my-privacy-tools
online privacy is a journey, it is impossible to recommend tools to one without understanding the tradeoff one’s ready to make. hence, i will not sugest that any of those tools are the right fit for you, neither they are the best for me, but at this point in time they are the one i use. it is important for me to state that even though i am quite tech savy, i have a high preference for convenience for the majority of my tools (with the exception of a few).
side note: most of the tools highlighted here are free and open source software (FOSS) except a few which i’ll highlight with 💵. nonetheless, i strongly encourage you to support any of the open project you would use, by either donating or using the paid version (which is generally really cheap).
🫂 social
social media is a tricky one, the whole business model of the industry is made a contrari to the self sovereignty of indivduals. thankfully, a couple of privacy focused developers created a couple of apps that we can easily and enjoyably use. for me in this category, the big winner is Signal. it is certainly not perfect (what particularly rub me the wrong way is the governance, as i feel some features have been requested by the community for a while and the devs seem to still go on with their internal roadmap wihtout much consideration - for others it’s the phone number requirement and centralised servers) however, signal is a massive win over basically any other social app. it encrypts everything, and has access to very few information about yourself. furthermore, it manages to meet people in the middle by having such a pretty ui and good ux that you can onboard your friends and family. this is probably the most important point for this category.
🚇 vpn
this has become essential for me. i often use open networks (in trains, hotels, etc.) and i don’t trust my isp. here, it is very important to remember that you actually move the trsut to the vpn provider. thus, choosing a trustworthy provider is the key, it is tempting to go with a cheaper provider, but this may come at great cost depending on why you are using a vpn in the first place. an issue may be that the provider logs your activity and keeps that somewhere (which means, another bad actor could get hold of that). the ideal situation, is to have a provider that doesn’t know your identity so that even if the provider was to be a bad actor, he couldn’t easily correlate your onine activity with your identity (he will still have your ip, so in theory, they could but it would require collaboration between them and your isp). with all those points laid out, my preferred provider is mullvad.
email clients are a tricky one. the main protocol hasn’t been designed with privacy in mind, and it’s hard / impossible adding a privacy layer (as has been done with tcp/ip). the main tool we can use to achieve privacy for email is using public key encryption. the standard best suited for the task is PGP. GnuPG is an open source implementation and there exsits a few clients using it. GPG tools also provides an extension for popular clients. Proton implements it automatically on all email to other proton addresses, and let you easily share your pub key and encrypt / decrypt your mails. They also claim that all their mail on server are kept encrypted, thus you need a particular client (the proton client) to read / send mails. This is the main drawback for me, but their phone client recently got an upgrade making it more bearable.
related, is the use of single time emails. almost all services are now requiring email / phone confirmation for the creation of an account. this has become a massive frustration of mine, getting data they don’t need to provide the service. for none sensitive applications, i like to use “disposable” email addresses such as tempmail. important to keep in mind here is that it is impossible to regain access to that address and we should assume that someone else has the control of the address. that being said, perhaps it’s hard to see where this could be useful, let me share some examples; using a free wifi that needs a mail confirmation, creating an account for a coffee subscription, creating a free trial accounts, etc.
that being said, in most cases, we may want access back to our mail later (for eg resetting a password, receiving confirmations, etc.). for those cases, we still may not want to share our main adress (in fact we shouldn’t) and using “email forwarding” is a great way to do so. i personally like firefox relay 💵 (i like the mozilla foundation, and this in some sense seems to be a small way to help with funding too) but you should consider that you add a layer of trust in the email chain as well, particularly when having unecrypted channels. there are so many advantages of using such a service, and i don’t think i could ever go back to not using it. a few advantage include:
- you can block mails from a particular mask (email created with the mail realying service) - if for example, you find that this particular mask seems to have been leaked and you’re receiving too many marketing mail, you can simply turn off forwarding for that mask.
- it obfuscate your identity to a given service
- it makes it harder for services to correlate your identity between them
important to keep in mind as well, is that almost surely, by paying with a credit card
another cool project to consider is mailpile - this is only a mail client, but it works by downloading then deleting your mails from your providers servers.
🔐 password managers
online privacy is ubiqutous with online security, without the later it is impossible to imagine having the former. accorduingly, to me, it has become unimaginable to operate without a password manager. it is hard to image that humans can come up with strong passwords for as many services as we use today wihout using weak passwords. it is far easier to select and remember a single large master passwrods and algorithmithly choose passwords for every individual services. that is why passwords managers offer such an attractive product / feature.
however, as this service will essentially hold the keys to all your other accounts, you are placing a lot of trust in it. thus, it is very important to have open source software, so that experts / the commmunity can inspect the code. there are several services that could be suitable in this task. the tool that i personally use is Bitwarden. it is open source and free to use. moreover, the convenience is great and work on all the os i use.
🌍 web borwsers
i think a lot can be said about web browsers, and i will try to keep it short.
the main issue with web browsers is that they are the main entry point for tracking and surveillance. they will be the ones
responsible for the protecting your privacy when you navigate online. thus, having a browser that is highly customisable
and that allows you to control your privacy is essential. in that respect i think firefox is probably the best option.
however, it is quite cumbersome to configure and easy to get a few things wrong.
hence, i think the best option is to use a browser that is already configured for privacy. sort of comes with batteries included.
there are several options, but the one i use is brave. it is based on chromium, so it is very similar to chrome, but it has a lot of privacy features built in.
it is also open source, so you can inspect the code and make sure it is not doing anything shady.
i am not a huge fan of their bat token, but it is also very easy to disable.
(also brave includes a tor browser for free, which is a nice bonus if ever needed)
in the end, the best option will be dependant on what you want. the simple and easier option is most likely going to be
brave. if you want to have more control, firefox is the way to go.
🧰 extensions
a quick note on extensions. there are a couple ones that i use that i think are worth mentioning.
ublock origin- this is a must have. it is a blocker for ads and trackers.privacy badger- this is a tracker blocker. it is a bit more advanced than ublock origin.https everywhere- this is a must have. it will force https on all sites that support it.disable javascript- this enables you to block all js code to be exectued on your machine. it’s a bit of a nuclear option, but it can be useful in some cases. in particular, it is great to bypass paywalls (such as the ones on news websites).
🔍 bonus - search engines
using a private web browser can only get you so far if you are still using your google account and googling every search. fortunately, there are a couple alternatives to google that are much more privacy preserving. arguably, the most notable one is DuckDuckgo. it is a great search engine, based off of Bing and as been around for a while so it has aggregated quite a bit of feedback throughout the years. it is tried and truted. there has been a couple of controversies around using microsoft’s search engine in the back, most recently where their web browser didn’t block trackers from microsoft (without really noticing the users) personally, i think the search engine is still trustworthy but i am would say i’m not the biggest fan of using Bing as the search engine.
another search engine i recently started using is Brave. they have made quite some noise, and feel very tech bro(y) but the experience so far has been fantastic (note here i am only talking about the search engine).
they are using their own independently developed engine for most queries and sometimes, for low returning queries they supplement that with results from Bing or Google.
they also introduce a couple of interesting features particularly Gogles which enables you to customise the results you want to see (e.g only show results ranked > 100, don’t show results from famous websites, etc.)
)
to note, with firefox, it is easy enough to configure multiple search engine and switch between them for each queries. (you can select a default private one, but still have access to google at hand for those deep queries :) )