</li>
</ul>
<ul>
<li>Usage data.</li>
</ul>
<ul>
<li>Contacts and relationships.</li>
</ul>
<ul>
<li>Location data.</li>
</ul>
<ul>
<li>Content like emails, instant messages, caller list, audio and video recordings.</li>
</ul>
</li>
<li><strong>Your data can be shared.</strong>
<ul>
<li>When downloading Windows 10, you are authorizing Microsoft to share any of above-mentioned data with any third-party, with or without your consent.</li>
</ul>
</li>
</ol> <p>
<a class="btn btn-warning" href="https://www.winprivacy.de/english-home/">
Download: W10Privacy
</a>
</p>
This tool uses some known methods that attempt to disable major tracking features in Windows 10.
<div class="container">
<div class="row">
<div class="col-md-6">
<h3>Some good news</h3>
<ul>
<li><a href="https://github.com/crazy-max/WindowsSpyBlocker/releases">WindowsSpyBlocker</a> - Open source tool that blocks data collection.</li>
<li><a href="https://www.ghacks.net/2015/08/14/comparison-of-windows-10-privacy-tools/">Comparison of Windows 10 Privacy tools</a> - ghacks.net</li>
<li><a href="https://fix10.isleaked.com/">Fix Windows 10 privacy.</a> - fix10.isleaked.com</li>
<li><a href="https://arstechnica.com/information-technology/2015/08/windows-10-doesnt-offer-much-privacy-by-default-heres-how-to-fix-it/">Windows 10 doesnt offer much privacy by default: Heres how to fix it. </a> - Ars Technica.</li>
<li><a href="https://www.reddit.com/r/Windows10/comments/3f38ed/guide_how_to_disable_data_logging_in_w10">Guide: How to disable data logging in W10.</a></li>
</ul>
</div>
<div class="col-md-6">
<h3>More bad news</h3>
<ul>
<li><a href="https://thehackernews.com/2016/02/microsoft-windows10-privacy.html">
Windows 10 Sends Your Data 5500 Times Every Day Even After Tweaking Privacy Settings</a> - The Hacker News.</li>
<li><a href="https://arstechnica.com/information-technology/2015/08/even-when-told-not-to-windows-10-just-cant-stop-talking-to-microsoft/">Even when told not to, Windows 10 just cant stop talking to Microsoft. It's no wonder that privacy activists are up in arms.</a> - Ars Technica.</li>
<li><a href="https://www.techdirt.com/articles/20150820/06171332012/windows-10-reserves-right-to-block-pirated-games-unauthorized-hardware.shtml">Windows 10 Reserves The Right To Block Pirated Games And 'Unauthorized' Hardware.</a> - Techdirt.</li>
</ul>
</div>
</div>
</div>
<h1 id="quotes" class="anchor"><a href="#quotes"><i class="fas fa-link anchor-icon"></i></a> Quotes</h1>
<blockquote class="blockquote">
<p>Arguing that you don't care about the right to privacy because you have nothing to hide is no different than saying you don't care about free speech because you have nothing to say.</p>
<footer class="blockquote-footer">Edward Snowden on <cite title="Just days left to kill mass surveillance under Section 215 of the Patriot Act. We are Edward Snowden and the ACLUs Jameel Jaffer. AUA."><a href="https://www.reddit.com/r/IAmA/comments/36ru89/just_days_left_to_kill_mass_surveillance_under/crglgh2">Reddit</a></cite></footer>
</blockquote>
<blockquote class="blockquote">
<p>The NSA has built an infrastructure that allows it to intercept almost everything. With this capability, the vast majority of human communications are automatically ingested without targeting. If I wanted to see your emails or your wife's phone, all
I have to do is use intercepts. I can get your emails, passwords, phone records, credit cards. I don't want to live in a society that does these sort of things... I do not want to live in a world where everything I do and say is recorded. That is
not something I am willing to support or live under. </p>
<footer class="blockquote-footer">Edward Snowden in <cite title="Edward Snowden, NSA files source: 'If they want to get you, in time they will"><a href="https://www.theguardian.com/world/2013/jun/09/nsa-whistleblower-edward-snowden-why">The Guardian</a></cite></footer>
</blockquote>
<blockquote class="blockquote">
<p>We all need places where we can go to explore without the judgmental eyes of other people being cast upon us, only in a realm where were not being watched can we really test the limits of who we want to be. Its really in the private realm where
dissent, creativity and personal exploration lie.</p>
<footer class="blockquote-footer">Glenn Greenwald in <cite title="Glenn Greenwald On Why Privacy Is Vital, Even If You 'Have Nothing To Hide"><a href="https://www.huffingtonpost.com/2014/06/20/glenn-greenwald-privacy_n_5509704.html">Huffington Post</a></cite></footer>
</blockquote>
<h1 id="resources" class="anchor"><a href="#resources"><i class="fas fa-link anchor-icon"></i></a> Recommended Privacy Resources</h1> <h3>Guides</h3>
<ul>
<li><a href="https://ssd.eff.org/"><strong>Surveillance Self-Defense by EFF</strong></a> - Guide to defending yourself from surveillance by using secure technology and developing careful practices.</li>
<li><a href="https://cryptoseb.pw/paper"><strong>The Crypto Paper</strong></a> - Privacy, Security and Anonymity for Every Internet User.</li>
<li><a href="https://emailselfdefense.fsf.org/en/"><strong>Email Self-Defense by FSF</strong></a> - A guide to fighting surveillance with GnuPG encryption.</li>
<li><a href="https://www.bestvpn.com/the-ultimate-privacy-guide/"><strong>The Ultimate Privacy Guide</strong></a> - Excellent privacy guide written by the creators of the bestVPN.com website.</li>
<li><a href="https://www.ivpn.net/privacy-guides"><strong>IVPN Privacy Guides</strong></a> - These privacy guides explain how to obtain vastly greater freedom, privacy and anonymity through compartmentalization and isolation.</li>
<li><a href="https://fried.com/privacy"><strong>The Ultimate Guide to Online Privacy</strong></a> - Comprehensive "Ninja Privacy Tips" and 150+ tools.</li>
</ul>
<h3>Information</h3>
<ul>
<li><a href="https://www.reddit.com/r/privacytoolsIO/wiki/index"><strong>r/privacytoolsIO Wiki</strong></a> - Our Wiki on reddit.com.</li>
<li><a href="https://www.grc.com/securitynow.htm"><strong>Security Now!</strong></a> - Weekly Internet Security Podcast by Steve Gibson and Leo Laporte.</li>
<li><a href="https://www.jupiterbroadcasting.com/show/techsnap/"><strong>TechSNAP</strong></a> - Weekly Systems, Network, and Administration Podcast. Every week TechSNAP covers the stories that impact those of us in the tech industry.</li>
<li><a href="https://keybase.io/"><strong>Keybase.io</strong></a> - Get a public key, safely, starting just with someone's social media username.</li>
<li><a href="https://freedom.press/"><strong>Freedom of the Press Foundation</strong></a> - Supporting and defending journalism dedicated to transparency and accountability since 2012.</li>
<li><a href="https://www.erfahrungen.com/mit/anonymisierung/t/"><strong>Erfahrungen.com</strong></a> - German review aggregator website of privacy-related services.</li>
<li><a href="https://tosdr.org/"><strong>Terms of Service; Didn't Read</strong></a> - “I have read and agree to the Terms” is the biggest lie on the web. We aim to fix that.</li>
</ul>
<h3>Tools</h3>
<ul>
<li><a href="https://ipleak.net/"><strong>ipleak.net</strong></a> - IP/DNS Detect - What is your IP, what is your DNS, what informations you send to websites.</li>
<li><a href="https://www.ghacks.net/2015/12/28/the-ultimate-online-privacy-test-resource-list/"><strong>The ultimate Online Privacy Test Resource List</strong></a> - A collection of Internet sites that check whether your web browser leaks information.</li>
<li><a href="https://prism-break.org/"><strong>PRISM Break</strong></a> - We all have a right to privacy, which you can exercise today by encrypting your communications and ending your reliance on proprietary services.</li>
<li><a href="https://securityinabox.org/"><strong>Security in-a-Box</strong></a> - A guide to digital security for activists and human rights defenders throughout the world.</li>
<li><a href="https://securedrop.org/"><strong>SecureDrop</strong></a> - An open-source whistleblower submission system that media organizations can use to securely accept documents from and communicate with anonymous sources. It was originally created
by the late Aaron Swartz and is currently managed by Freedom of the Press Foundation.</li>
<li><a href="https://pack.resetthenet.org/"><strong>Reset The Net - Privacy Pack</strong></a> - Help fight to end mass surveillance. Get these tools to protect yourself and your friends.</li>
<li><a href="https://secfirst.org/"><strong>Security First</strong></a> - Umbrella is an Android app that provides all the advice needed to operate safely in a hostile environment.</li>
<li><a href="https://addons.mozilla.org/en-US/firefox/addon/block-cloudflare-mitm-attack/"><strong>Block Cloudflare MiTM Attack</strong></a> - Firefox add-on to detect and block corporate MITM attack.
<li><a href="https://www.osalt.com/"><strong>Osalt</strong></a> - A directroy to help you find open source alternatives to proprietary tools.</li>
<li><a href="https://alternativeto.net/"><strong>AlternativeTo</strong></a> - A directry to help find alternatives to other software, with the option to only show open source software</li>
</ul>
<p>Note: Just being open source does not make software secure!</p>
<h1 id="participate" class="anchor"><a href="#participate"><i class="fas fa-link anchor-icon"></i></a> Spread the word and help your friends</h1>
<div class="row">
<div class="col-12 col-md-6 d-flex justify-content-between">
<a href="mailto:?subject=privacytools.io%20-%20encryption%20against%20global%20mass%20surveillance&body=https://www.privacytools.io/" class="share-btn email" title="Email">
<i class="fas fa-envelope"></i>
</a>
<a href="https://www.facebook.com/sharer/sharer.php?u=https://www.privacytools.io" class="share-btn facebook" title="Facebook">
<i class="fab fa-facebook-f"></i>
</a>
<a href="https://twitter.com/share?text=Knowledge%20and%20tools%20to%20protect%20your%20privacy%20against%20global%20mass%20surveillance%20&amp;url=https://www.privacytools.io/&amp;via=privacytoolsIO" class="share-btn twitter" title="Twitter">
<i class="fab fa-twitter"></i>
</a>
<a href="https://sharetomastodon.github.io/?title=privacytools.io%20-%20encryption%20against%20global%20mass%20surveillance&url=https://www.privacytools.io" class="share-btn mastodon" title="Mastodon">
<i class="fab fa-mastodon"></i>
</a>
</div>
<div class="col-12 col-md-6 d-flex justify-content-between">
<a href="https://reddit.com/submit?url=https://www.privacytools.io&title=privacytools.io%20-%20encryption%20against%20global%20mass%20surveillance" class="share-btn reddit" title="reddit">
<i class="fab fa-reddit-alien"></i>
</a>
<a href="https://www.linkedin.com/shareArticle?url=https://www.privacytools.io&title=privacytools.io%20-%20encryption%20against%20global%20mass%20surveillance" class="share-btn linkedin" title="LinkedIn">
<i class="fab fa-linkedin-in"></i>
</a>
<a href="http://www.stumbleupon.com/submit?url=https://www.privacytools.io&title=privacytools.io%20-%20encryption%20against%20global%20mass%20surveillance" class="share-btn stumbleupon" title="StumbleUpon">
<i class="fab fa-stumbleupon"></i>
</a>
<a href="https://sharetodiaspora.github.io/?title=privacytools.io%20-%20encryption%20against%20global%20mass%20surveillance&url=https://www.privacytools.io" class="share-btn diaspora" title="Diaspora*">
<i class="fas fa-asterisk"></i>
</a>
</div>
</div>
<h3>Copy URL and Description</h3>
<p>
<input type="text" value="www.privacytools.io - encryption against global mass surveillance" onclick="this.focus();this.select()" class="form-control input-lg">
<span class="help-block">For easy copy and paste. Share this text snippet.</span>
</p> <div class="page-header">
<h1>Participate with suggestions and constructive criticism</h1>
</div>
<p>
It's important for a website like privacytools.io to be up-to-date. Keep an eye on software updates of the applications listed here. Follow recent news about providers that are recommended. We try our best to keep up but we're not perfect and the internet
is changing fast. If you find an error, or you think a provider should not be listed here, or a qualified service provider is missing or a browser plugin is not the best choice anymore and anything else... <strong>Talk to us please.</strong> </p>
<div class="row">
{% include card.html color="success"
title="Make suggestions on Reddit"
image="assets/img/icons/reddit.png"
url="https://www.reddit.com/r/privacytoolsIO/"
website="reddit.com"
description='Our active community subreddit to stay up to date or to make suggestions. Join now! <a href="#" data-toggle="tooltip" data-placement="top" data-original-title="Warrant Canary has been removed by reddit">(Info)</a>'
%}
{% include card.html color="primary"
title="Follow on Twitter"
image="assets/img/icons/twitter.png"
url="https://twitter.com/privacytoolsIO"
website="twitter.com"
description="Get the latest privacy-related updates from our Twitter Feed. Follow now!"
%}
{% include card.html color="warning"
title="Develop on GitHub"
image="assets/img/icons/github.png"
url="https://github.com/privacytoolsIO/privacytools.io"
website="github.com"
description="The complete website source code is available on GitHub. Join our developer team!"
%}
</div>
<p>This is a community project and we're aiming to deliver the best information available for a better privacy. Thank you for participating. This project needs you.</p>
<div class="page-header">
<h4>No Ads, No Google Analytics, No Affiliates, No Cross-Site Requests</h4>
</div>
<p>
<a href="http://www.wtfpl.net/" data-toggle="tooltip" data-placement="top" style="margin-right:30px;" data-original-title="This work is free. You can redistribute it and/or modify it under the terms of the ''Do What The Fuck You Want To Public License'', Version 2,
as published by Sam Hocevar."><img alt="WTFPL" src="assets/img/layout/wtfpl.png" style="margin-right:15px;">WTFPL</a>
<a href="https://www.kopimi.com/" data-toggle="tooltip" data-placement="top" style="margin-right:30px;" data-original-title="kopimi (copyme), symbol showing that you want to be copied. use kopimi in your own fancy. kopimi may be put on homepages or blogs, in books, in software, as sound logos in music or whatever."><img alt="kopimi" src="assets/img/layout/kopimi.png" style="margin-right:15px;">kopimi (copyme)</a>
<a href="donate.html" data-toggle="tooltip" data-placement="top" data-original-title="Please support this project by donating Bitcoins. We are ad free and not affiliated with any providers. Your donation will cover our cost for server and domain."><img alt="Bitcoin" src="assets/img/layout/Bitcoin.png" style="margin-right:15px;">Donate:</a> <span style="margin-left:15px;">1N4bKCx3kpvUTBhsvbmthPDssN8ATPEhgt</span> or use <a href="https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=5G9CBU8P6F4K2">PayPal.</a>
</p>
<p><em>privacytools.io is a socially motivated website that provides information for protecting your data security and privacy. never trust any company with your privacy, always encrypt.</em></p>
</div>