What are /r/privacytoolsIO's favorite Products & Services?

From 3.5 billion Reddit comments

You can use a combination of ShutUp10 and Windows Privacy Dashboard for disabling Telemetry and Windows Error Reporting, deleting and re-setting Advertising ID, blocking all known MS telemetry servers, turning off biometry, restricting access to hardware, removing Skype, Bing, Live and all Metro bloatware, and many more.

After that Windows would be a pretty private OS. Just don't forget Windows updates may reset some of your privacy settings, so don't forget to re-apply it. At least WPD has a command-line interface, so that you could automate it.

Lingva is awesome. Also don't forget to check out LibreTranslate and Apertium. They both are open source. Apertium can even translate documents and web pages!

If you use a desktop, there is a workaround for searching content of emails.

If you install and use the ElectronMail client to access your ProtonMail account and then enable Local Store for the account, it will save a copy of your emails (encrypted) locally on your desktop.

If you want to search the body of emails, you can switch from Online to Database View mode and then search the offline (local store) copy of your messages for whatever you want.

Beep. Boop. I'm a bot.

It seems the URL that you shared contains trackers.

Try this cleaned URL instead: https://www.amazon.com/Yubico-YubiKey-USB-Authentication-Security/dp/B07HBD71HL/

If you'd like me to clean URLs before you post them, you can send me a private message with the URL and I'll reply with a cleaned URL.

The price is $5/month, up to 5 devices.

Available for Windows, android, and iOS

Only available in 6 countries: US, Canada, UK, New Zealand, Singapore, and Malaysia.

Servers provided by Mullvad.

It's so important that we don't accept privacy washing from companies like WhatsApp (or Facebook). If these campaigns succeed and the average person accepts tools like WhatsApp as being privacy-preserving, then consumer demand for privacy-specialising technology will decrease and it'll become extremely niche, especially for things like messengers which rely on network effect.

Big companies know that people are becoming more aware of and concerned with their digital privacy. Don't let them hijack the conversation oil-company style.

Hopefully one day mainstream apps will actually be privacy-focused, but WhatsApp ain't it.

If you care about privacy then the solution should be both open source and decentralised. Pleroma is the closest to Facebook, followed by Friendica, otherwise you can use something like Matrix.

Signal and Telegram might be open source but are both centralised services and Telegram only open sources the front end.

My personal privacy setup is using as much open source software as possible and avoid Google/Amazon/Microsoft/Apple/Facebook/Dropbox as much as possible

OS: Windows 10 and Fedora 29 Dual Boot

Smartphone: Iphone (waiting for Librem 5)

Browser: Firefox with Ublock, HTTPS Everywhere, Privacy Badger, Decentraleyes, Facebook Container, Cookie Autodelete, KeepassXC Browser Addon, Joplin WebClipper,

Brave Browser as my second Browser

Email: Tutanota as Main Email, ProtonMail and Disroot Mail as Backup/Second Email

Thunderbird for accessing old email providers - Instead of the inbuilt email app (worst email program ever)

Cloud Storage: Nextcloud server from OwnCube Free 5GB and Discroot Cloud - Instead of Dropbox

Notes: Joplin and StandardNotes stored in Nextcloud(more Joplin because it's better structured with different notebooks) - Instead of Evernote and Onenote

Music and Video: Clementine Music Player and VLC Media Player - Instead of the inbuilt Windows apps (worst music and video player ever)

Messager: Signal - Instead of Whatsapp (Most friends still using Whatsapp :( )

Watching Videos: Invidious - Instead of Youtube ( I know it's still Youtube but a bit more anonymous)

Maps: OpenStreetMap - Instead of Google Maps

Password Manager: KeepassXC and Keepass Touch on IOS

Translator: DeepL - Instead of Google Translate

Search Engine: Startpage - Instead of Google

PC-Cleaning: Bleachbit ; File-Manager: 7zip - Instead of Winrar and Ccleaner

Office: LibreOffice ; Creative: Blender, Krita, Gimp, Inkscape - Instead of Microsoft and Adobe products

VPN: ProtonVPN

Didn't realise that; checked their website, and it says: >Prepackaged builds will be available through the releases page on the repository once the initial process of transitioning the project is completed enough for the first release version.

Releases page is showing a little progress towards v3.0.3; hopefully it takes off. I hear this fork was the one with the most steam behind it.

Hi, ProtonMail team here. We have responded previously to this, it's a smear campaign being run against us by Private Internet Access since ProtonVPN is competing with them.

You can find our response here: _and_tesonet/

Signal is open source, tried and tested, and end to end encrypted. It requires your number so you can communicate with anyone in your contracts (those without Signal).

They've proven through a court order that they could not help the big brother.. The only things they were able to share were the time the user registered and the last time they've used Signal.

I don't think any of the other alternatives have this much battle experience and trust.

Signal is basically an alternative to your regular SMS and calling app, so of course it will require those permissions. If you only want to communicate with Signal users, then go the route explained in the article you linked and use a burner number and not all any permissions.

Scrcpy is pretty dope: https://github.com/Genymobile/scrcpy

Open source and doesn't require any connection to any other server other than your own devices. Phone can be controlled via cable and WiFi.

However, it requires a few additional steps, so not sure how well it would suit you as you change ROMs often.

Later versions of ProtonVPN have resolved this issue and an update was rolled out to all users starting about a month ago. It is important to note that an attacker needs to already have access to your computer for this exploit to work, and it only impacts Windows users.

I am waiting for the release of the Mycroft assistant. I was hoping for the December release, but they are still working out some issues. The Mycroft was designed from the ground up to be private.

“Yet so far over the years, they managed just fine”

Who said that? Always remember, what you see on the news was most likely checked and allowed by numerous eyes before it got published. You never actually know if you got pwned until they knock on your door with loads of information and activities, you can just “think” that you’re ok, it’s never guaranteed.

A smart man once said, “the internet wasn’t made to be private or anonymous, so you can’t actually hide yourself on it without having backdoors”

If you follow that you’ll understand that everything can have exploits, doesn’t have to be tech exploits, it can be human exploits as well.

To be Edward Snowden and to relay on app that is available for everyone who wants it by a company that claims to be “transparent” is crazy.

If the NSA, FBI, and all other security / intelligence institutions in the US that pump so much tax money out of the governments for their researches with the most intelligent individuals working in there and with all that they can’t take control of a small company like NordVPN in a country that you almost never heard about, I seriously demand my money back.

I believe that you can hide yourself from overall spying and to somewhat get yourself out of that tracking pool where all the other people who doesn’t care about privacy in, but if someone will look for you and I’m not talking about your local institutions, I’m talking about national security institutions, if they will look for you, sadly you don’t have enough recourses to be the owner of your network and the services you relay on you never know what they’ll do.

After weeks of research i recommend Mullvad or due to the following details.

• 1. Its Open-Source
• 2. No Registration needed (No email or names). Just hashed tokens.
• 3. No-Logging Policy.
• 4. Able to pay with cryptocurrencies.
• 5. Offering tor hidden services.
• 6. Outside US.

The sheer number of affiliated Nord VPN links on each and every VPN review has always made me very cautious about NordVPN. Can't say I'm surprised.

Edit : just noticed ProtonVPN is in the picture too. That was spoken on the hacker news a few weeks ago. I have to say, this one surprised me quite a bit. The one who accused them were competitors (PIA).

EDIT : Protonmail has responded but their response is being downvoted. Which is strange. Here it is in full :

"Hi, ProtonMail team here. We have responded previously to this, it's a smear campaign being run against us by Private Internet Access since ProtonVPN is competing with them.

You can find our response here: "

Why Telegram? Telegram is known in crypto circles to be a bit shady to put it mildly. They invented their own encryption algorithms which is a big no-no when it comes to crypto. Is based or originated out of Russia meaning Russian state can try to interfere and/or influence. Ultimately is a privately help for-profit company meaning they can change their direction any moment they want to turn a profit.

If we really want to recommend a truly privacy-first messaging app, it should be Signal (https://signal.org) not Telegram.

Tutanota is a lot better than Protonmail.

1. It's open source - Protonmail claim to be so but their bridge and apps aren't Tutanota is a lot more clear, open and transparent than Protonmail when it comes to privacy, security and development.
2. It actually encrypts the email header/subject/title - Protonmail doesn't do this
3. It's cheaper
4. Based in Germany and with a smaller profile than Protonmail you'll fly under the radar more. Personally I feel my anonymity is stronger with Tutanota BUT that's subjective and open to debate.
5. GDPR compliant, you can export your emails very easily Protonmail it's a bit more difficult.
6. If singing up for a FREE account they don't require a phone number, alternative email address or loads of other intrusive information from you. Granted you could just fake this anyway so make of it what you will. They're also working on accepting crypto (so I've heard) to make the signup process truly anonymous.
7. So many rumors and allegations about Protonmail / ProtonVPN's CEO being connected with Tesonet (dataming company) much debate over whether or not this is true but I as the saying goes 'no smoke without fire' so I wont take the risk.

There are some downsides but they have a great dev team who are working on things as well as great support.

1. No IMAP or POP access, they do have a desktop client and their own apps
2. 1 Signature per account can't set up different signatures for different aliases / emails
3. The search function can play up and be a little iffy sometimes
4. Can't pay via Cryptocurrency but I heard they're working on this to make the signup process fully anonymous.

https://signal.org/bigbrother/cd-california-grand-jury/

The top level of the link where this doc is from. Only the PDF of court docs opened for me

Before people strap on the tin foil, please consider that your data in signal is end to end encrypted and they are unable to provide anything, especially chat transcripts to the court

I use cryptomator https://cryptomator.org it’s open source and free (except mobile version which costs 8$) you can first encrypt and upload your files and folders on almost any cloud service you like. only thing they will see is random symbols.

> Here’s the full list of VPNs that implement the Facebook remarketing pixel, according to our research:

>* Anonine VPN * Astrill VPN * Avira Phantom VPN * Blockless * CactusVPN- Update. CactusVPN removed the Pixel after this research was presented to them. Well done CactusVPN. * CyberGhost VPN - Update. CyberGhost removed the Pixel 2o minutes after this research was presented to them. Well done CG. * DroidVPN * FlowVPN * FrootVPN * Geosurf VPN * Ghost Path * Goose VPN - Update. GooseVPN removed the Pixel right after the research was presented to them. Well done GooseVPN. * Hide My IP VPN * HideMyAss VPN * Hola VPN * Hotspot Shield - Update. HotspotShield removed the Pixel shortly after this research was presented to them. Well done HSS. * IPVanish VPN - Update. IPVanish removed the Pixel 9 minutes after this research was presented to them. Well done IPV. * Ivacy VPN * Kaspersky Secure Connection * MonVPN * My Expat Network * My Private Network VPN * Newshosting * Norton Wifi Privacy * Opera VPN * OverPlay VPN * * PrivateVPN - Update. PrivateVPN removed the Pixel 10 minutes after this research was presented to them. Well done PrivateVPN. * ProXPN * ProxyServer VPN * PureVPN - Update. PureVPN removed the Pixel right after this research was presented to them. Well done PureVPN. * SaferVPN - Update. SaferVPN removed the Pixel right after this research was presented to them. Well done SaferVPN. * * Shellfire VPN * StrongVPN * SumRando VPN * tigerVPN * Tunnello * Unlocator VPN * VersaVPN * VPN Unlimited * * * VPNAUS * VPNJack * VPNTunnel * VyprVPN - Update. VyprVPN removed the Pixel right after this research was presented to them. Well done VyprVPN. * Zenmate VPN - Update. Zenmate removed the Pixel 12 minutes after this research was presented to them. Well done Zenmate. * ZoogVPN

This isnt the first time and wont be the last. Unless its a huge conspiracy it appears Signal does not have access to anything as it all encrypted and they only have access to the timestamps and creation date. https://signal.org/bigbrother/central-california-grand-jury/

Better - made by Indie, who’re super active and outspoken in privacy activism.

Firefox Focus - uses the Disconnect list, I believe.

I find this combination, along with my Pi-hole on my home network, to work well enough.

Someone replyed that the app was Adguard, which seems like the right app, but deleted before I could reply.

For others wanting it, it is [not on the play store](adguard.com). It does have a free version which is simular to NetGuard in which it uses a VPN to filter content but also allows DNS blocking, rather than just outright denying apps internet access.

Yes, this isn't NordVPN specific at all. You will have to blindly trust your vpn provider without any possibility to verify if they are really respecting your privacy.

edit: But if you don't trust a vpn, you have to blindly trust your isp. And there are several known cases where isps sold your metadata. So my comment isn't a recommendation to not-use a vpn.

I think, the future is Matrix: https://matrix.org/ It’s privacy oriented, open source & used by governments in Europe. I use it for couple of years, by hosting your own instance (like me) it’s bridgeable with others IM.

> Anyone with Wireshark (or any other similar app) and some networking knowledge can perform a network scan, check all requests made by the NordVPN application, and verify their destinations. The results will prove that the web scraping accusations are false. We have never in any way been related to any other projects developed by Tesonet.

While we can verify what data the vpn client to the vpn server sends, there is absolutly no way for us to check what the server does with the data. And the server knows basically our complete internet activity. If NordVPN would sell this data we wouldn't be able to find this out.

I don't know if they do this or if they don't. But users just don't have a way of checking this.

> Today marks the start of an exciting shift over here at Private Internet Access. As long-time supporters of the Free and Open Source Software community, we have started the process of open sourcing our software, and over the next six months we will be releasing the source code for all our client-side applications, as well as libraries and extensions.

You are doing nothing wrong. Cover your tracks is bad for testing your fingerprint since all it does is compare you to the small set of data they have which is usually heavily tainted by all the people who keep making tweaks and going back. If you want a good finger print test then use bromites. Just take the test then refresh the page and take it again to see if fingerprint changed.

https://www.bromite.org/detect

Frost for Facebook and Caprine would probably be next. The community was able to get youtube-dl back but this seems to be a legal battle and Facebook has no shortage of powerful lawyers. At this point, I'm just hoping Tim Cook would make them cry again with some new privacy feature in iOS.

Illegal ghost phones

https://lifehacker.com/how-to-create-an-untraceable-messaging-device-with-an-o-1739171742

Edit: In my world lots of people buy shady phones from shady pawn shops (already activated and on a plan no one is planning to pay for so it will soon be cut off) which is the illegal bit.

> "To give Vivaldi more of the attention it deserves, I decided to include it as the default browser in our popular Cinnamon Community Edition. With its remarkable browsing speed, exceptional customizability and especially the way it values user privacy, Vivaldi for me is a perfect match for Manjaro Linux."

What the?

Why do you seem reluctant to just use ProtonMail? I’ve been using ProtonMail for two years and am not going back! It’s a great service.

I pay $9.60/month for ProtonMail Professional with 10 addresses and ProtonVPN. They give you 1 extra GB and 1 extra VPN connection for every year you have been a paid subscriber and occasionally they gift extra storage.

I often hear the phrase “that’s steep just for e-mail”... well, your e-mail contains very personal details lf your life. Your purchase receipts, services you use, contacts, etc. I can tell a lot about who you are as a person if I had access to your inbox.

Example is Hotspot Shield on the app store. Nearly a 5 star rating, one of the top 3 VPNs there. But they log data, sell it, give it up to police, and tamper with your connection injecting ads into it.

I have been using anonaddy.com ( r/AnonAddy) successfully precisely for these objective now for about a year and a half. I create a new email address using a variety of domains (I have a couple of domains I own personally linked to the account too, as well as the native domains) which are available. I have found it to be exceptionally reliable.

Each time I create a new account at some website or another I create a unique email address and a unique password. If I notice that a company starts to spam me, or it appears that they've sold my email address, or the site becomes compromised, then I just switch off the email address and that is the end of the matter. I am not bothered by it any longer.

It works well, I'd recommend it.

Element https://element.io/ as a way to access the Matrix works really well and you can link any identifier you want, ie phone, email, id. It's e2e encrypted and decentralized; you can message, as well as do voice and video calls. The problem is getting people to adopt it socially. For me Element it's superior to Signal, but few know about it.

I was searching around to verify some of this for myself, and found this article:

It says that NordVPN spent $497,000 USD on advertising on CNN in February of 2018. That's almost 1/2 million, just on CNN, and just in 1 month.

A lot of this is just not true. NordVPN and HolaVPN probably are Tesonet and are both unforgivably sketchy but the only reason ProtonVPN got lumped in is because Darius Bereika incorporated a subsidiary location in that country. This is common for companies to hire local experts with big resources to do this. He is not the director of ProtonVPN. It's an unhappy coincidence that ProtonVPN had their android app made by a freelance developer who signed using the wrong keys. It's also being fixed. Google does not allow apps to change this once it's done. ProtonVPN is not alone in this, lots of other apps (even high profile games) are signed by developers with keys from their old companies even.

That's the entirety of the link and this has been proven independently. Go on hackernews and you can see basically everyone thinks this whole link even got established by PIA as a smear campaign against Proton because their free VPN has been eating away at their subscribers who only use a VPN casually. Also the guy that "blew the whistle" is a cofounder of PIA and is routinely chastised for not knowing wtf he's talking about when it comes to netsec. Anyone who knows what their talking about knows this Proton link is bull. I feel bad for those folks getting lumped into this crap. I will continue to use Proton and support them whenever I can. Boycott PIA.

tl:dr - Don't use Nord or Hola, and don't use PIA out of principle. Proton is okay.

It's the first time I've heard of both of these devices, but I can advise you to look at Mycroft.

I think Mycroft is the closest to a fully featured voice assistant that is open source and privacy respecting. They do have plans or maybe its already possible to run your own backend locally and not need internet access at all. I also believe they are using Mozilla's project common voice for training as well as community opt in samples.

>Even with the latest version of FF with the new content blocking feature?

Content blocking in Firefox uses basic filters

Default blocking is only blocking cookies using a list provided by disconnect (not blocking requests)

Content Blocking in Firefox is barely configurable (you can disable on specific websites, not unblock certain requests if something breaks, no custom filter lists...)

Privacy Badger uses a heuristic approach to blocking, and blocks aside from regular cookies also fingerprinting, tracking pixels, cookie sharing...

uBlock Origin uses a more traditional List based blocking like firefox, however is Much more configurable

​

While firefox does an OK job of blocking content, solutions like Privacy Badger and uBlock origin are much more powerfull

That article is misleading. He's talking about random VPN provider I never seen anywhere myself as an example of "logging exception" wow good job and of course the perfect example of this article is ExpressVPN, one of the biggest out there. Why doesn't he talk about audited VPN's like NordVPN (even if I don't like them personally) IVPN and a lot more ? Why doesn't he talk about the really detailed privacy policy of Mullvad for example since all others are not complete ? He's missing so many things in this article only to redirect you to a VPN comparison website with of course all the affiliates link at the top and a google chart with misleading & incomplete information. That's enough, this kind of article to "help" people and inform them are just bad and just misleading them about really good VPNs, because yes obviously ExpressVPN is the only hero of this article and it doesn't help at all on a neutral choice.

My assumption (and this is solely based on my opinion) would be that a couple factors might have been involved:

• They at one recent point added several trackers to their website. Once called out about it, they chimed in saying they were just to track the success of a social media promotion of their services. Basically, it was a "sorry we got caught" type situation.

• PIA went on a very public smear campaign against ProtonVPN, NordVPN, and possibly others in order to promote themselves.

• They're based in the US

> None of the competitors have ever reached out to us to seek an explanation and none have made a single official comment on the way we operate. That is neither activism nor social responsibility – this is the desperation of someone failing to compete with a company that is a relative newcomer to the market.

This is probably due to the fact that they're busy ignoring all these stupid allegations themselves.

According to the insane amount of similar posts on /r/ProtonVPN I can confidently say that these allegations come from PIA. Even their CEO have done posts in the past, which Proton have felt the need to respond to. (Sorry, can't link to any of them as I'm on my cell and it would take too long)

If think that the simplest solution would be LineageOS with MicroG. MicroG a free (as in freedom) re-implementation of Google Play services. They make their own version of LineageOS (for various reasons, see the FAQ) with only a week delay on the updates and with F-Droid pre-installed.

The advantage is that it supports all the LineageOS supported devices, without the hassle to install GApps or go without them.

Also, I recommend you use Shelter for containerizing non-free apps in the Android Work profile which gives them no access to the rest of your phone.

If it's clearly stated on their site they don't offer refunds, it's not a scam. They offer service on a yearly basis, according to you, which means when you buy, you buy for a year. If you decide not to use all the service you paid for, isn't that your problem?

According to their Terms of Service:

"The Service is billed in advance on a quarterly or yearly basis depending on your subscription and is non-refundable."

https://mailfence.com/c/mailfence/more/terms.jsp

I have an active sub with NordVPN, no one shared the result because:

​

"

The Report you about to see was prepared to enable NordVPN customers to verify that a report by an independent auditing company has been issued in connection with the no-log NordVPN service.

By proceeding further you agree that the auditing company will not be held liable nor responsible for any loss or damage suffered or costs incurred by you, arising out of or in connection with the Information provided in the report. You also agree not to copy and distribute the content or results of it.

​

"

And then the audit is done under the name of "Tefincom S.A's NordVPN service to the Management of Tefincom S.A. Nicosia, Cyprus"

​

Yes done under the country Cyprus, not Panama. I say screw Nord! Thank god I changed to Mullvad a few months ago even though I have still have an active sub with Nord.

Of the three I've only used Mullvad, and it's definitely one of the better services I have used. Very simple and relatively anonymous sign up process for an account - all you get is an account number and no other identification.

I'd also recommend Perfect Privacy. Their VPN is quite robust and they have some interesting tech like neural networking which is kind of a type of multi-hopping and built in filters that blocks trackers.

You can get an official apk at https://signal.org/android/apk. They've got the signing key there for you to verify the download. Plus you'll get notifications when there's an update to download.

I was just writing an email to them.

Hi,

Just read the blog post on your website https://nordvpn.com/blog/nordvpn-false-allegations/ from Daniel. It is quite informative and clears things on the ongoing issue. Good job on it!

But I have one unrelated question to your company/management. You say that you are based in Panama but your finance processing (payment from users) are done by a company based in New York, US. Now we all know that when we do financial processing inside the US, all records have to be kept including who paid whom for what purpose and from what method.

Does this not make your users' privacy and identity vulnerable from the US government?

Thanks.

Best Regards,

A concerned internet citizen.

Nextcloud has a page with providers that you can purchase a Nextcloud instance through. Nextcloud also started offering client side encryption so you will not have to trust the provider with your data since they won't have access to it.

You should try Joplin. "Joplin is an open source note-taking app. Capture your thoughts and securely access them from any device".

1. Yes.
2. markdown but with a WYSWYG editor if you're not familiar with it.
3. Available on all platform.
4. Yes. Edit one note = one md file (no folders)
5. Also yes.

Did I mention, it's an open source project with a heavily active community.
You can also pay the Dev to host your encrypted files for a small fee. More options and services are available, check their website.

Edit, didn't read correctly, as you tried? Joplin ? Not sure what you mean about the external structure. But one note = one file one Joplin. Also, as the files are encrypted folders are irrelevant.
If I understand you correctly, you won't be able to edit your files with another editor without Joplin (even if within the app you can launch and edit with your favorite editor). Files are encrypted. Now without the encryption you could edit them but still no folders. Sry

I used Mint before, but I had some issues that I couldn't fix and I definitely changed after several days of exchanging with Stef and Sanny from Mullvad because Firefox didn't want to connect with the VPN anymore, or any other browser, we didn't manage to solve the problem under Mint, I got fed up with it, I had heard good things about Pop Os, especially for gaming because I'm using Proton, I chose it and today I don't have any more problems, but it really depends on cases, my case is not a generality.

On the laptop, I use Xubuntu.

It's probably using some scripting which the Tor browser blocks. have you considered a VPN? You could try ProtonVPN. It has some limits for free accounts but that's mostly for P2P traffic and a lot less endpoints to choose from.
You could also setup Tor as a proxy I think but that may be making things needlessly difficult.
Anyway, good luck with what you're going through and don't do anything stupid. And there are also some subreddits you could go to to get something off your chest. Reddit works fine with the Tor browser. You probably won't find psychologists in training there but a kind word and someone that listens (well, reads) may help..
Using a throwaway account and the Tor browser will ensure your privacy there.

PIA is based in the U.S.

It doesn't matter if it is proven in the court. NSA or other government agency could go right now to PIA and force them to start logging without customers knowing about it!

Also PIA used fake Twitter accounts and other social media accounts to spread claims about ProtonVPN and NordVPN. That wasn't great move.

Also PIA has some very odd ideas of what security means. PIA finds itself incapable of writing an app that comports with best practices.

Either ExpressVPN needs to be removed, or the statement directly before the VPN table which references "no logging policy" needs to be removed. You can't have both. Period. And if ExpressVPN stays, then that immediately opens the door to all the other VPNs that maintain connection logs, of which there are many. BTW, did anybody bother reading their privacy policy? ExpressVPN is absolutely not a "no logs" VPN service, yet they still claim to be on their "logless VPN" page and in the pull request. What a joke!

Graphene is a wonderful OS but I don't think it is what OP is looking for here. Graphene is super strict about security and therefore only supports 6 devices. It also doesn't work with microG, which is necessary for running many applications without having google services installed. LineageOS for microG is what I would recommend for a good balance between privacy and usability without jumping straight into the deepest depths of the rabbit hole.

Telegram's cryptography protocol is flawed and it's recommended against by privacytoolsIO

Thanks for pinging us /u/PaskanMarjat

I've just registered via Tor myself: I got the clock captcha and the 48-hour wait. Believe us when we say it is hard to offer an email service with anonymous sign-up, and keep spammers out at the same time. Despite that, we stand firm to never ask for phone numbers or any personally identifiable information when you sign up.

Unfortunately, spammers heavily abuse VPNs and Tor so there will always be temporary blocks on certain VPN servers or Tor circuits. There's nothing we can do about this as otherwise we'd open the gate for spammers. Nevertheless, we focus on private, secure and anonymous emails. This hasn't changed. Please check again, you will be able to register via Tor.

If you're currently doing this manually, the AdNauseum browser extension can do the same thing automatically.

Or, set up a Pi-hole and don't even see the ads in the first place!

https://disroot.org

Disroot not only provides a Nextcloud instance, but also a host of other services, like mail, etherpad/calc, a pastebin like service, access to a matrix server and a diaspora pod, taiga (project management) ...

The service is reliable, you can try their free 4GB plan. As with all the cloud providers, try to encrypt your files on your own before uploading, or use something like cryptomator.

If you want something fairly simple to use and private I would suggest Wire. It's basically like Skype but end to end encrypted and open sourced. If you make your account on their web page you don't need to provide a phone number (unless they changed that). You can use it on phone(Android and IOS), browser or a desktop app (Linux, Mac, Win).

https://wire.com/

EDIT: Missed the p2p part. Maybe Tox could be of interest. Although I havent checked that project out in a long time. https://www.reddit.com/r/projecttox/

A distributed service would not be that much harder to censor than a centralized one. See this comment by Joshua Lund:

>It's trivial to block several distributed hosts simultaneously. An aspiring censor would simply find the most common federated endpoints for a given service and block all of them. Only the users of that software would be affected. There wouldn't be any collateral damage. > >If the censors somehow didn't hit every single worthwhile federated endpoint, users would still be left wondering why they couldn't communicate with most of their friends. Moving between federated hosts would also necessitate an entirely new identifier, so users would need to rebuild their social graph again. > >In addition to being ineffective against censorship, there are several other properties and trade-offs that make federation a difficult proposition for an application like Signal: https://signal.org/blog/the-ecosystem-is-moving/

Personally I'm using Nextcloud, but if you only want CalDAV/CardDAV you should probably take a look at Radicale. Baikal unfortunately isn't supported anymore :(

Mullvad win because they've now got partnership with a mainstream brand. Mozilla win because they'll see a cut of the subscription fees.

Both parties win because both parties will see an increase in their revenues, allowing more money to be pumped back into their respective products, resulting in better stuff for all of us.

I don't get why people are crapping all over this arrangement? Surely anything that brings in more revenue to two privacy respecting and advocating companies, whilst making a good quality VPN more visible and available to the general public, can only be a good thing?

I signed up for ProtonVPN when they had their Black Friday sale last year and cancelled the account within 2 weeks. Network speeds were ok, but I was faced with frequent disconnections to the many UK servers I tried. Their iOS app was also a huge battery drain for me (battery down to 50% by midday most days). Their support were unable to suggest a reason.

​

I've now switched to Mullvad and couldn't be happier. Network speeds are great, stability is great and the OpenVPN client for iOS works flawlessly.

Even in the best-case scenario, which involves Cloudflare's magnanimity and honesty, this will be abused into the ground and the IPs will be blacklisted from everywhere and everything, making it essentially useless.

The best option for security continues to be spinning up your own VPN on a VPS; the best option for privacy continues to be not using the internet (lol) or using Tor in combination with a proven, for-pay commercial VPN - I'm thinking Mullvad, AirVPN, or ProtonVPN - depending on threat model.

>Don't need to read it to know Mullvad is objectively the best.

I agree. I've been using Mullvad for over a year and it's been as reliable as any other service I've used. Plus, it doesn't require an email account to sign up and you can pay with Bitcoin or even cash. also gives Mullvad his top rating.

To clarify, "more unique" to whom? Your ISP may see you connecting to the Romanian server, but that's it. The local Mexican news site sees you connecting from Romania, but to my knowledge won't be able to trace that back to you. From what I understand, the public facing IP address from the VPN is the same for everyone on that server, so at the very least there is a lot of noise (i.e. the "person" at that IP address would seem to be also reading Canadian local news or whatever).

Also, there's no reason to always connect from the same spot--as an example, NordVPN boasts over 4,400 in over 60 countries. So today you're a Romanian looking into Mexican affairs, tomorrow you're a South African etc...

At the end you suggest we instead focus on "encryption" when you noted at the beginning the VPN is an "encrypted tunnel." That seems to suggest that VPN is something to focus on? I'm not sure I understood the difference you were drawing there. It also seems like you're viewing this as a zero-sum game, whereby if we encourage VPNs we are therefore not encouraging the use of other tools. VPN info is the top post here and the first tool mentioned on the privacytools website, but there are also many other tools listed and posted in both places.

I'm not hugely knowledgeable about all of the particulars, but my understanding is that VPNs are valuable privacy tools, but, as you noted, are just one piece of the picture. Is your concern just that there is too much emphasis on VPNs, or that they aren't a valuable tool? Your ISP by default is tracking and storing data on every single thing you do online, and possibly/probably selling that data, and a VPN lets you avoid this, so it seems to be useful.

So essentially:

- ProtonVPN UAB lists Tesonet's CEO as a director

- ProtonVPN UAB is operated from Tesonet headquarters in Vilnius, Lithuania

- ProtonVPN UAB uses Tesonet's previous technical employees

- ProtonVPN uses IP address blocks that belong to Tesonet

- ProtonVPN Android app is signed by Tesonet

In isolation, I guess any one of these could be excused away, but in aggregate it's really unsettling, especially given the link between Tesonet and other VPNS (Nord, Hola, CloudVPN, INC, and so on...

Does Proton also include members of Radware, F5 Networks, Equinix, Radix, Farice, LeaseWeb, Dell, Supermicro, etc. on their board of directors? Do they also use employees from these companies? Why the special circumstance for Tesonet? They've excused away the Android app and IP address blocks, but I've never seen anyone address the issue of Darius Bereika - it's akin to including someone from Google, AdRoll, or Facebook on the board of your privacy-focused company. "Andy" writes: "Proton does not share any employees (or company directors) with Tesonet. This is also a verifiable fact" but the fact of Bereika remains - he was absolutely listed as a director for PROTONVPN LT, UAB and has, since the original post(s), been scrubbed.

Windows is privacy nightmare (https://www.privacytools.io/operating-systems/#win10)

For Linux you don't need antivirus.

If you need it, for example, to scan sites, you can use open source solutions (ClamAV for example)

This exact situation is what you, Proton warn users about. When digging into the backings of a VPN company, if the user find things that are "shadowy" and don't add up, then the user should not trust that VPN provider. https://protonmail.com/blog/trusted-vpn/

ALSO: In that exact same blog post, you (Proton) smear PIA by linking them in a blog posting by saying they go through great length to hide where they are located. They have never hidden the fact they are based in the US, and they have postings about them being in the US on their site. FURTHER more, on another blog posting, you say you have proof that some other VPN provider is working with an intelligence agency, but REFUSE to say who it is! On the onset that spread FUD about your competitors, and if you have proof and refuse to present it, you are willing and allowing users to be harmed. As a company that talks so much about privacy, I would think it would be your position to protect as many peoples' privacy as much as possible.

Mullvad VPN is the best vpn for Privacy. I use it and highly recommend.

• It's fully Open Source
• Their Developers use QubesOS only for working on Mullvad
• Their Registration/Login/Payment Process is done via a randomly generated number string. So they know nothing about you. No email, No username, No Password. No Nothing.
• Their Payment Options Support, Bitcoin, Bitcoin Cash, & Sending in Raw Cash via Mail.
• They have full DNS leak protection.
• They have a Connection Kill Switch Built-In.
• They support SSH tunneling, Shadowsocks, and Stunnel.
• All their servers use 4096 bit RSA certificates (with SHA512) for server authentication. Data encryption is AES-256 GCM by default. DHE for perfect forward secrecy. Re-keying is performed every 60 minutes.
• They are a big supporter of WireGuard and have lots of WireGuard servers available.
• They don't Block P2P.
• They support Port Forwarding, SOCKS5 Proxies, & MultiHop.
• They Support Tor Integration
• Mullvad’s Directly built to integrate with QubesOS & Wireguard flawlessly

It's interesting to point out that OP is a newly made account who seems to specifically post only against ProtonVPN.

Edit: After reading the original thread, I heavily suspect that OP is rasengan (PIA's co-founder) from here:

None of them are privacy friendly, especially Discord and Snapchat. They are well known for spookiness. If you want something privacy friendly apart from Signal and Telegram, maybe you should try Matrix.

look into microg as alternative to google services. It's an open source alternative that is based on google play services but anonymises your data. If you cannot do without google push for example, this would be your best bet. You don't need to use location data from google any more but can use a locally downloaded file or use mozilla's location backend instead. Lineage does not support microg natively though, so it would be easier to use the fork which is called lineage for microg https://lineage.microg.org/. You need a rom that supports signature spoofing (I use crdroid on my moto g) but lineage for micro g would be my choice of rom now, as it is the most well mainained rom when it comes to android updates.

Not listed in their readme, but their api specifications use codes for language selection (eg: ja, en), instead of the names spelled out (eg: japanese, english).

An example for /api/v1/:source/:target/:query would be:

• /api/v1/en/ja/cat

Instead of

• /api/v1/english/japanese/cat

I got the list of codes here

I wouldn’t say so... https://www.joinhoney.com/privacy.

In very short: they’re owned by PayPal. They collect data on the retail sites you visit/purchase from, and potentially share it with businesses/services that “help Honey run.” They use third-party pixels and tracking cookies.

Under current Swiss law, email and VPN are treated differently, and ProtonVPN cannot be compelled to log user data. We've shared more clarifications about this case here.

I've done tons of research into VPNs and ultimately decided against Nord due to several complaints about their speed. Here's a link to That One Privacy Guy's review:

I'd recommend you take a look at:

AirVPN Mullvad

>Is Signal safe?
>
>No, Celebrate cannot ‘break Signal encryption.’

The answer to this question should be yes, and the Cellebrite issue should be its own thing to prevent confusion.

This is very good advice except for 2. Running and maintaining https://mailinabox.email/ on a privately owned server has been trivially easy for me and I have very little experience in Linux and CLIs.

Are you using NewPipe from F-Droid or did you add the NewPipe repository? F-Droid version has issues and is not updated as fast. Go to NewPipe and add their official repository to F-Droid which gets much faster updates and fixes. Age restricted content works for me on that version.

Here is a link to the NewPipe repository: https://newpipe.net/FAQ/tutorials/install-add-fdroid-repo/

Just add it and swipe down to get F-Droid to update repositories then follow the instructions given on the NewPioe page.

Session uses Signal protocol (or a fork of it) https://getsession.org/introducing-the-session-protocol/

Also, my understanding is that Signal protocol is considered superior to Matrix or any other less tested protocols

https://www.reddit.com/r/signal/comments/dagydx/should_signal_support_the_matrix_protocol/

There is Silence for Android: https://silence.im/ which uses SMS which is a fork of Signal

Note that it is not on the play store in america (but it is in at least some countries) but americans can get it off f-droid.

You could also use PGP in your SMS or something too (but I recommend Silence since PGP does not use forward secrecy).

I didn't claim supporting two privacy oriented companies was going to make you immune to a data breach or surprise backup. If you trust Mullvad then stick with them. If you trust FireFox and never heard of Mullvad before this then go with them. It is about your comfort zone. If you trust both companies then this is a way to support two companies at one time for $.50 less a month than just supporting one.

Nonsense IMO, if you enjoy Mozilla's products and mission, you should want them to have a sustainable business model even if it's an NPO to have the means to maintain and expand their services, which isn't free. All rational NPOs that are not government-funded need to assure their viability by generating revenue. Mozilla is also in a situation that makes donations insufficient to develop and maintain competitive products (which, for instance, environmental NPOs does not need to do) while also not being used on enterprise level to make B2B "donations" an option (like Linux for instance). So what should they do? Have no care for money and develop sub-par products or be (try to be?) a pillar of reputable privacy-oriented, non-corporate/publicly traded (nothing wrong with that, but it conflicts the core mission) FOSS? Lest not forget they're in an arena where competitors are $1-2T corporations with revenues of $50-250B they can't do much just feeding on Bing searches. I'm personally eager for my NordVPN to expire and give the money to Mozilla as well as future products they could develop. I'm not sure how I would feel about the foundation spinning off the corporation in IPO, in the right hand and depending on the shares-structure (no greasy hands) it could be an extremely effective way to fund the mission of the foundation.

> “At this time, it is unclear if Mozilla will offer a true VPN (an encrypted tunnel) or instead will they offer a proxy service but brand it a VPN like Opera. Mozilla will have the same challenges regarding transparency, security, performance and customer support that every VPN Provider faces when entering the VPN marketplace. I think transparency will be Mozilla’s main challenge when launching its VPN service. I have seen reports online that ProtonVPN will be the wholesale VPN service for Mozilla. However, there have also been discussions online that [name redacted] is the true owner of ProtonVPN which had led to concerns about data mining of customer information and other transparency issues. Ultimately, Mozilla will have to decide how to address transparency issues that are inherent when relying on a third-party to provide their VPN service.”

-Sunday Yokibaitis from VyprVPN
What was [name redacted]?????

yeppers. per the privacy statement:

"NordVPN processes user data only to a very limited scope – only as much as it is absolutely required for provision of the NordVPN Services, processing of payments for the NordVPN Services, as well as functioning of the NordVPN website and mobile applications.

Personal data is processed by NordVPN automatically and manually. Unless expressly noted otherwise, NordVPN or a designated subsidiary in your country shall act as the responsible personal data controller for any data processed."

So the trackers could be to garner insight about where you came from (i.e. which banner ads bring traffic), how long you stayed, or if you clicked an ad/link to leave the page (i.e. are we generating revenue).

NordVPN also uses third party analytic tools to track this traffic on their behalf (likely google analytics).

They seem to have a strict 2-year data retention policy, and a pretty transparent process. I wish we knew about oversea transfers but that's likely only going to be a Canada thing for now.

If you're concerned about the specific trackers and what data points each are capturing, how they're stored, etc. you can reach out to their privacy office using the link in the privacy statement.

From experience though, these sort of trackers give zero fucks who you are. IP address is kept to match all the data points together and then they're usually discarded, or if kept likely only for matching to ensure repeat visitors aren't giving you bad numbers. Their concern is understanding their own website and how it's interacting. Which ads are getting people to come in (ex. reddit vs facebook), and which people are likely to buy - so they advertise to interested people.

Mullvad offers bridges for this exact purpose of getting around restrictive firewalls.

You can also try using Wireguard servers instead. Sometimes they work behind firewalls that auto-block OpenVPN.

I never trust VPN's either. The only reason I trust my VPN is cause I use Mullvad VPN. With most VPN's, You have to sign up using an email address and password. With Mullvad VPN, a random number string is generated on their website and that's how you login and pay. They don't ask for any name, any phone number, any email, or any information at all. So they can't identify you. I connect to Mullvad VPN using Tor. That way they can't know my originating IP Address. Mullvad VPN clients are all Open Source and they support/encourage Wireguard client. They say they use QubesOS for all developing work. But obviously that can't be verified. However it's a good sign that they even know what QubesOS is. They allow you to pay for the service via Bitcoin, So that means you can pay anonymously as well. Assuming you use a single purpose bitcoin wallet and address only for paying for mullvad. I know I probably sound like their spokes person lol. But I'm simply a VPN & Privacy Technology Enthusiast. No malicious intent from me. This is all simply opinion based off facts. I can't say all of this about any other VPN to my knowledge. But would love to hear of any others that offer all these same attributes.

Final thoughts: As many other services do, NordVPN relies too heavily on affiliate marketing (native advertising/paid reviews, etc).  Their resellers appear to refuse to provide full and prominent disclosure of their financial relationship with NordVPN (as most affiliates do unfortunately) and I couldn’t find evidence that they expect anything more from them.  This is encouraging unethical behavior and is not in the best interest of their customers.  Most commercial services do this – and it’s not okay.
cookies, and a number of proprietary APIs.

Their service was very clunky to get started, and not user friendly or descriptive when it came to giving detail about the servers, their locations, or requirements to connect.  The site was a mess when it came to downloading Android config. files as well.  I wouldn’t recommend the service based on what I saw, despite the hype I usually see online.  It’s not the worst service I’ve used, but given their love of affiliate marketing – you might think twice the next time you see someone recommend NordVPN.

It depends on what VPN's you choose to buy. I think that there are definitely VPN's like NordVPN or StrongVPN who don't log and can keep you secure. Just avoid free ones, who often log and sell your data and you will be safe.

UDP port 53 is the assigned port for DNS queries. Both the IP addresses (37.59.40.15 and 139.99.96.146) are related to Parrot OS

They both resolve to subdomains of ParrotSec.org https://mxtoolbox.com/SuperTool.aspx?action=ptr%3a139.99.96.146&run=toolpage https://mxtoolbox.com/SuperTool.aspx?action=ptr%3a37.59.40.15&run=toolpage#

So I think it's unrelated to VeraCrypt.

I'm not familiar with ParrotOS personally - but it looks like a 'privacy feature' that they're overwriting the default DNS configuration from your router to use their DNS revolvers rather than your ISP default.

Why exactly sudo is doing a DNS lookup in the first place would be down to how that's configured.

I'd pop over to /r/ParrotOS and ask if I were you...

Why is PiHole the best? Because it has built-in ad filtering and is self-hosted?

If you're using regular DNS your ISP (and pretty much anybody else) can still see what domains you're requesting. I suggest looking into DNSCrypt. If you're on Windows Simple DNSCrypt is pretty good.

Suggestion:

Consider some suggestions from here: https://prism-break.org/en/categories/macos/

• Consider Qubes Operating System or Arch Linux (two of my favorites)
• Consider a VPN that meets PT
• Consider T0r with bridges
• If you need a good email provider I recommend Protonmail or Riseup, if you prefer the latter let me know and I can send you an invite code

Personally I use Keepass.

1. It's open source
2. It's been audited by the EU commision, who found the cryptography secure and reported no security issues.
3. It can work either fully offline, or on-line on a self hosted site.
4. It can also use a keyfile (that's stored only on a USB say) as part of the password.
5. There are versions of Keepass for nearly all platforms.

"This application provides display and control of Android devices connected on USB (or over TCP/IP). It does not require any root access. It works on GNU/Linux, Windows and MacOS."

While this is neat, it doesn't really answer the question. OP was asking for a way to use an android tablet as a 2nd monitor for their Linux install, not to be able to control/view their android device from Linux.

The most secure alternative is probably Nextcloud. You can either host it by urself or your using a third party provider. Alternatively you could also use [Sync ](www.sync.com) (located in Canada e2e encrypted) or [pCloud](www.pcloud.com) (located in Switzerland) which I am currently using together with Cryptomator for enhanced security. Sync or pCloud is definitely a cheaper option. All of them offer an App which allows you to automatically back up your photos.

The concept of simple "deletion" is flawed. Deleting something simply unallocates the space, but it can still be recovered, and it can even theoretically be recovered from hard drives if it's written over. The best option is for the emails to be stored with zero-access encryption to begin with. That means that all your emails are encrypted before they're sent to the email server, and you unlock your mailbox client-side, meaning that the server storing your emails cannot read them or decrypt them. In that case, it wouldn't matter whether they were deleted or not, no one but you would be able to read them.

My personal recommendation would be ProtonMail, especially as they're entirely open source, so you can see exactly how their encryption works. Plus, it's free, but there are paid options with more features if you want them. If you buy a plan, I recommend bundling it with ProtonVPN, which is also open source and is honestly a wonderful no logs VPN. Oh, and I should mention that they also delete emails when you delete them, and they're stored in their backup servers for 14 days before being deleted there. Quoted from ProtonMail's privacy policy:

> Deleted emails are also instantly deleted from production servers. Deleted data may be retained in our backups for up to 14 days.

Source

There are also other email providers like Tutanota that use the same concept of zero-access encryption, and those are worth looking into as well. You don't have to take my recommendation when there are other products out there.

But even with an email service that deletes emails when you delete them, that strategy is deeply flawed and insecure if they aren't also encrypted.