privacytools.io

You are being watched. Private and state-sponsored organizations are monitoring and recording your online activities. privacytools.io provides knowledge and tools to protect your privacy against global mass surveillance.

Language: 繁體中文 Español Deutsch Italiano

Glenn Greenwald: Why privacy matters Over the last 16 months, as I've debated this issue around the world, every single time somebody has said to me, "I don't really worry about invasions of privacy because I don't have anything to hide." I always say the same thing to them. I get out a pen, I write down my email address. I say, "Here's my email address. What I want you to do when you get home is email me the passwords to all of your email accounts, not just the nice, respectable work one in your name, but all of them, because I want to be able to just troll through what it is you're doing online, read what I want to read and publish whatever I find interesting. After all, if you're not a bad person, if you're doing nothing wrong, you should have nothing to hide." Not a single person has taken me up on that offer.

Read also:

UKUSA Agreement

The UKUSA Agreement is an agreement between the United Kingdom, United States, Australia, Canada, and New Zealand to cooperatively collect, analyze, and share intelligence. Members of this group, known as the Five Eyes, focus on gathering and analyzing intelligence from different parts of the world. While Five Eyes countries have agreed to not spy on each other as adversaries, leaks by Snowden have revealed that some Five Eyes members monitor each other’s citizens and share intelligence to avoid breaking domestic laws that prohibit them from spying on their own citizens. The Five Eyes alliance also cooperates with groups of third party countries to share intelligence (forming the Nine Eyes and Fourteen Eyes), however Five Eyes and third party countries can and do spy on each other.


Five Eyes

1. Australia

2. Canada

3. New Zealand

4. United Kingdom

5. United States of America

Nine Eyes

6. Denmark

7. France

8. Netherlands

9. Norway


Fourteen Eyes

10. Belgium

11. Germany

12. Italy

13. Spain

14. Sweden

Why is it not recommended to choose a US based service?

USA

Services based in the United States are not recommended because of the country’s surveillance programs, use of National Security Letters (NSLs) and accompanying gag orders, which forbid the recipient from talking about the request. This combination allows the government to secretly force companies to grant complete access to customer data and transform the service into a tool of mass surveillance.

An example of this is Lavabit – a discontinued secure email service created by Ladar Levison. The FBI requested Snowden’s records after finding out that he used the service. Since Lavabit did not keep logs and email content was stored encrypted, the FBI served a subpoena (with a gag order) for the service’s SSL keys. Having the SSL keys would allow them to access communications (both metadata and unencrypted content) in real time for all of Lavabit’s customers, not just Snowden's.

Ultimately, Levison turned over the SSL keys and shut down the service at the same time. The US government then threatened Levison with arrest, saying that shutting down the service was a violation of the court order.

Related Information


Sortable VPN Providers Table Yearly Price Free Trial # Servers Jurisdiction Website
54 € Yes 162 Italy AirVPN.org
45 € Yes 5 Sweden AzireVPN.com
99 € Yes 27 Hong Kong blackVPN.com
$ 52 Yes 18 Iceland Cryptostorm.is
39,99 € No 432 Northern Cyprus EarthVPN.com
$ 99.95 Yes 145 British Virgin Islands ExpressVPN.com
$ 35.88 No 27 Sweden FrootVPN.com
$ 65.04 Yes 88 Malaysia hide.me
$ 100 Yes 21 Gibraltar IVPN.net
60 € Yes 168 Sweden Mullvad.net
$ 69 Yes 475 Panama NordVPN.com
$ 84 Yes 39 Sweden OVPN.com
124.95 € No 41 Panama Perfect-Privacy.com
Free Yes 112 Switzerland ProtonVPN.com
$ 90 No 300 Seychelles Proxy.sh
$ 39.95 Yes 48 Seychelles Trust.Zone
$ 39.99 No 122 Hong Kong VPN.ht
$ 35.88 No 80 Seychelles VPNTunnel.com

Our VPN Provider Criteria

  • Operating outside the USA or other Five Eyes countries.
    More: Avoid all US and UK based services.
  • OpenVPN software support.
  • Accepts Bitcoin, cash, debit cards or cash cards as a payment method.
  • No personal information is required to create an account. Only username, password and Email.

We're not affiliated with any of the above listed VPN providers. This way can give you honest recommendations.

More VPN Provider

Spreadsheet with unbiased, independently verifiable data on over 100 VPN services. (Join the discussion on Reddit)

Warrant Canary Example

A warrant canary is a posted document stating that an organization has not received any secret subpoenas during a specific period of time. If this document fails to be updated during the specified time then the user is to assume that the service has received such a subpoena and should stop using the service.

Warrant Canary Examples:

  1. https://proxy.sh/canary
  2. https://www.ivpn.net/resources/canary.txt
  3. https://www.vpnsecure.me/files/canary.txt
  4. https://www.bolehvpn.net/canary.txt
  5. https://lokun.is/canary.txt
  6. https://www.ipredator.se/static/downloads/canary.txt

Related Warrant Canary Information

Tor Browser

Tor Browser is your choice if you need an extra layer of anonymity. It's a modified version of Firefox, it comes with pre-installed privacy add-ons, encryption and an advanced proxy.

OS: Windows, Mac, Linux, iOS, Android, OpenBSD.

Mozilla Firefox

Firefox is fast, reliable, open source and respects your privacy. Don't forget to adjust the settings according to our recommendations: WebRTC and about:config and get the privacy add-ons.

OS: Windows, Mac, Linux, Android, BSD.

Brave

The new open source browser "Brave" automatically blocks ads and trackers, making it faster and safer than your current browser. Brave is based on Chromium.

OS: Windows, Mac, Linux, Android, iOS.

Fingerprint image

When you visit a web page, your browser voluntarily sends information about its configuration, such as available fonts, browser type, and add-ons. If this combination of information is unique, it may be possible to identify and track you without using cookies. EFF created a Tool called Panopticlick to test your browser to see how unique it is.

You need to find what most browsers are reporting, and then use those variables to bring your browser in the same population. This means having the same fonts, plugins, and extensions installed as the large installed base. You should have a spoofed user agent string to match what the large userbase has. You need have the same settings enabled and disabled, such as DNT and WebGL. You need your browser to look as common as everyone else. Disabling JavaScript, using Linux, or even the TBB, will make your browser stick out from the masses.

Modern web browsers have not been architected to assure personal web privacy. Rather than worrying about being fingerprinted, it seems more practical to use free software plugins like Privacy Badger, uBlock Origin and Disconnect. They not only respect your freedom, but your privacy also. You can get much further with these than trying to manipulate your browser's fingerprint.

Related Information

While software like NoScript prevents this, it's probably a good idea to block this protocol directly as well, just to be safe.

How to disable WebRTC in Firefox?

In short: Set "media.peerconnection.enabled" to "false" in "about:config".

Explained:

  1. Enter "about:config" in the firefox address bar and press enter.
  2. Press the button "I'll be careful, I promise!"
  3. Search for "media.peerconnection.enabled"
  4. Double click the entry, the column "Value" should now be "false"
  5. Done. Do the WebRTC leak test again.

If you want to make sure every single WebRTC related setting is really disabled change these settings:

  1. media.peerconnection.turn.disable = true
  2. media.peerconnection.use_document_iceservers = false
  3. media.peerconnection.video.enabled = false
  4. media.peerconnection.identity.timeout = 1

Now you can be 100% sure WebRTC is disabled.

How to fix the WebRTC Leak in Google Chrome?

WebRTC cannot be fully disabled in Chrome, however it is possible to change its routing settings (and prevent leaks) using an extension. Two open source solutions include WebRTC Leak Prevent (options may need to be changed depending on the scenario), and uBlock Origin (select "Prevent WebRTC from leaking local IP addresses" in Settings).

What about other browsers?

Chrome on iOS, Internet Explorer and Safari does not implement WebRTC yet. But we recommend using Firefox on all devices.

Stop Tracking with "Privacy Badger"

Privacy Badger

Privacy Badger is a browser add-on that stops advertisers and other third-party trackers from secretly tracking where you go and what pages you look at on the web. Privacy Badger learns about trackers as you browse by inspecting external resources websites request. Please be aware that Google Analytics is considered first-party by Privacy Badger, which means that Google Analytics will not be blocked if you do not use another blocker, such as uBlock Origin. https://www.eff.org/privacybadger/

Block Ads and Trackers with "uBlock Origin"

uBlock

An efficient wide-spectrum-blocker that's easy on memory, and yet can load and enforce thousands more filters than other popular blockers out there. It has no monetization strategy and is completely open source. We recommend Firefox but uBlock Origin also works in other browsers such as Safari, Opera, and Chromium. Unlike AdBlock Plus, uBlock does not allow so-called "acceptable ads".
https://addons.mozilla.org/firefox/addon/ublock-origin/

Automatically Delete Cookies with "Cookie AutoDelete"

Cookie AutoDelete

Automatically removes cookies when they are no longer used by open browser tabs. With the cookies, lingering sessions, as well as information used to spy on you, will be expunged.
https://addons.mozilla.org/firefox/addon/cookie-autodelete/

Encryption with "HTTPS Everywhere"

HTTPS Everywhere

A Firefox, Chrome, and Opera extension that encrypts your communications with many major websites, making your browsing more secure. A collaboration between The Tor Project and the Electronic Frontier Foundation.
https://www.eff.org/https-everywhere

Block Content Delivery Networks with "Decentraleyes"

HTTPS Everywhere

Emulates Content Delivery Networks locally by intercepting requests, finding the required resource and injecting it into the environment. This all happens instantaneously, automatically, and no prior configuration is required. Source code: GitHub.
https://addons.mozilla.org/firefox/addon/decentraleyes/


Stop cross-site requests with "uMatrix"

uMatrix

Many websites integrate features which let other websites track you, such as Facebook Like Buttons or Google Analytics. uMatrix gives you control over the requests that websites make to other websites. This gives you greater and more fine grained control over the information that you leak online.
https://addons.mozilla.org/firefox/addon/umatrix/

Be in total control with "NoScript Security Suite"

NoScript

Highly customizable plugin to selectively allow Javascript, Java, and Flash to run only on websites you trust. Not for casual users, it requires technical knowledge to configure.
https://addons.mozilla.org/firefox/addon/noscript/

Preparation:

  1. Enter "about:config" in the firefox address bar and press enter.
  2. Press the button "I'll be careful, I promise!"
  3. Follow the instructions below...

Getting started:

  1. privacy.firstparty.isolate = true
  2. privacy.resistFingerprinting = true
  3. privacy.trackingprotection.enabled = true
  4. browser.cache.offline.enable = false
  5. browser.safebrowsing.malware.enabled = false
  6. browser.safebrowsing.phishing.enabled = false
  7. browser.send_pings = false
  8. browser.sessionstore.max_tabs_undo = 0
  9. browser.urlbar.speculativeConnect.enabled = false
  10. dom.battery.enabled = false
  11. dom.event.clipboardevents.enabled = false
  12. geo.enabled = false
  13. media.navigator.enabled = false
  14. network.cookie.cookieBehavior = 1
  15. network.cookie.lifetimePolicy = 2
  16. network.http.referer.trimmingPolicy = 2
  17. network.http.referer.XOriginPolicy = 2
  18. network.http.referer.XOriginTrimmingPolicy = 2
  19. webgl.disabled = true

Related Information


Email Service URL Since Server Storage Price / Year Bitcoin Encryption Own Domain
2013 Switzerland 500 MB Free Accepted Built-in Yes
2015 Netherlands 4 GB Free Accepted Built-in Yes
2011 Germany 1 GB Free No Built-in Yes
2013 Belgium 500 MB Free Accepted Built-in Yes
2014 Germany 2 GB 12 € Accepted Built-in Yes
2009 Germany 2 GB 12 € No Built-in No
1999 Norway 1 GB $ 19.95 No No Yes
2003 Switzerland 1 GB $ 49.95 Accepted Built-in Yes
2014 Netherlands 10 GB $ 59.95 Accepted Built-in Yes
2010 Switzerland 2 GB $ 60 Accepted No Yes

Interesting Email Providers Under Development

Become Your Own Email Provider with Mail-in-a-Box

Mail-in-a-Box

Take it a step further and get control of your email with this easy-to-deploy mail server in a box. Mail-in-a-Box lets you become your own mail service provider in a few easy steps. It’s sort of like making your own gmail, but one you control from top to bottom. Technically, Mail-in-a-Box turns a fresh cloud computer into a working mail server. But you don’t need to be a technology expert to set it up. More: https://mailinabox.email/

Privacy Email Tools

Related Information

Thunderbird

ThunderbirdMozilla Thunderbird is a free, open source, cross-platform email, news, and chat client developed by the Mozilla Foundation. Thunderbird is an email, newsgroup, news feed, and chat (XMPP, IRC, Twitter) client.

OS: Windows, Mac, Linux, BSD.

Claws Mail

Claws MailClaws Mail is a free and open source, GTK+-based email and news client. It offers easy configuration and an abundance of features. It is included with Gpg4win, an encryption suite for Windows.

OS: Windows, Mac, Linux, BSD, Solaris, Unix.

Worth Mentioning

I2P-Bote

I2P-BoteI2P-Bote is a fully decentralized and distributed email system. It supports different identities and does not expose email headers. Currently (2015), it is still in beta version and can be accessed via its web application interface or IMAP and SMTP. All bote-mails are transparently end-to-end encrypted and, optionally, signed by the sender's private key.

OS: Windows, Mac, Linux, Android, F-Droid.

Bitmessage

BitmessageBitmessage is a P2P communications protocol used to send encrypted messages to another person or to many subscribers. It is decentralized and trustless, meaning that you need-not inherently trust any entities like root certificate authorities. It uses strong authentication which means that the sender of a message cannot be spoofed, and it aims to hide "non-content" data.

OS: Windows, Mac, Linux.

RetroShare

RetroShareRetroshare creates encrypted connections to your friends. Nobody can spy on you. Retroshare is completely decentralized. This means there are no central servers. It is entirely Open-Source and free. There are no costs, no ads and no Terms of Service.

OS: Windows, Mac, Linux.

searx

searxAn open source metasearch engine, aggregating the results of other search engines while not storing information about its users. No logs, no ads and no tracking.

StartPage

StartPageGoogle search results, with complete privacy protection. Behind StartPage is an european company that has been obsessive about privacy since 2006.

DuckDuckGo

DuckDuckGoThe search engine that doesn't track you. Some of DuckDuckGo's code is free software hosted at GitHub, but the core is proprietary. The company is based in the USA.

Firefox Addon

Worth Mentioning

Mobile: Signal

Open Whisper SystemsSignal is a mobile app developed by Open Whisper Systems. The app provides instant messaging, as well as voice and video calling. All communications are end-to-end encrypted. Signal is free and open source, enabling anyone to verify its security by auditing the code. The development team is supported by community donations and grants. There are no advertisements, and it doesn't cost anything to use.

OS: Android, iOS, macOS, Windows, Debian-based Linux

Wire

WIRE SWISS GmbHWire is an app developed by Wire Swiss GmbH. The Wire app allows users to exchange end-to-end encrypted instant messages, as well as make voice and video calls. Wire is free and open source, enabling anyone to verify its security by auditing the code. The development team is backed by Iconical and they will monetize in the future with premium features/services.
Caution: The company keeps a list of all the users you contact until you delete your account.

OS: Android, iOS, macOS, Windows, Linux, Web

Desktop: Ricochet

Ricochet uses the Tor network to reach your contacts without relying on messaging servers. It creates a hidden service, which is used to rendezvous with your contacts without revealing your location or IP address. Instead of a username, you get a unique address that looks like ricochet:rs7ce36jsj24ogfw. Other Ricochet users can use this address to send a contact request - asking to be added to your contacts list.

OS: Windows, Mac, Linux.

Worth Mentioning

Related Information

Mobile: Signal

Open Whisper SystemsSignal is a mobile app developed by Open Whisper Systems. The app provides instant messaging, as well as voice and video calling. All communications are end-to-end encrypted. Signal is free and open source, enabling anyone to verify its security by auditing the code. The development team is supported by community donations and grants. There are no advertisements, and it doesn't cost anything to use.

OS: iOS, Android.

Wire

WIRE SWISS GmbHWire is an app developed by Wire Swiss GmbH. The Wire app allows users to exchange end-to-end encrypted instant messages, as well as make voice and video calls. Wire is free and open source, enabling anyone to verify its security by auditing the code. The development team is backed by Iconical and they will monetize in the future with premium features/services.
Caution: The company keeps a list of all the users you contact until you delete your account.

OS: Android, iOS, macOS, Windows, Linux, Web

Linphone

LinphoneLinphone is an open source SIP Phone and a free voice over IP service, available on mobile and desktop environments and on web browsers. It supports ZRTP for end-to-end encrypted voice and video communication.

OS: iOS, Android, Windows Phone, Linux, Windows, Mac, Browser (Web)

Worth Mentioning

Related Information

OnionShare

OnionShareOnionShare is an open source tool that lets you securely and anonymously share a file of any size. It works by starting a web server, making it accessible as a Tor onion service, and generating an unguessable URL to access and download the files. It doesn't require setting up a server on the internet somewhere or using a third party filesharing service. You host the file on your own computer and use a Tor onion service to make it temporarily accessible over the internet.

OS: Windows, Mac, Linux.

Magic Wormhole

Magic Wormhole Get things from one computer to another, safely. This package provides a library and a command-line tool named wormhole, which makes it possible to get arbitrary-sized files and directories (or short pieces of text) from one computer to another. The two endpoints are identified by using identical "wormhole codes": in general, the sending machine generates and displays the code, which must then be typed into the receiving machine. The codes are short and human-pronounceable, using a phonetically-distinct wordlist. The receiving side offers tab-completion on the codewords, so usually only a few characters must be typed. Wormhole codes are single-use and do not need to be memorized.

OS: cross-platform (python)

Seafile - 100 GB Storage for $10/month

SeafileSeafile offers 100 GB Storage for $10/month but also gives you the opportunity to host on your own server. Your data is stored in Germany or with Amazon Web Service in the US for the cloud version. Encrypt files with your own password.

Client OS: Windows, Mac, Linux, iOS, Android. Server: Linux, Raspberry Pi, Windows.

Nextcloud - Choose your hoster

NextcloudSimilar functionally to the widely used Dropbox, with the difference being that Nextcloud is free and open-source, and thereby allowing anyone to install and operate it without charge on a private server, with no limits on storage space or the number of connected clients.

Client OS: Windows, Mac, Linux, BSD, Unix, iOS, Android, Fire OS. Server: Linux.

Least Authority S4 - For Experts

S4S4 (Simple Secure Storage Service) is Least Authority's verifiably secure off-site backup system for individuals and businesses. 100% client-side encryption and open source transparency. 250GB for $9.95/month or 5TB for $25.95/month. Servers are hosted with Amazon S3 in the US.

OS: Linux, Windows, Mac, OpenSolaris, BSD. (Installation for advanced users)

Worth Mentioning

Related Information

Seafile

SeafileSeafile is a file hosting software system. Files are stored on a central server and can by synchronized with personal computers and mobile devices via the Seafile client. Files can also be accessed via the server's web interface.

Client OS: Windows, Mac, Linux, iOS, Android. Server: Linux, Raspberry Pi, Windows.

Pydio

PydioPydio is open source software that turns instantly any server (on premise, NAS, cloud IaaS or PaaS) into a file sharing platform for your company. It is an alternative to SaaS Boxes and Drives, with more control, safety and privacy, and favorable TCOs.

OS: Windows, Mac, Linux, iOS, Android.

Tahoe-LAFS

Tahoe-LAFSTahoe-LAFS is a Free and Open decentralized cloud storage system. It distributes your data across multiple servers. Even if some of the servers fail or are taken over by an attacker, the entire file store continues to function correctly, preserving your privacy and security.

OS: Windows, Mac, Linux.

Worth Mentioning

SparkleShare

SparkleShareSparkleShare creates a special folder on your computer. You can add remotely hosted folders (or "projects") to this folder. These projects will be automatically kept in sync with both the host and all of your peers when someone adds, removes or edits a file.

OS: Windows, Mac, Linux.

Syncany

SyncanySyncany allows users to backup and share certain folders of their workstations using any kind of storage. Syncany is open-source and provides data encryption and incredible flexibility in terms of storage type and provider. Files are encrypted before uploading.

OS: Windows, Mac, Linux.

Syncthing

SyncthingSyncthing replaces proprietary sync and cloud services with something open, trustworthy and decentralized. Your data is your data alone and you deserve to choose where it is stored, if it is shared with some third party and how it's transmitted over the Internet.

OS: Windows, Mac, Linux, Android, BSD, Solaris.

Worth Mentioning

Master Password - Cross-platform

Master PasswordMaster Password is based on an ingenious password generation algorithm that guarantees your passwords can never be lost. Its passwords aren't stored: they are generated on-demand from your name, the site and your master password. No syncing, backups or internet access needed.

OS: Windows, Mac, Linux, iOS, Android, Web.

KeePass / KeePassX - Local

KeePassKeePass is a free open source password manager, which helps you to manage your passwords in a secure way. All passwords in one database, which is locked with one master key or a key file. The databases are encrypted using the best and most secure encryption algorithms currently known: AES and Twofish. See also: KeePassX (not regularly updated) and KeePassXC.

OS: Windows, Mac, Linux, iOS, Android, BSD.

LessPass - Browser

LessPassLessPass is a free and open source password manager that generates unique passwords for websites, email accounts, or anything else based on a master password and information you know. No sync needed. Uses PBKDF2 and SHA-256. It's advised to use the browser addons for more security.

OS: Windows, Mac, Linux, Android

Worth Mentioning

Related Information

Nextcloud

NextcloudNextCloud is a suite of client-server software for creating and using file hosting services. This includes calendar sync via CalDAV and contacts sync via CardDAV. Nextcloud is free and open-source, and thereby allowing anyone to install and operate it without charge on a private server.

Client OS: Windows, Mac, Linux, BSD, Unix, iOS, Android, Fire OS. Server: Linux.

Email Providers

EmailMany email providers also offer calendar and contacts sync services. Refer to the Email Providers section to choose an email provider and check if they also offer calendar and contacts sync.

OS: depends on email provider.

EteSync

EteSyncEteSync is a secure, End-to-End encrypted and journaled personal information (e.g. contacts and calendar) cloud synchronization and backup for Android. It costs $14 per year to use, or you can host the server yourself for free.

OS: Android.

Worth Mentioning

Who is required to hand over the encryption keys to authorities?

Mandatory key disclosure laws require individuals to turn over encryption keys to law enforcement conducting a criminal investigation. How these laws are implemented (who may be legally compelled to assist) vary from nation to nation, but a warrant is generally required. Defenses against key disclosure laws include steganography and encrypting data in a way that provides plausible deniability.

Steganography involves hiding sensitive information (which may be encrypted) inside of ordinary data (for example, encrypting an image file and then hiding it in an audio file). With plausible deniability, data is encrypted in a way that prevents an adversary from being able to prove that the information they are after exists (for example, one password may decrypt benign data and another password, used on the same file, could decrypt sensitive data).


Key disclosure laws apply

Key disclosure laws may apply

1. Belgium *

2. Finland *

3. New Zealand (unclear)

4. Sweden (proposed)

5. The Netherlands *

6. United States (see related information)

Key disclosure laws don't apply

* (people who know how to access a system may be ordered to share their knowledge, however, this doesn't apply to the suspect itself or family members.)

Related Information

VeraCrypt - Disk Encryption

VeraCryptVeraCrypt is a source-available freeware utility used for on-the-fly encryption. It can create a virtual encrypted disk within a file or encrypt a partition or the entire storage device with pre-boot authentication. VeraCrypt is a fork of the discontinued TrueCrypt project. It was initially released on June 22, 2013. According to its developers, security improvements have been implemented and issues raised by the initial TrueCrypt code audit have been addressed.

OS: Windows, Mac, Linux.

GNU Privacy Guard - Email Encryption

GnuPGGnuPG is a GPL Licensed alternative to the PGP suite of cryptographic software. GnuPG is compliant with RFC 4880, which is the current IETF standards track specification of OpenPGP. Current versions of PGP (and Veridis' Filecrypt) are interoperable with GnuPG and other OpenPGP-compliant systems. GnuPG is a part of the Free Software Foundation's GNU software project, and has received major funding from the German government. GPGTools for Mac OS X.

OS: Windows, Mac, Linux, Android, BSD.

PeaZip - File Archive Encryption

PeaZipPeaZip is a free and open-source file manager and file archiver made by Giorgio Tani. It supports its native PEA archive format (featuring compression, multi volume split and flexible authenticated encryption and integrity check schemes) and other mainstream formats, with special focus on handling open formats. It supports 181 file extensions (as of version 5.5.1).

Mac alternative: Keka is a free file archiver.

OS: Windows, Linux, BSD.

Worth Mentioning

Tor Project

Tor ProjectThe Tor network is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Tor's users employ this network by connecting through a series of virtual tunnels rather than making a direct connection, thus allowing both organizations and individuals to share information over public networks without compromising their privacy. Tor is an effective censorship circumvention tool.

OS: Windows, Mac, Linux, iOS, Android, OpenBSD.

I2P Anonymous Network

I2PThe Invisible Internet Project (I2P) is a computer network layer that allows applications to send messages to each other pseudonymously and securely. Uses include anonymous Web surfing, chatting, blogging and file transfers. The software that implements this layer is called an I2P router and a computer running I2P is called an I2P node. The software is free and open source and is published under multiple licenses.

OS: Windows, Mac, Linux, Android, F-Droid.

The Freenet Project

FreenetFreenet is a peer-to-peer platform for censorship-resistant communication. It uses a decentralized distributed data store to keep and deliver information, and has a suite of free software for publishing and communicating on the Web without fear of censorship. Both Freenet and some of its associated tools were originally designed by Ian Clarke, who defined Freenet's goal as providing freedom of speech on the Internet with strong anonymity protection.

OS: Windows, Mac, Linux.

Worth Mentioning

diaspora*

diaspora* diaspora* is based on three key philosophies: Decentralization, freedom and privacy. It is intended to address privacy concerns related to centralized social networks by allowing users set up their own server (or "pod") to host content; pods can then interact to share status updates, photographs, and other social data.

Friendica

FriendicaFriendica has an emphasis on extensive privacy settings and easy server installation. It aims to federate with as many other social networks as possible. Currently, Friendica users can integrate contacts from Facebook, Twitter, Diaspora, GNU social, App.net, Pump.io and other services in their social streams.

GNU social

GNU socialWhile offering functionality similar to Twitter, GNU social seeks to provide the potential for open, inter-service and distributed communications between microblogging communities. Enterprises and individuals can install and control their own services and data. Notable public deployments are quitter.se and gnusocial.no.

Worth Mentioning

Related Information

Njalla - Domain Registration

NjallaNjalla only needs your email or an jabber address in order to register a domain name for you. Created by people from The Pirate Bay and IPredator VPN. Accepted Payments: Bitcoin, Litecoin, Monero, DASH, Bitcoin Cash and PayPal. A privacy-aware domain registration service.

DNSCrypt - Tool

DNSCryptA protocol for securing communications between a client and a DNS resolver. The DNSCrypt protocol uses high-speed high-security elliptic-curve cryptography and is very similar to DNSCurve, but focuses on securing communications between a client and its first-level resolver.

Please refrain from using DNSCrypt until further notice (DNSCrypt v2 in development, no official website yet).

OS: Windows, Mac, Linux, iOS with Jailbreak.

OpenNIC - Service

OpenNICOpenNIC is an alternate network information center/alternative DNS root which lists itself as an alternative to ICANN and its registries. Like all alternative root DNS systems, OpenNIC-hosted domains are unreachable to the vast majority of the Internet. Only specific configuration in one's DNS resolver makes these reachable, and very few Internet service providers have this configuration.

Worth Mentioning

Laverna

LavernaLaverna is a JavaScript note-taking web application with a Markdown editor and encryption support. The application stores all your notes in your browser databases, which is good for security and privacy reasons, because only you have access.

OS: Windows, Mac, Linux, Web.

Turtl

TurtlTurtl lets you take notes, bookmark websites, and store documents for sensitive projects. From sharing passwords with your coworkers to tracking research on an article you're writing, Turtl keeps it all safe from everyone but you and those you share with.

OS: Windows, Mac, Linux, Android.

Standard Notes

StandardNotesStandard Notes is a simple and private notes app that makes your notes easy and available everywhere you are. Features end-to-end encryption on every platform, and a powerful desktop experience with themes and custom editors.

OS: Windows, Mac, Linux, iOS, Android, Web.

Worth Mentioning

Ghostbin

GhostbinGhostbin supports encryption, expiration, sessions, grant users to edit your notes and pastes up to one megabyte. You can also create your own account to keep track of your pastes.

PrivateBin

PrivateBinPrivateBin is a minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted in the browser using 256bit AES.

0bin

0bin0bin is a client side encrypted pastebin that can run without a database. 0bin allows anybody to host a pastebin while welcoming any type of content to be pasted in it.

Worth Mentioning

Etherpad

EtherpadEtherpad is a highly customizable Open Source online editor providing collaborative editing in really real-time. Etherpad allows you to edit documents collaboratively in real-time, much like a live multi-player editor that runs in your browser. Write articles, press releases, to-do lists, etc.

OS: Windows, Mac, Linux.

EtherCalc

EtherCalcEtherCalc is a web spreadsheet. Data is saved on the web, and people can edit the same document at the same time. Changes are instantly reflected on all screens. Work together on inventories, survey forms, list management, brainstorming sessions..

OS: Windows, Mac, GNU/Linux, FreeBSD, Browser.

ProtectedText

ProtectedTextProtectedText is an open source web application. It encrypts and decrypts text in the browser, and password (or its hash) is never sent to the server - so that text can't be decrypted even if requested by authorities. No cookies, no sessions, no registration, no users tracking.

OS: All Browsers.

Worth Mentioning

Qubes OS

Qubes OSQubes is an open-source operating system designed to provide strong security for desktop computing. Qubes is based on Xen, the X Window System, and Linux, and can run most Linux applications and utilize most of the Linux drivers.

Debian

DebianDebian is a Unix-like computer operating system and a Linux distribution that is composed entirely of free and open-source software, most of which is under the GNU General Public License, and packaged by a group of individuals known as the Debian project.

Trisquel

TrisquelTrisquel is a Linux-based operating system derived from Ubuntu. The project aims for a fully free software system without proprietary software or firmware and uses Linux-libre, a version of the Linux kernel with the non-free code (binary blobs) removed.

Warning

Worth Mentioning

Tails

TailsTails is a live operating system, that starts on almost any computer from a DVD, USB stick, or SD card. It aims at preserving privacy and anonymity, and helps to: Use the Internet anonymously and circumvent censorship; Internet connections go through the Tor network; leave no trace on the computer; use state-of-the-art cryptographic tools to encrypt files, emails and instant messaging.

KNOPPIX

KNOPPIXKnoppix is an operating system based on Debian designed to be run directly from a CD / DVD (Live CD) or a USB flash drive (Live USB), one of the first of its kind for any operating system. When starting a program, it is loaded from the removable medium and decompressed into a RAM drive. The decompression is transparent and on-the-fly.

Puppy Linux

Puppy LinuxPuppy Linux operating system is a lightweight Linux distribution that focuses on ease of use and minimal memory footprint. The entire system can be run from RAM with current versions generally taking up about 210 MB, allowing the boot medium to be removed after the operating system has started.

Worth Mentioning

LineageOS

LineageOSLineageOS is a free and open-source operating system for smartphones and tablets, based on the official releases of Android by Google. It is the continuation of the CyanogenMod project.

CopperheadOS

CopperheadOSCopperheadOS is a hardened mobile open-source operating system by Copperhead Security and based on Android. It aims to provide stronger security and privacy. It also contains a hardened kernel and sandbox features for app isolation. Available for select Pixel and Nexus devices.

Sailfish OS

Sailfish OSSailfish OS is a mobile operating system combining the Linux kernel for a particular hardware platform use, the open-source Mer core middleware, a proprietary UI contributed by Jolla, and other third-party components.

Worth Mentioning

Control your traffic with "NetGuard"

NetGuard

NetGuard provides simple and advanced ways to block certain apps' access to the internet without the help of root privileges. Applications and addresses can individually be allowed or denied access to your Wi-Fi and/or mobile connection, allowing you to control which apps are able to call home or not. https://www.netguard.me/


Manage your apps' permissions with XPrivacyLua

XPrivacyLua

Revoking Android permissions from apps often let apps crash or malfunction. XPrivacyLua solves this by feeding apps fake data instead of real data. https://lua.xprivacy.eu/

Requirements: Magisk (xda-developers) Xposed Framework (xda-developers)

OpenWrt

OpenWrtOpenWrt is an operating system (in particular, an embedded operating system) based on the Linux kernel, primarily used on embedded devices to route network traffic. The main components are the Linux kernel, util-linux, uClibc and BusyBox. All components have been optimized for size, to be small enough for fitting into the limited storage and memory available in home routers.

pfSense

pfSensepfSense is an open source firewall/router computer software distribution based on FreeBSD. It is installed on a computer to make a dedicated firewall/router for a network and is noted for its reliability and offering features often only found in expensive commercial firewalls. pfSense is commonly deployed as a perimeter firewall, router, wireless access point, DHCP server, DNS server, and as a VPN endpoint.

LibreWRT

LibreWRTLibreWRT is a GNU/Linux-libre distribution for computers with minimal resources, such as the Ben Nanonote, ath9k based wifi routers, and other hardware that respects your freedom with emphasis on free software. It is used by the Free Software Foundation on their access point and router which provides network connectivity to portable computers in their office.

Worth Mentioning

Windows 10 Privacy
  1. Data syncing is by default enabled.
  2. Your device is by default tagged with a unique advertising ID.
  3. Cortana can collect any of your data.
  4. Microsoft can collect any personal data.
  5. Your data can be shared.

This tool uses some known methods that attempt to disable major tracking features in Windows 10.

Arguing that you don't care about the right to privacy because you have nothing to hide is no different than saying you don't care about free speech because you have nothing to say.

The NSA has built an infrastructure that allows it to intercept almost everything. With this capability, the vast majority of human communications are automatically ingested without targeting. If I wanted to see your emails or your wife's phone, all I have to do is use intercepts. I can get your emails, passwords, phone records, credit cards. I don't want to live in a society that does these sort of things... I do not want to live in a world where everything I do and say is recorded. That is not something I am willing to support or live under.

We all need places where we can go to explore without the judgmental eyes of other people being cast upon us, only in a realm where we’re not being watched can we really test the limits of who we want to be. It’s really in the private realm where dissent, creativity and personal exploration lie.

Guides

Information

Tools



Copy URL and Description

For easy copy and paste. Share this text snippet.

It's important for a website like privacytools.io to be up-to-date. Keep an eye on software updates of the applications listed here. Follow recent news about providers that are recommended. We try our best to keep up but we're not perfect and the internet is changing fast. If you find an error, or you think a provider should not be listed here, or a qualified service provider is missing or a browser plugin is not the best choice anymore and anything else... Talk to us please.


Make suggestions on reddit

redditOur active community subreddit to stay up to date or to make suggestions. Join now! (Info)

Follow on Twitter

TwitterGet the latest privacy related updates from our Twitter Feed. Follow now!

Develop on GitHub

GitHubThe complete website source code is available on GitHub. Join our developer team!

This is a community project and we're aiming to deliver the best information available for a better privacy. Thank you for participating. This project needs you.


Creative Commons kopimi (copyme) Donate: 1N4bKCx3kpvUTBhsvbmthPDssN8ATPEhgt or use PayPal.

privacytools.io is a socially motivated website that provides information for protecting your data security and privacy. never trust any company with your privacy, always encrypt.