This guide is a complete update to include all of our privacy and security tool recommendations.
The world is changing fast and your private data is at risk. Numerous entities, both public and private, are working hard to track, monitor, and record your digital activities. There are many reasons for this:
- Advertisers (including Google and Facebook) want to know everything about you, including your web browsing history, location data, contacts, and more. This makes it easier (and more profitable) to serve you targeted ads and influence your purchases.
- In an age of pandemics and lockdowns, many governments around the world are working hard to track movement and biometric data of their citizens.
- ISPs (internet service providers) are spying on their customers and feeding this data to various government agencies. In many countries, this is not only legal, but required. See for example in the United Kingdom (with the Investigatory Powers Act), United States (Senate Joint Resolution 34), and now also in Australia (mandatory data retention).
- The internet is also becoming less free due to censorship efforts and content blocking. Whether it is China, Germany, the UK, or the United States, various groups are working hard to censor content online.
But don’t get discouraged. Alternative technologies are experiencing a renaissance as awareness about these issues grows and people seek out solutions. Indeed, for all of the problems listed above, we find excellent solutions to give you more privacy, security, and freedom in your digital life. And that is the purpose of this guide: to give you solutions. Here’s what we’ll cover in this guide:
- Secure and privacy-focused browser
- Virtual Private Network
- Ad blocker
- Password manager
- Secure and encrypted messaging
- Private search engine
- Private email
- Operating system
- Antivirus software
- Conclusion
But before we begin, one key consideration is your threat model. How much privacy and security do you need given your unique situation and the adversaries you may face?
Most people today are seeking protection against online tracking by advertising networks as well as a higher level of privacy and security. Others, such as investigative journalists working with sensitive information, would likely need an even higher level of protection. So keep this in mind as you proceed. Everyone is unique in their approach to privacy and security; there is no one-size-fits-all solution.
So here’s what you need:
1. Secure and privacy-friendly browser
Everyone needs to be using a secure and privacy-friendly browser for three important reasons:
- Browsers have a large attack surface and can be compromised in many ways.
- By default, most browsers contain lots of private information, including your browsing history, usernames, passwords, and autofill information, such as your name, address, etc.
- Browsers can reveal lots of identifying information about your location, system settings, hardware, and much more to third parties.
Secure Browsers: Based on my own tests and experience, here are the most secure browsers that also respect your privacy:
- Firefox (modified) – Firefox is a great browser for both privacy and security after doing some modifications. It is highly customizable to give you the level of security and privacy you desire, while also being compatible with many browser extensions. See my guide on how to modify Firefox for more privacy.
- Iridium – Iridium is a Chromium-based browser configured for privacy, with the source code published on Github. It might be a good option if you need a Chromium browser (don’t use Chrome).
- Brave – Brave is a chromium-based browser that is very privacy-focused right out of the box, unlike Firefox, which requires some customization. By default, it will block ads and trackers, and it’s also customizable, fast, and has built-in protection against browser fingerprinting.
- Gnu IceCat – GNU IceCat is another fork of Firefox, created by the people at the GNU free software project. IceCat meets the definition of “free software” and it also includes some privacy add-ons and tweaks by default.
- Tor browser – The Tor browser is hardened version of Firefox that also utilizes the Tor network by default (but this can be disabled).
- Ungoogled Chromium – As the name suggests, Ungoogled Chromium is a stripped-down Chromium browser that has been “Ungoogled” for more privacy. Source code is here.
- Bromite – Bromite is a Chromium-based browser for Android platforms only (no support for desktops). It is a great mobile browser with ad blocking and built-in privacy protections.
Of course, there are many browsers on the market and choosing the best one all comes down to your own needs and tastes. Chrome, Opera, Safari, and Vivaldi also get some attention, but they’re not the best choices from a privacy standpoint.
Browser add-ons worth considering – As discussed in the Firefox privacy guide, here are a few good browser add-ons that you may want to consider using:
- uBlock Origin – A powerful blocker for advertisements and tracking.
- HTTPS Everywhere – This forces an HTTPS connection with the sites you visit.
- Cookie AutoDelete – Deletes those unwanted tracking cookies.
- uMatrix – While this may be overkill for many users, this powerful add-on gives you control over requests that may be tracking you on various websites.
- NoScript – This is a script blocker that allows you to control which scripts run on the sites you visit.
Worth mentioning: Don’t use a browser-based password manager, which will store your usernames and passwords in plaintext, thereby leaving them vulnerable to exploitation (discussed more below).
2. Virtual Private Network (VPN)
Using a good VPN (virtual private network) is one of the simplest and most effective ways to protect your privacy, secure your devices, and also access blocked content online. A VPN is a critical tool to be using, especially with internet service providers spying on their users.
Here are some of the problems that VPNs solve:
- ISP Spying – A VPN will encrypt and anonymize your internet connection. This makes your traffic completely unreadable to your ISP and other third parties.
- Blocked content – A VPN will let you easily get around blocked content and censorship. Simply connect to a VPN server in the region you need and access the website or stream as normal.
- IP and location tracking – Many websites and advertisers track users through their IP address. With a VPN, your IP address and location will be replaced by the VPN server’s IP address and location.
- Copyright issues – Torrenting and streaming media from third-party sources can come with some risk in the form of copyright issues. A VPN will anonymize your IP address and help keep you safe.
I have tested all of the popular VPN services and the results can really vary. Below the the top 3 best VPN services for 2021:
$3.71
[68% discount]
(30 day refund)
Review
(NordVPN)
$2.49
[81% discount]
(30 day refund)
Review
(Surfshark)
$6.67
[3 Months Free]
(30 day refund)
Review
(ExpressVPN)
Above are the top three VPNs that performed well in testing for the respective reviews. We have other recommendations and providers in our guide on the best VPNs for 2021.
And if you are new to VPNs, we have a general VPN overview here, which covers all the important details.
3. Advertisement, tracker, and malware blocker
A good ad blocker is essential for privacy and security reasons. From a privacy perspective, it’s important to block ads because they also function as tracking by recording your online activity to create an intimate user profile. This data is then used for targeted ads and/or sold to other parties.
Ads are also risky from a security perspective because they can contain malicious code that can infect your device when a web page loads – no clicks required.
Effectively blocking all ads is the only way to go. Here are a few different options from our guide on the best ad blockers:
- Browser ad blocker extensions – Browser-based ad blocker extensions, such as uBlock Origin are quite popular, but they also come with some tradeoffs. Online ads may still be using up resources and tracking you, even if the ads are not being displayed. Choose your ad blocker carefully – some ad blockers, such as Ghostery and Adblock Plus will collect user data for profit and/or show you “approved” ads.
- Ad blocker apps – A dedicated app will most likely do a very good job blocking ads on your device. One popular and well-regarded option is AdGuard.
- VPN ad blocker – Another option is to use a VPN that offers an ad blocking feature (VPN ad blocker). I tested various options for the VPN ad blocker guide and found most to work well.
- Ad blocking on a router – Ad blocking on a router can be accomplished various ways – from using ad blocking DNS to loading custom filter lists onto your router.
- Pi-hole – Pi-hole is a network-wide ad blocker that functions as a DNS server and can be deployed in various ways. It is most often used on a Raspberry Pi, connected to your home router (but there are many other different setup options).
The best ad blocking setup will depend on your situation and needs. If you have numerous devices you use at home, setting up a network-wide ad blocker would be a good solution for blanket protection. uBlock Origin remains a popular option for browser-based ad blockers. I like NordVPN with the CyberSec feature.
4. Password manager
The topic of passwords is actually quite large, encompassing password strength, password management, and password storage. In this section we’ll focus on password management and storage. Many people store passwords directly in the web browser — but this can be risky.
A more secure method is to use a dedicated password manager app. And note that a dedicated password manager can also offer browser extensions that are convenient and secure. Here’s a screenshot of Bitwarden, which is one of our favorites:
Here are the best password managers we have tested:
- Bitwarden – A free and open source password manager that is user-friendly and secure. (See our Bitwarden review.)
- NordPass – From the makers of NordVPN and NordLocker, NordPass is a secure, user-friendly password manager that has also passed a third-party audit. (See the NordPass review here.)
- 1Password – Another great option is 1Password, with many features and strong security standards for all types of devices (our 1Password review has more info).
- KeePassXC – As a locally-hosted password solution, KeePassXC differs from the others on our list. See the pros and cons of this password manager in our KeePass review.
Start using a good password manager today.
5. Secure and encrypted messaging apps
Many people are turning to secure and encrypted messaging apps over concerns with privacy and security of other popular messengers. For example, WhatsApp collects and shares data from your phone with Facebook, the parent company of WhatsApp. If you find this concerning (and you should), then consider some of the secure alternatives below.
Lastly, with the inherent limitations of email, we recommend a secure messaging app for those wanting the most secure messaging platform possible. The secure messaging apps below utilize strong encryption standards and work well for teams or individual use on various operating systems and devices.
- Signal – This is probably the most popular secure messenger with a rapidly-growing user base. It is free, open source, and very secure. We really liked how it performed in our Signal review — but also noted some drawbacks, such as the need to use your phone number for verification.
- Wickr Me – This is another great option for secure messaging, with some unique privacy and security features. Like Signal, Wickr Me is also free. See our Wickr Me review for the good and bad.
- Wire – Based in Switzerland, Wire is another great option that is secure, user-friendly, and fully featured. While there is a free version for personal use, it is hard to find, as described in our Wire messenger review.
- Threema – This is one of the few paid encrypted messengers, but it’s only $2.99 for a lifetime license. Threema is also based in Switzerland and is open source. See our Threema review here.
- Telegram – Telegram is a very popular encrypted messaging app out of Russia, but it also is not encrypted by default. See the pros and cons in our Telegram review.
With all of the people abandoning WhatsApp and going over to Signal, there’s a better chance to connect with people you know on a secure platform. This trend kicked off in early 2021 and we hope to see it continue!
Note: Also keep in mind that standard SMS text messages are not secure or private. They can be read by your phone service provider and are susceptible to man-in-the-middle attacks and also eavesdropping by Stingray devices. When privacy matters, use a good secure messaging app.
6. Private search engine
The big search engines (Google, Yahoo, Bing) record and track your searches, which helps them to build a user profile for their advertising partners.
Consider these privacy-friendly search engines instead:
- MetaGer – An open source metasearch engine with good features, based in Germany.
- SwissCows – A zero-tracking private search engine based in Switzerland, hosted on secure Swiss infrastructure.
- Searx – A privacy-friendly and versatile metasearch engine that’s also open source.
- Qwant – A private search engine based in France.
- DuckDuckGo – A private search engine based in the US.
- Mojeek – The only true search engine (rather than metasearch engine) that has its own crawler and index (based in the UK).
- YaCy – A decentralized, open source, peer-to-peer search engine.
- Givero – Based in Denmark, Givero offers more privacy than Google and combines search with charitable donations.
There are also a few “private search engines” that are now owned by advertising companies. For example, Startpage was bought out by System1, a pay-per-click ad company. For more information, see our guide on private search engines.
7. Private email
Many of the popular email providers, such as Gmail, Yahoo, and iCloud are not good choices when it comes to privacy. Would you want random people having full access to your emails, collecting data for targeted ads, or passing the information on to third parties? This actually happens.
- Gmail gives third parties full access to emails and also tracks all of your purchases by reading the receipts in your inbox.
- Advertisers are allowed to scan Yahoo and AOL accounts to “identify and segment potential customers by picking up on contextual buying signals, and past purchases.”
- Yahoo was found to be scanning emails in real-time for US surveillance agencies.
If you care about privacy and the security of your data, consider these secure email services:
Email Service
Storage
Price/mo.
Website
Up to 20 GB
€4.00
(Free to 500 MB)
Up to 20 GB
€2.50
(Free to 500 MB)
20 GB+
€1.00
(Free to 1 GB)
50 GB+
€1.00
Up to 20 GB
€1.00
Up to 25 GB
$1.66
4 GB+
$4.00
(Free 1 week trial)
Up to 50 GB
$6.00
2 GB+
€4.41
Up to 20 GB
$5.00
25 GB
€3.25
Up to 100 GB
$2.95
Note: We also have a guide on encrypting email.
8. Operating system
Consider using the free and open source Linux operating system. There are many different versions of the Linux operating system designed for different types of users:
- If you want the look and feel of Mac OS or Windows, check out Elementary OS.
- Ubuntu, Mint, and Debian are other popular options.
Tails is another privacy-focused operating system that can be run live on a USB drive, CD, or SD card.
Problems with Windows and Mac OS
Windows – The latest version of Windows (Windows 10) is a platform built for total surveillance – giving corporations and governments complete access to everything you do on your machine. Aside from data collection concerns, most malware targets Windows users – another serious drawback and security risk.
Mac OS – While Apple may be slightly better in terms of privacy, it too has problems. Just like Microsoft, Apple has configured its operating systems to collect vast amounts of your private data, whether it is browsing history through Safari, connection data, location services, and more.
9. Antivirus software
While not necessarily a “privacy” tool, using good antivirus software may be wise depending on your situation. The problem, however, is that many antivirus solutions abuse your privacy and may come with some invasive and “unwanted” additions.
Just like with sketchy free VPN services, free antivirus software can also be problematic. In testing eight popular free antivirus suites, Emsisoft discovered that seven of them were bundled with PUPs (potentially unwanted programs), which can be harmful and very annoying. Tip: avoid free antivirus software!
Another major issue is privacy. Many popular antivirus suites utilize invasive data collection, to include browsing history, “suspicious” files, metadata, and more. Carefully read through the privacy policy of your antivirus before installing.
Although Restore Privacy does not devote much attention to antivirus software, one solution that offers the highest levels of security while also respecting user privacy is Emsisoft. Another potentially good option, which is entirely FOSS, is Clam AV.
See also the antivirus privacy guide.
Conclusion: Restore your privacy in 2021
That’s all for now, although this guide will continue to be updated with more privacy tools and information.
Comments?
If you have any feedback, tips, or suggestions based on privacy and security tools you are using, feel free to drop a comment below!
Hello Sven
THIS IS THE BEST PLACE TO MENTION THIS.
With your sites categories good in coverage I’d like to see two more added here under your privacy tools page information.
*Secure Payment
*Network
Something like my alphabetical list sums up the page for privacy tools.
Privacy Tools Categories:
Ad Blocker
Antivirus software
[*Network] = ?
Operating system
Password Manager
Private Browser
Private Email
Private Search Engine
Secure messaging app
[*Secure Payment] = ?
Virtual Private Network (VPN)
Secure Payments practical part, is it separates your digital payment information (card(s) number – security code) from the seller having direct access to it. Never mind having to know with a needed research of the selling site’s policies, in how long they could retain that specific payment data.
Secure Payments security part, would have included verifying your linked cards and/or bank account’s added as payment methods from within your SP account. Which also verifies your mailing address for shipping when using SP as the payment method.
Secure Payments served by a middle grounds source, as a payment link to giving your card details some anonymity over the seller having it in the payment process, and it is not intended for an anonymous use to hide self individuality.
A seller still gets your full personal information for the sell to complete and/or to contact you about anything related to it.
EX: name and address, contacts of email, cell #
[Even if you would have an account on the sellers site, all online site sales require the same basic information from you at check out – name and address, payment details, contacts of email, cell # ]
Network – is where we can understand and learn as well discuss ways to help guard if not secure our privacy and security over the device networks.
Network topology is the arrangement of the elements (links, nodes, etc.) of a communication network.
Network topology as to define or describe the arrangement of various types of telecommunication networks. It’s the computer networks we should focus.
https://en.wikipedia.org/wiki/Network_topology
In computer networks, computing devices exchange data with each other using connections (data links) between nodes. These data links are established over cable media such as twisted pair or fiber-optic cables, and wireless media such as Wi-Fi.
Topological structure of a network and may be depicted physically or logically.
Physical topology is the placement of the various components of a network (e.g., device location and cable installation), while logical topology illustrates how data flows within a network.
Computer networks support an enormous number of applications and services such as access to the World Wide Web, digital video, digital audio, shared use of application and storage servers, printers, and fax machines, and use of email and instant messaging applications as well as many others. Computer networks differ in the transmission medium used to carry their signals, bandwidth, communications protocols to organize network traffic, the network’s size, topology, traffic control mechanism and organizational intent. The best-known computer network is the Internet.
https://en.wikipedia.org/wiki/Computer_network
Thanks Sven
Great suggestions, HardSell. I’m going to work on this. Thanks for the feedback!
That sounds great Sven, for your privacy tools page to get it’s due attention(s) as we slip into 2020 forevermore. That is as welcoming as the new reviews, and sometimes the (drop everything) topics we’ve gotten this year.
Possibly, Sir please do include a piece on ‘Threat Model – Threat Mode” as for anyone ‘not having’ realized one for themselves.
Still yet – lost then, and whoever’s left to be surely wondering what to do in understanding the ways – one can set up their ends as productively from their devices face side (in it’s settings/programs) relating in a stronger privacy state to all their data going through it.
We see of the many things and fields covered on your RP site – it’s spoken similarity, [ everyone’s “will be different” ] pertains especially to a threat model/mode they have.
And for each user having a set of applied specifics in their own needs by the degree of an alarmed state they feel a call to answer.
By itemizing of the top important areas and down ladder, as where they should show interests and in giving their attentions to and may have need in spending some money as fortifying. They could go from an abstract view as it appears to most of us, to a knowledgeable image of an 3-D perspective in threats seen – to knowledge as applied of their own base as bottom line in model / mode as to protecting against.
I think if we were to imagine a pie or pizza (if preferred), and cut one piece in (that’s always there) for establishing a base starting point where everyone’s privacy is in need of direction, and then in fashioned course to gaining much of it back just by visiting and reading your site.
– Call that first slice by the name of personal privacy, concerning it’s for all as the -first tier Threat Mode- where everyone’s in it, however they uses or tap into any part of the internet’s stream today.
I mean this,, as needing done before spending any money, (don’t crank-up the furnace with the house wide opened), in where they had locked down their devices. Which means the OS, apps and their own web practices – all being understood as related in their own personal privacy’s loss.
There’s always more ways to look at, understand, practice, implement of the different areas involved here from any web users requisites or perspective. Though, we need a start and finish point in basics.
It’s my point that Sven brings forth the most common areas overall for the novice, that no matter to what the make, model of the device is …. ‘common’ traits do carry across them all. It’s those commons factors in all modern devices that link us to the first threat model / mode.
The Threat Mode/Model as the #1 spot would be just from their devices side in it’s standpoint or placement of the chain – which is where they can actually help themselves without a dime to invest.
If they understood how.
By ensuring OS receive updates, choosing to harden OS-Firewall settings, run less browser extensions, understand terms of TLS, DNS, etc, etc…
I don’t see that you Sven, personally should be going into each device here but, conduit in the links of info could be offered for your readers.
You might even devote a page to readers contributions for a specific Operating System and it’s platform, to where you’d not need as much research to bring the readers posted facts into the devices body of the article’s knowledge.
I’m going on the bases in my knowledge where Win 7 to Win 10 share much still in the dark undersides of their separate operating systems.
You could try with a page for Windows (platform) of nothing more than a sub-list as to where the areas are the OS and default programs needs the proper attention for users privacy.
All my own ideals – yes it’s more work for you Sven our privacy advocate, but nothing on the web comes close to being like it – I’ve ever seen.
Thank you Advocacy King of the lost privacy hearts.
Anyone
http://web.simmons.edu/~chen/nit/NIT'96/96-025-Britz.html
“Privacy is an important right because it is a necessary condition for other rights such as freedom and personal autonomy. There is thus a relationship between privacy, freedom and human dignity. Respecting a person’s privacy is to acknowledge such a person’s right to freedom and to recognize that individual as an autonomous human being.”
Thank you for the feedback and idea, HardSell. Another great suggestion.
What about the messaging app Wickr? It seems pretty secure.
Sven, I see you still recommend Wire messenger, even though they are sold to an advertising company, a case similar to StartPage. Do you still consider Wire safe?
This is wrong. Wire is a Swiss GmbH, Untermüli 9, CH-6300 Zug (“Wire”). Wire does not rent or sell your data to third parties. Moreover, the service jurisdiction is still based in Swiss and the servers are still based in UE (out of 14 eyes).
Wire blog:
In connection with the financing, our holding company moved from Luxembourg to the U.S., as we believe this will be helpful in future fundraising necessary to support our strong growth. Notwithstanding the foregoing, our current and future customers are licensed and serviced from Wire Switzerland, our software development team remains in Berlin, Germany, and our hosting is European-based. Our enterprise customers can deploy their own instance of Wire in their own data center.
Wire jurisdiction is Swiss and servers are based in EU.
Accepting outside financing does not change the legal jurisdiction of a Swiss company, operating in Switzerland.
Wire is still a better option than Signal which completely (100%) is owned and operated by a US entity, which also requires one to register a phone number, whereas you can use a burner email to use Wire.
See this brother: https://blog.privacytools.io/delisting-wire/
The Brazilian company Privacy Tools (www.privacytools.com.br) also offers privacy services
Hi Privacy Manager,
The Restore Privacy site mostly deals with anyone’s personal online privacy.
The mentioned, wouldn’t be useful to family, single users outside of a CO.’s structure.
https://translate.google.com/translate?sl=auto&tl=en&u=https%3A%2F%2Fwww.privacytools.com.br%2F
AS- “We are a Privacy Tech, a privacy management platform.
Privacy Tools is the right platform for your company to comply with LGPD – GDPR – CCPA personal data protection.”
Thanks anyways ; )
Hi All,
So as we find ourselves living in tall shadows of a digital revolution age bearing from 1950’s to 1970’s era of modernization, which in turn has introduced us to an inherent evil called “privacy economics”.
– Leveraging on Data mining in the trappable, retention, and trading of your personal data having you profiled with about 1500 pieces of information and digitally preserved to live longer than YOU from all the sources you’ve generated any data.
.
Internets exposure today has increasingly deemed a nakedness in our privacy it affords ourselves in that we now prefer to cover and shield than be caught naked in the raw using it.
Beings it’s at 2020 door causes now a pressing question of should I self-secure in shutting down of whatever I can control being exposed from my side as countermeasures.
.
Then as the Fourth Amendment protects people, not places.
What a person knowingly exposes to the public, even in his own home or office, is not a subject of Fourth Amendment’s protection…
To what if any protections are placed on this material and the information derived from what merit in purpose-intent-plan in objectives first to generate individual profiles and then with keeping it updated as we live our life.
https://www.nytimes.com/2012/06/17/technology/acxiom-the-quiet-giant-of-consumer-database-marketing.html
In the digital world, information can be captured, copied, shared, and transferred at high fidelity and retained indefinitely.
Regulation attempts have failed https://en.wikipedia.org/wiki/Information_broker
.
A wide range of companies known as ‘data brokers’ collect and maintain data on hundreds of millions of consumers, which they analyze, package, and sell generally without any consumer permission or input to do so.”
https://en.wikipedia.org/wiki/Information_broker
.
Data and Metadata, in the course of ordinary web activities have users emit lots of “digital exhaust,” or trace data, that leaves behind more fragmentary bits of information.
Such as the geographical coor-dinates of a cell phone transmission or an IP address in a server log to name as two providing personal data generated, recorded, and retained.
Then advent of more powerful analytics, which can discern quite a bit from even small and disconnected pieces of data, raises the possibility that data gathered and held by third parties can be amalgamated and analyzed in ways that reveal even more information about an individuals life.
.
Data brokers collect a huge volume of detailed information on hundreds of millions of consumers.
Data brokers sell products that identify financially vulnerable consumers.
Data broker products provide information about consumer offline behavior to tailor online outreach by marketers.
Data brokers operate behind a veil of secrecy.
.
Considering as in your own defensive privacy stance then, should it’s scale depend on the Nut to shell ratio, as today the nuts size to your PRIVACY loss aspect has grown very big…
Maybe something scaled down to start you’d prefer, I just say anything (done rightly so) is better than nothing, and all you do now is not enough for the future.
You must diligently stay on top of your privacy’s loss.
.
Where to start ?
Read this to understand in that perspective where you could control easily as habits-
https://translate.google.com/translate?sl=auto&tl=en&u=https%3A%2F%2Fprivacyrights.org%2Fresources%2Fguia-basica-de-proteccion-la-privacidad-como-tomar-control-de-su-informacion-personal
.
And this perception to see how the future invents new hazards to us-
“Session replay scripts” can be used to log (and then playback) everything you typed or clicked on a website.
https://www.vice.com/en_us/article/59yexk/princeton-study-session-replay-scripts-tracking-you
.
Having significance in a meaningful purpose to your end results would entail partly to your apprehending in the knowledge mindfully as well of your perceptual understanding in how the web works.
Growing of your abilities to locate the data giving multi-surface (facets like a gemstone) areas that are in need to defend against in where the personal privacy factor fragments and yours is lost.
Then with that acquired knowledge to understanding what it is exactly that your up against or must fend from. (Hope to add Part # to explain)
.
For the most part advice what as has helped in knowing what kind of protections and practices I should use as helping me guard against or defending off from my privacy’s loss as I go online.
As I’m a simple man bear with, so only as I can understand the big picture from this minds perspective, I’ll try to help advise other readers gain their knowledge.
(Some people may see and understand a more complete picture than I, so please do share with us then – as mines just a base point in understanding).
– I will be adding more related details to this comment as Parts # in reply or with new comments parts # if reply box is acting wrong.
PART #1 , Thanks all
Thanks Hard Sell.
Hey all battery operated smart device owners,
Anybody herd of Juice Jacking, it’s a type of cyber attack involving a charging port that doubles as a data connection, typically over USB. This often involves either installing malware or surreptitiously copying sensitive data from a smart phone, tablet, or other computer device.
https://en.wikipedia.org/wiki/Juice_jacking
.
*Be on guard during the shopping/traveling holiday season.
As USB public charging stations are becoming more common, popping up in airports and shopping malls, as well down the line to where a public wifi connection is being offered for patronage or free – there might be a charging cube/kiosk available.
– The scam works similar to skimmers found at ATMs and gas pumps.
– When someone loads malware into the charging stations or one of the cables, thus, infecting the device charging.
– In as little as one minute, a virus can be transferred to unsuspecting users devices. Then, the virus begins exporting sensitive data and passwords directly to the scammers.
.
Here’s how the scam works:
A computer is concealed within the charging kiosk or on cables left plugged in that are programmed to automatically pair with smartphones when they are plugged in. The rogue computer can then freely access all the information stored on electronic devices, from passwords to emails, to address books to photos to text messages. It can even do a full backup of your phone, all of which can be accessed wirelessly by the crooks.
.
Another concept closely related, Dubbed “video jacking” by its masterminds, the attack uses custom electronics hidden inside what appears to be a USB charging station. As soon as you connect a vulnerable phone to the appropriate USB charging cord, the spy machine splits the phone’s video display and records a video of everything you tap, type or view on it as long as it’s plugged in — including PINs, passwords, account numbers, emails, texts, pictures and videos.
.
Juice/Video jacking is not possible if a device is charged via the AC adapter shipped with the device, a battery backup device, or by utilizing a USB cable with only power wires and no data wires present.
– – I’m wondering when this makes it to the car charges for electric cars.
As an bad example (I can’t think of another), a thief breaks into your locked car in your driveway, gets your garage opener and opens the garage, thief now has access to your home and you gone.
RELATE – then to a public car charging station that you’ve put your car to charge from, your car is also now port charging your phone to, all while your gone doing whatever.
Or say a mechanic plants malware in your cars computer system !
So be careful with all smart devices… Please
Hi M.D,
I’m with you in a concerned watch – “seems like privacy-oriented companies are being bought left and right lately.” It’s true but why?
It’s not just of lately, but of near the past years too.
https://restoreprivacy.com/antivirus-privacy/#comment-35948
–
I’d not only see the “US as a Five Eyes jurisdiction”, but like the king pin at the core of all the eye’s nations unified, as the (spider tending it’s web) if you will.
– That reach in (web data), can be extended by way of the United States Mutual Legal Assistance Treaties and Agreements.
https://restoreprivacy.com/5-eyes-9-eyes-14-eyes/#comment-58133
* Where most every nation outside of the 5, 9 and 14 eye’s abide by cooperation’s to the US king pin in these MLATs deals.
@That blurs things a great deal when the nations (outside the 14 eyes) and that already have good privacy laws in place – having agreed to these MLATs. Wouldn’t you agree?
So as I said in the link on MLATs, “a jurisdictions to privacy provisions (it’s laws) may have less importance than I would of guessed” !
–
{Remembering – TOR , “was developed in the mid-1990s by United States Naval Research Laboratory employees, with the purpose of protecting U.S. intelligence communications online.} It was years later (2002) the alpha version released and the first public release occurred a year later still.
https://en.wikipedia.org/wiki/Tor_(anonymity_network)#History
–
The Grid:
– – As an example to the “spider tending it’s web for web data” (the grid)
Seeing the highways and interstate’s road systems in the US going from top to bottom and across the nation, as only one web system.
– – – At some early point in the nations frontiers advancement, as the least path of resistance going from point A to point B – routes were established.
Then the roadways paved on over these frontier routes for the nations road system.
My POINT being, as the internet routes nations together on the grid – your studied for any data, for there is not another route to use other than the spider’s web or grid – that exists either as centralized or decentralized.
***We may catch word today – but it’s done developed into a spying purpose –
as I feel it was intended…
I wished it wasn’t this way as a pipe line into our lives.
Thanks for bringing this up…
Hello once again Sven, seems like privacy-oriented companies are being bought left and right lately. Wire (end-to-end encrypted chat service) has been bought by an US entity (essentially moving Wire into Five Eyes / US jurisdiction):
(Blog post from wire.com): https://wire.com/en/blog/wire_business_update/
(r/privacy reddit post): https://old.reddit.com/r/privacy/comments/dvry9f/wire_holding_company_moved_from_luxembourg_to_the/
This is quite concerning, considering that US is a Five Eyes jurisdiction, which severely lacks privacy laws alongside with (now possible) subpoenas directly from US court. However, that is not as concerning as the fact that the company behind Wire has not been open about the acquisition, and *only spoke up once people started questioning them*. Now the question is – is it still safe to use? Should people seek for an alternative? Or does this acquisition means nothing, as other secure end-to-end encrypted chatting methods exist (such as Keybase and Signal), who are also based within US jurisdiction? I would really like to hear your thoughts on this, and you should probably update this article with more up-to-date information about the jurisdiction of Wire.
I’m looking into this.
Hi M.D
I see an answer is give by Sven – that’s related ?
https://restoreprivacy.com/privacy-tools/#comment-61222
I’ll admit that the fog and haze given off of all these companies to users privacy is unreal in today’s knowledge age era. Facts to immediate inform their users never takes president, are revealed months later and/or if at all.
A tree’s view in structure of top down CO.’s entities should be given for any company operating where it’s based on users privacy intents of protection.
Hope you noticed that startpage is bought by the ad-company system1.
Yes, I saw that and will revise the article accordingly with the next update.
I’m new to VPNs and need help to understand how I can overhaul all of my devices connected to the internet that are not private at this moment. If I subscribe to ExpressVPN for 15 months, can you please clarify the steps to take back my privacy? For example, I already have 2 existing gmail accounts linked to my home IP, which I also access on my iphone. Of course my Gmail and YouTube are linked, so Google has tons of information on me about my viewing preferences, etc. I want to make this more private. I read I need to clear all of my cookies and then if I subscribe to ExpressVPN, do I have to also create a totally new Google identity through which I will now surf the web and watch online content on YouTube so that Google isn’t sharing my proverbial data file with the highest bidder? I’m assuming that even if I clear my cookies and subscribe to ExpressVPN, if I login to sites using my login/password, then the servers will know who I am and see that I am merely using a private IP, right? Can you clarify for me also that if I have ExpressVPN and am mobile, like at the gym where I typically use their wifi since I don’t have an unlimited plan (and I want to stream videos), does my ExpressVPN service carry over? I assume not, since I assume it’s through your own internet connection…Thus, does using ExpressVPN mean that you also have to buy unlimited data on your phone so that when you are mobile you can access ExpressVPN and not be using unsecure wifi connections? For payment, I don’t use bitcoin, so what is the next more private way to pay ExpressVPN? I prefer using credit cards, but, in this case, I don’t want it on them….I have Paypal….What do you all recommend for the next best thing to bitcoin for keeping payment to ExpressVPN private? Thanks for any help!
A VPN will work with any internet connection. You connect to the VPN server and encrypt your traffic through the internet connection, regardless of where you are at. There are no bandwidth limits with ExpressVPN (unlimited data transfer).
Yes, it would be good to create a new secure email account to replace Gmail. There are free options as well as cheaper options.
If you need a Gmail account to log in to YouTube or other google services, you could create a new one that is basically a dummy account that you don’t do anything with and is not connected to your previous accounts or identity. Once you transfer over everything in Gmail to your new email provider (such as Mailfence) then you can delete your old Gmail account.
I wouldn’t worry about private payments so much. Owning a VPN is not illegal and VPNs are becoming mainstream for privacy and security. And don’t get overwhelmed. Just go step by step on your own time frame.
Thanks for the fast response, Sven! I am looking at Mailfence. Do they have the functionality to transfer all pre-existing emails from another account? Is that an easy process? I used the gmail account for a almost a decade and have 50,000 business related emails I need to keep as records…I don’t want them to be deleted in a transfer. I assume that when you transfer emails from an account it just sends a copy and leaves a set, too? It would be a disaster if they were erased….
Also, I noticed in the past that when I went to delete my cookies on my Macbook Pro, it often said there were a core group that could not be deleted…I vaguely recall them being linked to corporations….Would I need to get an entirely new laptop and start with Express VPN and tighter security controls to prevent that from happening again? I saw you recommended an app called something like Cookie Delete that continuously deletes your cookies, but then at least one person commented that it logs you out of your email each time….that would get annoying….if I use Mailfence, for example, I want to be able to leave the browser open and not have it log out at home….Is that possible when using a VPN? Or do you always have to establish a connection with the VPN each time you want to see your new email on Mailfence?
Thanks!
Hi Kate,
GOOD overview of what you’ve envisioned needing done because of ?
The ? = ISP your subscribed at sourcing the internet to you…
Which ? = your IP address as well to an electric identity on you.
– Liken to your street address used to find your location, your IP address is need to go online – so it’s you that identified or can easily be as the things are setup this way.
A VPN in this link is always good but not really the magic bullet needed alone. A VPN alone can’t pull it all off, but think about an encrypted tunnel now that everything of your devices system passes through where you’ve installed the VPN Client(s) and their set active (at system start ups).
–
As in using a VPN, your moving your trust, speed, viewable web data from an ISP you’ve paid for over to the encrypted VPN service.
The ISP no longer can easily intercept, snoop and view your data.
– You’ll still use the ISP to connect to the internet.
A VPN is not a replacement for it. But, instead of the ISP communicating directly with a web page, the ISP now talks to the VPN server that talks to the web page through the encrypted tunnel. *It’s the VPN server that connects to the website you wish to reach.
The achieved key point now is the connection between your device and the VPN server is encrypted in what’s called a VPN Tunnel.
–
The ISP can still intercept the data, but that data is no longer viewable to it. In other words, the ISP is aware you’re sending and receiving things but has absolutely no way of knowing what those things are.
That is till a dropout occurs in the VPN service at anytime.
The moment a VPN connection drops, the encrypted VPN Tunnel is lost, and the ISP can once again view and analyze anything of your transmitted data.
Good paid for VPN’s have a KILL SWITCH for this purpose and then likely will handle all you DNS requests on their ends as well.
–
Pay for a VPN please to get-
1. More privacy.
Your connections cannot be linked to your computer…and you. You can visit any website and your ISP doesn’t know where you’ve been.
2. More security.
VPN connections are super encryption secure. The network is hack proof and all of your Internet activity is encrypted (coded) and unreadable in transit.
3. More website access.
No more blocks or censorship. Whoever can’t now prevent you from getting to websites based an your IP address location.
4.More anonymity.
Your true IP address is hidden! You’re unidentifiable online because you can constantly be using a different IP address, never your ISP assigned one.
In fact, it typically looks as if you’re in a different part of the world from wherever you really are if you choose to be.
I JUST USE A CLOSE-(ER) STATE SO SPEEDS ARE ALWAYS GOOD.
Hope this is informative help : )
https://restoreprivacy.com/vpn/
https://restoreprivacy.com/vpn/best/
https://restoreprivacy.com/vpn/reviews/
https://restoreprivacy.com/vpn/coupons-discounts-deals/
Thanks for the clarification, HardSell. I was in Europe a lot last year and noticed that when I tried to access a lot of US websites I normally use, I was blocked purely for being in the EU. It surprised me since many sites are common retail sites like William Sonoma. I guess their logic is that they don’t want competitors in Europe copying their products, even though they manufacture a lot of them in Europe? My question for using something like ExpressVPN is will I get blocked from sites? Years ago, I used Tor a lot, and it always blocked me from using mainstream sites, stating I was using a banned IP…..I then stopped using Tor because I read it was government run anyway, so nothing was private anymore…..With ExpressVPN, will the IPs be banned by any websites, or will they be ok?
> My question for using something like ExpressVPN is will I get blocked from sites?
No, just connect to an ExpressVPN server in the US and you’re good to go.
> With ExpressVPN, will the IPs be banned by any websites, or will they be ok?
This does sometimes happen with lower-tier VPNs, but it should not be an issue with ExpressVPN as they have a huge selection of IPs that they ensure are working well with different sites, including Netflix and other streaming sites (that normally block VPNs).
@Kate,
Sven would know more than I, but it’s time to get off the fence and start your journey – agree.
Experience it – learning in small steps, in goal of designing a tailored path as addressing the needs required by yourself – platform – profession – offerings avail. – all with regards in your threat model protections sought.
*(overkill usually means overpriced – if interested take a smaller piece first and adjust in – as your knowledge becomes learnt)
–
Make a ‘Draft’ for an OUTLINE to use of your starting point and end goal. [tree is a good example image, you trunk – branches and limbs not hidden as being exposed on web – root system hidden from being exposed on the web]
Scroll to bottom of this page/all RP pages, for “Simple Privacy Setup” – as 7 key ingredients / fields to include.
– When you take a privacy/security stance and want a path defined it’s yours only – your song that no one else sings like you do. The ingredients and measures are but your own recipes creation. Get my drift – one size, unisex fit meanings won’t work for anything threat specific to and in your own privacy quest but possibly a mere vague guide. Research / read reviews / GOOD LUCK
Best
@Blocked because of IP – VPN change to any server in that region should work.
Hi Sven.
I’m wondering why you mention “Worth mentioning: Don’t use a browser-based password manager, which will store your usernames and passwords in plaintext, thereby leaving them vulnerable to exploitation (discussed more below).”
Later on you mention KeePass and LessPass, which both have a browser extension.
Or do you mean those built-in password managers that remember logins?
And I’d also like to know your thoughts on a PW Manager as LastPass?
I’ve been using it for a while and like it, but is there a specific reason why it’s not on your list?
I find it very easy to use as I use it both in my home as well as on work and mobile without having to remember a “key file” etc. to login as with KeePass :-).
I hope to see your reponse.
I mean don’t store your passwords into the browser itself, such as Firefox or Chrome remembering your passwords. Password manager browser extensions are fine. I like Bitwarden but haven’t tested many other options, such as LastPass, but it also looks good.
Hi Sven Taylor,
Thank you for this article. I always find the information you provide to be very enlightening and helpful.
I was wondering if you have any suggestions for a privacy-conscious calling app for Android that would serve as a secondary phone number so i would not need to give out my real phone number.
I came across an app a few months ago but unfortunately i flashed my phone and i did not have a backup of that app and of course I can’t recall what it was called.
That app allowed me to choose a phone number starting with area codes f my choosing and it allowed me to make and receive both phone calls and text messages just like a normal phone number. The first 30 days were for free but then you would have to pay for a subscription which was not expensive.
I would appreciate it if you can suggest an app that does the same.
Thanks
Hi Oleg, you might check out Line2, which I’ve used and it works well. Other options include VOIP.ms and also OpenPhone. For privacy, you can also use a fictitious name and pay with a virtual card through privacy.com, which allows you to use a fictitious name and address.
Hey Oleg – You should check out LinkedPhone as well. [https://linkedphone.com] It’s a great service. Designed specifically for small business owners – not sure if that’s what you were looking for.
Hey all !
A Worldwide Survey of Encryption Products (yes from 2016), but it’s something I’v not seen altogether broken down by country and OS amongst other categories.
You seen ???
“In 1999, a group of researchers from George Washington University attempted to survey the worldwide market for encryption products [HB+99]. The impetus for their survey was the ongoing debate about US encryption export controls.
By collecting information about 805 hardware and software encryption products from 35 countries outside the US, the researchers showed that restricting the export of encryption products did nothing to reduce their availability maround the world, while at the same time putting US companies at a competitive disadvantage in the information security market.
Seventeen years later, we have tried to replicate this survey.”
https://www.wired.com/wp-content/uploads/2016/02/A-Worldwide-Survey-of-Encryption-Products.pdf
EX: just a part of the listed
Germany—112
United States—304
Netherlands—19
Romania—4
Australia—21
–
See what your country had/has to offer.
Related ?
CRYPTOGRAPHY AND LIBERTY 1998
AN INTERNATIONAL SURVEY OF ENCRYPTION POLICY
http://gilc.org/crypto/crypto-survey.html
2019 CIGI-Ipsos Global Survey on Internet Security and Trust
https://www.cigionline.org/internet-survey-2019
for privacy messenger
may u should have a look on briar.
https://briarproject.org/
– decentralised
– uses the tor network
– fully end2end
– open source
plz. dont recommend Privacy Badger
it can be used to get fingerprinted
best regards
Awesome advice, can I ask for a review or recommended options on personal privacy such as personal files, IP on corporate computers. How to setup and protect yourself from big brother too ? Possible ?
Hi scollops
You’ve asked a lot without giving specifics of Operating system(s), device(s), etc…
Sven’s got pages of good stuff and to telling the dangers of being online.
Helpful guides and articles (I take from his own experience) in his use, testing, researching and exploring this field that’s a big loss to us in it’s vast knowledge to understand.
There’s to much lead-way in each’s own scenario for him to be specific to anyone personally unless it touches close to home for him, as he’s been there.
Thanks….just trying to get a handle on where to start Mac mainly then MS laptop. Really about personal files and IP. Protecting especially when you forget to remove your IP..i.get the whole policy and company line. But oddly doesn’t work both ways. Anyway good to learn also for home as a Mac user.
Hello scollops,
Surely it would began within the devices foundation you’d set. Any order you’d want in your research and implementation.
A/My devices Strong Foundation:
– Hardened OS. (Root access if possible)
– Third party FireWall. (Firewall that blocks everything’s contact to the web by default, and the first time anything tries to enter or leave your system, your alerted (pop-up) to set an action for it from that point onward regarding it’s role in your devices setup.
– VPN service. (Hides your true location and encrypts all your devices generated traffic – installed to the system / because browser extension(s) VPN’s ARE NOT CAPABLE OF THE SAME FUNCTIONS Device Wide or simply their being offered as a watered down version to mimic a real VPN’s functions.
– Private Secure Browser /W/ Private Search Engine. (Separate programs and Working in Tandem when going online).
– Ad blocker. (Install to the system, some do their work in blocking online ads, but also on your installed apps that display ads too when opened and ran on the system. Kudos for the ones (Ad Blockers) offering advanced settings that dials into the specifics of your devices privacy – Ex: hides search queries, strips tracking parameters, hides your user agent, hides your IP address, etc, etc…).
– Password Manager. (Besides securely storing passwords and other personal and accounts info [locally is my preference/never trusted cloud storage]. CS is basically for syncing same info to multiple devices you own and that would go online.
Password Managers are capable of your longer stronger passwords generation than the average person would normally use and retain on their own).
– Secure email /W/ Secure Messenger. (Separate programs again – Look to them offering end-to-end encryption of your data for a true zero-access provider. That would be the encryption happens locally on the device (browser – app) and it’s done (only with access) from the users end to decrypting said data / and never the only encryption offered is to happen on the servers end. ‘Employees and the company partners’ then may very well have access to the servers decryption key and then to accessing your data.
.
Todays Best Secure Email Providers
https://restoreprivacy.com/secure-email
Some there may offer a full office suite to alleviate your need for a separate program to share your personal files. If your needing a cloud file service for uploading files so people can download them, then look at comments on Alternatives to Google Products – the Complete List (2019)
https://restoreprivacy.com/google-alternatives/
.
Hell I could go on and on, least I’d try the outline I’ve given above. I’ve not named any specific programs here. Then I can’t really see that if any applications redundancy of the the others in your basic foundation (system armor) you’d set harming you. Systems and associated hardware are beefier than early units, so redundancy with regards to system resources not an issue.
SCROLL DOWN to the first comment left here for helpful Windows information – and then up a few for other info. too – yes most will be my comments.
Mac – not a lot to offer as Apple – well you know doesn’t want you melding there.
https://restoreprivacy.com/vpn/best/mac-os-macbook/
– – – If you’ve a small footprint web wise (devices -or-
accounts) I’d not link any of them to a same online account by an IP address. VPN services do allow for multiple devices use on one account – set your other devices to another servers location to change it’s reflected IP address.
As well as not letting all our devices sink to/from cloud services – keep it (your data) stored locally on the device, and update them (all devices) yourself. By coping contents of folders or the folders tree themselves to the other like folders of a same program installed on your other devices.
Hope this helps and your welcome : )
Why isn’t EteSync ( https://www.etesync.com ) on this list?
It’s the only secure contacts, calendars and tasks solution out there…
Hi Jess.
Just a few points:
-Sven’s just one man running the site that has grown in new content, and still has to be updated in the existing already covered guides and articles. (Sounds like I know him, guaranteed I don’t), BUT HE HAS A GOOD WELL as we’ve talked some over his Secure Communication Center here-
https://restoreprivacy.com/secure-communication-center/
-It takes people like you to give all readers a heads up here on the RestorePrivacy site or by making contact by the link above ^ to Sven.
.
He as I (*this I believe), quest for only clients and server(s) to be ran on an open source(d) code base. *Term ‘- open source’ refers to something (code in this case), where people can modify and share their results because of its design, (the code) is publicly accessible.
*Then being offered at it’s foundation (server) – a hardened Linux installation, updates in patching any vulnerabilities as they become known, using safety mechanisms like TLS, CSPA, HSTS and in making sure to disable their weak ciphers.
*Then the encryption being used of an account, is in a way that only the USER (ends) and not it’s SERVER have access to your stored data’s information. Unfortunately, most of the communication services we can use are not end-to-end encrypted.
.
While any strong assurances of privacy, encryption and safety for your personal information are thrown out and about by different programs/services on the web.
STOP and consider that data (yours), is being kept (stored) in someone else server(s). Especially, in a case where the server synchronizes the users data with an app/device – any one ! in the chain are vulnerable to get hacked, or a government forces the hosting provider to hand over their server.
– – Anyone give thoughts to – of, that in ten years (or less) up the road THIS AGE of encryption may be broken !!! In Ten years I’ll bet your still alive – to what wide repercussions if today’s encryption gets broken? Your in life?
Remember the server back-ups and the fact that your not controlling the server – you’ll simply have no ideal to the copy and back-up counts made on said server containing your data… When the account is deleted spelled out time when all your generated data is totally deleted?
Point I make, wouldn’t double or triple encryption of data be something for a communications programs/services to look at for storing any users data. Servers encryption, then users encryption twice of TWO separate passwords/paraphrases or keys.
.
-I don’t find info. to when ‘EteSync’ was founded except ‘Posted on Wed 05 April 2017’ here-
https://stosb.com/blog/introducing-etesync/
Looks like a nice find on the surface Sir.
“EteSync is a journaled end-to-end encrypted contacts and calendar provider for Android and the desktop. Or to put it more plainly, it’s an app that backs up and syncs your contacts and calendars across devices and to the cloud in a secure way while maintaining a full history of the changes.
Our servers are located in Austria and are hosted by EDIS, so our server is safe, but the beauty of EteSync is that you don’t need to trust the server.”
– – -Botom line:
How’s the EteSync TOS and PP read?
How’s Austria’s privacy policy as a country in Central Europe comprising nine federated states?
Journaled – your data’s full change history in a secure way while maintaining a complete history of your changes both locally, and securely on our servers – – “”may be a handicap to some if they can’t control the time set – ex: 2 year max versa forever as account remains open.””
It’s not only your money but data given up by you. When you delete your data and then would delete your account – what assurances do you get – that you indeed owned the data ON the server used to store and/or back-up the said data. Proof and guaranties are just words in that all the copies and back ups will get deleted as well…
Tom from EteSync here.
Not sure I understand what you are saying, but just wanted to clarify a few topics that weren’t clear from your comment.
1. You were talking about having both the client and the server open source. Almost none of the recommended tools above satisfy this requirement, so no idea why you said it. With that being said, EteSync *IS* open source, client and server.
2. We obviously patch our servers all the time and maintain them.
3. EteSync is end-to-end encrypted, it says that on the home page.
4. Your data is not encrypted on the EteSync servers, only the end-to-end encrypted data, which we can’t access. We use strong encryption, if it’s ever cracked (like you suggested), every service above would be vulnerable, not just EteSync.
5. If the above point is still a risk for you, you can just self-host: everything is open source.
6. EteSync was released around March 2017. The blog post you mentioned is my public announcement post. You can also see all of the source on github to see when code was originally pushed.
7. TOS and PP: very simple and legible, less than a page long. Have a read.
8. Austria is probably better than Germany and Switzerland nowadays.
Thanks for your comment, and I hope this answers some of your questions and clarifies things.
Hi Tom, thanks for stopping by and clarifying things.
Hello Tom from EteSync,
No I got a way of doing things that suites me, so sorry if I’m hard to follow.
I did give EteSync a thumbs up here just for whats in print and for the direction in a mission it has.
Couldn’t you tell by my words…
.
Basically in answering to Jess, as why not every good, worthy, and related privacy/security application/service isn’t listed somewhere herein, and where Sven’s time (I’VE SEEN) has been utilized for the site.
As well, I had thrown out some flags for people to look for in anyone’s research of the service/app (yours – or any other).
.
The ‘quest’ part is just a longing for everyone who is connected to the web in some fashion, and that be as you’ve done and confirmed by your reply in the #1 and #2 answers. Hey you might be the first on the site to offer this – to the user.
I’d have that in the first paragraph of anything printed about EteSync.
Besides in the section topic above all listed in the article are not offering their client and the server as open source that your right on this.
Sven should add note of that feature if their offered.
I can only say, if Sven’s the time to test yours – you might be listed on the site.
– Glad to see you’ve tied up some loose ends for me by your answers.
Though in #4 answer it mentions ” Your data is not encrypted on the EteSync servers”.
* What of the users/account holders data does the non-encrypted data consist of /and/or about the account / then it’s owner?
* As for offering the service/app on a fee basics – how else does EteSync support itself ? Worthy of an answer…
** Do you ever see (at present) EteSync to becoming a full fledged communication platform as an email service.
Thanks and greetings Sir
What do you think of the new ‘sign in with apple’ feature?
I wouldn’t use it, because Apple.
Did anyone test this secure message app: https://www.goldenfrog.com/cyphr ?
They are from the same company as VyprVPN, so maybe it is not a bad option…
Hello,
First, thank you for sharing your knowledge and making our life more private.
Have you already heard of dissenter browser? Currently, it’s a fork of Brave, but built for people. If I am not mistaken, he removed Brave rewards and add his dissenter extension that is focus on free speech.
I’ve heard of it, but have not tested/used it.
Hey Sven and readers,
Had some deep thoughts today that I didn’t like in what I could imagine happening.
But usually I can also see a silver-lining to any darkness I envision.
That silver-lining, would need to be a global entity of some form of a governing body grounded on and with a foundation of global personal user internet privacy laws that has some teeth enforcement’s action.
If you’d think about it we as governments and nations have rules and laws within our own borders for just about anybody on anything.
.
As mankind advances in life with technology we loose our borders, that it opens up our lands and people to be victims of lawless enforceable actions as it mostly stands now.
We’ve seen or herd of nations going after nations (it’s people-interstructure-elections) using the internet.
Then you have the representation of other nations within a host country where a special revisions of it’s own laws are given making them useless to enforcement to these visitors.
[Kind of like the internet it’s happening to be border-less crime that hits a country]
Stop – picture this, land and water touches somewhere there are borders – laws usually change crossing that physical boundary into the other.
Now – think of the internet as air, a vast ocean, even electricity of a small sense to strength/power/grand or in other words something to big for any one nation to police on it’s own.
Just as we join alliances in time of wars, friendly nations need to join and sponsor a global eninity foundation of personal user internet privacy laws. As we keep budgets for troops and war machinery so to a nation needs to budget for global internet defense.
.
Some dark future thoughts:
Big tech (you know them) all come out with the new wave virtual personal assistants.
You are now able to do everything from your assigned virtual personal assistant (think of your shadow with an ID or in USA your SSN).
So all the new devices, apps and software/firmware versions are now designed to use your assigned virtual personal assistant or you don’t have an electric identity or worst outlet to interact on the web.
– A nations government steps in and uses this “taps” the wealth of new information down to (.) in com you type.
Now in short time – this virtual personal assistant technology has ability to track groups of devices, people, auto’s, purchases down to the last 10 seconds.
Then can disable any electric device connected to the internet, able to turn it on or off at that moment or simply once it had been tracked within the hour. (good and bad use here)!
.
In US you know of traffic light cams for red light runners.
What if you thought your neighbor had just got some kind of security severance service as you’d seen the worker install a couple cameras.
Then you come to know it’s making them money every month – as it’s scans and monitors the neighborhood.
– If you’d get on some high value list I could see this happening (advertising co. – prospect for CEO or like job), even like with a crime stopper program in rough neighborhoods – where every other house is scanning all the time.
To many more dark thoughts !
Any merit to worry yet ?
Hi, Sven
What do youu think about “the next gen VPN”:
[https://impulse.com/sdp/]
I’d stick with OpenVPN as it has been thoroughly audited and proven over many years (safe and secure).
Hi Sven,
I wonder why the Epic Privacy Browser for desktop didn’t meet your ranking.
They are coming out soon with an android version.
Regards,
That’s discussed in the secure browser guide.
I wonder why Telegram (encrypted) app isn’t under “Secure messaging app”. Have you tried it and what are you thoughts on it?
Hey John, yep, that’s a good option too, I’ll add it with the next update.
How would you rate Qubes OS ?
For those of us who have to use Windows for Adobe CC, a future article suggestion: “How to keep Windows 10 from spying on you” (apart from not using it, of course 🙂
Quick answer: Download Virtualbox (free and open source) and run Windows inside a virtual machine. You can use Windows 10 for free and you never have to register it. (I do this for testing software.)
According to Adobe, CC with an individual license will not work with a virtual machine. PlayOnLinux no longer works, Crossover doesn’t work. Wine never works with anything. If Adobe would only make a Linux version (go here and vote!: https://adobe-video.uservoice.com/forums/911233-premiere-pro/suggestions/36257581-yes-please-support-linux-this-would-be-a-huge-m) then I think Linux might well get a lot more users seemingly overnight. Perhaps they have a deal with Microsoft . . . ? So anyway, unless I’m mistaken (which is entirely possible–I’d love to be wrong about this!) I’m pretty sure that CC users are stuck with Windows 10, at least for the moment.
I don’t believe that will ever happen. This kind of talk has been going on since Linux was introduced. If one’s intent is simply browsing the web, I’d agree.
There’s way too few Windows applications and sites eg. financial institutions, insurance plans, governments and so on that do not support Linus browsers.
Not many people know of Oracle’s Virtual machine. It’s not user-friendly whatsoever. In fact, it’s pretty darn complicated just to try to load your OS of choice and install an application. The website to find and choose the hyperlink is nothing short of frustrating.
I suppose the majority of people who would want to use that particular VM are the ones who live a complex life and have a similar mindset.
For a couple of months or so I’ve been trying Blokada ad blocker on my android phone. So far I’m really impressed. Recently, they even added VPN service (paid, but pretty affordable). Notably, for example, the battery life is SO Much improved! Mobile data usage is used for a much lower amount per month (killing ads obviously saves a lot of data). These guys are doing tremendous job, and quietly, without much fuss and bells. Hope they will develope a good privacy package. So far, so good!
Yeah, Bronco. I using blokada for a while and, I agree with you, but I would like what you guys tink. And you Sven Taylor, what you tink about Blokada? You know? Have tested?
Looks good. I have not tested it.
Hi Sven, I am blown away, but not really that surprised at all the comments/questions you’re receiving now on this topic. I just have a few as they relate to browsing confidentiality/releasing details and prevention.
I visited a site that lists all your devices (that name is part of the URL) including screen resolution, video card, OS and so, so much more. I was terribly shocked to see the results.
I opened up TorBrowser (as we know Tor is slow as molasses) and I can’t disable a la carte the encryption or settings to improve speeds. However, Tor browser blocked a LOT of the info which was revealed in Chrome. It blocked RAM quantity, Graphics Card Name / Driver and many more system details.
When I reviewed the info on screen, the test results indicated the info which was concealed was “blocked” by browser “extension”. Yet, I see no add-on in TorBrowser.
As such, I wonder if there’s an actual extension or means of blocking the system info which Tor blocked on Chrome or use another browser which is faster, but does the same in terms of blocking system details?
Hey there, this is a tricky issue, but there’s a lot you can do to improve browser fingerprinting. See my main guide on browser fingerprinting for more info.
Hi Sven,
I think you should add to this article suggested ad-blockers, AVs, VPNs etc for mobile users – ios and android. Reality is that most people today use mobiles predominantly.
He Bronco, thanks for the feedback.
What do you think of 1password as a password manager? I tried bitwarden, but 1password works so much better for me.
Did you use Bitwarden with the browser extensions? It works like a charm (for me at least). I have heard good things about 1password from a usability perspective, and it’s been around a while, but I have not tested it. Main drawbacks: closed source and expensive.