No one. Antivirus needs to scan all files, send some of them for analysis to their servers, working 24/7.
That's basically a spyware.
It is much better to just use a good firewall (UFW, Simplewall or Portmaster) and install Ublock Origin on the browser with good custom lists.
on that note you may be interested in having a look at the Portmaster, which tackles a different angle of Windows privacy and is both free and open source.
Disclaimer: I'm co-founder of Safing
Our software that does that is the Portmaster.
It's hard to summarize my feelings to Microsoft, but I'll give you some thoughts:
🤷♂️ some thoughts
I would also advise using something like "little snitch" to regulate application traffic, as the native firewall client is quite limited (e.g. portmaster.)
Against ransomware, I would advise to use encrypted backups. Sadly there isn't a user-friendly solution for Borg (Afaik), but I'm sure there are plenty of others.
We're developing something that might fit your needs: The Portmaster.
It's still in alpha and we're looking for testers. You might encounter some issues here and there, but it runs quite well already. If you do try it out, we'd love to hear some feedback!
It's really easy to install and uninstall again. ;)
Have you never used an AdBlocker? Here's a great one: https://ublockorigin.com/
If you need deeper ad blocking: https://safing.io/portmaster/
I don't like advertising any more than anyone else here, but I set up a network-level ad blocker so even on my phone I never get ads. The only place I see ads is in the physical world, and those are really easy to ignore, and can be quite handy if I need to find a store or location in my city, I just look up at the billboards.
Well I'm using Portmaster to have some more granular control and somewhat easy to use monitoring: https://safing.io/portmaster/. Not really a firewall per se but sort of is, with extras.
It's still in "Alpha" but have not had any real issues beyond needing it to handle local devices that are on my network (mainly google home stuff).
https://safing.io/portmaster/ it does not have a map but it is a pretty good firewall that shows you every connection and where they are going, it also has built in addblock features
I don't know what exactly you are looking for, however I saw the other comments here, and you said you don't have money to pay for a vpn. How about using Safing Portmaster, it is a tool with a nice gui that let's you monitor and control all of your network activities, I mean all of it, you can block unwanted connections and all the like, it is a nice nifty tool. It is free to download so don't worry, just follow the instructions on how to download it on it's websites and check if your linux distro is compatible with it. I mean this is another way to be safe on the net.
I remember on windows it to be rather finicky, but for us now, there's Portmaster.
It's still in alpha but it seems to be exactly want you want, and relatively solid considering that it's an alpha.
"Best" is subjective.
I'm using Portmaster and it's been going really well. Although it's still pre-beta software, so you can find some problems with it
​
Hi, any reason you did not use the .deb file installer? Mint is based on Ubuntu/debian and you should be able to use those packages as well. Ju can find the download link here https://safing.io/portmaster/#downloads
Strongly recommand portmaster : https://safing.io/portmaster. Careful, some protection software try to stop him, but it's safe. A very nice Open Source application system help you to manage block list, DNS logs !
Ehh, Reddit didn't notify me about your reply, sorry. :)
>For the application firewalls, I was looking for something that I could create whitelisting rules for controlling internet access and only allowing specific apps to access specific interfaces (I have a few things that I only want to run on VPN and a few browsers that can run on either, other that system tools, everything else should be blocked unless I make an exception). Haven't looked at these in a little while but last I checked, opensnitch looked the most promising. There were some other application firewall projects for Linux but most were old and/or had very arcane build instructions. In theory, I could probably also do something similar using SELinux but the documentation isn't the greatest either.
Hmm, I found something that's for Ubuntu and Fedora, and even Windows. It's an application-level firewall that lets you see when applications make outbound connections and to allow/reject it on a per-host or per-application basis.
It's Little Snitch.
What do you think? Does it look like a scam? ;)
funnily enough 2 days after this post we added support for .rpm
packages:
https://safing.io/portmaster/#downloads
This GitHub thread might be of interest too
Thank you. Will try.
Its safe - https://safing.io/portmaster/#downloads
VT report - https://www.virustotal.com/gui/file/84ba597d98f7bda1b9986e2342de820ce3444c4761766830451ef66c64aa49ec/details
Ah you meant free, disregard my previous message then. I misunderstood your original post. If your looking for free, check out https://safing.io/portmaster/ this is from MBs book, and I’ve tried it, it good for what it does, but it’s super clustered. For me, it was overwhelming about how much stuff was on one screen at once. The UI could definitely be better. Just a heads up, if you do choose to use this, the second you install it; it will take 30-45 minutes to download packages, and while that is happening you won’t have access to internet because it will be blocking it. At least, that’s what happened for me. HTH
No it would still stand data based on your search terms. If you want to use Chrome, try Portmaster. With this open source tool you can block any connection that you make. But again that would also block the connections to gstatic.com , google.com etc. Which would break websites like Youtube or any other similar Google service. So maybe your best option is just using Brave or Firefox. Which i know sucks.
We're working on a nice alternative, the Portmaster and are looking for testers. If you give it a try, we'd love to hear about your experience.
We also did an AMA on r/privacytoolsIO last year that was x-posted to r/privacy.
For anyone interested in Adguard, we are developing something similar and would love to have some feedback:
The Portmaster is an application firewall and secure DNS resolver with filtering just like Adguard - we also use their lists by default. It's open source and you can install it on Linux and Windows. Settings are configurable per app and it's always with you!
Thanks for the detailed reply and this is on desktop its an app from Github similar to DNSCrypt and Pihole called Portmaster.
https://github.com/Safing/portmaster
>Yes I already use those in your end statement. Never tried Qubes yet though<
Great to here you watch TLE! He does Gerät content and helped me with my Linux experiment a lot.
Regarding how we make money. The portmaster is free and comes with two main modules that are and always will be free link to homepage
We have a third module called the SPN. Imagine the baby of Tor with a VPN. It’s new technology designed for privacy from the start.
We charge 9.90€/month (although it is currently a preorder! So onetime and starts when activated) and it is a flat rate. link to SPN
We were able to start because we were fortunate to get public funding from different institutions. You can find them here link to funding
for desktop, if you dont want to use the web client you can use Portmaster to block tracking. It is FOSS
disclosure: I am one of the founders of Safing
oh I think I understand now, you're referring to the animation on the portmaster page? https://safing.io/portmaster/
What I understood as the "demo video" was the update video where we first showed the PM in action
But yeah, if that's the case I understand your sentiment
Compare it to real life. Instead of waking up every day and having to mix together a new, unique outfit, just lock those bloody doors. Yes, the uniqueness generation is done by technology, but it's likely you'll still see patterns to then again identify. Some params may stay the same though your whole package changes with every request. I see "Joe"ing around as a nice addition, but blocking is the foundation fmpov.
Another benefit is that blocking reduces processing power & battery usage.
So I'm all for blocking. Specifically, I'm mostly a whitelister.
Instead of stressfully fixing one leak after the other (blacklisting), just block everything by default and only open doors you trust. I know it's often not possible, but since switching to GrapheneOS I know what true peace of mind is. I block all apps from network access by default and only let those to the Internet I trust.
I do the same with uMatrix, blocking a lot by default and then whitelisting.
Dreaming of a future where that's easily possible for computer OS too. ^(working on it too... ^(1))