Privacy Toolbox

2020-06-21

Tools to help protect your privacy -- technological aid for a lack of ethics in tech.

For your convenience, the setup, maintenance, cost, or required technical knowledge of these tools increase as you read further down the list.

Please note that these tools will not render you fully anonymous; they are simple (and not so simple!) ways to protect your privacy.

Signal -- Chat & Calls

Install Signal >

Tor Browser -- Web

Install Tor Browser >

VPN

Browse VPNs >

Hide your traffic from your Internet and phone service providers. Set up a VPN on both your PC and phone.

Use a VPN service/application that blocks Internet traffic if a VPN connection cannot be established. Check for this capability when browsing for a VPN.

DO NOT use a zero-cost ("free") VPN; these monitor people's activity and exploit it for profit.

Drive Encryption

Encrypt Android | iPhone | OSX | Windows 10 >

Encrypt the drives on your phone and PC in case you ever lose your device. You can similarly encrypt your USB drives as well.

Email

Browse email providers >

Shop for an email provider that:

ProtonMail at the time of writing seems like a good choice. It also supports end-to-end (e2e) encrypted email (OpenPGP) by default among ProtonMail peers, which is very convenient.

Email Encryption

Read the Email Self-Defense Guide >

Set up GnuPG / OpenPGP to send end-to-end (e2e) encrypted email with your peers.

ProtonMail does this out-of-the-box when communicating with other ProtonMail peers.

GNU/Linux -- Operating System

Install PureOS >

Install Ubuntu >

GNU/Linux could be a better choice for you than operating systems like Windows or MacOS. The latter have embedded advertising IDs, track you in different ways, and are proprietary software, so they cannot be freely studied/audited. Most GNU/Linux distributions also happen to be zero-cost.

Ubuntu is a popular choice and may work better for your hardware, but ships with third-party proprietary software components such as device drivers.

PureOS is free/libre software, and therefore fully auditable.

If in doubt, I would try a live boot of PureOS on your system first to see if you experience any difficulties.

Librem 5 -- Phone

Shop Librem 5 >

Note that while the Librem does not track you, your phone service provider still does. Use the kill switches appropriately and a VPN.

Librem 13/15 -- PC

Shop Librem 13 >

Shop Librem 15 >

A computer that does not spy on you and respects your freedom.

Note that like with the phone, the Librem PC does not track you, but your Internet service provider and the Websites you visit still do.


Avoid

Avoid: Whatsapp

Uses the same e2e encryption borrowed from Signal, but:

Avoid: Google hangouts

Avoid: WeChat

Avoid: Zoom

Avoid: Facebook, Twitter

Avoid: Gmail


References & Further Reading

Citizenlab / Move Fast and Roll Your Own Crypto (Zoom)

Citizenlab / WeChat Surveillance Explained

EFF / Behind the One-Way Mirror: A Deep Dive Into the Technology of Corporate Surveillance

EFF / Cell-Site Simulators/IMSI Catchers

EFF / Gotta Catch 'Em All: Understanding How IMSI-Catchers Exploit Cell Networks

FSF / What is free software?

FSFE / What is Free Software

IANIX / The browser privacy handbook

Signal / Blur tools for Signal

Signal / Terms & Privacy Policy

Signal / WhatsApp's Signal Protocol integration is now complete

The Intercept / The Metadata Trap

VICE / I Gave a Bounty Hunter $300. Then He Located Our Phone

Wired / WhatsApp's Privacy Cred Just Took a Big Hit