RestorePrivacy

Resources to stay safe and secure online

Privacy and Security Tools for 2021

By Sven Taylor 121 Comments
Privacy Tools

This guide is regularly updated to include all of our privacy and security tool recommendations.

The world is changing fast and your private data is at risk. Numerous entities, both public and private, are working hard to track, monitor, and record your digital activities. There are many reasons for this:

  • Advertisers (including Google and Facebook) want to know everything about you, including your web browsing history, location data, contacts, and more. This makes it easier (and more profitable) to serve you targeted ads and influence your purchases.
  • In an age of pandemics and lockdowns, many governments around the world are working hard to track movement and biometric data of their citizens.
  • ISPs (internet service providers) are spying on their customers and feeding this data to various government agencies. In many countries, this is not only legal, but required. See for example in the United Kingdom (with the Investigatory Powers Act), United States (Senate Joint Resolution 34), and now also in Australia (mandatory data retention).
  • The internet is also becoming less free due to censorship efforts and content blocking. Whether it is China, Germany, the UK, or the United States, various groups are working hard to censor content online.

But don’t get discouraged. Alternative technologies are experiencing a renaissance as awareness about these issues grows and people seek out solutions. Indeed, for all of the problems listed above, we find excellent solutions to give you more privacy, security, and freedom in your digital life. And that is the purpose of this guide: to give you solutions. Here’s what we’ll cover in this guide:

  1. Secure and privacy-focused browser
  2. Virtual Private Network
  3. Ad blocker
  4. Password manager
  5. Secure and encrypted messaging
  6. Private search engine
  7. Private email
  8. Operating system
  9. Antivirus software
  10. Conclusion

But before we begin, one key consideration is your threat model. How much privacy and security do you need given your unique situation and the adversaries you may face?

Most people today are seeking protection against online tracking by advertising networks as well as a higher level of privacy and security. Others, such as investigative journalists working with sensitive information, would likely need an even higher level of protection. So keep this in mind as you proceed. Everyone is unique in their approach to privacy and security; there is no one-size-fits-all solution.

So here’s what you need:

1. Secure and privacy-friendly browser

Everyone needs to be using a secure and privacy-friendly browser for three important reasons:

  • Browsers have a large attack surface and can be compromised in many ways.
  • By default, most browsers contain lots of private information, including your browsing history, usernames, passwords, and autofill information, such as your name, address, etc.
  • Browsers can reveal lots of identifying information about your location, system settings, hardware, and much more to third parties.

Secure Browsers: Based on my own tests and experience, here are the most secure browsers that also respect your privacy:

  1. Firefox (modified) – Firefox is a great browser for both privacy and security after doing some modifications. It is highly customizable to give you the level of security and privacy you desire, while also being compatible with many browser extensions. See my guide on how to modify Firefox for more privacy.
  2. Brave – Brave is a chromium-based browser that is very privacy-focused right out of the box, unlike Firefox, which requires some customization. By default, it will block ads and trackers, and it’s also customizable, fast, and has built-in protection against browser fingerprinting.
  3. Tor browser – The Tor browser is hardened version of Firefox that also utilizes the Tor network by default (but this can be disabled).
  4. Ungoogled Chromium – As the name suggests, Ungoogled Chromium is a stripped-down Chromium browser that has been “Ungoogled” for more privacy. Source code is here.
  5. Bromite – Bromite is a Chromium-based browser for Android platforms only (no support for desktops). It is a great mobile browser with ad blocking and built-in privacy protections.

Of course, there are many browsers on the market and choosing the best one all comes down to your own needs and tastes. Chrome, Opera, Safari, and Vivaldi also get some attention, but they’re not the best choices from a privacy standpoint.

Browser add-ons worth considering – As discussed in the Firefox privacy guide, here are a few good browser add-ons that you may want to consider using:

  • uBlock Origin – A powerful blocker for advertisements and tracking.
  • HTTPS Everywhere – This forces an HTTPS connection with the sites you visit.
  • Cookie AutoDelete – Deletes those unwanted tracking cookies.
  • uMatrix – While this may be overkill for many users, this powerful add-on gives you control over requests that may be tracking you on various websites.
  • NoScript – This is a script blocker that allows you to control which scripts run on the sites you visit.

Worth mentioning: Don’t use a browser-based password manager, which will store your usernames and passwords in plaintext, thereby leaving them vulnerable to exploitation (discussed more below).

2. Virtual Private Network (VPN)

Using a good VPN (virtual private network) is one of the simplest and most effective ways to protect your privacy, secure your devices, and also access blocked content online. A VPN is a critical tool to be using, especially with internet service providers spying on their users.

VPN privacy tools

Here are some of the problems that VPNs solve:

  • ISP Spying – A VPN will encrypt and anonymize your internet connection. This makes your traffic completely unreadable to your ISP and other third parties.
  • Blocked content – A VPN will let you easily get around blocked content and censorship. Simply connect to a VPN server in the region you need and access the website or stream as normal.
  • IP and location tracking – Many websites and advertisers track users through their IP address. With a VPN, your IP address and location will be replaced by the VPN server’s IP address and location.
  • Copyright issues – Torrenting and streaming media from third-party sources can come with some risk in the form of copyright issues. A VPN will anonymize your IP address and help keep you safe.

I have tested all of the popular VPN services and the results can really vary. Below the the top 3 best VPN services for 2021:

nordvpn cheap

NordVPN Review

$3.29/month
72% Off Coupon and 3 Months Free >>

cheap surfshark vpn

Surfshark VPN Review

$2.49/month
Visit Site >>

VyprVPN

VyprVPN Review

$5.00/month
Visit Site >>

Above are the top three VPNs that performed well in testing for the respective reviews. We have other recommendations and providers in our guide on the best VPNs for 2021.

And if you are new to VPNs, we have a general VPN overview here, which covers all the important details.

3. Advertisement, tracker, and malware blocker

A good ad blocker is essential for privacy and security reasons. From a privacy perspective, it’s important to block ads because they also function as tracking by recording your online activity to create an intimate user profile. This data is then used for targeted ads and/or sold to other parties.

Ads are also risky from a security perspective because they can contain malicious code that can infect your device when a web page loads – no clicks required.

Effectively blocking all ads is the only way to go. Here are a few different options from our guide on the best ad blockers:

  1. Browser ad blocker extensions – Browser-based ad blocker extensions, such as uBlock Origin are quite popular, but they also come with some tradeoffs. Online ads may still be using up resources and tracking you, even if the ads are not being displayed. Choose your ad blocker carefully – some ad blockers, such as Ghostery and Adblock Plus will collect user data for profit and/or show you “approved” ads.
  2. Ad blocker apps – A dedicated app will most likely do a very good job blocking ads on your device. One popular and well-regarded option is AdGuard.
  3. VPN ad blocker – Another option is to use a VPN that offers an ad blocking feature (VPN ad blocker). I tested various options for the VPN ad blocker guide and found most to work well.
  4. Ad blocking on a router – Ad blocking on a router can be accomplished various ways – from using ad blocking DNS to loading custom filter lists onto your router.
  5. Pi-holePi-hole is a network-wide ad blocker that functions as a DNS server and can be deployed in various ways. It is most often used on a Raspberry Pi, connected to your home router (but there are many other different setup options).

The best ad blocking setup will depend on your situation and needs. If you have numerous devices you use at home, setting up a network-wide ad blocker would be a good solution for blanket protection. uBlock Origin remains a popular option for browser-based ad blockers. I like NordVPN with the CyberSec feature.

4. Password manager

The topic of passwords is actually quite large, encompassing password strength, password management, and password storage. In this section we’ll focus on password management and storage. Many people store passwords directly in the web browser — but this can be risky.

A more secure method is to use a dedicated password manager app. And note that a dedicated password manager can also offer browser extensions that are convenient and secure. Here’s a screenshot of Bitwarden, which is one of our favorites:

password manager tool

Here are the best password managers we have tested:

  1. Bitwarden – A free and open source password manager that is user-friendly and secure. (See our Bitwarden review.)
  2. NordPass – From the makers of NordVPN and NordLocker, NordPass is a secure, user-friendly password manager that has also passed a third-party audit. (See the NordPass review here.)
  3. 1Password – Another great option is 1Password, with many features and strong security standards for all types of devices (our 1Password review has more info).
  4. KeePassXC – As a locally-hosted password solution, KeePassXC differs from the others on our list. See the pros and cons of this password manager in our KeePass review.

Start using a good password manager today.

5. Secure and encrypted messaging apps

secure messaging apps

Many people are turning to secure and encrypted messaging apps over concerns with privacy and security of other popular messengers. For example, WhatsApp collects and shares data from your phone with Facebook, the parent company of WhatsApp. If you find this concerning (and you should), then consider some of the secure alternatives below.

Lastly, with the inherent limitations of email, we recommend a secure messaging app for those wanting the most secure messaging platform possible. The secure messaging apps below utilize strong encryption standards and work well for teams or individual use on various operating systems and devices.

  1. Signal – This is probably the most popular secure messenger with a rapidly-growing user base. It is free, open source, and very secure. We really liked how it performed in our Signal review — but also noted some drawbacks, such as the need to use your phone number for verification.
  2. Wickr Me – This is another great option for secure messaging, with some unique privacy and security features. Like Signal, Wickr Me is also free. See our Wickr Me review for the good and bad.
  3. Wire – Based in Switzerland, Wire is another great option that is secure, user-friendly, and fully featured. While there is a free version for personal use, it is hard to find, as described in our Wire messenger review.
  4. Threema – This is one of the few paid encrypted messengers, but it’s only $2.99 for a lifetime license. Threema is also based in Switzerland and is open source. See our Threema review here.
  5. Telegram – Telegram is a very popular encrypted messaging app out of Russia, but it also is not encrypted by default. See the pros and cons in our Telegram review.

With all of the people abandoning WhatsApp and going over to Signal, there’s a better chance to connect with people you know on a secure platform. This trend kicked off in early 2021 and we hope to see it continue!

signal privacy tools

Note: Also keep in mind that standard SMS text messages are not secure or private. They can be read by your phone service provider and are susceptible to man-in-the-middle attacks and also eavesdropping by Stingray devices. When privacy matters, use a good secure messaging app.

6. Private search engine

The big search engines (Google, Yahoo, Bing) record and track your searches, which helps them to build a user profile for their advertising partners.

Consider these privacy-friendly search engines instead:

  1. MetaGer – An open source metasearch engine with good features, based in Germany.
  2. SwissCows – A zero-tracking private search engine based in Switzerland, hosted on secure Swiss infrastructure.
  3. Searx – A privacy-friendly and versatile metasearch engine that’s also open source.
  4. Qwant – A private search engine based in France.
  5. DuckDuckGo – A private search engine based in the US.
  6. Mojeek – The only true search engine (rather than metasearch engine) that has its own crawler and index (based in the UK).
  7. YaCy – A decentralized, open source, peer-to-peer search engine.
  8. Givero – Based in Denmark, Givero offers more privacy than Google and combines search with charitable donations.

There are also a few “private search engines” that are now owned by advertising companies. For example, Startpage was bought out by System1, a pay-per-click ad company. For more information, see our guide on private search engines.

7. Private email

Many of the popular email providers, such as Gmail, Yahoo, and iCloud are not good choices when it comes to privacy. Would you want random people having full access to your emails, collecting data for targeted ads, or passing the information on to third parties? This actually happens.

And while Gmail remains the most popular service in the world, you pay with your privacy. Consequently, as awareness about these issues grows, many people are seeking alternatives to Gmail.

If you care about privacy and the security of your data, consider these secure email services. And if you want to learn more, check out these reviews:

Note: We also have a guide on encrypting email.

8. Operating system

Consider using the free and open source Linux operating system. There are many different versions of the Linux operating system designed for different types of users:

Tails is another privacy-focused operating system that can be run live on a USB drive, CD, or SD card.

Problems with Windows and Mac OS

Windows – The latest version of Windows (Windows 10) is a platform built for total surveillance – giving corporations and governments complete access to everything you do on your machine. Aside from data collection concerns, most malware targets Windows users – another serious drawback and security risk.

Mac OS – While Apple may be slightly better in terms of privacy, it too has problems. Just like Microsoft, Apple has configured its operating systems to collect vast amounts of your private data, whether it is browsing history through Safari, connection data, location services, and more.

9. Antivirus software

While not necessarily a “privacy” tool, using good antivirus software may be wise depending on your situation. The problem, however, is that many antivirus solutions abuse your privacy and may come with some invasive and “unwanted” additions.

Just like with sketchy free VPN services, free antivirus software can also be problematic. In testing eight popular free antivirus suites, Emsisoft discovered that seven of them were bundled with PUPs (potentially unwanted programs), which can be harmful and very annoying. Tip: avoid free antivirus software!

Another major issue is privacy. Many popular antivirus suites utilize invasive data collection, to include browsing history, “suspicious” files, metadata, and more. Carefully read through the privacy policy of your antivirus before installing.

Although Restore Privacy does not devote much attention to antivirus software, one solution that offers the highest levels of security while also respecting user privacy is Emsisoft. Another potentially good option, which is entirely FOSS, is Clam AV.

See also the antivirus privacy guide.

Conclusion: Restore your privacy in 2021

That’s all for now, although this guide will continue to be updated with more privacy tools and information.

Comments?

If you have any feedback, tips, or suggestions based on privacy and security tools you are using, feel free to drop a comment below!

About Sven Taylor

Sven Taylor is the founder of RestorePrivacy. With a passion for digital privacy and online freedom, he created this website to provide you with honest, useful, and up-to-date information about online privacy, security, and related topics. His focus is on privacy research, writing guides, testing privacy tools, and website admin.

Reader Interactions

Comments

  1. Niuña B.

    My threat model includes data gathering companies like Google, and I was told recently that Google owns the keyboard used by my Samsung phone. Google is a USA company, and Samsung is South Korean. My phones settings use the default Samsung keyboard, and do not have an alternative, Google or otherwise, listed.

    Does Google own Samsung, or are they owned by the same company? Are there alternatives to a cell phone keyboard that might be used to basically key log everything I do, no matter what else I use? Is this problem insurmountable until I get a Linux phone? Does this problem even exist?

    Reply

    • vanp

      Can’t address the ‘keyboard’ issue, but doing a little research, I can’t find any corporate relationship between Samsung and Google. Never heard this idea expressed.

      Reply

  2. Kagey

    Hello Sven and RP,

    Thank you for excellent information, clearly presented, with all the why’s and wherefore’s!

    Search Engines: i too have noticed DDG now is a lot harder to get good results from. Even querying a known, good, complete URL (just to make sure i didn’t typo), the results often do not mention, reference or point to that URL. Also, quite a few multiword queries return results that only address one word, and no amount of tweaking will fix. Using quotation marks, AND, OR, NOR do not seem to work any longer. Plus, after going to Settings and customizing, suddenly a few searches later in one session it reverts to default Settings without any warning (or reason why it did so).

    Three questions:
    (1) Under OS, you mention Linux; but any thoughts as to the *BSDs? i’m thinking of moving to FreeBSD.
    (2) Any thoughts about DiceKeys.com?
    (3) Will y’all ever rate best/top hosting services for security and privacy?

    Thanks again!

    Reply

    • Sven Taylor

      Hi Kagey. We do not cover operating systems in much detail, other than pointing people toward some of the more privacy-respecting options. I’m the wrong guy to ask about the BSD operating systems, but someone else here may chime in on that one. I have not looked at DiceKeys.com. For private hosting, you may want to check out Njalla or OrangeWebsite in Iceland.

      Reply

  3. Mike

    One other privacy tool you should consider for you Apple or Android mobile device(s) is a firewall. A Firewall allows you to block or restrict apps from being able to “call home” by sending information about you to advertising or tracking services. There are three firewalls that are free and open source that I recommend:

    1) Netguard (Android) – https://netguard.me/

    2) Blokada (Android) – https://blokada.org/*

    3) Lockdown (iOS) – https://lockdownprivacy.com/

    * Blokada’s primary purpose is an add blocker but the app has features like a firewall too.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *