A list of opensource privacy centred software, tools, hardware, services, web sites and educational resources.
This list is very lenient list meant for people on all levels.
- Awesome Privacy
- All services and products from big monopolies like these:
- Apple
- Microsoft
- Google, Youtube, Gmail etc
- Facebook & Whatsapp
- Amazon
- etc..
The internet has become colonized with a small number of companies controlling the flow of information and explioting its users. Their ideologies are centerend around greed and control. Governments also cant keep them accountable for their actions for a few reasons, one being large corporations control the governments through money and they work hand in hand together.
- Educate yourself. Darkness is suffocating the world due to ignorance. See the education section.
- Promote and use open source technologies, privacy first software and decentralisation.
- Illuminate the mind, body and spirit.
Google alternatives
- DuckDuckGo - Search engine that doesn't track you.
- StartPage - Search engine that returns google results
- Searx - non tracking internet metasearch engine
- Riot - Feature rich, encrypted chat messenger for phone and pc
- Keybase - Feature rich, encrypted chat messenger for phone and pc
- Semaphor - Feature rich, encrypted chat messenger for phone and pc
Youtube does not support freespeech and may remove your videos if they dont like it. These dont have ads nor algorithms to suppress or promote information
- lbry - decentralised
- bitchute
- bittube
- dtube - you can change the video quality here
- Invidious - watch youtube anonymously
- libretube
- odysee
Facebook and twitter do no support free speech, your content may be removed if they dont like it These dont have ads, data mining and algorithms
- mastodon - decentralised facebook twitter hybrid app
- minds
- disporia
- hive - blockchain social media platform - blogging - you can earn crypto currency for your content
- steemit - blockchain social media platform - cross between Reddit and Quora - you can earn crypto currency for your content
Video conferencing software and chat
Email is not secure ! Avoid email if possible. If it cant be avoided use OpenPGP to encrypt your emails, but even OpenPGP is still vulnerable to some hacks. The follow can also help prevent some hacks:
- Be careful with attachments
- Disable HTML
- decrypt and encypt emails outside of the mailclient
- Don't cite text in reply
- Use mutt or neomutt email client
I would recommend posteo.de or mailbox.org (1 Euro / month). Never take an American, Australian, Canadian, British or New Zealandish provider. European online privacy laws are the best at the moment. The Netherlands are doing a good job in enforcing them. Germany isn't bad either. But the whole climate in Europe is changing. Law enforcement agencies in Europe want direct access to e-mail providers; we are not there yet. Create an alias or temporary alias for every website (like takealot.co.za) you create a new account. I know, this is cumbersome, but there is no other way around.
- ProtonMail - Secure email based in Switzerland.
- Tutanota - Based in Germany – 1 GB free; 10 GB Pro
- Postio
- Mailbox
- disroot
- mailfence
- Thunderbird - email client
- mutt - cli based email client
- neomutt - cli based email client
- Firefox - Needs extensions and one can also set more strict privacy browsing rules within preferences
- Brave - Really nice browser for normies, doesnt need configuration
- bromite
- Tor Browser - Most secure browser, all traffic is encrypted over the tor network
Be careful with addons. You cannot trust them but you also cannot use a browser without them.
- Browser privacy checker
- Privacy Badger Privacy Badger blocks spying ads and invisible trackers.
- HTTPS Everywhere HTTPS Everywhere is a Firefox, Chrome, and Opera extension that encrypts your communications with many major websites, making your browsing more secure.
- uBlock Origin 🌟 An efficient blocker for Chromium and Firefox. Fast and lean.
- Click&Clean - Private data cleaner for Chrome and Firefox.
- CanvasBlocker (FF) - Prevents fingerprinting in Firefox
- Cookie AutoDelete - Deletes unused cookies on tab close
- Firefox Profilemaker - Creates privacy focused Firefox profiles
- Random user agent
- umatix- deny cookies, XHR, frames, scripts also for first parties, activate is manually only if necessary
- decentraleyes - protection against tracking
- https://github.com/pyllyukko/user.js - take your time with this one
- Make sure in
about:config"privacy.resistFingerprinting" is set to "true"
- Sia - Decentrilesed
- SpiderOak One Backup - Highly recommended
- Mega - Not highly recommended but still better than Dropbox, googledrive, onedrive, etc.
You want to use a VPN, always! And also as always, you can not trust VPN providers, but I trust Internet service provicers (ISPs), like Vodacom, MTN, Telkom, etc, even less. But back to "always". If your VPN is offline all of your traffic should not make it through. There are ways of doing this. I mainly use SOCKS5 proxies. It works like this. If your VPN is online it also provides a SOCKS5 proxy on a port on your machine. You can now redirect your browsers traffic (for instance with the addon switchyOmega) through that proxy. If the VPN dies, your browser won't be able to send requests. You want this for your whole system and all applications. Read about this or ask me.
I really like mullvad.net. Besides openVPN they offer wireguard (this deserves a whole section) c) really good support
Don't trust free services.
If you can, use Tor instead of a VPN, its much more secure and private, tho it is slower
Use GNU/Linux ! There are many many different flavours to choose from depending on your needs and wants.
- TailsOS - Most secure and private, boots off a usb
- QubeOS - Also very secure and private
- distrowatch - A list of the most popular GNU/Linux OS's
- Beginners:
- Advanced:
Phone operating systems
- LineageOS - Android fork without google dependencies (you can install them optionally).
- GrapheneOS - Android-based, security-hardened, privacy focused (can't install google dependencies)
- apk verification tool
- F-Droid - Google playstore alternative, contains only opensource apps
- Signal - Free peer reviewed scalable encryption chat. (Whatsapp alternative)
- Briar - Secure messaging
- WebApps - turns mobi/web app sites into secure apps
- Bromite for F-Droid - private browser
- DuckDuckGo Privacy Browser - private browser
- Firefox Focus - private browser
- Tor - private browser that anonymizes and encrypts traffic through tor network
- Orbit - encrypt and anonymous internet traffic through tor
- New Pipe - add free lightweight youtube app
- OsmAnd - offline mobile maps & navigation
- K-9 client - email client
- Fair Email client - email client
- andOTP - two-factor authentication
- freeOTP - two-factor authentication
- OTP Authenticator - two-factor authentication
- Scrambled Exif - Remove the metadata from your pictures before sharing them
- Exodus Privacy - Show trackers and permissions from other installed apps
- Netguard - application firewall (Android)
- Lockdown - application firewall (iOS)
- Simple Apps - all can be found on F-Droid
- Uberspace - really epic sever provider(shared server hosting)
- Privatebin - pastebin, server has zero knowledge of pasted data
- Nextcloud - self-hosted productivity platform
- Veracrypt - disk encryption software for Windows, Mac OSX and Linux.
- Cryptomator - encrypt backups before sending it to the cloud for Linux, MacOS and Windows
- LibremOne - paid for secure chat, email, vpn, social media, etc.
- https://www.pine64.org/ - Opensource phones, laptops, smartwatches, IOT, IP camera, etc
The PinePhone aims to be fully open source in its drivers and bootloader. Despite this, due to the scarcity of open source components for cellular and wireless connectivity, the firmware for the Realtek RTL8723CS WiFi/Bluetooth, as well as the optional auto-focus firmware for the OmniVision OV6540 back camera, remain proprietary software. In order to mitigate potential threats to privacy, these components communicate with the rest of the system only over serial protocols, such as USB 2.0, I2S and SDIO, which do not allow direct memory access (DMA). Use of these protocols also permits them to be physically disconnected via kill switches.
- https://shop.puri.sm/ - Servers, Laptops, phones, etc. Almost no proprietary software. Kill switches are also available on some units
Laptops - At the firmware level, we utilize Coreboot instead of a proprietary BIOS/UEFI, a huge advancement for current high-end laptops. Within coreboot there are still some binaries though.
We are “as close to free software foundations respects your freedom as possible with current Intel CPUs” but are spending real money to advance that toward complete binary freedom.
- full disk encryption
- linux hardened kernel
- Security
- firejail - running environment of untrusted applications using Linux namespaces
- apparmor - enforcing a specific rule set on a per application basis
- systemd-nspawn - may be used to run a command or OS in a light-weight namespace container
- unbound - local DNS cach
- tinc - VPN server and client
- wireguard - VPN server and client
- openvpn - VPN server and client
- sshfs - client for mounting remote directories over a Secure Shell connection
- masscan - mass IP port scanner (Monitor large networks)
- nmap - IP port scanner (Monitor self or small network)
- zmap - collection of tools that enable researchers to perform large-scale studies of the hosts and services
- iptables - advanced firewall
- ufw - simple firewall
- firewalld - simple firewall
- encfs - provides an encrypted filesystem in user-space (created on top of an existing file system)
- creat_ap - Create an access point for others to connet to
- mac adress spoofing
- dig - DNS lookup utility
- socat - multipurpose relay (SOcket CAT)
- netcat - arbitrary TCP and UDP connections and listens
- You want your cache to be a tmpfs which means it lives in RAM -> faster and
deletes itself at reboot.
## Delete your cache rm -r $HOME/.cache/* # put this in your /etc/fstab (change <your user name>) tmpfs /home/<your user name>/.cache tmpfs noatime,nodev,nosuid,size=1G # mount the tmpfs sudo mount -a
- alternate-internet - This is gold !
- privacy tools - Really epic comprehensive list of tools
- awesome-vpn - A curated list of awesome free VPNs and proxies.
- awesome-privacy - Limiting personal data leaks on the internet
- personal-security-checklist - A curated list of links and tips, to protect privacy and improve security
- Awesome anti censorship list
- Awesome list of piracy
- Complete list of Google alternatives
- citizen four - Edward Snowden
- zero days - Stuxnet, computer malware that the U.S. and Israel unleashed to destroy a key part of an Iranian nuclear facility
- the intenets own boy - Aaron Swartz
- Cambridge Analytica Uncovered: Secret filming reveals election tricks
Some videos on security, hacking, privacy
- security_analysis_of_estonia_s_internet_voting_system
- where_in_the_world_is_carmen_sandiego
- shopshifting
- do you thing thats funny
- advanced_interconnect_attacks
- attacking_end-to-end_email_encryption
- Surveillance in and around the Ecuadorian embassy in London - Details about the man hunt for Julian Assange and Wikileaks
- What we can learn from Hong Kong
- The Hated One Youtube Channel - epic resource containing all you need to know about privacy
- Fixing Social Media for Good
- MentalOutlaw Youtube Channel - Has some good privacy and linux content
- How to protect your online privacy in 2020 | Tutorial
- Ultimate smartphone security guide | How to secure your phone tutorial
- How to protect privacy on your phone in 5 minutes | Tutorial for normies
- Opensource ecology
- riseup
- EFF
- libre-soc - open source hardware project
- edri - European digital rights