These are some notes on technology I use to improve my daily security and privacy.
Mullvad VPN- One of the few honest VPN services that respect your privacy.
Bitwarden password manager (self hosted)- I use the docker image vaultwarden/server to host my own Bitwarden instance on a VPS.
Criptext email- Criptext is great because it only saves your email locally on your devices, it is not saved on a server. If I didn’t already have an existing email setup that works securely I would seriously consider this for my primary email as well.
Vivaldi web browser- I like this browser for several reasons:
Tutanota email- Encrypted email service for a low price. I use this as a secondary email account. Also has custom domains, 2FA, email aliases, sending encrypted email to non-Tutanota users, full mailbox encryption.
Codeberg Git repositories- excellent free alternative to Github
PGP public key encryption- for email or other information to keep private
XMPP with OMEMO encryption over Tor- Secure decentralized messaging. I use Snikket on Android, BeagleIM on MacOS and Dino on Linux.
VPS with a running TOR relay- I use Tor Browser so I like to contribute back to the network I use. My Tor relay runs on a fast VPS provider and I allocate 30GB of daily data usage for others to use.
AdGuard or Quad9 (IBM) backup normal DNS provides protection against malicious domains.
DuckDuckGo search engine
Authy 2FA- I know this may not be the best choice since it syncs from the cloud, but I need access to 2FA from multiple devices. All data is encrypted.
Shaarli Self hosted bookmarks manager- If you remember del.icio.us, this is similar for saving any urls you want to reference later. Make your bookmarks either public or private.
Jmp.chat second phone number- This gives you a phone number based in North America and any text messages or voicemails to it are forwarded to your XMPP address. You can also use this for VOIP calls but I haven’t done that yet. This is a great way to add 2FA to websites or signup for accounts that require a phone number but you don’t want to give out your primary number.
MEGA encrypted cloud storage- Very reasonably priced plans. I use this to have a cloud backup of important files. There is also an ecrypted chat function.
LinuxServer.io FreshRSS docker image to manage all the RSS feeds I subscribe to.
Usually whatever built-in system-wide drive encryption is included natively is what I use. I also may use individual password protected virtual drives.
Phone ROM: e.foundation- I’ve been using this since 2017 first on an LG Nexus 5X and now on a Pixel 4a. Many Google parts of Android have been removed and this runs MicroG. Support for devices tends to last much longer with these ROMs than the (greatly appreciated) volunteers that maintain LineageOS.
Tablet: LineageOS- There is no /e/ ROM for my NVidia Shield tablet, so I am using the last version of LineageOS built for it.
FDroid- Open source apps that are mostly free from any tracking
Threema encrypted messenger- Uses the open source and tested NaCl Box encryption model
Molly FOSS open source Signal encrypted messenger fork- Only with people who I trust with my phone number though.
Snikket XMPP messenger with OMEMO encryption
Tusky (Mastodon)- Federated social platform
FeedMe- RSS feed reader (syncing to my self-hosted FreshRSS server)
TorBrowser- Safe web browsing
Orbot- Allows other apps to use Tor
UntrackMe- Redirect links to Nitter or Invidious, unshorten URLs and remove UTM tracking codes
Exodus Privacy- Scan Android apps for trackers
OpenKeychain- PGP key management
Sophos Intercept X- A free anti-virus and security suite for mobile devices. Includes device security audit, password manager, TOTP Authenticator, QR code scanner, app permissions audit and app access protections.
Termux- A shell running familiar linux commands
Yet Another Call Blocker- An excellent app to block spam phone calls
No email on my phone! Data can’t be leaked if it’s not on my device in the first place. Also it saves my sanity.
I’ve been an Apple/Mac guy since the 80s. I also used BeOS in the late 90s and was very disappointed Apple didn’t choose them for their next OS. I used Mac Mini machines as my primary device until a few years ago when Apple stopped being privacy friendly. My last Mac Mini is used now only as a networked storage device.
I have an Intel PC running Fedora KDE on a quad core i5 from 2012. I do most of my fun computing on this device including web browsing, email, chat programs, and it runs some World Community Grid research with spare cycles.
Several laptops of various ages which I usually run Manjaro KDE or Ubuntu.
OK this may seem a little misplaced but I think this is an important category. Your finances are something that must be protected. I have the following systems in place to help with that.