I don't have anything to hide. Over the last 16 months, as I've debated this issue around the world, every single time somebody has said to me, 'I don't really worry about invasions of privacy because I don't have anything to hide.' I always say the same thing to them.
I get out a pen, I write down my email address. I say, 'Here's my email address. What I want you to do when you get home is email me the passwords to all of your email accounts, not just the nice, respectable work one in your name, but all of them, because I want to be able to just troll through what it is you're doing online, read what I want to read and publish whatever I find interesting. After all, if you're not a bad person, if you're doing nothing wrong, you should have nothing to hide.' Not a single person has taken me up on that offer.
Glenn Greenwald in Read also:. Global Mass Surveillance - The Fourteen Eyes The UKUSA Agreement is an agreement between the United Kingdom, United States, Australia, Canada, and New Zealand to cooperatively collect, analyze, and share intelligence.
Members of this group, known as the, focus on gathering and analyzing intelligence from different parts of the world. While Five Eyes countries have agreed to as adversaries, leaks by Snowden have revealed that some Five Eyes members monitor each other’s citizens and to that prohibit them from spying on their own citizens. The Five Eyes alliance also cooperates with groups of third-party countries to share intelligence (forming the Nine Eyes and Fourteen Eyes), however Five Eyes and third-party countries can and do spy on each other. Key Disclosure Law Who is required to hand over the encryption keys to authorities? Mandatory require individuals to turn over encryption keys to law enforcement conducting a criminal investigation. How these laws are implemented (who may be legally compelled to assist) vary from nation to nation, but a warrant is generally required.
Defenses against key disclosure laws include steganography and encrypting data in a way that provides plausible deniability. Involves hiding sensitive information (which may be encrypted) inside of ordinary data (for example, encrypting an image file and then hiding it in an audio file).
With plausible deniability, data is encrypted in a way that prevents an adversary from being able to prove that the information they are after exists (for example, one password may decrypt benign data and another password, used on the same file, could decrypt sensitive data). (people who know how to access a system may be ordered to share their knowledge, however, this doesn't apply to the suspect itself or family members.) Why is it not recommended to choose a US-based service? Services based in the United States are not recommended because of the country’s surveillance programs, use of (NSLs) and accompanying gag orders, which forbid the recipient from talking about the request. This combination allows the government to companies to grant complete access to customer data and transform the service into a tool of mass surveillance. An example of this is – a discontinued secure email service created by Ladar Levison.
The FBI Snowden’s records after finding out that he used the service. Since Lavabit did not keep logs and email content was stored encrypted, the FBI served a subpoena (with a gag order) for the service’s SSL keys. Having the SSL keys would allow them to access communications (both metadata and unencrypted content) in real time for all of Lavabit’s customers, not just Snowden's. Ultimately, Levison turned over the SSL keys and the service at the same time.
The US government then, saying that shutting down the service was a violation of the court order. Related Information. VPN providers with extra layers of privacy. Sortable VPN Providers Table Yearly Price Free Trial # Servers Jurisdiction Website 54 € Yes 162 Italy 45 € Yes 5 Sweden 99 € Yes 27 Hong Kong $ 52 Yes 18 Iceland 39,99 € No 432 Northern Cyprus $ 99.95 Yes 145 British Virgin Islands $ 35.88 No 27 Sweden $ 65.04 Yes 88 Malaysia $ 100 Yes 21 Gibraltar 60 € Yes 168 Sweden $ 69 Yes 475 Panama $ 84 Yes 39 Sweden 124.95 € No 41 Panama Free Yes 249 Switzerland $ 90 No 300 Seychelles $ 39.95 Yes 48 Seychelles $ 39.99 No 122 Hong Kong $ 59.00 Yes 204 Bulgaria $ 35.88 No 80 Seychelles. Related VPN information. ( Note: The providers listed first in the TorrentFreaks article are sponsored). ( Note: While this is a good read, they also use the article for self-promotion).
Read the from IVPN. What is a warrant canary?
A warrant canary is a posted document stating that an organization has not received any secret subpoenas during a specific period of time. If this document fails to be updated during the specified time then the user is to assume that the service has received such a subpoena and should stop using the service.
Warrant Canary Examples:. Related Warrant Canary Information. Browser Recommendation. Your Browser sends information that makes you unique amongst millions of users and therefore easy to identify. When you visit a web page, your browser voluntarily sends information about its configuration, such as available fonts, browser type, and add-ons.
If this combination of information is unique, it may be possible to identify and track you without using cookies. EFF created a Tool called to test your browser to see how unique it is.
You need to find what most browsers are reporting, and then use those variables to bring your browser in the same population. This means having the same fonts, plugins, and extensions installed as the large installed base. You should have a to match what the large userbase has. You need to have the same settings enabled and disabled, such as DNT and WebGL. You need your browser to look as common as everyone else.
Disabling JavaScript, using Linux, or even the TBB, will make your browser stick out from the masses. Modern web browsers have not been architected to assure personal web privacy.
Rather than worrying about being fingerprinted, it seems more practical to use like Privacy Badger, uBlock Origin and Disconnect. They not only respect your freedom, but your privacy also. You can get much further with these than trying to manipulate your browser's fingerprint. Related Information. Web browser security testing tools, that tell you what exactly personal identity data may be leaked without any permissions when you surf the Internet. WebRTC IP Leak Test - Is your IP address leaking?
WebRTC is a new communication protocol that relies on JavaScript that can leak your actual IP address from behind your VPN. While software like NoScript prevents this, it's probably a good idea to block this protocol directly as well, just to be safe. How to disable WebRTC in Firefox? In short: Set 'media.peerconnection.enabled' to 'false' in 'about:config'.
Explained:. Enter 'about:config' in the firefox address bar and press enter. Press the button 'I'll be careful, I promise!' . Search for 'media.peerconnection.enabled'. Double click the entry, the column 'Value' should now be 'false'.
Done. Do the WebRTC leak test again. If you want to make sure every single WebRTC related setting is really disabled change these settings:. media.peerconnection.turn.disable = true.
media.peerconnection.usedocumenticeservers = false. media.peerconnection.video.enabled = false.
media.peerconnection.identity.timeout = 1 Now you can be 100% sure WebRTC is disabled. How to fix the WebRTC Leak in Google Chrome? WebRTC cannot be fully disabled in Chrome, however it is possible to change its routing settings (and prevent leaks) using an extension.
Two open source solutions include (options may need to be changed depending on the scenario), and (select 'Prevent WebRTC from leaking local IP addresses' in Settings). What about other browsers? Chrome on iOS, Internet Explorer and Safari does not implement WebRTC yet. Excellent Firefox Privacy Add-ons.
Improve your privacy with these excellent Firefox add-ons. Stop Tracking with 'Privacy Badger' Privacy Badger is a browser add-on that stops advertisers and other third-party trackers from secretly tracking where you go and what pages you look at on the web. Privacy Badger learns about trackers as you browse by inspecting external resources websites request. Please be aware that Google Analytics is considered first-party by Privacy Badger, which means that Google Analytics will not be blocked if you do not use another blocker, such as uBlock Origin. Block Ads and Trackers with 'uBlock Origin' An efficient that's easy on memory, and yet can load and enforce thousands more filters than other popular blockers out there. It has no monetization strategy and is completely.
We recommend Firefox but uBlock Origin also works in other browsers such as Safari, Opera, and Chromium. Unlike AdBlock Plus, uBlock does not allow so-called. Automatically Delete Cookies with 'Cookie AutoDelete' Automatically removes cookies when they are no longer used by open browser tabs. With the cookies, lingering sessions, as well as information used to spy on you, will be expunged. Encryption with 'HTTPS Everywhere' A Firefox, Chrome, and Opera extension that encrypts your communications with many major websites, making your browsing more secure. A collaboration between The Tor Project and the Electronic Frontier Foundation. Block Content Delivery Networks with 'Decentraleyes' Emulates Content Delivery Networks locally by intercepting requests, finding the required resource and injecting it into the environment.
This all happens instantaneously, automatically, and no prior configuration is required. Source code:. The following add-ons require quite a lot of interaction from the user to get things working. Some sites will not work properly until you have configured the add-ons. Stop cross-site requests with 'uMatrix' Many websites integrate features which let other websites track you, such as Facebook Like Buttons or Google Analytics. UMatrix gives you control over the requests that websites make to other websites. This gives you greater and more fine-grained control over the information that you leak online.
Be in total control with 'NoScript Security Suite' Highly customizable plugin to selectively allow Javascript, Java, and Flash to run only on websites you trust. Not for casual users, it requires technical knowledge to configure.
Firefox: Privacy Related 'about:config' Tweaks. This is a collection of privacy-related about:config tweaks.
We'll show you how to enhance the privacy of your Firefox browser. Preparation:. Enter 'about:config' in the firefox address bar and press enter. Press the button 'I'll be careful, I promise!' . Follow the instructions below.
Getting started:. privacy.firstparty.isolate = true. A result of the effort, this preference isolates all browser identifier sources (e.g. Cookies) to the first party domain, with the goal of preventing tracking across different domains.
(Don't do this if you are using the Firefox Addon 'Cookie AutoDelete' with Firefox v58 or below.). privacy.resistFingerprinting = true. A result of the effort, this preference makes Firefox more resistant to browser fingerprinting.
privacy.trackingprotection.enabled = true. This is Mozilla’s new built-in tracking protection. It uses Disconnect.me filter list, which is redundant if you are already using uBlock Origin 3rd party filters, therefore you should set it to false if you are using the add-on functionalities. browser.cache.offline.enable = false. Disables offline cache. browser.safebrowsing.malware.enabled = false. Disable Google Safe Browsing malware checks.
Security risk, but privacy improvement. browser.safebrowsing.phishing.enabled = false. Disable Google Safe Browsing and phishing protection. Security risk, but privacy improvement.
browser.sendpings = false. The attribute would be useful for letting websites track visitors’ clicks. browser.sessionstore.maxtabsundo = 0.
Even with Firefox set to not remember history, your closed tabs are stored temporarily at Menu - History - Recently Closed Tabs. browser.urlbar.speculativeConnect.enabled = false. Disable preloading of autocomplete URLs. Firefox preloads URLs that autocomplete when a user types into the address bar, which is a concern if URLs are suggested that the user does not want to connect to. dom.battery.enabled = false. Website owners can track the battery status of your device.
dom.event.clipboardevents.enabled = false. Disable that websites can get notifications if you copy, paste, or cut something from a web page, and it lets them know which part of the page had been selected. geo.enabled = false. Disables geolocation. media.eme.enabled = false.
Disables playback of DRM-controlled HTML5 content, which, if enabled, automatically downloads the Widevine Content Decryption Module provided by Google Inc. DRM-controlled content that requires the Adobe Flash or Microsoft Silverlight NPAPI plugins will still play, if installed and enabled in Firefox.
media.gmp-widevinecdm.enabled = false. Disables the Widevine Content Decryption Module provided by Google Inc., used for the playback of DRM-controlled HTML5 content. media.navigator.enabled = false. Websites can track the microphone and camera status of your device. Firefox Addon. Firefox extension that prevents Google and Yandex search pages from modifying search result links when you click them. This is useful when copying links but it also helps privacy by preventing the search engines from recording your clicks.
Worth Mentioning. Qwant's philosophy is based on two principles: no user tracking and no filter bubble. Qwant was launched in France in February 2013. An open source metasearch engine, which is based in Germany.
It focuses on protecting the user's privacy. Encrypted Instant Messenger. OS: Windows, macOS, Linux.
Worth Mentioning. ChatSecure is a free and open source messaging app that features OTR encryption over XMPP. Encrypted open source messenger. Supports file sharing and multiple devices. Available for Windows, Linux and macOS. A community-driven instant messaging network.
Supports end-to-end encryption. Both client-to-server and server-to-server channels are fully encrypted. An open source Jabber/XMPP client for Android 4.4+ smartphones.
Supports end-to-end encryption with either OMEMO or openPGP. There is also which still supports OTR. and it's various clients such as.
A successor of XMPP. Related Information. Encrypted Video & Voice Messenger. Get things from one computer to another, safely.This package provides a library and a command-line tool named wormhole, which makes it possible to get arbitrary-sized files and directories (or short pieces of text) from one computer to another. The two endpoints are identified by using identical 'wormhole codes': in general, the sending machine generates and displays the code, which must then be typed into the receiving machine. The codes are short and human-pronounceable, using a phonetically-distinct wordlist. The receiving side offers tab-completion on the codewords, so usually only a few characters must be typed.
Wormhole codes are single-use and do not need to be memorized. OS: Windows, macOS, Linux, Android. Worth Mentioning.
generates a unique set of custom, high quality, cryptographic-strength password strings which are safe for you to use. Master Password is based on an ingenious password generation algorithm that guarantees your passwords can never be lost. Its passwords aren't stored: they are generated on-demand from your name, the site and your master password.
No syncing, backups or internet access needed. Whether the answer is one or hundreds, Password Safe allows you to safely and easily create a secured and encrypted username/password list.
With Password Safe all you have to do is create and remember a single 'Master Password' of your choice in order to unlock and access your entire username/password list. Related Information. Calendar and Contacts Sync. OS: Windows, Linux, BSD. Worth Mentioning. Free client-side AES encryption for your cloud files.
Open source software: No backdoors, no registration. Browser plugin for Google Chrome / Chromium to encrypt files using a secret passphrase. From the developer of Cryptocat. Using a powerful 256-bit encryption algorithm, AES Crypt can safely secure your most sensitive files. For Windows, macOS, Linux and Android. A full disk and partition encryption system for Windows including the ability to encrypt the partition and disk on which the OS is installed.
A full disk encryption system for Linux using dm-crypt as the disk encryption backend. Included by default in Ubuntu. Available for Windows and Linux. Self-contained Networks. OS: All Browsers. Worth Mentioning.
EtherCalc is a web spreadsheet. Data is saved on the web, and people can edit the same document at the same time. Changes are instantly reflected on all screens. Work together on inventories, survey forms, list management, brainstorming sessions. Free privacy-friendly service that offers Etherpad, EtherCalc and PrivateBin.
An online scheduling application, which is free and OpenSource. Schedule meetings or make small online polls.
No email collection or the need of registration. PC Operating Systems. Warning. Worth Mentioning. A project that produces a free, multi-platform 4.4BSD-based UNIX-like operating system.
Emphasizes portability, standardization, correctness, proactive security and integrated cryptography. A simple, lightweight Linux distribution. It is composed predominantly of free and open-source software, and supports community involvement. Is a completely open source version of Arch Linux. A Debian GNU/Linux based security-focused Linux distribution. It aims to provide privacy, security and anonymity on the internet. The operating system consists of two virtual machines, a 'Workstation' and a Tor 'Gateway'.
All communication are forced through the Tor network to accomplish this. Another Debian based Linux distribution, it features security hardening which makes it more resistant to security vulnerabilities.
Subgraph runs many desktop applications in a security sandbox to limit their risk in case of compromise. By default, it anonymizes Internet traffic by sending it through the Tor network. Note: It is still in alpha, and much testing and bug fixing still has to be done. Live CD Operating Systems. Microsoft introduced a lot of new features in Windows 10 such as Cortana. However, most of them are violating your privacy. Data syncing is by default enabled.
Browsing history and open websites. Apps settings.
WiFi hotspot names and passwords. Your device is by default tagged with a unique advertising ID. Used to serve you with personalized advertisements by third-party advertisers and ad networks. Cortana can collect any of your data. Your keystrokes, searches and mic input.
Calendar data. Music you listen to. Credit Card information. Microsoft can collect any personal data. Your identity.
Demographics. Interests and habits. Usage data.
Contacts and relationships. Location data. Content like emails, instant messages, caller list, audio and video recordings. Your data can be shared. When downloading Windows 10, you are authorizing Microsoft to share any of above-mentioned data with any third-party, with or without your consent.
This tool uses some known methods that attempt to disable major tracking features in Windows 10. More bad news.
The Hacker News. Ars Technica. Techdirt. Quotes Arguing that you don't care about the right to privacy because you have nothing to hide is no different than saying you don't care about free speech because you have nothing to say. Edward Snowden on The NSA has built an infrastructure that allows it to intercept almost everything. With this capability, the vast majority of human communications are automatically ingested without targeting. If I wanted to see your emails or your wife's phone, all I have to do is use intercepts.
I can get your emails, passwords, phone records, credit cards. I don't want to live in a society that does these sort of things. I do not want to live in a world where everything I do and say is recorded. That is not something I am willing to support or live under. Edward Snowden in We all need places where we can go to explore without the judgmental eyes of other people being cast upon us, only in a realm where we’re not being watched can we really test the limits of who we want to be. It’s really in the private realm where dissent, creativity and personal exploration lie. Glenn Greenwald in Recommended Privacy Resources Guides.
Guide to defending yourself from surveillance by using secure technology and developing careful practices. Privacy, Security and Anonymity for Every Internet User. A guide to fighting surveillance with GnuPG encryption. Excellent privacy guide written by the creators of the bestVPN.com website. These privacy guides explain how to obtain vastly greater freedom, privacy and anonymity through compartmentalization and isolation. Comprehensive 'Ninja Privacy Tips' and 150+ tools.
Ask Hn Workstation Alternative For Mac
Information. Our Wiki on reddit.com.
Weekly Internet Security Podcast by Steve Gibson and Leo Laporte. Weekly Systems, Network, and Administration Podcast. Every week TechSNAP covers the stories that impact those of us in the tech industry. Get a public key, safely, starting just with someone's social media username. Supporting and defending journalism dedicated to transparency and accountability since 2012. German review aggregator website of privacy-related services.
“I have read and agree to the Terms” is the biggest lie on the web. We aim to fix that. Tools.
IP/DNS Detect - What is your IP, what is your DNS, what informations you send to websites. A collection of Internet sites that check whether your web browser leaks information. We all have a right to privacy, which you can exercise today by encrypting your communications and ending your reliance on proprietary services. A guide to digital security for activists and human rights defenders throughout the world.
Great collection of open source online and self-hosted software sorted by likes. An open-source whistleblower submission system that media organizations can use to securely accept documents from and communicate with anonymous sources. It was originally created by the late Aaron Swartz and is currently managed by Freedom of the Press Foundation. Help fight to end mass surveillance. Get these tools to protect yourself and your friends. Umbrella is an Android app that provides all the advice needed to operate safely in a hostile environment. Firefox add-on to detect and block corporate MITM attack.
A directroy to help you find open source alternatives to proprietary tools. A directry to help find alternatives to other software, with the option to only show open source software Note: Just being open source does not make software secure! Spread the word and help your friends. Participate with suggestions and constructive criticism It's important for a website like privacytools.io to be up-to-date. Keep an eye on software updates of the applications listed here. Follow recent news about providers that are recommended. We try our best to keep up but we're not perfect and the internet is changing fast.
If you find an error, or you think a provider should not be listed here, or a qualified service provider is missing or a browser plugin is not the best choice anymore and anything else. Talk to us please.