Awesome Privacy

26 April 2023 | Privacy, Self-hosting

Sunglasses. Awesome Privacy.

A list dedicated to providing the best tools and services to protect your online privacy. [UPDATED – 05 May 2023]

Disclaimer

Please keep in mind that the software programs and services listed below are based on my personal knowledge and experience. I have not received any payment to include any specific software program or service in this list, and there are no affiliate links. However, it’s important to do your own research and make your own informed decisions based on your unique needs and circumstances.

This Awesome Privacy list has been inspired by privacytools.io, awesome-privacy.xyz, awesome-privacy by pluja and many others.

Content

  1. Introduction
  2. Privacy Essentials
  3. Communication and Social
  4. Personal
  5. Productivity Tools
  6. Entertainment
  7. Security
  8. Advanced

Introduction

Difference between Privacy, Anonymity and Security.

People often mix the concepts of privacy and anonymity, and sometimes security too. Here is a table that provides a comparison of privacy, anonymity, and security to help clarify the distinctions between these related concepts.

Concept Definition Example
Privacy The ability to control access to personal information or actions. {:/} Using a VPN to browse the internet to prevent your ISP from spying on you. {:/}
Anonymity The state of being unknown or unidentifiable. {:/} Using a disposable email address when signing up for online services. {:/}
Security The protection of assets or resources from unauthorized access, use, disclosure, disruption, modification, or destruction. {:/} Using a firewall to prevent unauthorized access to a computer network. {:/}

Explain like I am a 5-year-old. (ELI5)

Suppose you have a diary that you keep locked in a drawer in your bedroom. The diary is your personal possession, and you have the right to keep it private. The lock on the drawer provides a level of security that prevents others from accessing your diary without your permission. If you were to write in the diary using a pseudonym, you would be maintaining anonymity.

So, in this example, privacy refers to the ability to keep personal information or possessions away from others. Security refers to the protection of personal possessions from unauthorized access or theft. Anonymity refers to the state of being unknown or unidentifiable.

With this article, I hope to achieve the goal of helping you maintain all three of these.

Open Source.

All the pieces of software and services mentioned in this article are open-source.

Open source software is important for privacy because it enables greater transparency and accountability in the development of software. Since the source code is freely available for anyone to view, it can be inspected by security experts to identify any potential security vulnerabilities or backdoors that could be exploited by malicious actors. This means that security vulnerabilities can be identified and patched more quickly, reducing the risk of data breaches and other security incidents that could compromise personal information.

Why you should care.

Do you have curtains in your home? This is because you want to keep certain activities private and don’t want strangers to know what you do. But why would you want large companies such as Google, Apple, Microsoft, Oracle, and even smaller companies to collect your personal information? Your answer may be, “I like targeted ads as they help me find new products,” or, “I want those companies to improve their products to help me serve better.” But that is not all they use your data for. Take a look at these articles:

“But I have nothing to hide.”

Read this – https://thenextweb.com/news/read-this-if-youve-got-nothing-to-hide

I can cite over a hundred articles like these, but it is up to you to understand why privacy matters.

1. Privacy Essentials

Basic Android Apps

Apps that come preinstalled on phones, as well as those on the Google Play Store, often contain advertisements and tracking mechanisms. They may also request access to unnecessary information. Using open-source alternatives for basic apps can provide a more private and secure experience for users.

App Stores

Stay away from app stores like Google Play Store, Amazon App Store, Samsung App Store, GetApps etc., as they are known to collect user data, such as app usage and location information.

Although, the best course of action is to download the source code and compile the application yourself, but the following alternates can also be helpful.

Alternates Prospective Advantages Conservative Disadvantages
F-Droid
  • All apps are open-source.
  • Has a strict inclusion policy, which means all apps are checked for security and privacy before being included in the app store.
  • Direct APK downloads also available on the website.
  • Supports 3rd-party repositories.
  • Not the best UI/UX.
  • Updates may get delayed as they cannot be triggered by the developer directly.
  • Aurora Droid
  • Fork of F-Droid.
  • Better UI.
  • Updates may get delayed.
  • SkyDroid
  • Decentralised app store.
  • Only open-source apps.
  • Fast updates.
  • Does not have a strict inclusion policy.
  • Aurora Store
  • Open-source frontend to download Google Play Store apps without an account.
  • Can spoof model and region of the device.
  • Relies on Google’s proprietary service.
  • Most apps will still contain trackers.
  • Other alternates are Obtanium and FossDroid.

    Cameras

    Stay away from preinstalled and third-party proprietary camera apps as they are known to collect user data.

    Following are some better alternates:

    Alternates Prospective Advantages Conservative Disadvantages
    Libre Camera
  • Simple UI with automatic and manual controls.
  • Does not save EXIF by default.
  • Cannot customise resolution, frame rate.
  • OpenCamera Sensors
  • Geared towards advanced users.
  • Highly customisable with a lot of options.
  • Complex UI.
  • Another good alternate is AiCamera.

    Keyboards

    Stay away from preinstalled and third-party proprietary keyboards like GBoard, SwiftKey Keyboard, Samsung Keyboard, Mint Keyboard etc., as they are known to collect user data, including usage and clipboard data.

    Following are some better alternates:

    Alternates Prospective Advantages Conservative Disadvantages
    OpenBoard
  • Based on Android Open-Source Program.
  • Supports basic customisations.
  • No swipe typing.
  • Advanced customisations not available.
  • FlorisBoard
  • Modern and user-friendly.
  • Highly customisable.
  • Currently, in early beta.
  • Other alternates are Indic Keyboard and AnySoftKeyboard.

    File Manager

    Stay away from preinstalled and third-party proprietary File Manager apps like EZ Explorer, FK Commander etc., as they are known to collect user data, including usage data and metadata.

    Following are some better alternates:

    Alternates Features
    Material Files
  • Follows Material Design guidelines, with attention into details.
  • View, extract and create common compressed files.
  • View and manage files on FTP, SFTP and SMB servers.
  • Ghost Commander
  • Ability to copy and move files between its two panels.
  • Full-featured app manager able to access extra info and share APKs.
  • Transfer files via FTP/SFTP/SMB.
  • Other alternates are Simple File Manager and Amaze File Manager.

    Operating Systems

    The choice of your operating system is very important as it is the most important piece of software on your device. And since it pretty much controls all your device’s hardware and software, it can have a significant impact on your privacy.

    Choosing operating systems like Stock Android, iOS, Windows, and macOS can compromise privacy as these systems often come with pre-installed apps and services that collect user data. These systems also often rely on cloud-based services that store user data, increasing the risk of data breaches and privacy violations. In addition, these systems are closed-source, which means that their source code is not available to the public, making it difficult to identify potential security vulnerabilities. Finally, these systems are typically designed to work with proprietary hardware, which can limit the user’s ability to control their data and their device.

    ELI5

    Imagine you have a secret toy that you do not want anyone else to know about. Your toy is hidden in a special place in your room where nobody can see it or touch it. Now, imagine that your parents can see everything you do in your room, even your secret hiding place. They can also tell your friends and other people about your toy.

    Just like your secret toy, your personal information on your device is also private, and you do not want anyone else to know about it. If you choose a privacy-oriented operating system, it will help you keep your personal information safe and hidden from others, just like your secret toy. But if you pick an operating system that does not prioritise privacy, it might share your personal information with others, just like your parents sharing about your toy with your friends.

    Mobile Operating Systems

    It is important to recognise that when it comes to iOS, privacy may not be a top priority for Apple as a company. Read these articles: 1, 2, 3.

    Similar to Apple, Google also collects and tracks your data on Android devices. When using an Android device, Google’s apps and services are integrated deeply within the system, allowing them to collect a vast amount of user data. Read these articles: 1, 2, 3.

    However, there are several custom ROMs available that remove Google’s presence, and provide additional security and privacy features for users. Following are some options:

    ROMs Proactive Advantages Conservative Disadvantages
    LineageOS
  • Large number of supported devices and huge community support.
  • Highly customisable.
  • Regular monthly updates.
  • No bloatware but comes with a suite of basic FOSS apps.
  • Not all devices support bootloader relocking.
  • Buggy on some devices.
  • Only a few devices support LineageOS 20.
  • GrapheneOS
  • Hardened kernel for extra security.
  • Long term support.
  • Easy WebUSB-based installer.
  • Supports only Google Pixel devices.
  • /e/OS
  • Pre-installed tracker finder.
  • Includes an app store.
  • Inbuilt support for /e/Foundation cloud services (also self-hostable with complete integration).
  • Unstable on some devices.
  • Lack of huge community support as it is not well-known or widely adopted.
  • Please note that it is advisable to avoid rooting or flashing a custom ROM onto your device unless you possess advanced technical knowledge. If you still need an alternate, you may follow this Lemmy post – 100% FOSS Smartphone Hardening non-root Guide 4.0.

    Desktop Operating Systems

    Avoid using proprietary operating systems like Windows and macOS. They are known to be closed-source, which means that their source code is not open to the public. This makes it difficult to know what kind of data is being collected and how it is being used. In addition, they are also known to have several security vulnerabilities that can be exploited by hackers to gain access to your personal information.
    Read these articles: 1, 2, 3, 4, 5.

    Following are some good, beginner-friendly alternates:

    Operating Systems Proactive Advantages Conservative Disadvantages
    Linux Mint
  • Geared towards beginners.
  • Adopts KISS (Keep It Simple, Stupid) principles.
  • Based on Ubuntu. Regular, stable updates.
  • Offers various desktop environments – Cinnamon, MATE, Xfce.
  • Fewer packages in official repositories compared to other popular Linux distributions.
  • Not suitable for advanced users who prefer more control and customisation options.
  • Manjaro
  • Based on Arch. Rolling release model.
  • Supports a lot of desktop environments.
  • Good for both – beginner and advanced users.
  • Delayed updates to ensure stability.
  • AUR can destabilise the system.
  • Edubuntu
  • Made for schools and students.
  • Huge ecosystem of free education software.
  • Better administration tools.
  • Recent update came after 9 years.
  • Not very customisable.
  • Following are some good alternative for advanced users:

    Operating Systems Proactive Advantages Conservative Disadvantages
    OpenBSD
  • Strong focus of stability and security.
  • Only essential components included by default.
  • Clean and well-documented code.
  • Limited software and hardware support.
  • Steep learning curve.
  • Arch Linux
  • Arch Wiki provides comprehensive documentation.
  • Highly customisable.
  • Build your own system.
  • AUR support.
  • Can be complicated to install.
  • AUR can destabilise the system.
  • Tails
  • Boots only in live environment, leaving no trace in the computer.
  • Integrated with Tor.
  • Recommended for journalists and activists.
  • Limited functionality.
  • Slow performance.
  • Qubes OS
  • Security-oriented operating system.
  • Easily create disposable VMs.
  • Whonix integration.
  • High system requirements.
  • Limited hardware compatibility.
  • Time-consuming setup process.
  • There are a lot more options to choose from. If you need help picking a Linux-based operating system, Distrochooser is a very helpful tool.
    If, for any reason, you have to rely on Microsoft Windows, you can debloat it and remove most of the telemetry using either AtlasOS or creating your own Tiny11 ISO using this guide, for a relatively safer experience.

    Smart TV Operating Systems

    Staying away from pre-installed OS on your Smart TV, like Google TV, WebOS etc., is a good idea. You can use the following for a safer experience:

    Smartwatch Operating Systems

    Health related data is the considered to be the most sensitive of all. Staying away from pre-installed OS on your smartwatches is a good idea. You can use the following for a safer experience:

    Download the operating systems from official sources only.

    Password Managers

    A password manager is a tool that securely stores your login information for websites and applications. With the prevalence of online accounts, it’s common for individuals to have dozens or even hundreds of different usernames and passwords to remember. Password managers alleviate the need to memorise multiple login credentials by providing a secure digital vault for storing them. This not only makes it easier to manage passwords, but it also improves security by allowing users to generate and store strong, unique passwords for each account.

    Although, most password managers offer built-in 2FA features, it is not recommended to use it because it, kind of, defeats the purpose of “two-factors” as both, passwords and 2FA codes are available in one app.

    People should avoid closed-source password managers, like 1Password, Dashlane, LastPass etc., because they cannot be audited or verified by the public, leaving users to rely on the company’s word that their passwords are being stored and managed securely. Closed-source password managers may also have backdoors or vulnerabilities that can be exploited by hackers or government agencies. Additionally, closed-source password managers may collect and sell user data without their knowledge or consent. Read these articles – 1, 2.

    Following are some good alternates:

    Password Manager Proactive Advantages Conservative Disadvantages
    Bitwarden
  • Use company’s servers or self-host on your machine.
  • Supports FIDO U2F and YubiKey.
  • Multi-device support.
  • Additional features like Bitwarden Send.
  • Limited free support.
  • Self-hosted version is resource heavy.
  • Vaultwarden
  • Unofficial Bitwarden compatible server written in Rust
  • Works with all Bitwarden apps.
  • Self-hosting can be done on even a Raspberry Pi.
  • Only self-hosting option available.
  • Critical updates may be delayed.
  • KeePassXC (Linux/Windows/macOS)

    KeePassDX (Android)

    StrongBox (macOS/iOS)

    KeeWeb (WebApp)
  • Hardened, secure and offline password manager.
  • Highly customisable and configurable.
  • No reliance on third-party service or cloud storage.
  • Import from and export to various formats.
  • Active community of users and developers.
  • No built-in synchronisation.
  • Less user-friendly.
  • LessPass (Android/iOS/Browser Add-On/CLI)
  • Generates a password using a site, login, and a master password.
  • No synchronisation required.
  • Works offline.
  • New users may get intimidated.
  • Limited integration and customisability.
  • Some other good options are Padloc and Passbolt. For some users Proton Pass (Beta) may be a good option, but don’t keep all your apples in one basket.

    Privacy Analysers

    Privacy analysers are tools that scan applications on your device and identify privacy and security risks. They can help you identify apps that collect unnecessary data or have security vulnerabilities, giving you greater control over your online privacy. These tools are particularly important in today’s world, where many apps and services collect large amounts of user data without clear disclosure or user consent. By using a privacy analyser, you can identify problematic apps and take steps to protect your personal information.

    Following are some good analysers that you can use to aid your privacy:

    Application Features
    Exodus
  • The privacy audit platform for Android applications.
  • Provides a detailed report on the permission requirements and trackers found in apps on Google Play Store.
  • Pi-hole
  • Self-hosted, network-wide ad-blocking program.
  • Easy to install and configure, with a web interface for management.
  • Provides detailed logs and statistics on network traffic and blocked domains.
  • OpenWPM
  • Web privacy measurement framework which makes it easy to collect data for privacy studies.
  • Built on top of Firefox, with automation provided by Selenium.
  • Search Engines

    Stay away from search engines made by Big Tech companies who do not respect your privacy, like Google, Microsoft Bing etc.
    Read these articles – 1, 2.

    Consider using the following alternates:

    Application Features
    SearxNG
  • Aggregates results from various search services and databases.
  • Self-hostable, but not recommended for single user.
  • Many public instances to choose from.
  • DuckDuckGo
  • Privacy respecting search engine and the company has good reputation.
  • No JavaScript version and onion link for Tor are also available.
  • Closed source backend.
  • There are many other good options you may want to look into, like Startpage, Qwant and Whoogle.

    Two-Factor Authentication

    You should always turn on 2FA whenever it is possible. Stay from SMS based 2FA and authenticator apps like Authy and Google Authenticator, that do not give the utmost importance to your privacy.

    Instead, consider using any of the following as your preferred 2FA app:

    Application Features
    Aegis (Android)
  • Simple UI with customisability.
  • Easily import from and export to various formats.
  • Tofu (iOS)
  • Designed specifically for iOS.
  • Apple Keychain integration.
  • Gnome Authenticator (Linux)
  • User-friendly and secure.
  • Easily import from and export to various formats.
  • Some other good alternates are ente Auth, WinAuth, Authenticator Pro and Owky. Most password managers support generating 2FA codes, but it is not recommended to use a single app as both – a password manager and a 2FA code generator.

    Virtual Private Networks (VPNs)

    While many people think of VPNs as tools for hiding their IP address and encrypting internet traffic, VPNs can also serve a variety of other purposes. For instance, businesses often use VPNs to connect remote employees to their company’s network securely. This allows employees to access important files and resources from anywhere in the world without compromising security. In addition, VPNs can be used to create mesh networks that allow multiple devices to connect and communicate directly with each other. This is especially useful in disaster relief scenarios, where traditional communication infrastructure may be damaged or destroyed. By using VPN technology to establish a mesh network, first responders are able to coordinate more effectively and respond to emergencies more efficiently.

    To put it simply, a VPN is much more than just an IP hiding app. It’s a powerful tool that can be used in a variety of settings to solve a wide range of problems. Whether you’re a remote worker who needs to connect to your company’s network securely, or a first responder who needs to communicate effectively in a disaster zone, a VPN can help you stay connected and protected.

    If you are using applications and protocols like Hamachi, NetCloud by Cradlepoint, Cisco’s L2F and L2TP, Apple’s SSTP etc., in your business environment or even at home, then shifting to an open source alternative is a good idea. Following are some good options:

    Application Features
    Tailscale
  • Based on WireGuard.
  • Incredibly easy to set up and use.
  • Free plan available.
  • Closed source coordination server.
  • Headscale
  • Open source implementation of Tailscale’s coordination/control server.
  • Requires setting up of a server.
  • strongSwan
  • Open-source, modular and portable IPsec-based VPN solution.
  • Requires setting up your own server.
  • PiVPN
  • Can use OpenVPN and WireGuard.
  • Designed for Raspberry Pi, but can be used on multiple types of hardware.
  • The simplest and fastest way to install and set up a VPN server.
  • Some other solutions that you may want to look at are SoftEtherVPN and ZeroTier.

    As you already know, a VPN can also provide some form of online privacy and can help with geo-blocked content on the internet, but choosing a bad VPN provider can make things worse. For example, the free VPN apps on Google Play Store are a bad idea, as they make money by selling your data to third-parties.

    Following are some reputed VPN providers in the privacy community:

    Application Features
    Mullvad
  • Flat rate of €5/month.
  • About 667 severs in 43 countries.
  • Accepts cryptocurrencies, including Monero.
  • ProtonVPN
  • Multiple plans, including a free plan with limited features.
  • About 2,978 servers (65 free) in 68 countries.
  • Accepts Bitcoin.
  • IVPN
  • About 86 servers in 36 countries.
  • Cash, Monero and Bitcoin payment options for better anonymity.
  • Xeovo VPN
  • 16 locations, 31 servers, and growing.
  • Accepts Monero and Bitcoin.
  • Some other privacy focused VPN providers are RiseupVPN, AirVPN and AzireVPN.

    Please note, that setting up your own VPN may not be a very good idea, especially if you are the only individual using it. A personal VPN server on a VPS can prevent your ISP from tracking and logging the sites you visit, and is a better option than using an untrustworthy VPN provider. But online service providers will be able to track you and make a detailed profile about you since you are the only one connecting to their servers using your VPS’s IP address.

    Web Browsers

    It is a good idea to avoid closed source, proprietary browsers, like Google Chrome, Microsoft Edge, Opera etc., as they tend to collect a lot of user data. Read this study. There are many good, privacy focused alternatives, that will provide you with a much better experience.

    Desktop Web Browsers

    Web Browsers Proactive Advantages Conservative Disadvantages
    Mozilla Firefox
  • Free and open-source, backed by a not-for-profit organisation.
  • Highly customisable.
  • Large number of available add-ons.
  • Little to no privacy with default settings. Requires hardening. (More info below the table.)
  • Sends telemetry by default.
  • Bad company reputation due to high salary of the CEO.
  • LibreWolf
  • A fork of Firefox, which is FOSS.
  • Hardened by default.
  • Updates can get delayed, as it is based on Firefox.
  • Hardening can break some websites.
  • Brave
  • Privacy-focused browser.
  • Blocks most ads and trackers by default.
  • Based on Chromium, which is developed mainly by Google.
  • Bad reputation among many privacy-enthusiasts.
  • Tor Browser
  • Based on Firefox.
  • Routes all the traffic through Tor.
  • Can access .onion domains.
  • Many websites block Tor servers, which may affect your browsing experience.
  • Other good options are Un-googled Chromium, Mullvad Browser and Privacy Browser.

    To harden Firefox and its forks, you can check out arkenfox/user.js, Firefox Profile Maker or ArchWiki Guide. There are plenty of other tutorials/guides as well.

    Mobile Web Browsers

    All third-party web browsers on iOS are just Safari in disguise. The following list contains browser suggestions for Android devices only.

    Web Browsers Features
    Mull
  • Based on Firefox.
  • Hardened and telemetry is removed.
  • Many add-ons are available.
  • Bromite
  • Based on Chromium.
  • Hardened by default.
  • Possibly, an abandoned project. (Last updated in January 2023.)
  • Brave
  • Based on Chromium.
  • Blocks most ads and trackers by default.
  • Tor Browser
  • Based on Firefox.
  • Routes all the traffic through Tor.
  • Can access .onion domains.
  • Another good option is Privacy Browser.

    It is a good idea to keep JavaScript turned off in your browser, unless you really, really need it. NoScript is a browser add-on that lets you control it easily.

    2. Communication and Social

    Using proprietary apps and protocols for social media and communication/messaging can potentially harm users’ privacy in several ways. Data collection, lack of transparency, third-party sharing, invasive permissions, backdoors and vulnerabilities, lack of end-to-end encryption, vendor lock-in, monetisation of user data, limited user control, lack of accountability etc. are a few concerns.

    Dating Apps

    Dating apps often collect a wide range of personal information, including your location, age, gender, sexual orientation, and even your preferences. This data can be used to build detailed profiles of users, potentially revealing sensitive and private information. They share user data with third-party companies for advertising and marketing purposes. This can lead to the creation of comprehensive user profiles, which are then used for targeted ads or sold to other companies. They typically use location data to match users with potential partners. While this is essential for their functionality, it also means that your movements and routines can be tracked, potentially compromising your privacy. Dating apps use complex algorithms to recommend potential matches. These algorithms may take into account your behaviour on the app, preferences, and interactions. While they aim to improve user experiences, they can also be used to predict user behaviour and target them with specific content or ads.

    Like any online platform, dating apps are vulnerable to data breaches and cyberattacks. If these companies do not have robust security measures in place, user data could be exposed to hackers. In some cases, dating apps have faced legal action and investigations over their data practices. Users may not always be aware of how their data is being used or shared.

    Read these articles – 1, 2, 3.

    Consider avoiding proprietary apps like Tinder, OKCupid etc.

    Alovoa is a privacy respecting, free and open-source alternate to these services. As sensitive data is heavily encrypted, it will be safe even if a data breach were to occur.

    Instant Messaging

    Mail Services

    Social Networks and Platforms

    3. Productivity Tools

    Analytics

    Animation

    Bookmarking

    Commenting Engines

    Cloud Storage

    File Management and Sharing

    Fonts

    Forms

    Maps and Navigation

    Notes and Tasks

    Office Suite

    Pastebin and Secret Sharing

    Photo Editing and Management

    Remote Access and Control

    Team-working Tools

    Translation and Speech-to-Text

    Video and Audio Conferencing

    Video Editing

    4. Security

    Cloaking

    Encryption

    Intrusion Prevention

    5. Entertainment

    Games

    Media Streaming Platforms

    Music Recognition

    6. Personal

    Fitness and Health

    Home Assistants

    Location Tracking

    Finance Management

    Photo Storage

    7. Advanced

    Captchas

    Databases

    Developer Tools

    Online Phone Number Providers

    Payments

    Bobby must be madd.


    Comments

    Recent Posts

    How to Bypass CGNAT - Exposing your home server to the internet with TLS/SSL pass through

    07 October 2023 | Linux Guide, Privacy, Self-hosting

    You've set up a home server, and are hosting some services like Vaultwarden, or Jellyfin, or perhaps Nextcloud. But now, you want to share it...

    Read More

    Remap keyboard keys using evremap

    21 May 2023 | Linux Guide

    Sometimes a key on your keyboard stops working, and you may not have the time or motivation to fix it or get it fixed. Or...

    Read More

    Proton VPN Linux Guide – How to install, configure, use and auto-connect?

    19 May 2023 | Linux Guide, Privacy

    The official Proton VPN Linux client lacks a lot of features, like changing the connection protocol, quickly connecting to the fastest server of a specific...

    Read More

    MusicOther ProjectsPrivacy PolicyAbout