diff --git a/.github/CONTRIBUTING.md b/.github/CONTRIBUTING.md
index 245ab68..6479527 100644
--- a/.github/CONTRIBUTING.md
+++ b/.github/CONTRIBUTING.md
@@ -31,6 +31,7 @@ Your request will be reviewed, then either merged, or have changes requested, or
- To make layout or stylistic edits to the site ([awesome-privacy.xyz](https://awesome-privacy.xyz)), see the [Website docs](https://github.com/Lissy93/awesome-privacy#the-website) in the readme for build and running instructions.
- To make edits to the API ([api.awesome-privacy.xyz](http://api.awesome-privacy.xyz/)), see the [API docs](https://github.com/Lissy93/awesome-privacy#the-api) in the readme for build and running instructions.
+- To make changes to the automations (which validate, process and insert the data), see the [lib](https://github.com/Lissy93/awesome-privacy/blob/main/lib) directory
---
@@ -41,7 +42,7 @@ For software to be included in this list, it must meet the following requirement
- **Privacy Respecting**
- The project must respect users privacy, not collect more data than necessary, and store info securely
- For hosted services, the project must have a clear privacy policy
- - The user must remain in full control of their data, and be able to delete it at any time
+ - The user must remain in full control of their data, and be able to export and delete it at any time
- **Secure**
- The software must be secure by default, without requiring additional configuration
- There should be no current, critical security issues
@@ -50,6 +51,7 @@ For software to be included in this list, it must meet the following requirement
- The full source code should be released under an open source license
- Ideally it should be possible for the user to build and run/deploy the software themselves from source
- **Actively Maintained**
+ - The project must not be abandoned or severely out-dated
- The developers should address dependency updates and security patches in a timely manner
- **Transparent**
- It should be clear who is behind the project, what their motives are, and what (if any) the funding model is
@@ -65,7 +67,7 @@ For software to be included in this list, it must meet the following requirement
- **Mature**
- Software needs to have a proven track record of commitment to maintenance
- Repositories must not be newly created, and the first stable release older than 4 months
- - Projects primarily written with AI or vibe coded are not suitable for listing here
+ - Projects that are largely AI/autogenerated without meaningful review or maintainership are not suitable for listing here
_There may be some exceptions, but these would need to be fully justified, reviewed
by the community, and the drawbacks / anti-features must be clearly listed along-side the software.
@@ -80,21 +82,16 @@ Your pull request must follow these requirements. Failure to do so, might result
- Do not edit the README directly when adding / editing a listing (it's auto-generated!)
- Ensure your PR is not a duplicate, search for existing / previous submissions first
-- You must respond to any comments or requests for changes in a timely manner, 14 days maximum
-- Write short but descriptive git commit messages, under 50 characters. This must be in the format of `Adds [software-name] to [section-name]`. Your PR will be rejected if you name it `Updates README.md`
+- Don't forget to give the PR a title. Use the format of `Adds [software-name] to [section-name]`
- Only include a single addition / amendment / removal, per pull request
- You must complete each of the sections in the [pull request template](https://github.com/Lissy93/awesome-privacy/blob/main/.github/PULL_REQUEST_TEMPLATE.md). Do not delete it!
- Where applicable, include links to supporting material for your addition: git repo, docs, recent security audits, etc. This will make researching it much easier for reviewers
-- While adding new software to the list, don't make your entry read like an advert. Be objective, and include drawbacks as well as strengths
-- Your entry should be added at the bottom of the appropriate category, unless otherwise requested
-- You must be transparent about your affiliation with a product or service that you are adding. It's totally okay to submit your own projects as additions (providing they meet the requirements), but if you don't declare your association with that project then there becomes a clear conflict of interest
+- Your entry should be added at the bottom of the appropriate category
+- Your changes must be correctly formatted, in valid yaml and which conforms to the schema
+- Description needs to be 50-250 characters, and must not read like an advert. Be objective, and include drawbacks as well as strengths
+- You must be transparent about your affiliation with a product or service that you are adding. It's totally okay to submit your own projects, but if you don't declare your association with that project then there becomes a clear conflict of interest
+- You must respond to any comments or requests for changes in a timely manner, 14 days maximum
- You must adhere to the [Contributor Covenant Code of Conduct](https://github.com/Lissy93/awesome-privacy?tab=coc-ov-file#contributor-covenant-code-of-conduct)
-- Don't open a Draft / WIP pull request while you work on the guidelines. A pull request should be 100% ready and should adhere to all the above guidelines when you open it
-- Your changes must be correctly spelled, and with good grammar
-- Your changes must be correctly formatted, in valid yaml and markdown
-- The addition description must be no less than 50, and no more than 250 characters, keep it clear and to the point
-- If there are other pull requests open, please help review them before submitting yours
-- A pull request must receive multiple approval reviews before it can be merged
---
@@ -242,6 +239,57 @@ Just look at some of the existing entries in the file for inspiration, and if yo
---
+
+## About the Automated Pre-Review
+
+When you open a PR, we run a few automated checks. This was implemented so that you get helpful feedback immediately, if the submission contains a common mistake.
+Note that the pass/fail of these checks does not indicate whether a PR will or will not be merged. And if something does fail, my friendly bot will drop a comment explaining how you can fix it :)
+
+
+ View all checks
+
+Below is the full list of checks - it's basically the same as what is listed in the [Contributing Guidelines](https://github.com/Lissy93/awesome-privacy/blob/main/.github/CONTRIBUTING.md#guidelines) above. Everything in red needs to pass to be merged, whereas yellow is just warnings/suggestions.
+
+- **PR Meta**
+ - 🔴 **Title format** - Must follow `[Add/Remove/Update] [name] in [section]`
+ - 🔴 **Template filled** - All required sections (Type, Changes, Checklist) must be present
+ - 🔴 **Checkboxes ticked** - All checklist boxes must be checked with `[x]`
+ - 🔴 **No README edits** - README is auto-generated, so direct edits are rejected
+ - 🟡 **Not a draft** - WIP/draft PRs are discouraged
+ - 🟡 **No bot authors** - Commits should not be solely authored by an AI bot
+- **Validating Addition**
+ - 🔴 **Schema valid** - YAML must pass schema validation
+ - 🔴 **Required fields** - Must include `name`, `description`, `url`, `icon`
+ - 🟡 **Single entry** - Only one service addition per PR
+ - 🟡 **Position** - New entries must go at the end of their section
+ - 🟡 **Open source** - Non-open-source submissions need justification
+ - 🟡 **Duplicate name** - Service name must not already exist
+ - 🟡 **Duplicate URL** - Service URL must not already exist
+ - 🟡 **Description length** - Should be 50–250 characters
+ - 🟡 **Open source + GitHub** - If marked open source, must include `github` field
+- **Project Health**
+ - 🟡 **Links reachable** - Service URL and icon must not return 404
+ - 🟡 **Author disclosure** - If PR author owns the repo, they should disclose it
+ - 🟡 **Not inactive** - Repo should have a push within the last 90 days
+ - 🟡 **Minimum age** - Repo should be ≥4 months old
+ - 🟡 **AI-generated code** - Flags if ≥20% of recent code came from an AI bot
+ - 🟡 **Not a fork** - Flags if the GitHub link is a fork instead of source
+ - 🟡 **Has license** - Repo should include a license
+ - 🟡 **Not archived** - Repo must not be archived
+ - 🟡 **No security alerts** - No open critical/high Dependabot alerts
+ - 🟡 **Minimum stars** - Repo should have ≥100 stars
+ - 🟡 **Spam detection** - Flags if user opened ≥5 PRs to other awesome-* repos in 24h
+- **Addition Info** (fyi only, no pass/fail requirements or warnings)
+ - 🔵 **Website check** (if has `website`) - Quickly checks for basic security requirements for website
+ - 🔵 **Source check** (if has `github`) - Brief audit of core GitHub metrics from submitted the repo
+ - 🔵 **Android check** (if has `android`) - Lists the trackers, permissions and stats for the Android app
+ - 🔵 **iOS check** (if has `ios`) - Shows average rating, and app stats from the Apple App Store
+ - 🔵 **Privacy Policy check** (if has `tosdr`) - Outputs the privacy score from ToS;DR and links to policy
+
+
+
+---
+
## Thank You
Thank you for helping keep Awesome Privacy up-to-date! It's thanks to contributors like you that this project is possible.
diff --git a/.github/README.md b/.github/README.md
index d90b297..c3875ad 100644
--- a/.github/README.md
+++ b/.github/README.md
@@ -1,5303 +1,27 @@
-

+
+A curated list of privacy-respecintg apps, software, and providers
🌐 awesome-privacy.xyz
-A curated list of privacy & security-focused apps, software, and providers 🔐
+
+
+
+ [CodeBerg Mirror] |
+ [Submit an Addition] |
+ [Raw data & API]
+
+
## Intro
-
Large data-hungry corporations dominate the digital world but with little, or no respect for your privacy.
Migrating to open-source applications with a strong emphasis on privacy and security will help stop
corporations, governments, and hackers from logging, storing or selling your personal data.
-> ⚠️ **Note**: Remember that [no software is perfect](#important-considerations), and it is important to follow good [security practices](https://github.com/Lissy93/personal-security-checklist/blob/HEAD/CHECKLIST.md)
->
-> 🪞 **Mirror**: This repo is mirrored to [codeberg.org/alicia/awesome-privacy](https://codeberg.org/alicia/awesome-privacy)
->
-> 💼 **Repo Admin**: [Website Docs](#the-website) | [API Docs](#the-api) | [Contributing](#contributing) | [Acknowledgment](#acknowledgements) | [License](#license)
+> [!CAUTION]
+> Remember that [no software is perfect](#important-considerations), and it is important to follow good [security practices](https://github.com/Lissy93/personal-security-checklist/blob/HEAD/CHECKLIST.md)
+
-
-📋 Contents
-
-- **Essentials**
- - [Password Managers](#password-managers) (6)
- - [2-Factor Authentication](#2-factor-authentication) (11)
- - [File Encryption](#file-encryption) (4)
- - [Browsers](#browsers) (5)
- - [Search Engines](#search-engines) (6)
-- **Communication**
- - [Encrypted Messaging](#encrypted-messaging) (5)
- - [P2P Messaging](#p2p-messaging) (5)
- - [Encrypted Email](#encrypted-email) (5)
- - [Email Clients](#email-clients) (6)
- - [Mail Forwarding](#mail-forwarding) (6)
- - [Email Security Tools](#email-security-tools) (3)
- - [VOIP Clients](#voip-clients) (2)
- - [Virtual Phone Numbers](#virtual-phone-numbers) (6)
- - [Team Collaboration](#team-collaboration) (5)
-- **Security Tools**
- - [Browser Extensions](#browser-extensions) (26)
- - [Mobile Apps](#mobile-apps) (25)
- - [Online Tools](#online-tools) (18)
-- **Networking**
- - [Virtual Private Networks](#virtual-private-networks) (6)
- - [Self-Hosted Network Security](#self-hosted-network-security) (8)
- - [Mix Networks](#mix-networks) (3)
- - [Proxies](#proxies) (2)
- - [DNS Providers](#dns-providers) (3)
- - [DNS Clients](#dns-clients) (6)
- - [Firewalls](#firewalls) (14)
- - [Ad Blockers](#ad-blockers) (8)
- - [Host Block Lists](#host-block-lists) (5)
- - [Router Firmware](#router-firmware) (2)
- - [Network Analysis](#network-analysis) (4)
- - [Intrusion Detection](#intrusion-detection) (5)
- - [Cloud Hosting](#cloud-hosting) (3)
- - [Domain Registrars](#domain-registrars) (2)
- - [DNS Hosting](#dns-hosting) (1)
- - [Mail Servers](#mail-servers) (3)
-- **Productivity**
- - [Digital Notes](#digital-notes) (8)
- - [Calendar](#calendar) (0)
- - [Backup and Sync](#backup-and-sync) (4)
- - [Cloud Productivity Suites](#cloud-productivity-suites) (5)
- - [Encrypted Cloud Storage](#encrypted-cloud-storage) (7)
- - [File Drop](#file-drop) (2)
- - [Browser Sync](#browser-sync) (5)
- - [Secure Conference Calls](#secure-conference-calls) (2)
-- **Utilities**
- - [Virtual Machines](#virtual-machines) (3)
- - [PGP Managers](#pgp-managers) (9)
- - [Metadata Removal](#metadata-removal) (3)
- - [Data Erasers](#data-erasers) (9)
-- **Operating Systems**
- - [Mobile Operating Systems](#mobile-operating-systems) (4)
- - [Desktop Operating Systems](#desktop-operating-systems) (6)
- - [Linux Defenses](#linux-defenses) (6)
- - [Windows Defences](#windows-defences) (22)
- - [Mac OS Defences](#mac-os-defences) (3)
- - [Anti-Malware](#anti-malware) (2)
-- **Development**
- - [Code Hosting](#code-hosting) (5)
- - [IDEs](#ides) (0)
- - [Terminal Emulators](#terminal-emulators) (0)
-- **Smart Home & IoT**
- - [Voice Assistants](#voice-assistants) (2)
- - [Smart Home](#smart-home) (1)
-- **Finance**
- - [Cryptocurrencies](#cryptocurrencies) (2)
- - [Crypto Wallets](#crypto-wallets) (8)
- - [Crypto Exchanges](#crypto-exchanges) (4)
- - [Virtual Credit Cards](#virtual-credit-cards) (3)
- - [Other Payment Methods](#other-payment-methods) (3)
- - [Secure Budgeting](#secure-budgeting) (3)
-- **Social**
- - [Social Networks](#social-networks) (5)
- - [Video Platforms](#video-platforms) (3)
- - [Blogging Platforms](#blogging-platforms) (6)
- - [News Readers](#news-readers) (3)
- - [Proxy Sites](#proxy-sites) (4)
-- **Media**
- - [Gaming](#gaming) (0)
- - [Media Servers](#media-servers) (0)
- - [Music Players](#music-players) (0)
- - [Video Players](#video-players) (0)
- - [Photo Viewers](#photo-viewers) (0)
- - [E-Book Readers](#e-book-readers) (0)
- - [Podcast Players](#podcast-players) (0)
- - [Torrent Downloaders](#torrent-downloaders) (0)
- - [File Converters](#file-converters) (1)
-- **Creativity**
- - [Image Editors](#image-editors) (8)
- - [Video Editors](#video-editors) (7)
- - [Audio Editors & Recorders](#audio-editors--recorders) (1)
- - [Casting & Streaming](#casting--streaming) (1)
- - [Screenshot Tools](#screenshot-tools) (0)
- - [3D Graphics](#3d-graphics) (2)
- - [Animation](#animation) (1)
-
-
-## Essentials
-
-### Password Managers
-
-- **[
Bitwarden](https://bitwarden.com)** - Fully-featured, open source password manager with cloud-sync. Bitwarden is
-easy-to-use with a clean UI and client apps for desktop, web and mobile. See
-also [Vaultwarden](https://github.com/dani-garcia/vaultwarden), a self-hosted,
-Rust implementa[…](https://awesome-privacy.xyz/essentials/password-managers/bitwarden "View full Bitwarden report")
- -
- Stats
-
- [](https://github.com/bitwarden/server) [](https://tosdr.org/en/service/1348) [](https://awesome-privacy.xyz/essentials/password-managers/bitwarden) [](https://play.google.com/store/apps/details?id=com.x8bit.bitwarden) [](https://apps.apple.com/us/app/bitwarden-password-manager/id1137397744) [](https://reddit.com/r/Bitwarden)ㅤ
-
-
-- **[
KeePass](https://keepass.info)** - Hardened, secure and offline password manager. Does not have cloud-sync baked
-in, deemed to be [gold standard](https://keepass.info/ratings.html) for secure
-password managers. KeePass clients: [Strongbox](https://apps.apple.com/us/app/strongbox-keepass-pwsafe/id897283731)
-*(Mac & iOS)*, [KeePassDX](https://play.google.com/store/apps/details?id=com.kunzisoft.keepass.free)
-*(Android)*,[…](https://awesome-privacy.xyz/essentials/password-managers/keepass "View full KeePass report")
- -
- Stats
-
- [](https://awesome-privacy.xyz/essentials/password-managers/keepass) [](https://keepass.info) [](https://reddit.com/r/KeePass)ㅤ
-
-
-- **[
LessPass](https://lesspass.com)** - LessPass is a little different, since it generates your passwords using a hash
-of the website name, your username and a single main-passphrase that you reuse.
-It omits the need for you to ever need to[…](https://awesome-privacy.xyz/essentials/password-managers/lesspass "View full LessPass report")
- -
- Stats
-
- [](https://github.com/lesspass/lesspass) [](https://awesome-privacy.xyz/essentials/password-managers/lesspass)ㅤ
-
-
-- **[
Padloc](https://padloc.app)** - A modern, open source password manager for individuals and teams. Beautiful,
-intuitive and dead simple to use. Apps available for all platforms and you can
-self-host it as well.
-
- -
- Stats
-
- [](https://github.com/padloc/padloc) [](https://awesome-privacy.xyz/essentials/password-managers/padloc) [](https://play.google.com/store/apps/details?id=app.padloc) [](https://apps.apple.com/us/app/padloc/id1478877043)ㅤ
-
-
-- **[
ProtonPass](https://proton.me/pass)** - From the creators of ProtonMail, ProtonPass is a new addition to their suite of
-services. They have a full collection of user-friendly native mobile and desktop
-apps. ProtonPass is one of the few "tru[…](https://awesome-privacy.xyz/essentials/password-managers/protonpass "View full ProtonPass report")
- -
- Stats
-
- [](https://tosdr.org/en/service/491) [](https://awesome-privacy.xyz/essentials/password-managers/protonpass) [](https://proton.me/pass) [](https://play.google.com/store/apps/details?id=proton.android.pass) [](https://apps.apple.com/us/app/proton-pass-password-manager/id6443490629) [](https://reddit.com/r/ProtonPass)ㅤ
-
-
-- **[
Pass](https://www.passwordstore.org/)** - The Standard Unix Password Manager
- -
- Stats
-
- [](https://awesome-privacy.xyz/essentials/password-managers/pass) [](https://www.passwordstore.org/)ㅤ
-
-
-
-
-✳️ Notable Mentions
-
-> - [Password Safe](https://www.pwsafe.org) - An offline, open source password manager designed by [Bruce Schneier](https://www.schneier.com/academic/passsafe/), with native applications for Windows, Linux, MacOS, Android and iOS, and support for YubiKey. The UI is a little dated, and there is no official browser extension, making is slightly less convenient to use compared with other options
-> - [PassBolt](https://www.passbolt.com) - A good option for teams. It is free, open source, self-hosted, extensible and OpenPGP based. It is specifically good for development and DevOps usage, with integrations for the terminal, browser and chat, and can be easily extended for custom usage, and deployed quickly with Docker
-> - [1Password](https://1password.com) - (proprietary) A fully-featured cross-platform password manager with sync. Free for self-hosted data (or $3/ month hosted). Be aware that 1Password is not fully open source, but they do regularly publish results of their independent [security audits](https://support.1password.com/security-assessments), and they have a solid reputation for transparently disclosing and fixing vulnerabilities
-
-
-
-ℹ️ Further Info
-
-> **Other Open Source PM**: [Buttercup](https://buttercup.pw), [Clipperz](https://clipperz.is), [Pass](https://www.passwordstore.org), [Padloc](https://padloc.app), [TeamPass](https://teampass.net), [PSONO](https://psono.com), [UPM](http://upm.sourceforge.net), [Gorilla](https://github.com/zdia/gorilla/wiki), [Seahorse](https://gitlab.gnome.org/GNOME/seahorse) (for GNOME), [GNOME Keyring](https://wiki.gnome.org/Projects/GnomeKeyring), [KDE Wallet Manager](https://userbase.kde.org/KDE_Wallet_Manager).
If you are using a deprecated PM, you should migrate to something actively maintained. This includes: [Firefox Lockwise](https://www.mozilla.org/en-US/firefox/lockwise), [Encryptr](https://spideroak.com/personal/encryptr?ref=awesome-privacyr), [Mitro](https://www.mitro.co), [Rattic](https://spideroak.com/encryptr), [JPasswords](http://jpws.sourceforge.net/jpasswords.html), [Passopolis](https://passopolis.com), [KYPS](https://en.wikipedia.org/wiki/KYPS), [Factotum](http://man.9front.org/4/factotum).
-
-
-⬆️ [Back to Top]
-
----
-
-### 2-Factor Authentication
-
-- **[
2FAS](https://2fas.com/)** - Free, secure and open source authenticator app for both iOS and Android.
-Supports creating encrypted backups and syncing between devices without the need for an account.
-
- -
- Stats
-
- [](https://github.com/twofas/2fas-server) [](https://tosdr.org/en/service/8201) [](https://awesome-privacy.xyz/essentials/2-factor-authentication/2fas) [](https://play.google.com/store/apps/details?id=com.twofasapp) [](https://apps.apple.com/us/app/2fa-authenticator-2fas/id1217793794) [](https://discord.gg/q4cP6qh2g5)ㅤ
-
-
-- **[
Aegis](https://getaegis.app)** - Free, secure and open source authenticator app for Android. Has a backup/
-restore feature and a customisable UI with dark mode
-
- -
- Stats
-
- [](https://github.com/beemdevelopment/Aegis) [](https://tosdr.org/en/service/4076) [](https://awesome-privacy.xyz/essentials/2-factor-authentication/aegis) [](https://play.google.com/store/apps/details?id=com.beemdevelopment.aegis)ㅤ
-
-
-- **[
Stratum](https://stratumauth.com/)** - Free and open-source two factor authentication app for Android. It features
-encrypted backups, icons, categories and a high level of customisation. It
-also has a Wear OS companion app
-
- -
- Stats
-
- [](https://github.com/stratumauth/app) [](https://awesome-privacy.xyz/essentials/2-factor-authentication/stratum) [](https://play.google.com/store/apps/details?id=com.stratumauth.app)ㅤ
-
-
-- **[
Tofu](https://www.tofuauth.com)** - An easy-to-use, open-source two-factor authentication app designed specifically
-for iOS
-
- -
- Stats
-
- [](https://github.com/iKenndac/Tofu) [](https://tosdr.org/en/service/5414) [](https://awesome-privacy.xyz/essentials/2-factor-authentication/tofu) [](https://apps.apple.com/us/app/tofu-authenticator/id1082229305)ㅤ
-
-
-- **[
Authenticator](https://mattrubin.me/authenticator)** - Simple, native, open source 2-FA Client for iOS, which never connects to the
-internet - built by @mattrubin.me
-
- -
- Stats
-
- [](https://github.com/mattrubin/Authenticator) [](https://awesome-privacy.xyz/essentials/2-factor-authentication/authenticator) [](https://apps.apple.com/us/app/authenticator/id766157276)ㅤ
-
-
-- **[
WinAuth](https://winauth.github.io/winauth)** - Portable, encrypted desktop authenticator app for Microsoft Windows. With
-useful features, like hotkeys and some additional security tools, WinAuth is a
-great companion authenticator for desktop power[…](https://awesome-privacy.xyz/essentials/2-factor-authentication/winauth "View full WinAuth report")
- -
- Stats
-
- [](https://github.com/winauth/winauth) [](https://awesome-privacy.xyz/essentials/2-factor-authentication/winauth)ㅤ
-
-
-- **[
Authenticator GNOME](https://gitlab.gnome.org/World/Authenticator)** - Rust-based OTP authenticator. Has native With GNOME Shell integration. Also
-available through [flathub](https://flathub.org/apps/details/com.belmoussaoui.Authenticator).
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/essentials/2-factor-authentication/authenticator-gnome) [](https://gitlab.gnome.org/World/Authenticator)ㅤ
-
-
-- **[
Authenticator CC](https://authenticator.cc)** - Authenticator Extension is an in-browser One-Time Password (OTP) client,
-supports both Time-Based One-Time Password (TOTP, specified in [RFC 6238](https://tools.ietf.org/html/rfc6238))
-and HMAC-Based One-Time Password (HOTP, specified in [RFC 4226](https://tools.ietf.org/html/rfc4226)[…](https://awesome-privacy.xyz/essentials/2-factor-authentication/authenticator-cc "View full Authenticator CC report")
- -
- Stats
-
- [](https://github.com/Authenticator-Extension/Authenticator) [](https://awesome-privacy.xyz/essentials/2-factor-authentication/authenticator-cc)ㅤ
-
-
-- **[
Ente Auth](https://ente.io/auth/)** - Ente Auth is a free and open-source app which stores and generates TOTP tokens.
-It can be used with an online account to backup and sync your tokens across your
-devices (and access them via a web inte[…](https://awesome-privacy.xyz/essentials/2-factor-authentication/ente-auth "View full Ente Auth report")
- -
- Stats
-
- [](https://github.com/ente-io/ente) [](https://tosdr.org/en/service/5256) [](https://awesome-privacy.xyz/essentials/2-factor-authentication/ente-auth) [](https://github.com/ente-io/ente) [](https://play.google.com/store/apps/details?id=io.ente.auth) [](https://apps.apple.com/us/app/ente-auth/id6444121398)ㅤ
-
-
-- **[
Bitwarden Authenticator](https://bitwarden.com/products/authenticator/)** - Bitwarden Authenticator is a free and open-source app which stores and generates
-time-based codes for multi-factor authentication. It can be used with an online
-account to backup and sync your tokens[…](https://awesome-privacy.xyz/essentials/2-factor-authentication/bitwarden-authenticator "View full Bitwarden Authenticator report")
- -
- Stats
-
- [](https://github.com/bitwarden/ios) [](https://tosdr.org/en/service/5256) [](https://awesome-privacy.xyz/essentials/2-factor-authentication/bitwarden-authenticator) [](https://github.com/bitwarden/ios) [](https://play.google.com/store/apps/details?id=com.bitwarden.authenticator) [](https://apps.apple.com/app/bitwarden-authenticator/id6497335175)ㅤ
-
-
-- **[
Proton Authenticator](https://proton.me/authenticator)** - Proton Authenticator is free, open source, and available for both iOS and Android.
-A Proton account is required to use Proton Authenticator.
-Existing 2FA codes can be imported from other popular apps[…](https://awesome-privacy.xyz/essentials/2-factor-authentication/proton-authenticator "View full Proton Authenticator report")
- -
- Stats
-
- [](https://github.com/protonpass/android-authenticator) [](https://tosdr.org/en/service/491) [](https://awesome-privacy.xyz/essentials/2-factor-authentication/proton-authenticator) [](https://github.com/protonpass/android-authenticator) [](https://play.google.com/store/apps/details?id=proton.android.authenticator) [](https://apps.apple.com/us/app/proton-authenticator/id6741758667)ㅤ
-
-
-
-
-✳️ Notable Mentions
-
-> [OTPClient](https://github.com/paolostivanin/OTPClient) *(Linux)*, [gauth](https://github.com/gbraadnl/gauth) *(Self-Hosted, Web-based)*, [Etopa](https://play.google.com/store/apps/details?id=de.ltheinrich.etopa) *(Android)*
For KeePass users, [TrayTop](https://keepass.info/plugins.html#traytotp) is a plugin for managing TOTP's - offline and compatible with Windows, Mac and Linux.
->
-
-
-ℹ️ Further Info
-
-> Check which websites support multi-factor authentication: [2fa.directory](https://2fa.directory/)
-
-
-⬆️ [Back to Top]
-
----
-
-### File Encryption
-
-- **[
VeraCrypt](https://www.veracrypt.fr)** - VeraCrypt is open source cross-platform disk encryption software. You can use
-it to either encrypt a specific file or directory, or an entire disk or
-partition. VeraCrypt is incredibly feature-rich, w[…](https://awesome-privacy.xyz/essentials/file-encryption/veracrypt "View full VeraCrypt report")
- -
- Stats
-
- [](https://github.com/veracrypt/VeraCrypt) [](https://awesome-privacy.xyz/essentials/file-encryption/veracrypt)ㅤ
-
-
-- **[
Cryptomator](https://cryptomator.org)** - Open source client-side encryption for cloud files - Cryptomator is geared
-towards using alongside cloud-backup solutions, and hence preserves individual
-file structure, so that they can be uploaded.[…](https://awesome-privacy.xyz/essentials/file-encryption/cryptomator "View full Cryptomator report")
- -
- Stats
-
- [](https://github.com/cryptomator/cryptomator) [](https://tosdr.org/en/service/4403) [](https://awesome-privacy.xyz/essentials/file-encryption/cryptomator) [](https://play.google.com/store/apps/details?id=org.cryptomator) [](https://apps.apple.com/us/app/cryptomator/id1560822163)ㅤ
-
-
-- **[
age](https://age-encryption.org)** - `age` is a simple, modern and secure CLI file encryption tool and Go library.
-It features small explicit keys, no config options, and UNIX-style composability
-
- -
- Stats
-
- [](https://github.com/FiloSottile/age) [](https://awesome-privacy.xyz/essentials/file-encryption/age)ㅤ
-
-
-- **[
Picocrypt]()** - Picocrypt is a very small (hence Pico), very simple, yet very secure encryption tools
-that you can use to protect your files. It's designed to be the go-to tool for encryption,
-with a focus on securit[…](https://awesome-privacy.xyz/essentials/file-encryption/picocrypt "View full Picocrypt report")
- -
- Stats
-
- [](https://github.com/Picocrypt/Picocrypt) [](https://awesome-privacy.xyz/essentials/file-encryption/picocrypt)ㅤ
-
-
-
-
-⚠️ Word of Warning
-
-> Where possible, choose a cross-platform and well established encryption method, so that you are never faced with not being able to access your files using your current system.
Although well-established encryption methods are usually very secure, if the password is not strong, then an adversary may be able to gain access to your files, with a powerful enough GPU. If your system is compromised, then the password may also be able to be skimmed with a keylogger or other similar malware, so take care to follow good basic security practices
-
-
-
-
-
-✳️ Notable Mentions
-
-> - [AES Crypt](https://www.aescrypt.com/) - A light-weight and easy file encryption utility. It includes applications for Windows, Mac OS, BSD and Linux, all of which can be interacted with either through the GUI, CLI or programatically though an API (available for Java, C, C# and Python). Although it is well established, with an overall positive reputation, there have been some [security issues](https://www.reddit.com/r/privacytoolsIO/comments/b7riov/aes_crypt_security_audit_1_serious_issue_found/) raised recently.
-> - [CryptSetup](https://gitlab.com/cryptsetup/cryptsetup) - is a convenient layer for use on top of [dm-crypt](https://wiki.archlinux.org/index.php/Dm-crypt). [EncFS](https://github.com/vgough/encfs) is a cross-platform file-based encryption module, for use within user local directories. [geli](https://www.freebsd.org/cgi/man.cgi?query=geli&sektion=8) is a disk encryption subsystem included with FreeBSD.
-> - [BitLocker](https://docs.microsoft.com/en-us/windows/security/information-protection/bitlocker/bitlocker-overview) - is popular among Microsoft Windows and enterprise users, and provides fast, efficient and (if correctly configured) reasonably secure full drive encryption. However it is not open source, has poor compatibility with other operating systems, and has some very dodgy [defaults](https://www.diskcryptor.org/why-not-bitlocker/), which could lead to your system being compromised. Similarly, Apple's [FileVault](https://support.apple.com/en-us/HT204837) on MacOS is easy and secure, but again, the source code is proprietary.
-> - [DiskCryptor](https://www.diskcryptor.org/) - Windows-only, open source, file and volume encryption solution,
-that makes a good alternative to BitLocker.
-
-
-⬆️ [Back to Top]
-
----
-
-### Browsers
-
-- **[
LibreWolf](https://librewolf.net)** - LibreWolf is an independent fork of Firefox that aims to provide better default
-settings to improve on privacy, security and user freedom. Mozilla telemetry is
-disabled, ties with Google (Safe Browsin[…](https://awesome-privacy.xyz/essentials/browsers/librewolf "View full LibreWolf report")
- -
- Stats
-
- [](https://tosdr.org/en/service/6389) [](https://awesome-privacy.xyz/essentials/browsers/librewolf) [](https://librewolf.net)ㅤ
-
-
-- **[
Brave Browser](https://brave.com)** - Brave Browser, currently one of the most popular private browsers - it provides
-speed, security, and privacy by blocking trackers with a clean, yet fully-featured
-UI. It also pays you in [BAT tokens](https://basicattentiontoken.org/) fo[…](https://awesome-privacy.xyz/essentials/browsers/brave-browser "View full Brave Browser report")
- -
- Stats
-
- [](https://github.com/brave/brave-browser) [](https://tosdr.org/en/service/1487) [](https://awesome-privacy.xyz/essentials/browsers/brave-browser)ㅤ
-
-
-- **[
Firefox](https://www.firefox.com/)** - Significantly more private, and offers some nifty privacy features than Chrome,
-Internet Explorer and Safari. After installing, there are a couple of small tweaks
-you will need to make, in order to se[…](https://awesome-privacy.xyz/essentials/browsers/firefox "View full Firefox report")
- -
- Stats
-
- [](https://tosdr.org/en/service/188) [](https://awesome-privacy.xyz/essentials/browsers/firefox) [](https://www.firefox.com/)ㅤ
-
-
-- **[
Tor Browser](https://www.torproject.org/)** - Tor provides an extra layer of anonymity, by encrypting each of your requests, then
-routing it through several nodes, making it near-impossible for you to be tracked by
-your ISP/ provider. It does mak[…](https://awesome-privacy.xyz/essentials/browsers/tor-browser "View full Tor Browser report")
- -
- Stats
-
- [](https://tosdr.org/en/service/2845) [](https://awesome-privacy.xyz/essentials/browsers/tor-browser) [](https://www.torproject.org/) [](https://play.google.com/store/apps/details?id=org.torproject.torbrowser)ㅤ
-
-
-- **[
Cromite](https://www.cromite.org/)** - Cromite is a Chromium fork based on Bromite with built-in support for ad blocking and an eye for privacy.
-
- -
- Stats
-
- [](https://github.com/uazo/cromite) [](https://awesome-privacy.xyz/essentials/browsers/cromite)ㅤ
-
-
-
-
-⚠️ Word of Warning
-
-> New vulnerabilities are being discovered and patched all the time - use a browser that is being actively maintained, in order to receive these security-critical updates.
Even privacy-respecting browsers, often do not have the best privacy options enabled by default. After installing, check the privacy & security settings, and update the configuration to something that you are comfortable with. 12Bytes maintains a comprehensive guide on [Firefox Configuration for Privacy and Performance](https://codeberg.org/12bytes/firefox-config-guide)
-
-
-
-
-
-✳️ Notable Mentions
-
-> **Mobile Browsers**: [Mull](https://f-droid.org/en/packages/us.spotco.fennec_dos/) Hardened fork of FF-Fenix (Android), [Firefox Focus](https://support.mozilla.org/en-US/kb/focus) (Android/ iOS), [DuckDuckGo Browser](https://help.duckduckgo.com/duckduckgo-help-pages/mobile/ios/) (Android/ iOS), [Orbot](https://guardianproject.info/apps/orbot/) + [Tor](https://www.torproject.org/download/#android) (Android), [Onion Browser](https://onionbrowser.com/) (iOS)
**Additional Desktop**: [Nyxt](https://nyxt.atlas.engineer/), [WaterFox](https://www.waterfox.net), [Epic Privacy Browser](https://www.epicbrowser.com), [PaleMoon](https://www.palemoon.org), [Iridium](https://iridiumbrowser.de/), [Sea Monkey](https://www.seamonkey-project.org/), [Ungoogled-Chromium](https://github.com/Eloston/ungoogled-chromium), [Basilisk Browser](https://www.basilisk-browser.org/) and [IceCat](https://www.gnu.org/software/gnuzilla/) 12Bytes also maintains a list privacy & security [extensions](https://12bytes.org/articles/tech/firefox/firefox-extensions-my-picks/)
->
-
-⬆️ [Back to Top]
-
----
-
-### Search Engines
-
-- **[
DuckDuckGo](https://duckduckgo.com)** - DuckDuckGo is a very user-friendly, fast and secure search engine. It's totally
-private, with no trackers, cookies or ads. It's also highly customisable, with
-dark-mode, many languages and features. T[…](https://awesome-privacy.xyz/essentials/search-engines/duckduckgo "View full DuckDuckGo report")
- -
- Stats
-
- [](https://tosdr.org/en/service/222) [](https://awesome-privacy.xyz/essentials/search-engines/duckduckgo) [](https://duckduckgo.com) [](https://play.google.com/store/apps/details?id=com.duckduckgo.mobile.android) [](https://apps.apple.com/us/app/duckduckgo-private-browser/id663592361) [](https://reddit.com/r/duckduckgo)ㅤ
-
-
-- **[
Qwant](https://www.qwant.com)** - French service that aggregates Bings results, with its own results. Qwant doesn't
-plant any cookies, nor have any trackers or third-party advertising. It returns
-non-biased search results, with no pro[…](https://awesome-privacy.xyz/essentials/search-engines/qwant "View full Qwant report")
- -
- Stats
-
- [](https://tosdr.org/en/service/527) [](https://awesome-privacy.xyz/essentials/search-engines/qwant) [](https://play.google.com/store/apps/details?id=com.qwant.liberty) [](https://apps.apple.com/us/app/qwant-private-search/id924470452) [](https://reddit.com/r/Qwant)ㅤ
-
-
-- **[
Startpage](https://www.startpage.com)** - Dutch search engine that searches on Google and shows the results (slightly
-rearranged). It has several configurations that improve privacy during use
-(it is not open source)
-
- -
- Stats
-
- [](https://tosdr.org/en/service/418) [](https://awesome-privacy.xyz/essentials/search-engines/startpage)ㅤ
-
-
-- **[
Brave Search](https://search.brave.com/)** - Brave Search is a privacy-focused search engine that does not track users or their searches, does not use secret algorithms or user profiling, and is based on its own search index.
- -
- Stats
-
- [](https://github.com/brave/brave-browser) [](https://tosdr.org/en/service/1487) [](https://awesome-privacy.xyz/essentials/search-engines/brave-search) [](https://github.com/brave/brave-browser)  [](https://play.google.com/store/apps/details?id=com.brave.browser) [](https://apps.apple.com/us/app/brave-private-browser-adblock/id1052879175) [](https://reddit.com/r/brave_browser)ㅤ
-
-
-- **[
Mojeek](https://mojeek.com)** - British search engine providing independent and unbiased search results using
-its own crawler. Has a zero tracking policy (it is not open source)
-
- -
- Stats
-
- [](https://tosdr.org/en/service/2432) [](https://awesome-privacy.xyz/essentials/search-engines/mojeek) [](https://play.google.com/store/apps/details?id=mojeek.app) [](https://apps.apple.com/gb/app/mojeek/id1505807785) [](https://reddit.com/r/mojeek)ㅤ
-
-
-- **[
Uruky](https://uruky.com)** - Uruky is an ad-free, private search engine focused on personalization. It uses,
-among other providers, Mojeek and Marginalia. It is EU-based and does not keep
-or track any personal data (it is not 100[…](https://awesome-privacy.xyz/essentials/search-engines/uruky "View full Uruky report")
- -
- Stats
-
- [](https://awesome-privacy.xyz/essentials/search-engines/uruky) [](https://apps.apple.com/us/app/uruky-private-ad-free-search/id6758864380)ㅤ
-
-
-
-
-✳️ Notable Mentions
-
-> - [MetaGear](https://metager.org)
-> - [YaCy](https://yacy.net)
-> - [Searx](https://github.com/searxng/searxng) - Self-hostable search engines that use the results of multiple other engines (such as Google and Bing) at the same time. They're open source and self-hostable, although using a [public instance](https://searx.space) has the benefit of not singling out your queries to the engines used. A fork of the original [Searx](https://searx.github.io/searx/).
-
-
-⬆️ [Back to Top]
-
----
-
-## Communication
-
-### Encrypted Messaging
-
-- **[
Signal](https://signal.org)** - Probably one of the most popular, secure private messaging apps that combines
-strong encryption (see [Signal Protocol](https://en.wikipedia.org/wiki/Signal_Protocol))
-with a simple UI and plenty of features. It's widely used across the world, and
-ea[…](https://awesome-privacy.xyz/communication/encrypted-messaging/signal "View full Signal report")
- -
- Stats
-
- [](https://github.com/signalapp/Signal-Server) [](https://tosdr.org/en/service/528) [](https://awesome-privacy.xyz/communication/encrypted-messaging/signal) [](https://github.com/signalapp/Signal-Server) [](https://play.google.com/store/apps/details?id=org.thoughtcrime.securesms) [](https://apps.apple.com/us/app/signal-private-messenger/id874139669) [](https://reddit.com/r/signal)ㅤ
-
-
-- **[
Session](https://getsession.org)** - Session is a fork of Signal, however unlike Signal it does not require a mobile
-number (or any other personal data) to register, instead each user is identified
-by a public key. It is also decentraliz[…](https://awesome-privacy.xyz/communication/encrypted-messaging/session "View full Session report")
- -
- Stats
-
- [](https://github.com/oxen-io/lokinet) [](https://tosdr.org/en/service/3015) [](https://awesome-privacy.xyz/communication/encrypted-messaging/session) [](https://github.com/oxen-io/lokinet) [](https://play.google.com/store/apps/details?id=network.loki.messenger) [](https://apps.apple.com/us/app/session-private-messenger/id1470168868) [](https://reddit.com/r/Session_Messenger)ㅤ
-
-
-- **[
SimpleX](https://simplex.chat/)** - Simplex is gaining popularity as a secure and private messaging app renowned
-for its robust encryption protocol without user IDs or phone numbers and this improves your privacy.
-Simplex offers instant[…](https://awesome-privacy.xyz/communication/encrypted-messaging/simplex "View full SimpleX report")
- -
- Stats
-
- [](https://github.com/simplex-chat/simplex-chat) [](https://tosdr.org/en/service/7638) [](https://awesome-privacy.xyz/communication/encrypted-messaging/simplex) [](https://github.com/simplex-chat/simplex-chat) [](https://play.google.com/store/apps/details?id=chat.simplex.app) [](https://apps.apple.com/us/app/simplex-chat-secure-messenger/id1605771084) [](https://reddit.com/r/SimpleXChat)ㅤ
-
-
-- **[
XMPP](https://xmpp.org)** - XMPP, also known as Jabber, is an open standard for decentralized messaging that
-has been widely used for decades. It has actually been the basis upon which
-WhatsApp, Facebook's Chat and Google's Talk[…](https://awesome-privacy.xyz/communication/encrypted-messaging/xmpp "View full XMPP report")
- -
- Stats
-
- [](https://github.com/xsf/xmpp.org) [](https://awesome-privacy.xyz/communication/encrypted-messaging/xmpp) [](https://github.com/xsf/xmpp.org)ㅤ
-
-
-- **[
Matrix](https://matrix.org)** - Matrix is a decentralized open network for secure communications, with E2E
-encryption with Olm and Megolm. Along with the [Element](https://element.io/)
-client, it supports VOIP + video calling and IM + group chats. Since M[…](https://awesome-privacy.xyz/communication/encrypted-messaging/matrix "View full Matrix report")
- -
- Stats
-
- [](https://github.com/matrix-org/dendrite) [](https://tosdr.org/en/service/2455) [](https://awesome-privacy.xyz/communication/encrypted-messaging/matrix) [](https://github.com/matrix-org/dendrite)ㅤ
-
-
-
-
-⚠️ Word of Warning
-
-> Many messaging apps claim to be secure, but if they are not open source, then this cannot be verified - and they **should not be trusted**. This applies to [Telegram](https://telegram.org), [Threema](https://threema.ch), [Cypher](https://www.goldenfrog.com/cyphr), [Wickr](https://wickr.com/), [Silent Phone](https://www.silentcircle.com/products-and-solutions/silent-phone/) and [Viber](https://www.viber.com/), to name a few - these apps should not be used to communicate any sensitive data. [Wire](https://wire.com/) has also been removed, due to a [recent acquisition](https://blog.privacytools.io/delisting-wire/)
-
-
-
-
-
-✳️ Notable Mentions
-
-> - [Chat Secure](https://chatsecure.org)
-> - [KeyBase](https://keybase.io/) - Allows encrypted real-time chat, group chats, and public and private file sharing. It also has some nice features around cryptographically proving social identities, and makes PGP signing, encrypting and decrypting messages easy. However, since it was [acquired by Zoom](https://keybase.io/blog/keybase-joins-zoom) in 2020, it has no longer been receiving regular updates.
-> - [OpenPGP](https://www.openpgp.org) - can be used over existing chat networks (such as email or message boards). It provides cryptographic privacy and authentication, PGP is used to encrypt messages.
**Note/ Issues with PGP** PGP is [not easy](https://restoreprivacy.com/let-pgp-die/) to use for beginners, and could lead to human error/ mistakes being made, which would be overall much worse than if an alternate, simpler system was used. Do not use [32-bit key IDs](https://evil32.com/) - they are too short to be secure. There have also been vulnerabilities found in the OpenPGP and S/MIME, defined in [EFAIL](https://efail.de/), so although it still considered secure for general purpose use, for general chat, it may be better to use an encrypted messaging or email app instead.
-
-
-⬆️ [Back to Top]
-
----
-
-### P2P Messaging
-
-With [Peer-to-Peer](https://en.wikipedia.org/wiki/Peer-to-peer) networks, there are no central server, so there is nothing that can be raided, shut-down or forced to turn over data. There are P2P networks available that are open source, E2E encrypted, routed through Tor services, totally anonymous and operate without the collection of metadata.
-
-- **[
Oxen](https://oxen.io/)** - Oxen (previously Loki) is an open source set of tools that allow users to transact
-and communicate anonymously and privately, through a decentralised, encrypted,
-onion-based network.
-Session is a desk[…](https://awesome-privacy.xyz/communication/p2p-messaging/oxen "View full Oxen report")
- -
- Stats
-
- [](https://github.com/oxen-io/lokinet) [](https://tosdr.org/en/service/6622) [](https://awesome-privacy.xyz/communication/p2p-messaging/oxen)ㅤ
-
-
-- **[
Briar](https://briarproject.org)** - Tor-based Android app for P2P encrypted messaging and forums. Where content is
-stored securely on your device (not in the cloud). It also allows you to connect
-directly with nearby contacts, without i[…](https://awesome-privacy.xyz/communication/p2p-messaging/briar "View full Briar report")
- -
- Stats
-
- [](https://tosdr.org/en/service/2559) [](https://awesome-privacy.xyz/communication/p2p-messaging/briar) [](https://briarproject.org) [](https://play.google.com/store/apps/details?id=org.briarproject.briar.android)ㅤ
-
-
-- **[
Ricochet Refresh](https://www.ricochetrefresh.net)** - Desktop instant messenger, that uses the Tor network to rendezvous with your
-contacts without revealing your identity, location/ IP or meta data. There are
-no servers to monitor, censor, or hack so Ri[…](https://awesome-privacy.xyz/communication/p2p-messaging/ricochet-refresh "View full Ricochet Refresh report")
- -
- Stats
-
- [](https://github.com/blueprint-freespeech/ricochet-refresh) [](https://awesome-privacy.xyz/communication/p2p-messaging/ricochet-refresh) [](https://github.com/blueprint-freespeech/ricochet-refresh)ㅤ
-
-
-- **[
Jami](https://jami.net)** - P2P encrypted chat network with cross-platform GNU client apps. Jami supports
-audio and video calls, screen sharing, conference hosting and instant messaging.
-
- -
- Stats
-
- [](https://github.com/savoirfairelinux/jami-project) [](https://awesome-privacy.xyz/communication/p2p-messaging/jami) [](https://play.google.com/store/apps/details?id=cx.ring) [](https://apps.apple.com/ca/app/jami/id1306951055)ㅤ
-
-
-- **[
Tox & qTox client](https://tox.chat)** - Open source, encrypted, distributed chat network, with clients for desktop and
-mobile - see [supported clients](https://tox.chat/clients.html). Clearly documented
-code and multiple language bindings make it easy for developers to int[…](https://awesome-privacy.xyz/communication/p2p-messaging/tox-and-qtox-client "View full Tox & qTox client report")
- -
- Stats
-
- [](https://awesome-privacy.xyz/communication/p2p-messaging/tox-and-qtox-client) [](https://tox.chat) [](https://reddit.com/r/projecttox)ㅤ
-
-
-
-
-✳️ Notable Mentions
-
-> - [Cwtch](https://cwtch.im)
-> - [BitMessage](https://github.com/Bitmessage/PyBitmessage)
-> - [RetroShare](https://retroshare.cc)
-
-
-⬆️ [Back to Top]
-
----
-
-### Encrypted Email
-
-Email is not secure - your messages can be easily intercepted and read. Corporations scan the content of your mail, to build up a profile of you, either to show you targeted ads or to sell onto third-parties. Through the [Prism Program](https://en.wikipedia.org/wiki/PRISM_(surveillance_program)), the government also has full access to your emails (if not end-to-end encrypted) - this applies to Gmail, Outlook Mail, Yahoo Mail, GMX, ZoHo, iCloud, AOL and more.
For a more details comparison of email providers, see [email-comparison.as93.net](https://email-comparison.as93.net/)
-
-- **[
Forward Email](https://forwardemail.net)** - A 100% open-source, privacy-focused email service with quantum-safe encrypted
-SQLite mailboxes (sandboxed and portable). Supports IMAP, POP3, SMTP, CalDAV
-(calendars), and CardDAV (contacts). Features[…](https://awesome-privacy.xyz/communication/encrypted-email/forward-email "View full Forward Email report")
- -
- Stats
-
- [](https://github.com/forwardemail/free-email-forwarding) [](https://awesome-privacy.xyz/communication/encrypted-email/forward-email) [](https://github.com/forwardemail/free-email-forwarding) [](https://reddit.com/r/forwardemail)ㅤ
-
-
-- **[
ProtonMail](https://protonmail.com)** - An end-to-end encrypted anonymous email service. ProtonMail has a
-modern easy-to-use and customizable UI, as well as fast, secure native mobile
-apps. ProtonMail has all the features that you'd expect[…](https://awesome-privacy.xyz/communication/encrypted-email/protonmail "View full ProtonMail report")
- -
- Stats
-
- [](https://github.com/ProtonMail/WebClients) [](https://tosdr.org/en/service/491) [](https://awesome-privacy.xyz/communication/encrypted-email/protonmail) [](https://play.google.com/store/apps/details?id=ch.protonmail.android) [](https://apps.apple.com/us/app/proton-mail-encrypted-email/id979659905) [](https://reddit.com/r/ProtonMail)ㅤ
-
-
-- **[
Tuta](https://tuta.com)** - Free and open source email service based in Germany. It has a basic intuitive UI,
-secure native mobile apps and desktop email clients, anonymous signup, and an encrypted calendar. Tuta has a
-full-feat[…](https://awesome-privacy.xyz/communication/encrypted-email/tuta "View full Tuta report")
- -
- Stats
-
- [](https://github.com/tutao/tutanota) [](https://tosdr.org/en/service/157) [](https://awesome-privacy.xyz/communication/encrypted-email/tuta) [](https://github.com/tutao/tutanota) [](https://play.google.com/store/apps/details?id=de.tutao.tutanota) [](https://apps.apple.com/us/app/encrypted-email-tuta/id922429609) [](https://reddit.com/r/tutanota)ㅤ
-
-
-- **[
Mailfence](https://mailfence.com?src=digitald)** - Mailfence supports OpenPGP so that you can manually exchange encryption keys
-independently from the Mailfence servers, putting you in full control. Mailfence
-has a simple UI, similar to that of Outloo[…](https://awesome-privacy.xyz/communication/encrypted-email/mailfence "View full Mailfence report")
- -
- Stats
-
- [](https://tosdr.org/en/service/1694) [](https://awesome-privacy.xyz/communication/encrypted-email/mailfence) [](https://play.google.com/store/apps/details?id=com.contactoffice.mailfence) [](https://apps.apple.com/us/app/mailfence/id1628808776) [](https://reddit.com/r/Mailfence)ㅤ
-
-
-- **[
MailBox.org](https://mailbox.org)** - A Berlin-based, eco-friendly secure mail provider. There is no free plan, the
-standard service costs €12/year. You can use your own domain, with the option of
-a [catch-all alias](https://kb.mailbox.org/display/MBOKBEN/Using+catch-all+alias+with+own+domain).
-They provide good acco[…](https://awesome-privacy.xyz/communication/encrypted-email/mailbox.org "View full MailBox.org report")
- -
- Stats
-
- [](https://tosdr.org/en/service/1517) [](https://awesome-privacy.xyz/communication/encrypted-email/mailbox.org) [](https://reddit.com/r/Mailbox_org)ㅤ
-
-
-
-
-⚠️ Word of Warning
-
-> - When using an end-to-end encryption technology like OpenPGP, some metadata
-in the email header will not be encrypted.
-- OpenPGP also does not support Forward secrecy, which means if either
-your or the recipient's private key is ever stolen, all previous messages
-encrypted with it will be exposed. You should take great care to keep your
-private keys safe.
-
-
-
-
-
-✳️ Notable Mentions
-
-> - [HushMail](https://www.hushmail.com)
-> - [Soverin](https://soverin.net)
-> - [StartMail](https://www.startmail.com)
-> - [Posteo](https://posteo.de)
-> - [Disroot](https://disroot.org/en)
-
-
-⬆️ [Back to Top]
-
----
-
-### Email Clients
-
-Email clients are the programs used to interact with the mail server. For hosted email, then the web and mobile clients provided by your email service are usually adequate, and may be the most secure option. For self-hosted email, you will need to install and configure mail clients for web, desktop or mobile. A benefit of using an IMAP client, is that you will always have an offline backup of all email messages (which can then be encrypted and archived), and many applications let you aggregate multiple mailboxes for convenience. Desktop mail clients are not vulnerable to the common browser attacks, that their web app counterparts are.
-
-- **[
Mozilla Thunderbird](https://www.thunderbird.net)** - Free and open source email application developed and backed by Mozilla -it's secure,
-private easy and customizable. As of V 78.2.1 encryption is built in, and the
-[TorBirdy](https://trac.torproject.org/projects/tor/wiki/torbirdy) extension routes
-all traffic[…](https://awesome-privacy.xyz/communication/email-clients/mozilla-thunderbird "View full Mozilla Thunderbird report")
- -
- Stats
-
- [](https://tosdr.org/en/service/3365) [](https://awesome-privacy.xyz/communication/email-clients/mozilla-thunderbird) [](https://www.thunderbird.net) [](https://reddit.com/r/Thunderbird)ㅤ
-
-
-- **[
eM Client](https://www.emclient.com)** - Productivity-based email client, for Windows and MacOS. eM Client has a clean user
-interface, snappy performance and good compatibility. There is a paid version, with
-some handy features, including sn[…](https://awesome-privacy.xyz/communication/email-clients/em-client "View full eM Client report")
- -
- Stats
-
- [](https://tosdr.org/en/service/432) [](https://awesome-privacy.xyz/communication/email-clients/em-client) [](https://play.google.com/store/apps/details?id=com.emclient.mailclient) [](https://apps.apple.com/us/app/em-client/id1561166404)ㅤ
-
-
-- **[
SnappyMail](https://snappymail.eu)** - Simple, modern, fast web-based mail client. This is an IMAP-only fork of
-[RainLoop](http://www.rainloop.net) that mitigates a severe
-[RainLoop vulnerability](https://thehackernews.com/2022/04/unpatched-bug-in-rainloop-webmail-could.html)
-and adds several new [features](https://snappymail.eu/comparison).[…](https://awesome-privacy.xyz/communication/email-clients/snappymail "View full SnappyMail report")
- -
- Stats
-
- [](https://github.com/the-djmaze/snappymail) [](https://awesome-privacy.xyz/communication/email-clients/snappymail)ㅤ
-
-
-- **[
RoundCube](https://roundcube.net)** - Browser-based multilingual IMAP client with an application-like user interface. It
-provides full functionality you expect from an email client, including MIME support,
-address book, folder manipulatio[…](https://awesome-privacy.xyz/communication/email-clients/roundcube "View full RoundCube report")
- -
- Stats
-
- [](https://github.com/roundcube/roundcubemail) [](https://awesome-privacy.xyz/communication/email-clients/roundcube)ㅤ
-
-
-- **[
FairEmail](https://email.faircode.eu)** - Open source, fully-featured and easy mail client for Android. Supports unlimited
-accounts and email addresses with the option for a unified inbox. Clean user
-interface, with a dark mode option, it is[…](https://awesome-privacy.xyz/communication/email-clients/fairemail "View full FairEmail report")
- -
- Stats
-
- [](https://github.com/M66B/FairEmail) [](https://awesome-privacy.xyz/communication/email-clients/fairemail) [](https://play.google.com/store/apps/details?id=eu.faircode.email)ㅤ
-
-
-- **[
K-9 Mail](https://k9mail.app)** - K-9 (or Thunderbird for Android) is open source,
-very well supported and trusted - k9 has been around for nearly
-as long as Android itself! It supports multiple accounts, search, IMAP push email,
-mult[…](https://awesome-privacy.xyz/communication/email-clients/k-9-mail "View full K-9 Mail report")
- -
- Stats
-
- [](https://github.com/thunderbird/thunderbird-android) [](https://tosdr.org/en/service/3624) [](https://awesome-privacy.xyz/communication/email-clients/k-9-mail) [](https://play.google.com/store/apps/details?id=com.fsck.k9)ㅤ
-
-
-
-
-⚠️ Word of Warning
-
-> One disadvantage of mail clients, is that many of them do not support 2FA, so it is important to keep your device secured and encrypted
-
-
-
-
-⬆️ [Back to Top]
-
----
-
-### Mail Forwarding
-
-Revealing your real email address online can put you at risk. Email aliasing allows messages to be sent to [anything]@my-domain.com and still land in your primary inbox. This protects your real email address from being revealed. Aliases are generated automatically, the first time they are used. This approach lets you identify which provider leaked your email address, and block an alias with 1-click.
-
-- **[
Addy](https://addy.io)** - An open source anonymous email forwarding service, allowing you to
-create unlimited email aliases. Has a free plan.
-
- -
- Stats
-
- [](https://github.com/anonaddy/anonaddy) [](https://tosdr.org/en/service/2220) [](https://awesome-privacy.xyz/communication/mail-forwarding/addy) [](https://play.google.com/store/apps/details?id=com.khalidwar.anonaddy) [](https://apps.apple.com/us/app/addymanager/id1547461270)ㅤ
-
-
-- **[
33Mail](http://33mail.com)** - A long-standing aliasing service. As well as receiving, 33Mail also lets you reply
-to forwarded addresses anonymously. Free plan, as well as Premium plan ($1/ month)
-if you'd like to use a custom doma[…](https://awesome-privacy.xyz/communication/mail-forwarding/33mail "View full 33Mail report")
- -
- Stats
-
- [](https://tosdr.org/en/service/8301) [](https://awesome-privacy.xyz/communication/mail-forwarding/33mail)ㅤ
-
-
-- **[
SimpleLogin](https://simplelogin.io)** - Fully open source (view on [GitHub](https://github.com/simple-login)) alias service
-with many additional features. Can be self-hosted, or the managed version has a free
-plan, as well as hosted premium option ($2.99/ month) for using cu[…](https://awesome-privacy.xyz/communication/mail-forwarding/simplelogin "View full SimpleLogin report")
- -
- Stats
-
- [](https://tosdr.org/en/service/2552) [](https://awesome-privacy.xyz/communication/mail-forwarding/simplelogin) [](https://simplelogin.io) [](https://play.google.com/store/apps/details?id=io.simplelogin.android) [](https://apps.apple.com/us/app/simplelogin-email-alias/id1494359858)ㅤ
-
-
-- **[
Firefox Private Relay](https://relay.firefox.com)** - Developed and managed by Mozilla, Relay is a Firefox addon, that lets you make an
-email alias with 1 click, and have all messages forwarded onto your personal email.
-Relay is totally free to use, and[…](https://awesome-privacy.xyz/communication/mail-forwarding/firefox-private-relay "View full Firefox Private Relay report")
- -
- Stats
-
- [](https://github.com/mozilla/fx-private-relay) [](https://tosdr.org/en/service/4158) [](https://awesome-privacy.xyz/communication/mail-forwarding/firefox-private-relay) [](https://github.com/mozilla/fx-private-relay)ㅤ
-
-
-- **[
ForwardEmail](https://forwardemail.net)** - Simple open source catch-all email forwarding service. Easy to self-host (see on
-[GitHub](https://github.com/forwardemail/free-email-forwarding)), or the hosted version
-has a free plan as well as a ($3/month) premium plan.[…](https://awesome-privacy.xyz/communication/mail-forwarding/forwardemail "View full ForwardEmail report")
- -
- Stats
-
- [](https://github.com/forwardemail/free-email-forwarding) [](https://awesome-privacy.xyz/communication/mail-forwarding/forwardemail)ㅤ
-
-
-- **[
ProtonMail](https://protonmail.com/pricing)** - If you already have ProtonMail's Professional (€8/month) or Visionary (€30/month) package,
-then an implementation of this feature is available via the Catch-All Email feature.
-
- -
- Stats
-
- [](https://tosdr.org/en/service/491) [](https://awesome-privacy.xyz/communication/mail-forwarding/protonmail) [](https://protonmail.com/pricing)ㅤ
-
-
-
-⬆️ [Back to Top]
-
----
-
-### Email Security Tools
-
-- **[
Enigmail](https://www.enigmail.net)** - Mail client add-on, enabling the use of OpenPGP to easily encrypt, decrypt,
-verify and sign emails. Free and open source, Enigmail is compatible with Interlink
-Mail & News and Postbox. Their website c[…](https://awesome-privacy.xyz/communication/email-security-tools/enigmail "View full Enigmail report")
- -
- Stats
-
- [](https://awesome-privacy.xyz/communication/email-security-tools/enigmail)ㅤ
-
-
-- **[
Email Privacy Tester](https://www.emailprivacytester.com/)** - Quick tool, that enables you to test whether your mail client "reads" your emails
-before you've opened them, and also checks what analytics, read-receipts or other
-tracking data your mail client allow[…](https://awesome-privacy.xyz/communication/email-security-tools/email-privacy-tester "View full Email Privacy Tester report")
- -
- Stats
-
- [](https://github.com/mikecardwell/email-privacy-tester) [](https://tosdr.org/en/service/9837) [](https://awesome-privacy.xyz/communication/email-security-tools/email-privacy-tester) [](https://github.com/mikecardwell/email-privacy-tester)ㅤ
-
-
-- **[
DKIM Verifier](https://addons.thunderbird.net/en-US/thunderbird/addon/dkim-verifier/?collection_id=a5557f08-eafd-7a39-81c6-09127da790f7)** - Verifies DKIM signatures and shows the result in the e-mail header, in order to help
-spot spoofed emails (which do not come from the domain that they claim to).
-
- -
- Stats
-
- [](https://github.com/lieser/dkim_verifier) [](https://awesome-privacy.xyz/communication/email-security-tools/dkim-verifier)ㅤ
-
-
-
-
-✳️ Notable Mentions
-
-> If you are using ProtonMail, then the [ProtonMail Bridge](https://protonmail.com/bridge/thunderbird) enables you to sync & backup your emails to your own desktop mail client. It works well with Thunderbird, Microsoft Outlook and others
->
-
-⬆️ [Back to Top]
-
----
-
-### VOIP Clients
-
-- **[
Mumble](https://www.mumble.info/)** - Open source, low-latency, high quality voice chat software. You can host your
-own server, or use a hosted instance, there are client applications for Windows,
-MacOS and Linux as well as third-party ap[…](https://awesome-privacy.xyz/communication/voip-clients/mumble "View full Mumble report")
- -
- Stats
-
- [](https://github.com/mumble-voip/mumble) [](https://tosdr.org/en/service/3640) [](https://awesome-privacy.xyz/communication/voip-clients/mumble) [](https://play.google.com/store/apps/details?id=se.lublin.mumla) [](https://apps.apple.com/us/app/mumble/id443472808)ㅤ
-
-
-- **[
Linphone](https://www.linphone.org)** - Open source audio, video and IM groups with E2E encryption and built-in media
-server. [SIP](https://en.wikipedia.org/wiki/Session_Initiation_Protocol)-based
-evolving to [RCS](https://en.wikipedia.org/wiki/Rich_Communication_Services).
-Native apps for Android, iOS, Windows, GNU/Linux and MacOS.[…](https://awesome-privacy.xyz/communication/voip-clients/linphone "View full Linphone report")
- -
- Stats
-
- [](https://github.com/BelledonneCommunications/linphone-desktop) [](https://awesome-privacy.xyz/communication/voip-clients/linphone) [](https://github.com/BelledonneCommunications/linphone-desktop) [](https://play.google.com/store/apps/details?id=org.linphone) [](https://apps.apple.com/us/app/linphone/id360065638)ㅤ
-
-
-
-
-✳️ Notable Mentions
-
-> - [SpoofCard](https://www.spoofcard.com) - Lets you make anonymous phone calls + voicemail, but not open source and limited information on security (avoid sending any secure info).
-> - [MicroSip](https://www.microsip.org) - An open source portable SIP softphone for Windows based on PJSIP stack
-
-⬆️ [Back to Top]
-
----
-
-### Virtual Phone Numbers
-
-- **[
SMSPool](https://www.smspool.net)** - Don't feel comfortable giving out your phone number? Protect your online identity by using our one-time-use non-VoIP phone numbers.
-We support over 50+ countries and support over 300+ services.
-
- -
- Stats
-
- [](https://tosdr.org/en/service/10033) [](https://awesome-privacy.xyz/communication/virtual-phone-numbers/smspool)  [](https://play.google.com/store/apps/details?id=com.smspool.app) [](https://apps.apple.com/app/smspool/id6474617801)ㅤ
-
-
-- **[
Silent.link](https://silent.link/)** - Anonymous eSIM for sending / receiving SMS, incoming calls and 4G / 5G internet
-+ world-wide roaming. No data is required at sign-up. Affordable pricing, with
-payments and top-ups accepted in BTC. Req[…](https://awesome-privacy.xyz/communication/virtual-phone-numbers/silent.link "View full Silent.link report")
- -
- Stats
-
- [](https://awesome-privacy.xyz/communication/virtual-phone-numbers/silent.link)ㅤ
-
-
-- **[
Crypton.sh](https://crypton.sh/)** - Physical SIM card in the cloud, for sending + receiving SMS messages. Messages
-are encrypted using your chosen private key. Includes a web interface, as well
-as an API for interacting with it from any[…](https://awesome-privacy.xyz/communication/virtual-phone-numbers/crypton.sh "View full Crypton.sh report")
- -
- Stats
-
- [](https://github.com/rinzlerch/user-encryption-wrapper) [](https://awesome-privacy.xyz/communication/virtual-phone-numbers/crypton.sh)ㅤ
-
-
-- **[
Jmp.chat](https://jmp.chat/)** - Phone number for incoming + outgoing calls and messages, provided by Soprani.
-Works with Jabber, Matrix, Snikket, XMPP or any SIP client. Pricing starts at
-$4.99 / month. Only available in the US and[…](https://awesome-privacy.xyz/communication/virtual-phone-numbers/jmp.chat "View full Jmp.chat report")
- -
- Stats
-
- [](https://awesome-privacy.xyz/communication/virtual-phone-numbers/jmp.chat) [](https://play.google.com/store/apps/details?id=com.cheogram.android.playstore)ㅤ
-
-
-- **[
MoneroSMS](https://monerosms.com)** - Anonymous SMS service able to activate accounts. Accessible over web, CLI, or
-email. Pricing starts at $3.60 / month. The service is in beta as of 2022.
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/communication/virtual-phone-numbers/monerosms)ㅤ
-
-
-- **[
PikaSim](https://pikasim.com)** - Privacy-focused eSIM provider for 170+ countries, with instant eSIM delivery.
-No account, ID, email needed, and accepts crypto via a self-hosted BTCPay Server.
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/communication/virtual-phone-numbers/pikasim) ㅤ
-
-
-
-⬆️ [Back to Top]
-
----
-
-### Team Collaboration
-
-Now more than ever we are relying on software to help with team collaboration. Unfortunately many popular options, such as [Slack](https://www.wired.co.uk/article/slack-privacy-settings-notifications), [Microsoft Teams](https://www.wired.co.uk/article/microsoft-teams-meeting-data-privacy), [Google for Work](https://www.wired.com/story/google-tracks-you-privacy/) and [Discord](https://cybernews.com/privacy/discord-privacy-tips-that-you-should-use-in-2020/) all come with some serious privacy implications.
Typical features of team collaboration software includes: instant messaging, closed and open group messaging, voice and video conference calling, file sharing/ file drop, and some level or scheduling functionality.
-
-- **[
Rocket.Chat](https://rocket.chat)** - Easy-to-deploy, self-hosted team collaboration platform with stable, feature-rich
-cross-platform client apps. The UI is fast, good looking and intuitive, so very
-little technical experience is needed[…](https://awesome-privacy.xyz/communication/team-collaboration/rocket.chat "View full Rocket.Chat report")
- -
- Stats
-
- [](https://github.com/RocketChat/Rocket.Chat) [](https://tosdr.org/en/service/6533) [](https://awesome-privacy.xyz/communication/team-collaboration/rocket.chat) [](https://github.com/RocketChat/Rocket.Chat) [](https://play.google.com/store/apps/details?id=chat.rocket.android) [](https://apps.apple.com/us/app/rocket-chat/id1148741252)ㅤ
-
-
-- **[
RetroShare](https://retroshare.cc/)** - Secure group communications, with the option to be used over Tor or I2P. Fast
-intuitive group and 1-to-1 chats with text and rich media using decentralized
-chat rooms, with a mail feature for deliveri[…](https://awesome-privacy.xyz/communication/team-collaboration/retroshare "View full RetroShare report")
- -
- Stats
-
- [](https://github.com/RetroShare/RetroShare) [](https://awesome-privacy.xyz/communication/team-collaboration/retroshare) [](https://github.com/RetroShare/RetroShare)ㅤ
-
-
-- **[
Element](https://element.io/)** - Privacy-focused messenger using the Matrix protocol. The Element client allows
-for group chat rooms, media sharing voice and video group calls.
-
- -
- Stats
-
- [](https://github.com/element-hq/element-web) [](https://tosdr.org/en/service/2498) [](https://awesome-privacy.xyz/communication/team-collaboration/element) [](https://play.google.com/store/apps/details?id=im.vector.app) [](https://apps.apple.com/us/app/element-messenger/id1083446067)ㅤ
-
-
-- **[
Internet Relay Chat](https://en.wikipedia.org/wiki/IRC)** - An IRC-based solution is another option, being decentralized there is no point
-of failure, and it's easy to self-host. However it's important to keep security
-in mind while configuring your IRC instan[…](https://awesome-privacy.xyz/communication/team-collaboration/internet-relay-chat "View full Internet Relay Chat report")
- -
- Stats
-
- [](https://awesome-privacy.xyz/communication/team-collaboration/internet-relay-chat) [](https://en.wikipedia.org/wiki/IRC)ㅤ
-
-
-- **[
Mattermost](https://mattermost.org/)** - Mattermost has an open source edition, which can be self-hosted. It makes a good
-Slack alternative, with native desktop, mobile and web apps and a wide variety of
-integrations.
-
- -
- Stats
-
- [](https://github.com/mattermost/mattermost) [](https://tosdr.org/en/service/2994) [](https://awesome-privacy.xyz/communication/team-collaboration/mattermost) [](https://play.google.com/store/apps/details?id=com.mattermost.rn) [](https://apps.apple.com/us/app/mattermost/id1257222717)ㅤ
-
-
-
-
-✳️ Notable Mentions
-
-> Some chat platforms allow for cross-platform group chats, voice and video conferencing, but without the additional collaboration features. For example, [Tox](https://tox.chat/), [Session](https://getsession.org/), [Ricochet](https://ricochet.im/), [Mumble](https://www.mumble.info/) and [Jami](https://jami.net/).
For Conferences, [OSEM](https://osem.io) is an open source all-in-one conference management tool, providing Registration, Schedules, Live and Recorded Sessions, Paper Submissions, Marketing Pages and Administration.
->
-
-⬆️ [Back to Top]
-
----
-
-## Security Tools
-
-### Browser Extensions
-
-The following browser add-ons give you better control over what content is able to be loaded and executed while your browsing.
Before installing anything, you should read the Word of Warning section below.
-
-- **[
Privacy Badger](https://privacybadger.org/)** - Blocks invisible trackers, in order to stop advertisers and other third-parties
-from secretly tracking where you go and what pages you look at. **Download**:
-[Chrome](https://chrome.google.com/webstore/detail/privacy-badger/pkehgijcmpdhfbdbbnkijodmdjhbjlgp) -
-[Firefox](https://addons.mozilla.org/en-GB/firefox/addon/privacy-badger17/)[…](https://awesome-privacy.xyz/security-tools/browser-extensions/privacy-badger "View full Privacy Badger report")
- -
- Stats
-
- [](https://github.com/EFForg/privacybadger) [](https://tosdr.org/en/service/682) [](https://awesome-privacy.xyz/security-tools/browser-extensions/privacy-badger) [](https://github.com/EFForg/privacybadger)ㅤ
-
-
-- **[
uBlock Origin](https://ublockorigin.com)** - Block ads, trackers and malware sites. **Download**:
-[Chrome](https://chrome.google.com/webstore/detail/ublock-origin/cjpalhdlnbpafiamejdnhcphjbkeiagm?hl=en-GB) -
-[Firefox](https://addons.mozilla.org/en-GB/firefox/addon/ublock-origin/)[…](https://awesome-privacy.xyz/security-tools/browser-extensions/ublock-origin "View full uBlock Origin report")
- -
- Stats
-
- [](https://github.com/gorhill/uBlock) [](https://tosdr.org/en/service/682) [](https://awesome-privacy.xyz/security-tools/browser-extensions/ublock-origin)ㅤ
-
-
-- **[
ScriptSafe](https://www.andryou.com/scriptsafe)** - Allows you to block the execution of certain scripts. **Download**:
-[Chrome](https://chromewebstore.google.com/detail/scriptsafe/oiigbmnaadbkfbmpbfijlflahbdbdgdf) -
-[Opera](https://addons.opera.com/en/extensions/details/scriptsafe-2/)[…](https://awesome-privacy.xyz/security-tools/browser-extensions/scriptsafe "View full ScriptSafe report")
- -
- Stats
-
- [](https://github.com/andryou/scriptsafe) [](https://awesome-privacy.xyz/security-tools/browser-extensions/scriptsafe)ㅤ
-
-
-- **[
Firefox Multi-Account Containers](https://addons.mozilla.org/en-US/firefox/addon/multi-account-containers/)** - Firefox Multi-Account Containers lets you keep parts of your online life separated into
-color-coded tabs that preserve your privacy. Cookies are separated by container, allowing
-you to use the web wit[…](https://awesome-privacy.xyz/security-tools/browser-extensions/firefox-multi-account-containers "View full Firefox Multi-Account Containers report")
- -
- Stats
-
- [](https://github.com/mozilla/multi-account-containers) [](https://awesome-privacy.xyz/security-tools/browser-extensions/firefox-multi-account-containers)ㅤ
-
-
-- **[
WebRTC-Leak-Prevent](https://diafygi.github.io/webrtc-ips)** - Provides user control over WebRTC privacy settings in Chromium, in order to prevent WebRTC leaks.
-**Download**: [Chrome](https://chrome.google.com/webstore/detail/webrtc-leak-prevent/eiadekoaikejlgdbkbdfeijglgfdalml?hl=en-GB).
-For Firefox users, you can do this through [browser settings](https://www.privacytools.io/browsers/#webrtc).
-Test for WebRTC leaks,[…](https://awesome-privacy.xyz/security-tools/browser-extensions/webrtc-leak-prevent "View full WebRTC-Leak-Prevent report")
- -
- Stats
-
- [](https://github.com/aghorler/WebRTC-Leak-Prevent) [](https://awesome-privacy.xyz/security-tools/browser-extensions/webrtc-leak-prevent)ㅤ
-
-
-- **[
Canvas Fingerprint Blocker](https://add0n.com/canvas-fingerprint-blocker.html)** - Block fingerprint without removing access to HTML5 Canvas element. Canvas fingerprinting is
-commonly used for tracking, this extension helps to mitigate this through disallowing the browser
-to generat[…](https://awesome-privacy.xyz/security-tools/browser-extensions/canvas-fingerprint-blocker "View full Canvas Fingerprint Blocker report")
- -
- Stats
-
- [](https://github.com/joue-quroi/canvas-fingerprint-blocker) [](https://awesome-privacy.xyz/security-tools/browser-extensions/canvas-fingerprint-blocker)ㅤ
-
-
-- **[
ClearURLs](https://gitlab.com/KevinRoebert/ClearUrls)** - This extension will automatically remove tracking elements from the GET parameters of URLs to
-help protect some privacy **Download**: [Chrome](https://chrome.google.com/webstore/detail/clearurls/lckanjgmijmafbedllaakclkaicjfmnk) -
-[Firefox](https://addons.mozilla.org/en-US/firefox/addon/clearurls/) / [Source](https://gitlab.com/KevinRoebert/ClearUrls)[…](https://awesome-privacy.xyz/security-tools/browser-extensions/clearurls "View full ClearURLs report")
- -
- Stats
-
- [](https://github.com/ClearURLs/Addon) [](https://tosdr.org/en/service/7192) [](https://awesome-privacy.xyz/security-tools/browser-extensions/clearurls) [](https://github.com/ClearURLs/Addon)ㅤ
-
-
-- **[
CSS Exfil Protection](https://www.mike-gualtieri.com/css-exfil-vulnerability-tester)** - Sanitizes and blocks any CSS rules which may be designed to steal data, in order to guard against
-Exfil attacks **Download**: [Chrome](https://chrome.google.com/webstore/detail/css-exfil-protection/ibeemfhcbbikonfajhamlkdgedmekifo) -
-[Firefox](https://addons.mozilla.org/en-US/firefox/addon/css-exfil-protection/) - [Source](https://github.com/mlgualtieri/CSS-Exfil-Protection)[…](https://awesome-privacy.xyz/security-tools/browser-extensions/css-exfil-protection "View full CSS Exfil Protection report")
- -
- Stats
-
- [](https://github.com/mlgualtieri/CSS-Exfil-Protection) [](https://awesome-privacy.xyz/security-tools/browser-extensions/css-exfil-protection)ㅤ
-
-
-- **[
First Party Isolation](https://github.com/mozfreddyb/webext-firstpartyisolation)** - Enables the First Party isolation preference (Clicking the Fishbowl icon temporarily disables it)
-**Download**: [Firefox](https://addons.mozilla.org/en-US/firefox/addon/first-party-isolation/)
-
- -
- Stats
-
- [](https://github.com/mozfreddyb/webext-firstpartyisolation) [](https://awesome-privacy.xyz/security-tools/browser-extensions/first-party-isolation)ㅤ
-
-
-- **[
Privacy-Oriented Origin Policy](https://claustromaniac.github.io/poop)** - Prevent Firefox from sending Origin headers when they are least likely to be necessary, to protect
-your privacy **Download**: [Firefox](https://addons.mozilla.org/en-US/firefox/addon/privacy-oriented-origin-policy/) -
-[Source](https://github.com/claustromaniac/poop)[…](https://awesome-privacy.xyz/security-tools/browser-extensions/privacy-oriented-origin-policy "View full Privacy-Oriented Origin Policy report")
- -
- Stats
-
- [](https://github.com/claustromaniac/poop) [](https://awesome-privacy.xyz/security-tools/browser-extensions/privacy-oriented-origin-policy)ㅤ
-
-
-- **[
LocalCDN](https://www.localcdn.org/)** - Emulates remote frameworks (e.g. jQuery, Bootstrap, Angular) and delivers them as local resource.
-Prevents unnecessary 3rd party requests to tracking CDNs **Download**: [Firefox](https://addons.mozilla.org/en-US/firefox/addon/localcdn-fork-of-decentraleyes/)[…](https://awesome-privacy.xyz/security-tools/browser-extensions/localcdn "View full LocalCDN report")
- -
- Stats
-
- [](https://awesome-privacy.xyz/security-tools/browser-extensions/localcdn) [](https://www.localcdn.org/)ㅤ
-
-
-- **[
Decentraleyes](https://decentraleyes.org)** - Similar to LocalCDN, Serves up local versions of common scripts instead of calling to 3rd-party CDN.
-Improves privacy and load times. Works out-of-the-box and plays nicely with regular content blocker[…](https://awesome-privacy.xyz/security-tools/browser-extensions/decentraleyes "View full Decentraleyes report")
- -
- Stats
-
- [](https://awesome-privacy.xyz/security-tools/browser-extensions/decentraleyes) [](https://decentraleyes.org)ㅤ
-
-
-- **[
Privacy Essentials](https://duckduckgo.com/app)** - Simple extension by DuckDuckGo, which grades the security of each site. **Download**:
-[Chrome](https://chrome.google.com/webstore/detail/duckduckgo-privacy-essent/bkdgflcldnnnapblkhphbgpggdiikppg?hl=en-GB) \
-[Firefox](https://addons.mozilla.org/en-GB/firefox/addon/duckduckgo-for-firefox/)[…](https://awesome-privacy.xyz/security-tools/browser-extensions/privacy-essentials "View full Privacy Essentials report")
- -
- Stats
-
- [](https://github.com/duckduckgo/duckduckgo-privacy-extension) [](https://tosdr.org/en/service/222) [](https://awesome-privacy.xyz/security-tools/browser-extensions/privacy-essentials) [](https://github.com/duckduckgo/duckduckgo-privacy-extension)ㅤ
-
-
-- **[
Privacy Redirect](https://github.com/SimonBrazell/privacy-redirect)** - A simple web extension that redirects Twitter, YouTube, Instagram & Google Maps requests to privacy friendly alternatives
-**Download**: [Firefox](https://addons.mozilla.org/en-US/firefox/addon/privacy-redirect/) - [Chrome](https://chrome.google.com/webstore/detail/privacy-redirect/pmcmeagblkinmogikoikkdjiligflglb)[…](https://awesome-privacy.xyz/security-tools/browser-extensions/privacy-redirect "View full Privacy Redirect report")
- -
- Stats
-
- [](https://github.com/SimonBrazell/privacy-redirect) [](https://awesome-privacy.xyz/security-tools/browser-extensions/privacy-redirect)ㅤ
-
-
-- **[
User Agent Switcher](https://add0n.com/useragent-switcher.html)** - Spoofs browser's User-Agent string, making it appear that you are on a different device, browser and version to
-what you are actually using. This alone does very little for privacy, but combined with[…](https://awesome-privacy.xyz/security-tools/browser-extensions/user-agent-switcher "View full User Agent Switcher report")
- -
- Stats
-
- [](https://github.com/ray-lothian/UserAgent-Switcher) [](https://awesome-privacy.xyz/security-tools/browser-extensions/user-agent-switcher)ㅤ
-
-
-- **[
PrivacySpy](https://privacyspy.org)** - The companion extension for PrivacySpy.org - an open project that rates, annotates, and archives privacy policies.
-The extension shows a score for the privacy policy of the current website. **Download**:[…](https://awesome-privacy.xyz/security-tools/browser-extensions/privacyspy "View full PrivacySpy report")
- -
- Stats
-
- [](https://github.com/politiwatch/privacyspy) [](https://tosdr.org/en/service/4346) [](https://awesome-privacy.xyz/security-tools/browser-extensions/privacyspy)ㅤ
-
-
-- **[
HTTPZ](https://github.com/claustromaniac/httpz)** - Simplified HTTPS upgrades for Firefox (lightweight alternative to HTTPS-Everywhere) **Download**:
-[Firefox](https://addons.mozilla.org/en-US/firefox/addon/httpz/)
-
- -
- Stats
-
- [](https://github.com/claustromaniac/httpz) [](https://awesome-privacy.xyz/security-tools/browser-extensions/httpz)ㅤ
-
-
-- **[
Skip Redirect](https://github.com/sblask/webextension-skip-redirect)** - Some web pages use intermediary pages before redirecting to a final page. This add-on tries to extract the final url
-from the intermediary url and goes there straight away if successful **Download**:
-[Firefox](https://addons.mozilla.org/en-US/firefox/addon/skip-redirect/)[…](https://awesome-privacy.xyz/security-tools/browser-extensions/skip-redirect "View full Skip Redirect report")
- -
- Stats
-
- [](https://github.com/sblask/webextension-skip-redirect) [](https://awesome-privacy.xyz/security-tools/browser-extensions/skip-redirect)ㅤ
-
-
-- **[
Web Archives](https://github.com/dessant/web-archives)** - View archived and cached versions of web pages on 10+ search engines, such as the Wayback Machine, Archive.is, Google etc
-Useful for checking legitimacy of websites, and viewing change logs **Download**:[…](https://awesome-privacy.xyz/security-tools/browser-extensions/web-archives "View full Web Archives report")
- -
- Stats
-
- [](https://github.com/dessant/web-archives) [](https://awesome-privacy.xyz/security-tools/browser-extensions/web-archives)ㅤ
-
-
-- **[
Flagfox](https://flagfox.wordpress.com/)** - Displays a country flag depicting the location of the current website's server, which can be useful to know at a glance.
-Click icon for more tools such as site safety checks, whois, validation etc **Download**[…](https://awesome-privacy.xyz/security-tools/browser-extensions/flagfox "View full Flagfox report")
- -
- Stats
-
- [](https://tosdr.org/en/service/6150) [](https://awesome-privacy.xyz/security-tools/browser-extensions/flagfox)ㅤ
-
-
-- **[
Lightbeam](https://mozilla.github.io/lightbeam/)** - Visualize in detail the servers you are contacting when you are surfing on the Internet. Created by Gary Kovacs (former CEO of Mozilla), presented in his [TED Talk](https://www.ted.com/talks/gary_kovacs_tracking_our_online_trackers). **Download**: [Firefox](https://addons.mozilla.org/en-US/firefox/addon/lightbeam-3-0/) - [Source](https://github.com/mozilla/lightbeam-we)[…](https://awesome-privacy.xyz/security-tools/browser-extensions/lightbeam "View full Lightbeam report")
- -
- Stats
-
- [](https://github.com/mozilla/lightbeam-we) [](https://awesome-privacy.xyz/security-tools/browser-extensions/lightbeam)ㅤ
-
-
-- **[
Track Me Not](http://trackmenot.io)** - Helps protect web searchers from surveillance and data-profiling, through creating meaningless noise and obfuscation, outlined in their [whitepaper](http://trackmenot.io/resources/trackmenot2009.pdf). Controversial whether or not this is a good approach[…](https://awesome-privacy.xyz/security-tools/browser-extensions/track-me-not "View full Track Me Not report")
- -
- Stats
-
- [](https://github.com/vtoubiana/TrackMeNot) [](https://awesome-privacy.xyz/security-tools/browser-extensions/track-me-not)ㅤ
-
-
-- **[
AmIUnique Timeline](https://amiunique.org/timeline)** - Enables you to better understand the evolution of browser fingerprints (which is what websites use to uniquely identify and track you). **Download**: [Chrome](https://chrome.google.com/webstore/detail/amiunique/pigjfndpomdldkmoaiiigpbncemhjeca) - [Firefox](https://addons.mozilla.org/en-US/firefox/addon/amiunique)[…](https://awesome-privacy.xyz/security-tools/browser-extensions/amiunique-timeline "View full AmIUnique Timeline report")
- -
- Stats
-
- [](https://tosdr.org/en/service/4202) [](https://awesome-privacy.xyz/security-tools/browser-extensions/amiunique-timeline)ㅤ
-
-
-- **[
Netcraft Extension](https://www.netcraft.com/apps/browser)** - Notifies you when visiting a known or potential phishing site, and detects suspicious JavaScript (including skimmers and miners). Also provides a simple rating for a given site's legitimacy and securi[…](https://awesome-privacy.xyz/security-tools/browser-extensions/netcraft-extension "View full Netcraft Extension report")
- -
- Stats
-
- [](https://awesome-privacy.xyz/security-tools/browser-extensions/netcraft-extension)ㅤ
-
-
-- **[
HTTPS Everywhere](https://eff.org/https-everywhere)** - **NOTE** On modern browsers, this is [no longer needed](https://www.eff.org/deeplinks/2021/09/https-actually-everywhere)
-Forces sites to load in HTTPS, in order to encrypt your communications with websites,
-making your browsing more secure (Similar to [Smart HTTPS](https://mybrowseraddon.com/smart-https.html)).
-Note[…](https://awesome-privacy.xyz/security-tools/browser-extensions/https-everywhere "View full HTTPS Everywhere report")
- -
- Stats
-
- [](https://github.com/EFForg/https-everywhere) [](https://tosdr.org/en/service/682) [](https://awesome-privacy.xyz/security-tools/browser-extensions/https-everywhere)ㅤ
-
-
-- **[
Linguist](https://linguister.io)** - Linguist is a privacy‑focused translation solution in-browser that has an embedded offline translator
-and lets users create [custom translators](https://linguister.io/docs/CustomTranslator) to use any translation API,
-even if it's locally deployed[…](https://awesome-privacy.xyz/security-tools/browser-extensions/linguist "View full Linguist report")
- -
- Stats
-
- [](https://github.com/https://github.com/translate-tools/linguist) [](https://awesome-privacy.xyz/security-tools/browser-extensions/linguist)ㅤ
-
-
-
-
-⚠️ Word of Warning
-
-> - Having many extensions installed raises entropy, causing your fingerprint to be more unique, hence making tracking easier.
-- Much of the functionality of the above addons can be applied without installing anything, by configuring browser settings yourself. For Firefox this is done in the user.js
-- Be careful when installing unfamiliar browser add-ons, since some can compromise your security and privacy. At the time of writing, the above list were all open source, verified and 'safe' extensions.
-- In most situations, only a few of the above extensions will be needed in combination.
-- See the [arkenfox wiki](https://github.com/arkenfox/user.js/wiki/4.1-Extensions) for more information on the obsolescence and purposelessness of many popular extensions, and why you may only need a very limited set.
-
-
-
-
-
-✳️ Notable Mentions
-
-> - [Extension source viewer](https://addons.mozilla.org/en-US/firefox/addon/crxviewer) - A handy extension for viewing the source code of another browser extension, which is a useful tool for verifying the code does what it says
-
-
-⬆️ [Back to Top]
-
----
-
-### Mobile Apps
-
-- **[
Orbot](https://support.torproject.org/glossary/orbot/)** - System-wide Tor proxy, which encrypts your connection through multiple nodes.
-You can also use it alongside Tor Browser to access .onion sites.
-
- -
- Stats
-
- [](https://github.com/guardianproject/orbot) [](https://awesome-privacy.xyz/security-tools/mobile-apps/orbot)ㅤ
-
-
-- **[
NetGuard](https://netguard.me/)** - A firewall app for Android, which does not require root. NetGuard provides simple
-and advanced ways to block access to the internet, where applications and addresses
-can individually be allowed or den[…](https://awesome-privacy.xyz/security-tools/mobile-apps/netguard "View full NetGuard report")
- -
- Stats
-
- [](https://github.com/M66B/NetGuard) [](https://awesome-privacy.xyz/security-tools/mobile-apps/netguard) [](https://play.google.com/store/apps/details?id=org.torproject.android)ㅤ
-
-
-- **[
Island](https://island.oasisfeng.com/)** - A sandbox environment, allowing you to clone selected apps and run them in an isolated
-box, preventing it from accessing your personal data, or device information.
-
- -
- Stats
-
- [](https://github.com/oasisfeng/island) [](https://awesome-privacy.xyz/security-tools/mobile-apps/island) [](https://play.google.com/store/apps/details?id=com.oasisfeng.island)ㅤ
-
-
-- **[
Insular](https://gitlab.com/secure-system/Insular)** - An actively-maintained fork of the Island project with additional enhancements
-
- -
- Stats
-
- [](https://github.com/oasisfeng/island) [](https://awesome-privacy.xyz/security-tools/mobile-apps/insular)ㅤ
-
-
-- **[
Exodus](https://exodus-privacy.eu.org/en/page/what/#android-app)** - Shows which trackers, each of your installed apps is using, so that you can better
-understand how your data is being collected. Uses data from the Exodus database of scanned APKs.
-
- -
- Stats
-
- [](https://tosdr.org/en/service/3843) [](https://awesome-privacy.xyz/security-tools/mobile-apps/exodus) [](https://play.google.com/store/apps/details?id=org.eu.exodus_privacy.exodusprivacy)ㅤ
-
-
-- **[
Bouncer](https://play.google.com/store/apps/details?id=com.samruston.permission)** - Gives you the ability to grant permissions temporarily, so that you could for example
-use the camera to take a profile picture, but when you close the given app, those permissions
-will be revoked.
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/security-tools/mobile-apps/bouncer) [](https://play.google.com/store/apps/details?id=com.samruston.permission)ㅤ
-
-
-- **[
XPrivacyLua](https://lua.xprivacy.eu/)** - Simple to use privacy manager for Android, that enables you to feed apps fake data when
-they request intimate permissions. Solves the problem caused by apps malfunctioning when
-you revoke permissions,[…](https://awesome-privacy.xyz/security-tools/mobile-apps/xprivacylua "View full XPrivacyLua report")
- -
- Stats
-
- [](https://github.com/M66B/XPrivacyLua) [](https://awesome-privacy.xyz/security-tools/mobile-apps/xprivacylua)ㅤ
-
-
-- **[
SuperFreezZ](https://superfreezz.gitlab.io/)** - Makes it possible to entirely freeze all background activities on a per-app basis.
-Intended purpose is to speed up your phone, and prolong battery life, but this app is
-also a great utility to stop ce[…](https://awesome-privacy.xyz/security-tools/mobile-apps/superfreezz "View full SuperFreezZ report")
- -
- Stats
-
- [](https://awesome-privacy.xyz/security-tools/mobile-apps/superfreezz)ㅤ
-
-
-- **[
Haven](https://guardianproject.github.io/haven/)** - Allows you to protect yourself, your personal space and your possessions - without
-compromising on security. Leveraging device sensors to monitor nearby space, Haven was
-developed by The Guardian Proj[…](https://awesome-privacy.xyz/security-tools/mobile-apps/haven "View full Haven report")
- -
- Stats
-
- [](https://github.com/guardianproject/haven) [](https://tosdr.org/en/service/682) [](https://awesome-privacy.xyz/security-tools/mobile-apps/haven) [](https://play.google.com/store/apps/details?id=org.havenapp.main)ㅤ
-
-
-- **[
Secure Task](https://play.google.com/store/apps/details?id=com.balda.securetask)** - Triggers actions, when certain security conditions are met, such as multiple failed login
-attempts or monitor settings changed. It does require Tasker, and needs to be set up with
-ADB, device does not[…](https://awesome-privacy.xyz/security-tools/mobile-apps/secure-task "View full Secure Task report")
- -
- Stats
-
- [](https://awesome-privacy.xyz/security-tools/mobile-apps/secure-task) [](https://play.google.com/store/apps/details?id=com.balda.securetask)ㅤ
-
-
-- **[
Cryptomator](https://cryptomator.org/android/)** - Encrypts files and folders client-side, before uploading them to cloud storage (such as Google
-Drive, One Drive or Dropbox), meaning none of your personal documents leave your device in plain text.
-
- -
- Stats
-
- [](https://github.com/cryptomator/android) [](https://tosdr.org/en/service/4403) [](https://awesome-privacy.xyz/security-tools/mobile-apps/cryptomator) [](https://play.google.com/store/apps/details?id=org.cryptomator) [](https://apps.apple.com/us/app/cryptomator/id1560822163)ㅤ
-
-
-- **[
1.1.1.1](https://1.1.1.1/)** - Lets you use CloudFlares fast and secure 1.1.1.1 DNS, with DNS over HTTPS, and also has the option
-to enable CloudFlares WARP+ VPN.
-
- -
- Stats
-
- [](https://tosdr.org/en/service/893) [](https://awesome-privacy.xyz/security-tools/mobile-apps/1.1.1.1) [](https://play.google.com/store/apps/details?id=com.cloudflare.onedotonedotonedotone) [](https://apps.apple.com/us/app/1-1-1-1-faster-internet/id1423538627)ㅤ
-
-
-- **[
Fing App](https://www.fing.com/products/fing-app)** - A network scanner to help you monitor and secure your WiFi network. The app is totally free,
-but to use the advanced controls, you will need a Fing Box.
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/security-tools/mobile-apps/fing-app) [](https://play.google.com/store/apps/details?id=com.overlook.android.fing) [](https://apps.apple.com/us/app/fing-network-scanner/id430921107)ㅤ
-
-
-- **[
DPI Tunnel](https://f-droid.org/packages/ru.evgeniy.dpitunnelcli/)** - An application for Android that uses various techniques to bypass DPI (Deep Packet Inspection)
-systems, which are used to block some sites (not available on Play store).
-
- -
- Stats
-
- [](https://github.com/nomoresat/DPITunnel-android) [](https://awesome-privacy.xyz/security-tools/mobile-apps/dpi-tunnel)ㅤ
-
-
-- **[
Blokada](https://blokada.org/)** - This application blocks ads and trackers, doesn't require root and works for all the apps on your
-Android phone. Check out how it works here.
-
- -
- Stats
-
- [](https://github.com/blokadaorg/blokada) [](https://tosdr.org/en/service/8557) [](https://awesome-privacy.xyz/security-tools/mobile-apps/blokada) [](https://play.google.com/store/apps/details?id=org.blokada.sex) [](https://apps.apple.com/us/app/blokada/id1508341781)ㅤ
-
-
-- **[
SnoopSnitch](https://opensource.srlabs.de/projects/snoopsnitch)** - Collects and analyzes mobile radio data to make you aware of your mobile network security and to
-warn you about threats like fake base stations (IMSI catchers), user tracking and over-the-air updates.[…](https://awesome-privacy.xyz/security-tools/mobile-apps/snoopsnitch "View full SnoopSnitch report")
- -
- Stats
-
- [](https://github.com/srlabs/snoopsnitch) [](https://awesome-privacy.xyz/security-tools/mobile-apps/snoopsnitch) [](https://play.google.com/store/apps/details?id=de.srlabs.snoopsnitch)ㅤ
-
-
-- **[
TrackerControl](https://trackercontrol.org/)** - Monitor and control hidden data collection in mobile apps about user behavior/ tracking.
-Get from [F-Droid](https://f-droid.org/en/packages/net.kollnig.missioncontrol.fdroid/)
-
- -
- Stats
-
- [](https://github.com/TrackerControl/tracker-control-android) [](https://awesome-privacy.xyz/security-tools/mobile-apps/trackercontrol) [](https://play.google.com/store/apps/details?id=net.kollnig.missioncontrol.play)ㅤ
-
-
-- **[
Greentooth](https://gitlab.com/nbergman/greentooth)** - Auto-disable Bluetooth, then it is not being used. Saves battery, and prevent some security risks.
-Get from [F-Droid](https://f-droid.org/en/packages/com.smilla.greentooth/)
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/security-tools/mobile-apps/greentooth)ㅤ
-
-
-- **[
PrivateLock](https://github.com/wesaphzt/privatelock)** - Auto lock your phone based on movement force/ acceleration.
-Get from [F-Droid](https://f-droid.org/en/packages/com.wesaphzt.privatelock/)
-See also [PluckLock](https://github.com/SyntaxBlitz/PluckLock)[…](https://awesome-privacy.xyz/security-tools/mobile-apps/privatelock "View full PrivateLock report")
- -
- Stats
-
- [](https://github.com/wesaphzt/privatelock) [](https://awesome-privacy.xyz/security-tools/mobile-apps/privatelock)ㅤ
-
-
-- **[
CamWings](https://schiffer.tech/camwings-mobile.html)** - Prevent background processes gaining unauthorized access to your devices camera. Better still,
-use a webcam sticker.
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/security-tools/mobile-apps/camwings) [](https://play.google.com/store/apps/details?id=com.schiffertech.camwings)ㅤ
-
-
-- **[
ScreenWings](https://schiffer.tech/screenwings-mobile.html)** - Prevent background processes taking unauthorized screenshots, which could expose sensitive data.
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/security-tools/mobile-apps/screenwings) [](https://play.google.com/store/apps/details?id=com.schiffertech.screenwings)ㅤ
-
-
-- **[
AFWall+](https://github.com/ukanth/afwall/)** - Android Firewall+ (AFWall+) is an advanced iptables editor (GUI) for rooted Android devices,
-which provides very fine-grained control over which Android apps are allowed to access the network.
-Get fro[…](https://awesome-privacy.xyz/security-tools/mobile-apps/afwalland "View full AFWall+ report")
- -
- Stats
-
- [](https://github.com/ukanth/afwall) [](https://awesome-privacy.xyz/security-tools/mobile-apps/afwalland) [](https://play.google.com/store/apps/details?id=dev.ukanth.ufirewall)ㅤ
-
-
-- **[
Catch the Man-in-the-Middle](https://play.google.com/store/apps/details?id=me.brax.certchecker)** - Simple tool, that compares SHA-1 fingerprints of the the SSL certificates seen from your device,
-and the certificate seen from an external network. If they do not match, this may indicate a
-man-in-the[…](https://awesome-privacy.xyz/security-tools/mobile-apps/catch-the-man-in-the-middle "View full Catch the Man-in-the-Middle report")
- -
- Stats
-
- [](https://awesome-privacy.xyz/security-tools/mobile-apps/catch-the-man-in-the-middle) [](https://play.google.com/store/apps/details?id=me.brax.certchecker)ㅤ
-
-
-- **[
RethinkDNS & Firewall](https://rethinkdns.com)** - An open-source ad-blocker and firewall app for Android 6+ (does not require root).
-
- -
- Stats
-
- [](https://github.com/celzero/rethink-app) [](https://tosdr.org/en/service/4691) [](https://awesome-privacy.xyz/security-tools/mobile-apps/rethinkdns-and-firewall) [](https://play.google.com/store/apps/details?id=com.celzero.bravedns)ㅤ
-
-
-- **[
F-Droid](https://f-droid.org/)** - F-Droid is an installable catalogue of FOSS applications for Android. The client enables you
-to browse, install, and keep track of updates on your device.
-
- -
- Stats
-
- [](https://tosdr.org/en/service/2182) [](https://awesome-privacy.xyz/security-tools/mobile-apps/f-droid) [](https://f-droid.org/)ㅤ
-
-
-
-
-⚠️ Word of Warning
-
-> Too many installed apps will increase your attack surface - only install applications that you need.
-Be sure to check the permissions, and what data an app has access to prior to installation.
-Only install from official sources.
-
-
-
-
-
-✳️ Notable Mentions
-
-> For more open source security & privacy apps, check out these publishers:
-> [The Guardian Project](https://guardianproject.info) ([Play Store](https://play.google.com/store/apps/dev?id=6502754515281796553), [F-Droid](https://search.f-droid.org/?q=guardianproject)),
-> [The Tor Project](https://www.torproject.org/) ([Play Store](https://play.google.com/store/apps/developer?id=The+Tor+Project), [F-Droid](https://search.f-droid.org/?q=torproject)),
-> [Oasis Feng](https://github.com/oasisfeng) ([Play Store](https://play.google.com/store/apps/dev?id=7664242523989527886)),
-> [FairCode (Marcel Bokhorst)](https://www.faircode.eu/) ([Play Store](https://play.google.com/store/apps/dev?id=8420080860664580239), [F-Droid](https://search.f-droid.org/?q=faircode)),
-> [SECUSO Research Group](https://secuso.aifb.kit.edu/english/105.php) ([Play Store](https://play.google.com/store/apps/developer?id=SECUSO+Research+Group&hl=en_US), [F-Droid](https://search.f-droid.org/?q=secuso)),
-> and [Fossify](https://www.fossify.org) ([Play Store](https://play.google.com/store/apps/dev?id=9070296388022589266), [F-Droid](https://search.f-droid.org/?q=fossify)) -
-> all of which are trusted developers or organisations, who've done amazing work.
->
-> For offensive and defensive security, see
-> The Kali [Nethunter Catalogue](https://store.nethunter.com/en/packages) of apps
->
-> For *advanced* users, the following tools can be used to closely monitor
-> your devise and networks, in order to detect any unusual activity.
-> [PortDroid] for network analysis, [Packet Capture] to monitor network
-> traffic, [SysLog] for viewing system logs, [Dexplorer] to read .dex or .apk files
-> for your installed apps, and [Check and Test] to check status and details of devices hardware.
->
-
-⬆️ [Back to Top]
-
----
-
-### Online Tools
-
-A selection of free online tools and utilities, to check, test and protect your security
-
-- **[
Have i been pwned](https://haveibeenpwned.com)** - Checks if your credentials (Email address or Password) have been compromised in a data breach.
-See also Firefox Monitor.
-
- -
- Stats
-
- [](https://tosdr.org/en/service/3435) [](https://awesome-privacy.xyz/security-tools/online-tools/have-i-been-pwned)ㅤ
-
-
-- **[
εxodus](https://reports.exodus-privacy.eu.org)** - Checks how many, and which trackers any Android app has. Useful to understand how data is being
-collected before you install a certain APK, it also shows which permissions the app asks for.
-
- -
- Stats
-
- [](https://github.com/Exodus-Privacy/website) [](https://tosdr.org/en/service/3843) [](https://awesome-privacy.xyz/security-tools/online-tools/εxodus)ㅤ
-
-
-- **[
Am I Unique?](https://amiunique.org/fingerprint)** - Show how identifiable you are on the Internet by generating a fingerprint based on device information.
-This is how many websites track you (even without cookies enabled), so the aim is to not be uniqu[…](https://awesome-privacy.xyz/security-tools/online-tools/am-i-unique "View full Am I Unique? report")
- -
- Stats
-
- [](https://tosdr.org/en/service/4202) [](https://awesome-privacy.xyz/security-tools/online-tools/am-i-unique)ㅤ
-
-
-- **[
Panopticlick](https://panopticlick.eff.org/)** - Check if your browser safe against tracking. Analyzes how well your browser and add-ons protect you
-against online tracking techniques, and if your system is uniquely configured—and thus identifiable.[…](https://awesome-privacy.xyz/security-tools/online-tools/panopticlick "View full Panopticlick report")
- -
- Stats
-
- [](https://github.com/EFForg/cover-your-tracks) [](https://awesome-privacy.xyz/security-tools/online-tools/panopticlick)ㅤ
-
-
-- **[
Phish.ly](https://phish.ly/)** - Analyzes emails, checking the URLs and creating a SHA256 and MD5 hash of attachments, with a link to VirusTotal.
-To use the service, just forward a potentially malicious or suspicious email to scan@ph[…](https://awesome-privacy.xyz/security-tools/online-tools/phish.ly "View full Phish.ly report")
- -
- Stats
-
- [](https://awesome-privacy.xyz/security-tools/online-tools/phish.ly)ㅤ
-
-
-- **[
Browser Leak Test](https://browserleaks.com)** - Shows which of personal identity data is being leaked through your browser, so you can better protect yourself
-against fingerprinting.
-
- -
- Stats
-
- [](https://tosdr.org/en/service/7967) [](https://awesome-privacy.xyz/security-tools/online-tools/browser-leak-test)ㅤ
-
-
-- **[
IP Leak Test](https://ipleak.net)** - Shows your IP address, and other associated details (location, ISP, WebRTC check, DNS, and lots more).
-
- -
- Stats
-
- [](https://tosdr.org/en/service/7968) [](https://awesome-privacy.xyz/security-tools/online-tools/ip-leak-test)ㅤ
-
-
-- **[
EXIF Remove](https://www.exifremove.com)** - Displays, and removes Meta and EXIF data from an uploaded photo or document.
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/security-tools/online-tools/exif-remove)ㅤ
-
-
-- **[
Redirect Detective](https://redirectdetective.com)** - Check where a suspicious URL redirects to (without having to click it). Lets you avoid being tracked by not being
-redirected via adware/tracking sites, or see if a shortened link actually resolves a l[…](https://awesome-privacy.xyz/security-tools/online-tools/redirect-detective "View full Redirect Detective report")
- -
- Stats
-
- [](https://awesome-privacy.xyz/security-tools/online-tools/redirect-detective)ㅤ
-
-
-- **[
Blocked.org](https://www.blocked.org.uk)** - Checks if a given website is blocked by filters applied by your mobile and broadband Internet Service Providers (ISP).
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/security-tools/online-tools/blocked.org)ㅤ
-
-
-- **[
Virus Total](https://www.virustotal.com)** - Analyses a potentially-suspicious web resources (by URL, IP, domain or file hash) to detect types of malware
-(*note: files are scanned publicly*).
-
- -
- Stats
-
- [](https://tosdr.org/en/service/1886) [](https://awesome-privacy.xyz/security-tools/online-tools/virus-total)ㅤ
-
-
-- **[
Hardenize](https://www.hardenize.com/)** - Scan websites and shows a security overview, relating to factors such as HTTPS, domain info, email data, www protocols
-and so on.
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/security-tools/online-tools/hardenize)ㅤ
-
-
-- **[
Is Legit?](https://www.islegitsite.com/)** - Checks if a website or business is a scam, before buying something from it.
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/security-tools/online-tools/is-legit)ㅤ
-
-
-- **[
Should I Remove It?](https://www.shouldiremoveit.com)** - Ever been uninstalling programs from your Windows PC and been unsure of what something is? Should I Remove It is a
-database of Windows software, detailing whether it is essential, harmless or dangerou[…](https://awesome-privacy.xyz/security-tools/online-tools/should-i-remove-it "View full Should I Remove It? report")
- -
- Stats
-
- [](https://awesome-privacy.xyz/security-tools/online-tools/should-i-remove-it)ㅤ
-
-
-- **[
10 Minute Mail](https://10minemail.com/)** - Generates temporary disposable email address, to avoid giving your real details.
-
- -
- Stats
-
- [](https://tosdr.org/en/service/838) [](https://awesome-privacy.xyz/security-tools/online-tools/10-minute-mail)ㅤ
-
-
-- **[
MXToolBox Mail Headers](https://mxtoolbox.com/Public/Tools/EmailHeaders.aspx)** - Tool for analyzing email headers, useful for checking the authenticity of messages, as well as knowing what info
-you are revealing in your outbound messages.
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/security-tools/online-tools/mxtoolbox-mail-headers)ㅤ
-
-
-- **[
Am I FloCed?](https://amifloced.org/)** - Google testing out a new tracking feature called Federated Learning of Cohorts (aka "FLoC"). It currently effects
-0.5% of Chrome users, this tool developed by the EFF will detect if you are affected,[…](https://awesome-privacy.xyz/security-tools/online-tools/am-i-floced "View full Am I FloCed? report")
- -
- Stats
-
- [](https://awesome-privacy.xyz/security-tools/online-tools/am-i-floced)ㅤ
-
-
-- **[
Site Report](https://sitereport.netcraft.com/)** - A tool from Netcraft, for analysing what any given website is running, where it's located and information about its
-host, registrar, IP and SSL certificates.
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/security-tools/online-tools/site-report)ㅤ
-
-
-
-
-⚠️ Word of Warning
-
-> Browsers are inherently insecure, be careful when uploading, or entering personal details.
-
-
-
-
-⬆️ [Back to Top]
-
----
-
-## Networking
-
-### Virtual Private Networks
-
-- **[
Mullvad](http://mullvad.net/en)** - Mullvad is one of the best for privacy, they have a totally anonymous sign up process,
-you don't need to provide any details at all, you can choose to pay anonymously too
-(with Monero, BTC or cash).
-
- -
- Stats
-
- [](https://github.com/mullvad/mullvadvpn-app) [](https://tosdr.org/en/service/641) [](https://awesome-privacy.xyz/networking/virtual-private-networks/mullvad)  [](https://play.google.com/store/apps/details?id=net.mullvad.mullvadvpn) [](https://apps.apple.com/us/app/mullvad-vpn/id1488466513)ㅤ
-
-
-- **[
Azire](https://www.azirevpn.com/)** - Azire is a Swedish VPN provider, who owns their own hardware with physically removed
-storage and a no logging policy. Pricing starts at €3.25/mo, with crypto (including XMR)
-supported. Note that they'[…](https://awesome-privacy.xyz/networking/virtual-private-networks/azire "View full Azire report")
- -
- Stats
-
- [](https://tosdr.org/en/service/6639) [](https://awesome-privacy.xyz/networking/virtual-private-networks/azire) [](https://play.google.com/store/apps/details?id=com.azirevpn.android) [](https://apps.apple.com/us/app/azirevpn/id6444623166)ㅤ
-
-
-- **[
IVPN](https://www.ivpn.net/)** - Independently Security Audited VPN with anonymous signup, no logs, no cloud or customer
-data stored, open-source apps and website. Strong ethics: no trackers, no false promises,
-no surveillance ads. A[…](https://awesome-privacy.xyz/networking/virtual-private-networks/ivpn "View full IVPN report")
- -
- Stats
-
- [](https://github.com/ivpn/desktop-app) [](https://tosdr.org/en/service/2748) [](https://awesome-privacy.xyz/networking/virtual-private-networks/ivpn) [](https://github.com/ivpn/desktop-app)  [](https://play.google.com/store/apps/details?id=net.ivpn.client) [](https://apps.apple.com/us/app/ivpn-secure-vpn-for-privacy/id1193122683)ㅤ
-
-
-- **[
ProtonVPN](https://protonvpn.com)** - From the creators of ProtonMail, ProtonVPN has a solid reputation. They have a full suite
-of user-friendly native mobile and desktop apps. ProtonVPN is one of the few "trustworthy"
-providers that also[…](https://awesome-privacy.xyz/networking/virtual-private-networks/protonvpn "View full ProtonVPN report")
- -
- Stats
-
- [](https://github.com/ProtonVPN/android-app) [](https://tosdr.org/en/service/1745) [](https://awesome-privacy.xyz/networking/virtual-private-networks/protonvpn)  [](https://play.google.com/store/apps/details?id=ch.protonvpn.android) [](https://apps.apple.com/us/app/proton-vpn-fast-secure/id1437005085)ㅤ
-
-
-- **[
OVPN](https://www.ovpn.com)** - A court-proven VPN service with support for Wireguard and OpenVPN support, and optional
-ad-blocking. Running on dedicated hardware, with no hard drives.
-
- -
- Stats
-
- [](https://tosdr.org/en/service/2981) [](https://awesome-privacy.xyz/networking/virtual-private-networks/ovpn) [](https://play.google.com/store/apps/details?id=com.ovpn.android) [](https://apps.apple.com/us/app/ovpn-unlimited-vpn-wifi-proxy/id1520543719)ㅤ
-
-
-- **[
Party VPN](https://partyvpn.com)** - Crypto-native VPN with pay-as-you-go pricing. Accepts cryptocurrency only, including Monero.
-WireGuard and AmneziaWG protocols, no-logs policy, REST API for developers. No
-subscriptions or credit card[…](https://awesome-privacy.xyz/networking/virtual-private-networks/party-vpn "View full Party VPN report")
- -
- Stats
-
- [](https://awesome-privacy.xyz/networking/virtual-private-networks/party-vpn)  [](https://discord.gg/6GRddHhW2d)ㅤ
-
-
-
-
-⚠️ Word of Warning
-
-> - *A VPN does not make you anonymous - it merely changes your public IP address to that of your VPN provider, instead of your ISP. Your browsing session can still be linked back to your real identity either through your system details (such as user agent, screen resolution even typing patterns), cookies / session storage, or by the identifiable data that you enter. [Read more about fingerprinting](https://pixelprivacy.com/resources/browser-fingerprinting/)*
-- *Logging - If you choose to use a VPN because you do not agree with your ISP logging your full browsing history, then it is important to keep in mind that your VPN provider can see (and mess with) all your traffic. Many VPNs claim not to keep logs, but you cannot be certain of this ([VPN leaks](https://vpnleaks.com/)). See [this article](https://gist.github.com/joepie91/5a9909939e6ce7d09e29) for more*
-- *IP Leaks - If configured incorrectly, your IP may be exposed through a DNS leak. This usually happens when your system is unknowingly accessing default DNS servers rather than the anonymous DNS servers assigned by an anonymity network or VPN. Read more: [What is a DNS leak](https://www.dnsleaktest.com/what-is-a-dns-leak.html), [DNS Leak Test](https://www.dnsleaktest.com), [How to Fix a DNS Leak](https://www.dnsleaktest.com/how-to-fix-a-dns-leak.html)*
-- *Stealth - It will be visible to your adversary that you are using a VPN (usually from the IP address), but other system and browser data, can still reveal information about you and your device (such as your local time-zone, indicating which region you are operating from)*
-- *Many reviews are sponsored, and hence biased. Do your own research, or go with one of the above options*
-- *Using [Tor](https://www.torproject.org) (or another [Mix Network](/5_Privacy_Respecting_Software.md#mix-networks)) may be a better option for anonimity*
-
-
-
-
-
-✳️ Notable Mentions
-
-> If you don't trust a VPN provider not to keep logs, then you could self-host your own VPN. This gives you you total control, but at the cost of anonymity (since your cloud provider, will require your billing info). See [Streisand](https://github.com/StreisandEffect/streisand), to learn more, and get started with running a VPN. [Digital Ocean](https://m.do.co/c/3838338e7f79) provides flexible, secure and easy Linux VMs, (from $0.007/hour or $5/month), Here is a [1-click install script](http://dovpn.carlfriess.com/)for on [Digital Ocean](https://m.do.co/c/3838338e7f79), by Carl Friess.
-> Recently distributed self-hosted solutions for running your own VPNs have become more popular, with services like [Outline](https://getoutline.org/) letting you spin up your own instance and share it with friends and family. Since it's distributed, it is very resistant to blocking, and gives you world-wide access to the free and open internet. And since you have full control over the server, you can be confident that there is no logging or monitoring happening. However it comes at the cost of anonymity, especially if it's only you using your instance.
-
-
-ℹ️ Further Info
-
-> *While choosing a VPN, consider the following: Logging policy (logs are bad),
-Jurisdiction (avoid 5-eyes), Number of servers, availability and average load.
-Payment method (anonymous methods such as BTC, Monero or cash are better),
-Leak protection (1st-party DNS servers = good, and check if IPv6 is supported),
-protocols (OpenVPN and WireGuard = good). Finally, usability of their apps,
-user reviews and download speeds.*
-
-
-⬆️ [Back to Top]
-
----
-
-### Self-Hosted Network Security
-
-Fun little projects that you can run on a Raspberry Pi, or other low-powered computer. In order to help detect and prevent threats, monitor network and filter content
-
-- **[
Pi-Hole](https://pi-hole.net)** - Network-level advertisement and Internet tracker blocking application which acts as a DNS
-sinkhole. Pi-Hole can significantly speed up your internet, remove ads and block malware.
-It comes with a nice[…](https://awesome-privacy.xyz/networking/self-hosted-network-security/pi-hole "View full Pi-Hole report")
- -
- Stats
-
- [](https://github.com/pi-hole/pi-hole) [](https://tosdr.org/en/service/9079) [](https://awesome-privacy.xyz/networking/self-hosted-network-security/pi-hole)ㅤ
-
-
-- **[
Technitium](https://technitium.com/dns)** - Another DNS server for blocking privacy-invasive content at its source. Technitium doesn't
-require much of a setup, and basically works straight out of the box, it supports a wide
-range of systems (an[…](https://awesome-privacy.xyz/networking/self-hosted-network-security/technitium "View full Technitium report")
- -
- Stats
-
- [](https://github.com/TechnitiumSoftware/DnsServer) [](https://awesome-privacy.xyz/networking/self-hosted-network-security/technitium)ㅤ
-
-
-- **[
IPFire](https://www.ipfire.org)** - A hardened, versatile, state-of-the-art open source firewall based on Linux. Its ease of
-use, high performance and extensibility make it usable for everyone.
-
- -
- Stats
-
- [](https://github.com/ipfire/ipfire-2.x) [](https://awesome-privacy.xyz/networking/self-hosted-network-security/ipfire)ㅤ
-
-
-- **[
PiVPN](https://pivpn.io)** - A simple way to set up a home VPN on any Debian server. Supports OpenVPN and WireGuard
-with elliptic curve encryption keys up to 512 bit. Supports multiple DNS providers and
-custom DNS providers - wor[…](https://awesome-privacy.xyz/networking/self-hosted-network-security/pivpn "View full PiVPN report")
- -
- Stats
-
- [](https://github.com/pivpn/pivpn) [](https://awesome-privacy.xyz/networking/self-hosted-network-security/pivpn)ㅤ
-
-
-- **[
E2guardian](http://e2guardian.org)** - Powerful open source web content filter.
-
- -
- Stats
-
- [](https://github.com/e2guardian/e2guardian) [](https://awesome-privacy.xyz/networking/self-hosted-network-security/e2guardian)ㅤ
-
-
-- **[
PF Sense](https://www.pfsense.org)** - Widely used, open source firewall/router.
-
- -
- Stats
-
- [](https://github.com/pfsense/pfsense) [](https://tosdr.org/en/service/6291) [](https://awesome-privacy.xyz/networking/self-hosted-network-security/pf-sense)ㅤ
-
-
-- **[
Zeek](https://www.zeek.org)** - Detect if you have a malware-infected computer on your network, and powerful network
-analysis framework and monitor.
-
- -
- Stats
-
- [](https://github.com/zeek/zeek) [](https://awesome-privacy.xyz/networking/self-hosted-network-security/zeek)ㅤ
-
-
-- **[
Firezone](https://www.firezone.dev/)** - Open-source self-hosted VPN and firewall built on WireGuard®.
-
- -
- Stats
-
- [](https://github.com/firezone/firezone) [](https://awesome-privacy.xyz/networking/self-hosted-network-security/firezone)ㅤ
-
-
-
-⬆️ [Back to Top]
-
----
-
-### Mix Networks
-
-- **[
Tor](https://www.torproject.org)** - Tor provides robust anonymity, allowing you to defend against surveillance, circumvent
-censorship and reduce tracking. It blocks trackers, resists fingerprinting and implements
-multi-layered encryptio[…](https://awesome-privacy.xyz/networking/mix-networks/tor "View full Tor report")
- -
- Stats
-
- [](https://github.com/torproject/tor) [](https://tosdr.org/en/service/2845) [](https://awesome-privacy.xyz/networking/mix-networks/tor)ㅤ
-
-
-- **[
I2P](https://geti2p.net)** - I2P offers great generic transports, it is well geared towards accessing hidden services,
-and has a couple of technical benefits over Tor: P2P friendly with unidirectional short-lived
-tunnels, it is p[…](https://awesome-privacy.xyz/networking/mix-networks/i2p "View full I2P report")
- -
- Stats
-
- [](https://awesome-privacy.xyz/networking/mix-networks/i2p) [](https://geti2p.net)ㅤ
-
-
-- **[
Freenet](https://freenetproject.org)** - Freenet is easy to setup, provides excellent friend To Friend Sharing vs I2P, and is great for
-publishing content anonymously. It's quite large in size, and very slow so not the best choice
-for casual[…](https://awesome-privacy.xyz/networking/mix-networks/freenet "View full Freenet report")
- -
- Stats
-
- [](https://github.com/hyphanet/fred) [](https://awesome-privacy.xyz/networking/mix-networks/freenet)ㅤ
-
-
-
-
-⚠️ Word of Warning
-
-> To provide low-latency browsing, Tor does not mix packets or generate cover traffic.
-If an adversary is powerful enough, theoretically they could either observe the entire network,
-or just the victims entry and exit nodes. It's worth mentioning, that even though your ISP
-can not see what you are doing, they will be able determine that you are using a mix net,
-to hide this - a VPN could be used as well.
-If you are doing anything which could put you at risk, then good OpSec is essential,
-as the authorities have traced criminals through the Tor network before,
-and [made arrests](https://techcrunch.com/2019/05/03/how-german-and-us-authorities-took-down-the-owners-of-darknet-drug-emporium-wall-street-market).
-Don't let Tor provide you a false sense of security - be aware of information leaks through DNS, other programs or human error.
-Tor-supported browsers may might lag behind their upstream forks, and include exploitable unpatched issues.
-See [#19](https://github.com/Lissy93/personal-security-checklist/issues/19)
-
-Note: The Tor network is run by the community.
-If you benefit from using it and would like to help sustain uncensored internet access for all,
-consider [running a Tor relay](https://trac.torproject.org/projects/tor/wiki/TorRelayGuide)
-
-
-
-
-
-✳️ Notable Mentions
-
-> - [GNUnet](https://gnunet.org/en)
-> - [IPFS](https://ipfs.io)
-> - [ZeroNet](https://zeronet.io)
-> - [Panoramix](https://panoramix-project.eu)
-> - [Nym](https://nymtech.net)
-
-
-
-ℹ️ Further Info
-
-> Tor, I2P and Freenet are all anonymity networks - but they work very differently and each is good for specific purposes.
-So a good and viable solution would be to use all of them, for different tasks.
-*You can read more about how I2P compares to Tor, [here](https://blokt.com/guides/what-is-i2p-vs-tor-browser)*
-
-
-⬆️ [Back to Top]
-
----
-
-### Proxies
-
-A proxy acts as a gateway between you and the internet, it can be used to
-act as a firewall or web filter, improves privacy and can also be used to
-provide shared network connections and cache data to speed up common requests.
-**Never use a [free](https://whatismyipaddress.com/free-proxies) proxy.**
-
-- **[
ShadowSocks](https://shadowsocks.org)** - Secure socks5 proxy, designed to protect your Internet traffic. Open source, superfast,
-cross-platform and easy to deploy, see [GitHub repo](https://github.com/shadowsocks).
-
- -
- Stats
-
- [](https://github.com/shadowsocks/shadowsocks-rust) [](https://awesome-privacy.xyz/networking/proxies/shadowsocks)ㅤ
-
-
-- **[
Privoxy](https://www.privoxy.org)** - Non-caching web proxy with advanced filtering capabilities for enhancing privacy,
-modifying web page data and HTTP headers, controlling access, and removing ads and
-other obnoxious Internet junk.
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/networking/proxies/privoxy) [](https://www.privoxy.org)ㅤ
-
-
-
-
-⚠️ Word of Warning
-
-> [Malicious Proxies](https://www.defcon.org/images/defcon-17/dc-17-presentations/defcon-17-edward_zaborowski-doppelganger.pdf) are all too common.
-Always use open source software, host it yourself or pay for a reputable cloud service.
-Never use a free proxy; it can monitor your connection, steal cookies and contain malware.
-VPNs are a better option, better still - use the Tor network.
-
-
-
-
-
-✳️ Notable Mentions
-
-> [V2ray-core](https://github.com/v2ray/v2ray-core) is a platform for building
-> proxies to bypass network restrictions and protect your privacy.
-> See [more](https://github.com/hugetiny/awesome-vpn)
->
-
-⬆️ [Back to Top]
-
----
-
-### DNS Providers
-
-Without using a secure, privacy-centric DNS all your web requests can be
-seen in the clear. You should configure your DNS queries to be managed by
-a service that respects privacy and supports DNS-over-TLS, DNS-over-HTTPS or DNSCrypt.
-
-- **[
CloudFlare](https://developers.cloudflare.com/1.1.1.1/setting-up-1.1.1.1)** - One of the most performant options, Cloudflare's DNS supports DoH and DoT, and has a Tor
-implementation, providing world-class protection. They have native cross-platform apps,
-for easy set-up.
-
- -
- Stats
-
- [](https://tosdr.org/en/service/893) [](https://awesome-privacy.xyz/networking/dns-providers/cloudflare) ㅤ
-
-
-- **[
AdGuard](https://adguard.com/en/adguard-dns/overview.html)** - Open-source DNS provider, specialising in the blocking of ads, trackers and malicious domains.
-They have been independently audited and do not keep logs.
-
- -
- Stats
-
- [](https://tosdr.org/en/service/2776) [](https://awesome-privacy.xyz/networking/dns-providers/adguard)ㅤ
-
-
-- **[
NextDNS](https://nextdns.io)** - An ad-blocking, privacy-protecting, censorship-bypassing DNS. Also comes with analytics, and
-the ability to shield kids from adult content.
-
- -
- Stats
-
- [](https://tosdr.org/en/service/1959) [](https://awesome-privacy.xyz/networking/dns-providers/nextdns)ㅤ
-
-
-
-
-⚠️ Word of Warning
-
-> Using an encrypted DNS resolver will not make you anonymous, it just makes
-it harder for third-partied to discover your domain history.
-If you are using a VPN, take a [DNS leak test](https://www.dnsleaktest.com/),
-to ensure that some requests are not being exposed.
-
-
-
-
-
-✳️ Notable Mentions
-
-> - [Quad9](https://www.quad9.net) - A well-funded, performant DNS with a strong focus on privacy and security and easy set-up, however questions have been raised about the motivation of some of the financial backers.
-> - [BlahDNS](https://blahdns.com) - (Japan, Finland or Germany) is an excellent security-focused DNS> - [OpenNIC](https://www.opennic.org/) - [NixNet DNS](https://nixnet.services/dns) and [UncensoredDNS](https://blog.uncensoreddns.org) are open source and democratic, privacy-focused DNS
-> - [Unbound](https://nlnetlabs.nl/projects/unbound/about) - A validating, recursive, caching DNS resolver, designed to be fast and lean. Incorporates modern features and based on open standards
-> - [Clean Browsing](https://cleanbrowsing.org) - A good option for protecting kids, they offer comprehensive DNS-based Content Filtering
-> - [Mullvad](https://mullvad.net/en/help/dns-over-https-and-dns-over-tls) - Mullvads public DNS with QNAME minimization and basic ad blocking. It has been audited by the security experts at Assured. You can use this privacy-enhancing service even if you don't use Mullvad.
-
-
-
-ℹ️ Further Info
-
-> #### DNS Protocols
-
-DNS-over-TLS was proposed in [RTC-7858](https://tools.ietf.org/html/rfc7858)
-by the IETF, then 2 years later, the DNS-over-HTTPS specification was outlined
-in [RFC8484](https://tools.ietf.org/html/rfc8484) in October '18.
-[DNSCrypt](https://dnscrypt.info/), is a protocol that authenticates communications
-between a DNS client and a DNS resolver. It prevents DNS spoofing, through
-using cryptographic signatures to verify that responses originate from the
-chosen DNS resolver, and haven't been tampered with. DNSCrypt is a well
-battle-tested protocol, that has been in use since 2013, and is still widely used.
-
-
-⬆️ [Back to Top]
-
----
-
-### DNS Clients
-
-- **[
DNScrypt-proxy 2](https://dnscrypt.info)** - A flexible DNS proxy, with support for modern encrypted DNS protocols including DNSCrypt V2,
-DNS-over-HTTPS and Anonymized DNSCrypt. Also allows for advanced monitoring, filtering, caching
-and client[…](https://awesome-privacy.xyz/networking/dns-clients/dnscrypt-proxy-2 "View full DNScrypt-proxy 2 report")
- -
- Stats
-
- [](https://github.com/DNSCrypt/dnscrypt-proxy) [](https://awesome-privacy.xyz/networking/dns-clients/dnscrypt-proxy-2)ㅤ
-
-
-- **[
Unbound](https://nlnetlabs.nl/projects/unbound)** - Validating, recursive, caching DNS resolve with support for DNS-over-TLS. Designed to be fast,
-lean, and secure Unbound incorporates modern features based on open standards. It's fully open
-source, an[…](https://awesome-privacy.xyz/networking/dns-clients/unbound "View full Unbound report")
- -
- Stats
-
- [](https://github.com/NLnetLabs/unbound) [](https://tosdr.org/en/service/2519) [](https://awesome-privacy.xyz/networking/dns-clients/unbound)ㅤ
-
-
-- **[
Nebulo](https://nebulo.app)** - Non-root, small-sized DNS changer utilizing DNS-over-HTTPS and DNS-over-TLS. (Note, since this
-uses Android's VPN API, it is not possible to run a VPN while using Nebulo.)
-
- -
- Stats
-
- [](https://github.com/Ch4t4r/Nebulo) [](https://awesome-privacy.xyz/networking/dns-clients/nebulo) [](https://github.com/Ch4t4r/Nebulo)ㅤ
-
-
-- **[
RethinkDNS & Firewall](https://rethinkdns.com/app)** - Free and open source DNS changer with support for DNS-over-HTTPS, DNS-over-Tor, and DNSCrypt v3
-with Anonymized Relays. (Note, since this uses Android's VPN API, it is not possible to run a
-VPN while[…](https://awesome-privacy.xyz/networking/dns-clients/rethinkdns-and-firewall "View full RethinkDNS & Firewall report")
- -
- Stats
-
- [](https://github.com/celzero/rethink-app) [](https://tosdr.org/en/service/4691) [](https://awesome-privacy.xyz/networking/dns-clients/rethinkdns-and-firewall) [](https://play.google.com/store/apps/details?id=com.celzero.bravedns)ㅤ
-
-
-- **[
DNS Cloak](https://apps.apple.com/us/app/dnscloak-secure-dns-client/id1452162351)** - Simple all that allows for the use for dnscrypt-proxy 2 on an iPhone.
-
- -
- Stats
-
- [](https://github.com/s-s/dnscloak) [](https://awesome-privacy.xyz/networking/dns-clients/dns-cloak)ㅤ
-
-
-- **[
Stubby](https://dnsprivacy.org/wiki/display/DP/DNS+Privacy+Daemon+-+Stubby)** - Acts as a local DNS Privacy stub resolver (using DNS-over-TLS). Stubby encrypts DNS queries sent
-from a client machine (desktop or laptop) to a DNS Privacy resolver increasing end user privacy.
-Stubby[…](https://awesome-privacy.xyz/networking/dns-clients/stubby "View full Stubby report")
- -
- Stats
-
- [](https://github.com/getdnsapi/stubby) [](https://awesome-privacy.xyz/networking/dns-clients/stubby)ㅤ
-
-
-
-⬆️ [Back to Top]
-
----
-
-### Firewalls
-
-A firewall is a program which monitors the incoming and outgoing traffic
-on your network, and blocks requests based on rules set during its configuration.
-Properly configured, a firewall can help protect against attempts to
-remotely access your computer, as well as control which applications
-can access which IPs.
-
-- **[
NetGuard](https://netguard.me)** - Provides simple and advanced ways to block access to the internet. Applications and addresses
-can individually be allowed or denied access to Wi-Fi and/or mobile connection.
-
- -
- Stats
-
- [](https://github.com/M66B/NetGuard) [](https://awesome-privacy.xyz/networking/firewalls/netguard)ㅤ
-
-
-- **[
NoRoot Firewall](https://play.google.com/store/apps/details?id=app.greyshirts.firewall)** - Notifies you when an app is trying to access the Internet, so all you need to do is just Allow
-or Deny. Allows you to create filter rules based on IP address, host name or domain name, and
-you can all[…](https://awesome-privacy.xyz/networking/firewalls/noroot-firewall "View full NoRoot Firewall report")
- -
- Stats
-
- [](https://awesome-privacy.xyz/networking/firewalls/noroot-firewall)ㅤ
-
-
-- **[
AFWall+](https://xdaforums.com/t/5-0-root-3-6-0-afwall-iptables-firewall-28-aug-2023.1957231)** - Android Firewall+ (AFWall+) is an advanced iptables editor (GUI) for rooted Android devices,
-which provides very fine-grained control over which Android apps are allowed to access the network.
-
- -
- Stats
-
- [](https://github.com/ukanth/afwall) [](https://awesome-privacy.xyz/networking/firewalls/afwalland)ㅤ
-
-
-- **[
RethinkDNS & Firewall](https://rethinkdns.com/app)** - An open-source ad-blocker and firewall app for Android 6+ (does not require root).
-
- -
- Stats
-
- [](https://github.com/celzero/rethink-app) [](https://tosdr.org/en/service/4691) [](https://awesome-privacy.xyz/networking/firewalls/rethinkdns-and-firewall) [](https://play.google.com/store/apps/details?id=com.celzero.bravedns)ㅤ
-
-
-- **[
Lockdown](https://lockdownprivacy.com)** - Firewall app for iPhone, allowing you to block any connection to any domain.
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/networking/firewalls/lockdown)ㅤ
-
-
-- **[
SimpleWall](https://simplewall.en.lo4d.com)** - Tool to control Windows Filtering Platform (WFP), in order to configure detailed network activity on your PC.
-(Windows)
-
- -
- Stats
-
- [](https://github.com/henrypp/simplewall) [](https://awesome-privacy.xyz/networking/firewalls/simplewall)ㅤ
-
-
-- **[
LuLu](https://objective-see.com/products/lulu.html)** - Free, open source macOS firewall. It aims to block unknown outgoing connections, unless explicitly approved by the user.
-
- -
- Stats
-
- [](https://github.com/objective-see/LuLu) [](https://tosdr.org/en/service/3069) [](https://awesome-privacy.xyz/networking/firewalls/lulu)ㅤ
-
-
-- **[
Little Snitch](https://obdev.at/products/littlesnitch/index.html)** - A very polished application firewall, allowing you to easily manage internet connections on a per-app basis.
-(Mac OS)
-
- -
- Stats
-
- [](https://tosdr.org/en/service/4121) [](https://awesome-privacy.xyz/networking/firewalls/little-snitch)ㅤ
-
-
-- **[
OpenSnitch](https://github.com/evilsocket/opensnitch)** - Makes internet connections from all apps visible, allowing you to block or manage traffic on a per-app basis.
-GNU/Linux port of the Little Snitch application firewall.
-
- -
- Stats
-
- [](https://github.com/evilsocket/opensnitch) [](https://awesome-privacy.xyz/networking/firewalls/opensnitch)ㅤ
-
-
-- **[
Gufw](https://en.wikipedia.org/wiki/Uncomplicated_Firewall)** - Open source GUI firewall for Linux, allowing you to block internet access for certain applications.
-Supports both simple and advanced mode, GUI and CLI options, very easy to use, lightweight/ low-over[…](https://awesome-privacy.xyz/networking/firewalls/gufw "View full Gufw report")
- -
- Stats
-
- [](https://github.com/costales/gufw) [](https://awesome-privacy.xyz/networking/firewalls/gufw) [](https://github.com/costales/gufw)ㅤ
-
-
-- **[
Uncomplicated Firewall](https://wiki.ubuntu.com/UncomplicatedFirewall)** - The ufw (Uncomplicated Firewall) is a GUI application and CLI, that allows you to configure a firewall
-using `iptables` much more easily.
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/networking/firewalls/uncomplicated-firewall) [](https://wiki.ubuntu.com/UncomplicatedFirewall)ㅤ
-
-
-- **[
IPFire](https://www.ipfire.org)** - IPFire is a hardened, versatile, state-of-the-art Open Source firewall based on Linux. Easy to install
-on a raspberry Pi, since it is lightweight and heavily customizable.
-
- -
- Stats
-
- [](https://github.com/ipfire/ipfire-2.x) [](https://awesome-privacy.xyz/networking/firewalls/ipfire)ㅤ
-
-
-- **[
Shorewall](https://shorewall.org)** - An open source firewall tool for Linux that builds upon the Netfilter system built into the Linux kernel,
-making it easier to manage more complex configuration schemes with iptables.
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/networking/firewalls/shorewall) [](https://shorewall.org)ㅤ
-
-
-- **[
OPNSense](https://opnsense.org)** - Enterprise firewall and router for protecting networks, built on the FreeBSD system.
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/networking/firewalls/opnsense) [](https://opnsense.org)ㅤ
-
-
-
-
-⚠️ Word of Warning
-
-> There are different [types](https://www.networkstraining.com/different-types-of-firewalls)
-of firewalls, that are used in different circumstances.
-This does not omit the need to configure your operating systems defences.
-Follow these instructions to enable your firewall in
-[Windows](https://support.microsoft.com/en-us/help/4028544/windows-10-turn-windows-defender-firewall-on-or-off),
-[Mac OS](https://support.apple.com/en-us/HT201642), [Ubuntu](https://wiki.ubuntu.com/UncomplicatedFirewall)
-and other [Linux distros](https://www.tecmint.com/start-stop-disable-enable-firewalld-iptables-firewall).
-
-Even when properly configured, having a firewall enabled does not guarantee
-bad network traffic can not get through and especially during boot if you
-don't have root privileges.
-
-
-
-
-⬆️ [Back to Top]
-
----
-
-### Ad Blockers
-
-There are a few different ways to block ads - browser-based ad-blockers,
-router-based / device blockers or VPN ad-blockers.
-Typically they work by taking a maintained list of hosts,
-and filtering each domain/ IP through it. Some also have other methods to
-detect certain content based on pattern matching
-
-- **[
Pi-Hole](https://pi-hole.net/)** - Incredibly powerful, network-wide ad-blocker. Works out-of-the-box, light-weight with an intuitive
-web interface, but still allows for a lot of advanced configuration for power users. As well as
-block[…](https://awesome-privacy.xyz/networking/ad-blockers/pi-hole "View full Pi-Hole report")
- -
- Stats
-
- [](https://github.com/pi-hole/pi-hole) [](https://awesome-privacy.xyz/networking/ad-blockers/pi-hole)ㅤ
-
-
-- **[
Diversion](https://diversion.ch)** - A shell script application to manage ad-blocking, Dnsmasq logging, Entware and pixelserv-tls installations
-and more on supported routers running Asuswrt-Merlin firmware, including its forks.
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/networking/ad-blockers/diversion)ㅤ
-
-
-- **[
BlockParty](https://github.com/krishkumar/BlockParty)** - Native Apple (Swift) apps, for system-wide ad-blocking. Can be customized with custom host lists,
-primarily aimed for just ad-blocking.
-
- -
- Stats
-
- [](https://github.com/krishkumar/BlockParty) [](https://awesome-privacy.xyz/networking/ad-blockers/blockparty)ㅤ
-
-
-- **[
hBlock](https://hblock.molinero.dev)** - A POSIX-compliant shell script, designed for Unix-like systems, that gets a list of domains that serve ads,
-tracking scripts and malware from multiple sources and creates a hosts file (alternative for[…](https://awesome-privacy.xyz/networking/ad-blockers/hblock "View full hBlock report")
- -
- Stats
-
- [](https://github.com/hectorm/hblock) [](https://awesome-privacy.xyz/networking/ad-blockers/hblock)ㅤ
-
-
-- **[
Blokada](https://blokada.org/)** - Open source mobile ad-blocker that acts like a firewall. Since it's device-wide, once connected all apps will
-have ads/ trackers blocked, and the blacklist can be edited. The app is free, but there is[…](https://awesome-privacy.xyz/networking/ad-blockers/blokada "View full Blokada report")
- -
- Stats
-
- [](https://github.com/blokadaorg/blokada) [](https://tosdr.org/en/service/8557) [](https://awesome-privacy.xyz/networking/ad-blockers/blokada) [](https://play.google.com/store/apps/details?id=org.blokada.sex) [](https://apps.apple.com/us/app/blokada/id1508341781)ㅤ
-
-
-- **[
RethinkDNS & Firewall](https://rethinkdns.com/app)** - Free and open source ad-blocker and a firewall for Android 6+ (no root required).
-
- -
- Stats
-
- [](https://github.com/celzero/rethink-app) [](https://tosdr.org/en/service/4691) [](https://awesome-privacy.xyz/networking/ad-blockers/rethinkdns-and-firewall) [](https://play.google.com/store/apps/details?id=com.celzero.bravedns)ㅤ
-
-
-- **[
Ad Block Radio](https://github.com/adblockradio/adblockradio)** - Python script that uses machine learning to block adverts in live audio streams, such as Radio, Podcasts,
-Audio Books, and music platforms such as Spotify. See live demo.
-
- -
- Stats
-
- [](https://github.com/adblockradio/adblockradio) [](https://awesome-privacy.xyz/networking/ad-blockers/ad-block-radio)ㅤ
-
-
-- **[
uBlock Origin](https://github.com/gorhill/uBlock)** - Light-weight, fast browser extension for Firefox and Chromium (Chrome, Edge, Brave Opera etc), that blocks
-tracking, ads and known malware. uBlock is easy-to-use out-of-the-box, but also has a highly[…](https://awesome-privacy.xyz/networking/ad-blockers/ublock-origin "View full uBlock Origin report")
- -
- Stats
-
- [](https://github.com/gorhill/uBlock) [](https://awesome-privacy.xyz/networking/ad-blockers/ublock-origin)ㅤ
-
-
-
-
-✳️ Notable Mentions
-
-> [AdGuardHome](https://github.com/AdguardTeam/AdGuardHome) is a cross-platform DNS Ad Blocker,
-> similar to Pi Hole, but with some additional features, like parental controls,
-> per-device configuration and the option to force safe search.
-> This may be a good solution for families with young children.
->
-> Some VPNs have ad-tracking blocking features, such as
-> [TrackStop with PerfectPrivacy](https://www.perfect-privacy.com/en/features/trackstop?a_aid=securitychecklist).
->
-> [Private Internet Access](https://www.privateinternetaccess.com/),
-> [CyberGhost](https://www.cyberghostvpn.com/),
-> [PureVPN](https://www.anrdoezrs.net/click-9242873-13842740),
-> and [NordVPN](https://www.kqzyfj.com/l5115shqnhp4E797DC8467D69A6D) also have ad-block features.
-> But do not meet security/privact requirements to be included.
->
-
-⬆️ [Back to Top]
-
----
-
-### Host Block Lists
-
-- **[
SomeoneWhoCares/ Hosts](https://someonewhocares.org/hosts)** - An up-to-date host list, maintained by Dan Pollock - to make the internet not suck (as much).
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/networking/host-block-lists/someonewhocares/-hosts)ㅤ
-
-
-- **[
Hosts by StevenBlack](https://github.com/StevenBlack/hosts)** - Open source, community-maintained consolidated and extending hosts files from several well-curated
-sources. You can optionally pick extensions to block p0rn, Social Media, gambling, fake news and othe[…](https://awesome-privacy.xyz/networking/host-block-lists/hosts-by-stevenblack "View full Hosts by StevenBlack report")
- -
- Stats
-
- [](https://github.com/StevenBlack/hosts) [](https://awesome-privacy.xyz/networking/host-block-lists/hosts-by-stevenblack)ㅤ
-
-
-- **[
No Google](https://github.com/nickspaargaren/no-google)** - Totally block all direct and indirect content from Google, Amazon, Facebook, Apple and Microsoft (or just some).
-
- -
- Stats
-
- [](https://github.com/nickspaargaren/no-google) [](https://awesome-privacy.xyz/networking/host-block-lists/no-google)ㅤ
-
-
-- **[
EasyList](https://easylist.to)** - Comprehensive list of domains for blocking tracking, social scripts, bad cookies and annoying stuff.
-
- -
- Stats
-
- [](https://github.com/easylist/easylist) [](https://awesome-privacy.xyz/networking/host-block-lists/easylist)ㅤ
-
-
-- **[
iBlockList](https://www.iblocklist.com)** - Variety of lists (free and paid-for) for blocking content based on certain topics, inducing: spam, abuse,
-political, illegal, hijacked, bad peers and more.
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/networking/host-block-lists/iblocklist)ㅤ
-
-
-
-⬆️ [Back to Top]
-
----
-
-### Router Firmware
-
-Installing a custom firmware on your Wi-Fi router gives you greater
-control over security, privacy and performance
-
-- **[
OpenWRT](https://openwrt.org)** - Plenty of scope for customization and a ton of supported addons. Stateful firewall, NAT, and dynamically-configured
-port forwarding protocols (UPnP, NAT-PMP + upnpd, etc), Load balancing, IP tunneling[…](https://awesome-privacy.xyz/networking/router-firmware/openwrt "View full OpenWRT report")
- -
- Stats
-
- [](https://github.com/openwrt/openwrt) [](https://tosdr.org/en/service/1603) [](https://awesome-privacy.xyz/networking/router-firmware/openwrt)ㅤ
-
-
-- **[
DD-WRT](https://dd-wrt.com)** - Easy and powerful user interface. Great access control, bandwidth monitoring and quality of service.
-IPTables is built-in for firewall, and there's great VPN support as well as additional plug-and-pla[…](https://awesome-privacy.xyz/networking/router-firmware/dd-wrt "View full DD-WRT report")
- -
- Stats
-
- [](https://github.com/mirror/dd-wrt) [](https://awesome-privacy.xyz/networking/router-firmware/dd-wrt)ㅤ
-
-
-
-
-⚠️ Word of Warning
-
-> Flashing custom firmware may void your warranty.
-If power is interrupted mid-way through a firmware install/ upgrade it
-is possible for your device to become bricked. So long as you follow a
-guide, and use a well supported system, on a supported router, than it
-should be safe
-
-
-
-
-
-✳️ Notable Mentions
-
-> - [Tomato](https://www.polarcloud.com/tomato)
-> - [Gargoyle](https://www.gargoyle-router.com)
-> - [LibreCMC](https://librecmc.org)
-> - [DebWRT](http://www.debwrt.net)
-
-
-⬆️ [Back to Top]
-
----
-
-### Network Analysis
-
-Whether you live in a country behind a firewall, or accessing the internet
-through a proxy - these tools will help you better understand the extent
-of blocking, deep packet inspection and what data is being analysed
-
-- **[
OONI](https://ooni.org)** - Open Observatory of Network Interference - A free tool and global observation network, for detecting censorship,
-surveillance and traffic manipulation on the internet. Developed by The Tor Project, an[…](https://awesome-privacy.xyz/networking/network-analysis/ooni "View full OONI report")
- -
- Stats
-
- [](https://github.com/ooni/probe) [](https://tosdr.org/en/service/6241) [](https://awesome-privacy.xyz/networking/network-analysis/ooni)ㅤ
-
-
-- **[
Goodbye DPI](https://ntc.party/c/community-software/goodbyedpi/8)** - Passive Deep Packet Inspection blocker and Active DPI circumvention utility, for Windows.
-
- -
- Stats
-
- [](https://github.com/ValdikSS/GoodbyeDPI) [](https://awesome-privacy.xyz/networking/network-analysis/goodbye-dpi)ㅤ
-
-
-- **[
DPITunnel](https://github.com/zhenyolka/DPITunnel)** - An Android app to bypass deep packet inspection.
-
- -
- Stats
-
- [](https://github.com/nomoresat/DPITunnel-android) [](https://awesome-privacy.xyz/networking/network-analysis/dpitunnel)ㅤ
-
-
-- **[
Proxy Checker](https://ping.eu/proxy/)** - You can quickly check if a given IP is using a proxy, this can also be done through the command line.
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/networking/network-analysis/proxy-checker)ㅤ
-
-
-
-⬆️ [Back to Top]
-
----
-
-### Intrusion Detection
-
-An IDS is an application that monitors a network or computer system for
-malicious activity or policy violations, and notifies you of any unusual
-or unexpected events. If you are running a server, then it's essential to
-know about an incident as soon as possible, in order to minimize damage.
-
-- **[
Zeek](https://zeek.org/)** - Zeek (formally Bro) Passively monitors network traffic and looks for suspicious activity.
-
- -
- Stats
-
- [](https://github.com/zeek/zeek) [](https://awesome-privacy.xyz/networking/intrusion-detection/zeek)ㅤ
-
-
-- **[
OSSEC](https://www.ossec.net/)** - OSSEC is an Open Source host-based intrusion detection system, that performs log analysis, integrity checking,
-monitoring, rootkit detection, real-time alerting and active response.
-
- -
- Stats
-
- [](https://github.com/ossec/ossec-hids) [](https://awesome-privacy.xyz/networking/intrusion-detection/ossec)ㅤ
-
-
-- **[
Kismet](https://www.kismetwireless.net)** - An 802.11 layer2 wireless network detector, sniffer, and intrusion detection system.
-
- -
- Stats
-
- [](https://github.com/kismetwireless/kismet) [](https://awesome-privacy.xyz/networking/intrusion-detection/kismet)ㅤ
-
-
-- **[
Snare](https://www.snaresolutions.com/products/snare-central)** - SNARE (System iNtrusion Analysis and Reporting Environment) is a series of log collection agents that facilitate
-centralized analysis of audit log data. Logs from the OS are collected and audited. Ful[…](https://awesome-privacy.xyz/networking/intrusion-detection/snare "View full Snare report")
- -
- Stats
-
- [](https://awesome-privacy.xyz/networking/intrusion-detection/snare)ㅤ
-
-
-- **[
picosnitch](https://elesiuta.github.io/picosnitch)** - picosnitch helps protect your security and privacy by "snitching" on anything that connects to the internet,
-letting you know when, how much data was transferred, and to where. It uses BPF to monitor[…](https://awesome-privacy.xyz/networking/intrusion-detection/picosnitch "View full picosnitch report")
- -
- Stats
-
- [](https://github.com/elesiuta/picosnitch) [](https://awesome-privacy.xyz/networking/intrusion-detection/picosnitch)ㅤ
-
-
-
-⬆️ [Back to Top]
-
----
-
-### Cloud Hosting
-
-Whether you are hosting a website and want to keep your users data safe,
-or if you are hosting your own file backup, cloud productivity suite or
-VP - then choosing a provider that respects your privacy and allows you
-to sign up anonymously, and will keep your files and data safe is be
-important.
-
-- **[
Njalla](https://njal.la)** - Njalla is a privacy and security-focused domain registrar and VPN hosting provider. They own and manage all their
-own servers, which are based in Sweden. They accept crypto, for anonymous payments, an[…](https://awesome-privacy.xyz/networking/cloud-hosting/njalla "View full Njalla report")
- -
- Stats
-
- [](https://tosdr.org/en/service/3688) [](https://awesome-privacy.xyz/networking/cloud-hosting/njalla) ㅤ
-
-
-- **[
Private Layer](https://www.privatelayer.com)** - Offers enterprise-grade, high-speed offshore dedicated servers, they own their own data centres, have a solid
-privacy policy and accept anonymous payment.
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/networking/cloud-hosting/private-layer) ㅤ
-
-
-- **[
Servers Guru](https://servers.guru)** - Servers Guru provides affordable and anonymous VPS and cloud servers with dedicated cpu resources. They accept
-crypto-currencies (Bitcoin, Monero, Ethereum etc..) and don't require any personal inform[…](https://awesome-privacy.xyz/networking/cloud-hosting/servers-guru "View full Servers Guru report")
- -
- Stats
-
- [](https://tosdr.org/en/service/8079) [](https://awesome-privacy.xyz/networking/cloud-hosting/servers-guru) ㅤ
-
-
-
-
-⚠️ Word of Warning
-
-> The country that your data is hosted in, will be subject to local laws and regulations.
-It is therefore important to avoid a jurisdiction that is part of the
-[5 eyes](https://en.wikipedia.org/wiki/Five_Eyes) (Australia, Canada, New Zealand, US and UK)
-and [other international cooperatives](https://en.wikipedia.org/wiki/Five_Eyes#Other_international_cooperatives)
-who have legal right to view your data.
-
-
-
-
-
-✳️ Notable Mentions
-
-> See also: [1984](https://www.1984.is) based in Iceland.
-> [Shinjiru](http://shinjiru.com?a_aid=5e401db24a3a4), which offers off-shore dedicated servers.
-> [Orange Website](https://www.orangewebsite.com) specialises in protecting online privacy and free speech, hosted in Iceland.
-> [RackBone](https://rackbone.ch) (previously DataCell) provides secure and ethical hosting, based in Switzerland.
-> And [Bahnhof](https://www.bahnhof.net) offers high-security and ethical hosting, with their data centres locates in Sweden.
-> Finally [Simafri](https://www.simafri.com/anonymous) has a range of packages, that support Tor out of the box
->
-
-⬆️ [Back to Top]
-
----
-
-### Domain Registrars
-
-- **[
Njal.la](https://njal.la)** - Privacy-aware domain service with anonymous sign-up and accepts cryptocurrency.
-
- -
- Stats
-
- [](https://tosdr.org/en/service/3688) [](https://awesome-privacy.xyz/networking/domain-registrars/njal.la) ㅤ
-
-
-- **[
Orange Website](https://www.orangewebsite.com/domain-registration.php)** - Anonymous domain registration, with low online censorship since they are based outside the
-14-eyes jurisdiction (in Iceland).
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/networking/domain-registrars/orange-website)  ㅤ
-
-
-
-⬆️ [Back to Top]
-
----
-
-### DNS Hosting
-
-- **[
deSEC](https://desec.io)** - Free DNS hosting provider designed with security in mind, and running
-on purely open source software. deSEC is backed and funded by SSE.
-
- -
- Stats
-
- [](https://github.com/desec-io/desec-stack) [](https://awesome-privacy.xyz/networking/dns-hosting/desec) [](https://github.com/desec-io/desec-stack)ㅤ
-
-
-
-⬆️ [Back to Top]
-
----
-
-### Mail Servers
-
-- **[
Mail-in-a-box](https://mailinabox.email)** - Easy-to-deploy fully-featured and pre-configured SMTP mail server. It includes everything from
-webmail, to spam filtering and backups.
-
- -
- Stats
-
- [](https://github.com/mail-in-a-box/mailinabox) [](https://awesome-privacy.xyz/networking/mail-servers/mail-in-a-box)ㅤ
-
-
-- **[
Docker Mailserver](https://docker-mailserver.github.io/docker-mailserver/latest)** - A full-stack but simple mailserver (smtp, imap, antispam, antivirus, ssl...) using Docker. Very
-complete, with everything you will need, customizable and very easy to deploy with docker.
-
- -
- Stats
-
- [](https://github.com/tomav/docker-mailserver) [](https://awesome-privacy.xyz/networking/mail-servers/docker-mailserver)ㅤ
-
-
-- **[
mailcow](https://mailcow.email/)** - A mail server with everything you need (SMTP, IMAP, webmail, NextCloud support..) using Docker.
-
- -
- Stats
-
- [](https://github.com/mailcow/mailcow-dockerized) [](https://awesome-privacy.xyz/networking/mail-servers/mailcow)ㅤ
-
-
-
-
-⚠️ Word of Warning
-
-> Self-hosting your own mail server is not recommended for everyone, it can
-be time consuming to setup and maintain and securing it correctly is critical
-
-
-
-
-⬆️ [Back to Top]
-
----
-
-## Productivity
-
-### Digital Notes
-
-- **[
Standard Notes](https://standardnotes.com)** - S.Notes is a free, open-source, and completely encrypted private notes app. It has a simple UI,
-yet packs in a lot of features, thanks to the Extensions Store, allowing for: To-Do lists, Spreadsheets,[…](https://awesome-privacy.xyz/productivity/digital-notes/standard-notes "View full Standard Notes report")
- -
- Stats
-
- [](https://github.com/standardnotes/app) [](https://tosdr.org/en/service/2116) [](https://awesome-privacy.xyz/productivity/digital-notes/standard-notes) [](https://github.com/standardnotes/app)  [](https://play.google.com/store/apps/details?id=com.standardnotes) [](https://apps.apple.com/us/app/standard-notes/id1285392450) [](https://reddit.com/r/StandardNotes)ㅤ
-
-
-- **[
Turtle](https://turtlapp.com)** - A secure, collaborative notebook. Self-host it yourself, or use their hosted plan (free edition
-or $3/ month for premium).
-
- -
- Stats
-
- [](https://github.com/turtl/desktop) [](https://awesome-privacy.xyz/productivity/digital-notes/turtle)  [](https://play.google.com/store/apps/details?id=com.lyonbros.turtl)ㅤ
-
-
-- **[
Notable](https://notable.md)** - An offline markdown-based note editor for desktop, with a simple, yet feature-rich UI.
-All notes are saved individually as .md files, making them easy to manage.
-No mobile app, built-in cloud-sync, en[…](https://awesome-privacy.xyz/productivity/digital-notes/notable "View full Notable report")
- -
- Stats
-
- [](https://github.com/notable/notable) [](https://awesome-privacy.xyz/productivity/digital-notes/notable) [](https://reddit.com/r/Notable)ㅤ
-
-
-- **[
Joplin](https://joplinapp.org)** - Cross-platform desktop and mobile note-taking and todo app. Easy organisation into notebooks and
-sections, revision history and a simple UI. Allows for easy import and export of notes to or from
-other[…](https://awesome-privacy.xyz/productivity/digital-notes/joplin "View full Joplin report")
- -
- Stats
-
- [](https://github.com/laurent22/joplin) [](https://tosdr.org/en/service/9477) [](https://awesome-privacy.xyz/productivity/digital-notes/joplin)  [](https://play.google.com/store/apps/details?id=net.cozic.joplin) [](https://apps.apple.com/gb/app/joplin/id1315599797) [](https://reddit.com/r/JoplinApp)ㅤ
-
-
-- **[
Logseq](https://logseq.com/)** - Privacy-first, open-source knowledge base that works on top of local plain-text Markdown and
-Org-mode files.
-Supports lots of different note modes, including task management,
-PDF annotation, flashcard[…](https://awesome-privacy.xyz/productivity/digital-notes/logseq "View full Logseq report")
- -
- Stats
-
- [](https://github.com/logseq/logseq) [](https://awesome-privacy.xyz/productivity/digital-notes/logseq) [](https://apps.apple.com/us/app/logseq/id1601013908) [](https://reddit.com/r/Logseq)ㅤ
-
-
-- **[
Obsidian](https://obsidian.md/)** - A powerful knowledge base that works on top of local plain-text Markdown files. It has a strong
-community, and a lot of plugins and themes. Generally privacy-respecting, but no
-encryption out of the b[…](https://awesome-privacy.xyz/productivity/digital-notes/obsidian "View full Obsidian report")
- -
- Stats
-
- [](https://github.com/obsidianmd/obsidian-releases) [](https://tosdr.org/en/service/3870) [](https://awesome-privacy.xyz/productivity/digital-notes/obsidian)  [](https://play.google.com/store/apps/details?id=md.obsidian) [](https://apps.apple.com/us/app/obsidian-connected-notes/id1557175442) [](https://reddit.com/r/ObsidianMD)ㅤ
-
-
-- **[
AFFiNE](https://affine.pro)** - Privacy first, open-source alternative to Notion, monday.com and Miro.
-It is a knowledge management tool that allows you to create, organize and share your knowledge.
-
- -
- Stats
-
- [](https://github.com/toeverything/AFFiNE) [](https://awesome-privacy.xyz/productivity/digital-notes/affine) [](https://reddit.com/r/AFFiNE)ㅤ
-
-
-- **[
Cryptee](https://crypt.ee/)** - Private & encrypted rich-text documents. Cryptee has encryption and anonymity at its core,
-it also has a beautiful and minimalistic UI. You can use Cryptee from the browser, or download
-native apps. C[…](https://awesome-privacy.xyz/productivity/digital-notes/cryptee "View full Cryptee report")
- -
- Stats
-
- [](https://github.com/cryptee/web-client) [](https://tosdr.org/en/service/5047) [](https://awesome-privacy.xyz/productivity/digital-notes/cryptee)ㅤ
-
-
-
-
-✳️ Notable Mentions
-
-> If you are already tied into Evernote, One Note etc, then [SafeRoom](https://www.getsaferoom.com)
-> is a utility that encrypts your entire notebook, before it is uploaded to the cloud.
->
-> [Org Mode](https://orgmode.org) is a mode for [GNU Emacs](https://www.gnu.org/software/emacs/)
-> dedicated to working with the Org markup format. Org can be thought of as
-> a more featureful Markdown alternative, with support for keeping notes,
-> maintaining todo lists, planning projects, managing spreadsheets, and
-> authoring documents -all in plaintext.
->
-> For a simple plain text note taking app, with strong encryption, see
-> [Protected Text](https://www.protectedtext.com), which works well with the
-> [Safe Notes](https://play.google.com/store/apps/details?id=com.protectedtext.android) Android app.
-> [Laverna](https://laverna.cc/) is a cross-platform secure notes app,
-> where all entries are formatted with markdown.
->
-
-⬆️ [Back to Top]
-
----
-
-### Calendar
-
-⚠️ This section is still a work in progress ⚠️
Check back soon, or help us complete it by submitting a pull request
-⬆️ [Back to Top]
-
----
-
-### Backup and Sync
-
-- **[
SeaFile](https://www.seafile.com)** - An open source cloud storage and sync solution.
-Files are grouped into Libraries, which can be individually encrypted,
-shared of synced. Docker image available for easy deployment, and native
-clients[…](https://awesome-privacy.xyz/productivity/backup-and-sync/seafile "View full SeaFile report")
- -
- Stats
-
- [](https://github.com/haiwen/seafile) [](https://tosdr.org/en/service/4322) [](https://awesome-privacy.xyz/productivity/backup-and-sync/seafile)ㅤ
-
-
-- **[
Syncthing](https://syncthing.net)** - Continuous file synchronization between 2 or more clients. It is simple,
-yet powerful, and fully-encrypted and private.
-Syncthing can be deployed with Docker, and there are native clients
-for Windows,[…](https://awesome-privacy.xyz/productivity/backup-and-sync/syncthing "View full Syncthing report")
- -
- Stats
-
- [](https://github.com/syncthing/syncthing) [](https://awesome-privacy.xyz/productivity/backup-and-sync/syncthing)ㅤ
-
-
-- **[
NextCloud](https://nextcloud.com)** - Feature-rich productivity platform, that can be used to backup and
-selectively sync encrypted files and folders between 1 or more clients.
-A key benefit the wide range of plug-ins in the NextCloud App[…](https://awesome-privacy.xyz/productivity/backup-and-sync/nextcloud "View full NextCloud report")
- -
- Stats
-
- [](https://tosdr.org/en/service/707) [](https://awesome-privacy.xyz/productivity/backup-and-sync/nextcloud)ㅤ
-
-
-- **[
bewCloud](https://bewcloud.com)** - Modern and simpler alternative to Nextcloud/ownCloud crafted with TypeScript.
-Unifies file management, sync, sharing, notes, RSS, expenses, calendars,
-contacts, and photos, with MFA, WebDAV, CalDAV, C[…](https://awesome-privacy.xyz/productivity/backup-and-sync/bewcloud "View full bewCloud report")
- -
- Stats
-
- [](https://github.com/bewcloud/bewcloud) [](https://awesome-privacy.xyz/productivity/backup-and-sync/bewcloud) [](https://github.com/bewcloud/bewcloud)ㅤ
-
-
-
-
-⚠️ Word of Warning
-
-> You should always ensure that any data stored in the cloud is encrypted.
-If you are hosting your own server, then take the necessary precautions
-to [secure the server](https://med.stanford.edu/irt/security/servers.html).
-For hosted solutions - use a strong password, keep your credentials safe and enable 2FA.
-
-
-
-
-
-✳️ Notable Mentions
-
-> Alternatively, consider a headless utility such as [Duplicacy](https://duplicacy.com)
-> or [Duplicity](http://duplicity.nongnu.org).
-> Both of offer an encrypted and efficient sync between 2 or more locations,
-> using the [rsync](https://linux.die.net/man/1/rsync) algorithm.
->
-> [SpiderOak](https://spideroak.com), [Tresorit](https://tresorit.com) and
-> [Resilio](https://www.resilio.com/individuals)
-> are good enterprise solutions, all with solid encryption baked-in
->
-> [FileRun](https://filerun.com) and [Pydio](https://pydio.com)
-> are self-hosted file explorers, with cross-platform sync capabilities.
->
-
-⬆️ [Back to Top]
-
----
-
-### Cloud Productivity Suites
-
-- **[
CryptPad](https://cryptpad.org/)** - A zero knowledge cloud productivity suite. Provides Rich Text,
-Presentations, Spreadsheets, Kanban, Paint a code editor and file drive.
-All notes and user content, are encrypted by default, and can on[…](https://awesome-privacy.xyz/productivity/cloud-productivity-suites/cryptpad "View full CryptPad report")
- -
- Stats
-
- [](https://github.com/xwiki-labs/cryptpad) [](https://tosdr.org/en/service/2584) [](https://awesome-privacy.xyz/productivity/cloud-productivity-suites/cryptpad)ㅤ
-
-
-- **[
NextCloud](https://nextcloud.com)** - A complete self-hosted productivity platform, with a strong community
-and growing app store. NextCloud is similar to (but arguably more complete
-than) Google Drive, Office 365 and Dropbox. Clear UI an[…](https://awesome-privacy.xyz/productivity/cloud-productivity-suites/nextcloud "View full NextCloud report")
- -
- Stats
-
- [](https://github.com/nextcloud/server) [](https://tosdr.org/en/service/707) [](https://awesome-privacy.xyz/productivity/cloud-productivity-suites/nextcloud)ㅤ
-
-
-- **[
Disroot](https://disroot.org)** - A platform providing online services based on principles of freedom,
-privacy, federation and decentralization. It is an implementation of
-NextCloud, with strong encryption configured - it is widely us[…](https://awesome-privacy.xyz/productivity/cloud-productivity-suites/disroot "View full Disroot report")
- -
- Stats
-
- [](https://tosdr.org/en/service/1826) [](https://awesome-privacy.xyz/productivity/cloud-productivity-suites/disroot)ㅤ
-
-
-- **[
Sandstorm](https://sandstorm.io)** - An open source platform for self-hosting web apps. Once you've set it up,
-you can install items from the Sandstorm App Market with -click,
-similar to NextCloud in terms of flexibility.
-
- -
- Stats
-
- [](https://github.com/sandstorm-io/sandstorm) [](https://awesome-privacy.xyz/productivity/cloud-productivity-suites/sandstorm)ㅤ
-
-
-- **[
Vikunja](https://vikunja.io)** - Vikunja is an open-source to-do application. It is suitable for a wide
-variety of projects, supporting List, Gantt, Table and Kanban views to
-visualize all tasks in different contexts. For collaborati[…](https://awesome-privacy.xyz/productivity/cloud-productivity-suites/vikunja "View full Vikunja report")
- -
- Stats
-
- [](https://github.com/go-vikunja/vikunja) [](https://awesome-privacy.xyz/productivity/cloud-productivity-suites/vikunja)ㅤ
-
-
-
-⬆️ [Back to Top]
-
----
-
-### Encrypted Cloud Storage
-
-Backing up important files is essential, and keeping an off-site copy is recommended.
-But many free providers do not respect your privacy, and are not secure enough for
-sensitive documents.
-Avoid free mainstream providers, such as Google Drive, cloud, Microsoft Overdrive, Dropbox.
-
-It is recommended to encrypt files on your client machine, before syncing to the cloud.
-[Cryptomator](https://cryptomator.org) is a cross-platform, open source encryption app, designed for just this.
-
-- **[
Tresorit](https://tresorit.com)** - End-to-end encrypted zero knowledge file storage, syncing and sharing provider, based in Switzerland.
-The app is cross-platform, user-friendly client and with all expected features. £6.49/month for 50[…](https://awesome-privacy.xyz/productivity/encrypted-cloud-storage/tresorit "View full Tresorit report")
- -
- Stats
-
- [](https://tosdr.org/en/service/1696) [](https://awesome-privacy.xyz/productivity/encrypted-cloud-storage/tresorit)ㅤ
-
-
-- **[
IceDrive](https://icedrive.net)** - Very affordable encrypted storage provider, with cross-platform apps. Starts as £1.50/month for 150 GB
-or £3.33/month for 1 TB.
-
- -
- Stats
-
- [](https://tosdr.org/en/service/3118) [](https://awesome-privacy.xyz/productivity/encrypted-cloud-storage/icedrive)ㅤ
-
-
-- **[
Sync.com](https://www.sync.com)** - Secure file sync, sharing, collaboration and backup for individuals, small businesses and sole practitioners.
-Starts at $8/month for 2 TB.
-
- -
- Stats
-
- [](https://tosdr.org/en/service/698) [](https://awesome-privacy.xyz/productivity/encrypted-cloud-storage/sync.com)ㅤ
-
-
-- **[
pCloud](https://www.pcloud.com)** - Secure and simple to use cloud storage, with cross-platform client apps. £3.99/month for 500 GB.
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/productivity/encrypted-cloud-storage/pcloud)ㅤ
-
-
-- **[
Peergos](https://peergos.org/)** - A peer-to-peer end-to-end encrypted global filesystem with fine grained access control. Provides a secure
-and private space online where you can store, share and view your photos, videos, music and do[…](https://awesome-privacy.xyz/productivity/encrypted-cloud-storage/peergos "View full Peergos report")
- -
- Stats
-
- [](https://awesome-privacy.xyz/productivity/encrypted-cloud-storage/peergos)ㅤ
-
-
-- **[
Internxt](https://internxt.com/)** - Store your files in total privacy. Internxt Drive is a zero-knowledge cloud storage service based on best-in-class
-privacy and security. Made in Spain. Open-source mobile and desktop apps. 10GB FREE a[…](https://awesome-privacy.xyz/productivity/encrypted-cloud-storage/internxt "View full Internxt report")
- -
- Stats
-
- [](https://tosdr.org/en/service/4176) [](https://awesome-privacy.xyz/productivity/encrypted-cloud-storage/internxt)ㅤ
-
-
-- **[
FileN](https://filen.io/)** - Zero knowledge end-to-end encrypted affordable cloud storage made in Germany. Open-source mobile and desktop apps.
-10GB FREE with paid plans starting at €0.92/month for 100GB.
-
- -
- Stats
-
- [](https://tosdr.org/en/service/6820) [](https://awesome-privacy.xyz/productivity/encrypted-cloud-storage/filen)ㅤ
-
-
-
-
-✳️ Notable Mentions
-
-> An alternative option, is to use a cloud computing provider, and implement
-> the syncing functionality yourself, and encrypt data locally before
-> uploading it - this may work out cheaper in some situations.
-> You could also run a local server that you physically own at a secondary location,
-> that would mitigate the need to trust a third party cloud provider.
-> Note that some knowledge in securing networks is required.
->
-
-⬆️ [Back to Top]
-
----
-
-### File Drop
-
-- **[
FileSend](https://filesend.standardnotes.org)** - Simple, encrypted file sharing, with a 500mb limit and 5-day retention. Files are secured with client-side AES-256
-encryption and no IP address or device info is logged. Files are permanently deleted[…](https://awesome-privacy.xyz/productivity/file-drop/filesend "View full FileSend report")
- -
- Stats
-
- [](https://awesome-privacy.xyz/productivity/file-drop/filesend)ㅤ
-
-
-- **[
OnionShare](https://onionshare.org/)** - An open source tool that lets you securely and anonymously share a file of any size, via Tor servers. OnionShare does
-require installing, but the benefit is that your files are transferred directly to[…](https://awesome-privacy.xyz/productivity/file-drop/onionshare "View full OnionShare report")
- -
- Stats
-
- [](https://github.com/micahflee/onionshare) [](https://awesome-privacy.xyz/productivity/file-drop/onionshare)ㅤ
-
-
-
-
-✳️ Notable Mentions
-
-> [Instant.io](https://github.com/webtorrent/instant.io), is another peer-to-peer based solution,
-> using [Web Torrent](https://webtorrent.io).
->
-> For specifically transferring images, [Up1](https://github.com/Upload/Up1) is a good self-hosted option, with client-side encryption.
->
-> Finally [PsiTransfer](https://github.com/psi-4ward/psitransfer) is a feature-rich, self-hosted file drop, using streams.
->
-
-⬆️ [Back to Top]
-
----
-
-### Browser Sync
-
-- **[
Floccus](https://floccus.org)** - Simple and efficient bookmark syncing using either NextCloud Bookmarks, a WebDAV server (local or remote)
-or just a local folder through LoFloccus. Browser extensions available for Chrome, Firefox, an[…](https://awesome-privacy.xyz/productivity/browser-sync/floccus "View full Floccus report")
- -
- Stats
-
- [](https://github.com/marcelklehr/floccus) [](https://awesome-privacy.xyz/productivity/browser-sync/floccus)ㅤ
-
-
-- **[
XBrowserSync](https://www.xbrowsersync.org)** - Secure, anonymous and free browser and bookmark syncing. Easy to setup, and no sign up is required, you can
-either use a community-run sync server, or host your own with their docker image. Extensions[…](https://awesome-privacy.xyz/productivity/browser-sync/xbrowsersync "View full XBrowserSync report")
- -
- Stats
-
- [](https://github.com/xbrowsersync/app) [](https://awesome-privacy.xyz/productivity/browser-sync/xbrowsersync)ㅤ
-
-
-- **[
Unmark](https://unmark.it)** - A web application which acts as a todo app for bookmarks. You can either self-host it, or use their managed
-service which has a free and paid-for tier.
-
- -
- Stats
-
- [](https://github.com/cdevroe/unmark) [](https://tosdr.org/en/service/9301) [](https://awesome-privacy.xyz/productivity/browser-sync/unmark)ㅤ
-
-
-- **[
Reminiscence](https://github.com/kanishka-linux/reminiscence)** - A self-hosted bookmark and archive manager. Reminiscence is more geared towards archiving useful web pages
-either for offline viewing or to preserve a copy. It is a web application, that can be instal[…](https://awesome-privacy.xyz/productivity/browser-sync/reminiscence "View full Reminiscence report")
- -
- Stats
-
- [](https://github.com/kanishka-linux/reminiscence) [](https://awesome-privacy.xyz/productivity/browser-sync/reminiscence)ㅤ
-
-
-- **[
Shiori](https://github.com/go-shiori/shiori)** - Simple bookmark manager written in Go, intended to be a clone of Pocket, it has both a simple and clean web
-interface as well as a CLI. Shiori has easy import/ export, is portable and has webpage arch[…](https://awesome-privacy.xyz/productivity/browser-sync/shiori "View full Shiori report")
- -
- Stats
-
- [](https://github.com/go-shiori/shiori) [](https://awesome-privacy.xyz/productivity/browser-sync/shiori)ㅤ
-
-
-
-
-✳️ Notable Mentions
-
-> [Ymarks](https://ymarks.org) is a C-based self-hosted bookmark synchronization
-> server and [Chrome](https://chrome.google.com/webstore/detail/ymarks/gefignhaigoigfjfbjjobmegihhaacfi) extension.
->
-> [syncmarx](https://syncmarx.gregmcleod.com) uses your cloud storage to sync
-> bookmarks ([Chrome](https://chrome.google.com/webstore/detail/syncmarx/llcdegcpeheociggfokjkkgciplhfdgg)
-> and [Firefox](https://addons.mozilla.org/en-US/firefox/addon/syncmarx/)).
->
-> [NextCloud Bookmarks](https://apps.nextcloud.com/apps/bookmarks) has several community browser extensions,
-> inducing [FreedomMarks](https://addons.mozilla.org/en-US/firefox/addon/freedommarks/) (Firefox) and
-> [OwnCloud Bookmarks](https://chrome.google.com/webstore/detail/owncloud-bookmarks/eomolhpeokmbnincelpkagpapjpeeckc) (Chrome).
->
-> Finally, [Turtl Notes](https://turtlapp.com) has excellent link saving functionality built-in
->
-> [RainDrop](https://raindrop.io) is a fully-featured all-in-1 bookmarking and web-snip suite.
-> It has a beautiful UI, good data controls and some very handy integrations and features.
-> Available on desktop, mobile, web and through a browser extension.
-> The catch is that it is not open source, there is a free and premium plan, but no option for self-hosting.
->
-
-⬆️ [Back to Top]
-
----
-
-### Secure Conference Calls
-
-With the [many, many security issues with Zoom](https://www.tomsguide.com/uk/news/zoom-security-privacy-woes),
-and other mainstream options, it becomes clear that a better, more private and secure alternative is required.
-As with other categories, the "best video calling app" will be different
-for each of us, depending on the ratio of performance + features to
-security + privacy required in your situation.
-
-- **[
Jami](https://jami.net)** - A free and open source, distributed video, calling and screenshare platform with a focus on security. Jami is
-completely peer-to-peer, and has full end-to-end encryption with perfect forward secrecy f[…](https://awesome-privacy.xyz/productivity/secure-conference-calls/jami "View full Jami report")
- -
- Stats
-
- [](https://github.com/savoirfairelinux/jami-project) [](https://awesome-privacy.xyz/productivity/secure-conference-calls/jami)ㅤ
-
-
-- **[
Jitsi](https://jitsi.org)** - Encrypted, free and open source video calling app, which does not require creating an account/ providing any personal
-details. Available as a web app, and native app for Windows, MacOS, Linux, Android[…](https://awesome-privacy.xyz/productivity/secure-conference-calls/jitsi "View full Jitsi report")
- -
- Stats
-
- [](https://github.com/jitsi/jitsi-meet) [](https://tosdr.org/en/service/2201) [](https://awesome-privacy.xyz/productivity/secure-conference-calls/jitsi)ㅤ
-
-
-
-
-✳️ Notable Mentions
-
-> [Apache OpenMeetings](https://openmeetings.apache.org) provides self-hosted
-> video-conferencing, chat rooms, file server and tools for meetings.
->
-> [together.brave.com](https://together.brave.com) is Brave's Jitsi Fork.
->
-> For remote learning, [BigBlueButton](https://bigbluebutton.org) is self-hosted conference call software,
-> aimed specifically at schools and Universities.
-> It allows for the host/ teacher to have full control over the session,
-> and provides high-quality video streaming, multi-user whiteboards,
-> breakout rooms, and instant chat.
->
-
-⬆️ [Back to Top]
-
----
-
-## Utilities
-
-### Virtual Machines
-
-A virtual machine (VM) is a sandboxed operating system, running within your
-current system. Useful for compartmentalisation and safely testing software,
-or handling potentially malicious files
-
-- **[
VirtualBox](https://www.virtualbox.org)** - Open source, powerful, feature-rich virtualization product, supporting x86 and AMD64/Intel64 architectures.
-Available for Windows, MacOS, Linux and BSD, and free for both personal and enterprise use.[…](https://awesome-privacy.xyz/utilities/virtual-machines/virtualbox "View full VirtualBox report")
- -
- Stats
-
- [](https://awesome-privacy.xyz/utilities/virtual-machines/virtualbox) [](https://www.virtualbox.org)ㅤ
-
-
-- **[
Xen Project](https://xenproject.org)** - Open source virtual machine monitor intended to serve as a type-1 hyperviser for multiple operating systems
-using the same hardware - very useful for servers, as it allows for fully independent virtua[…](https://awesome-privacy.xyz/utilities/virtual-machines/xen-project "View full Xen Project report")
- -
- Stats
-
- [](https://awesome-privacy.xyz/utilities/virtual-machines/xen-project) [](https://xenproject.org)ㅤ
-
-
-- **[
UTM](https://mac.getutm.app)** - Open source, feature rich, powerful type 2 hypervisor for Mac, can emulate x86-64 OSes on Apple Silicon Macs.
-There's also an [iOS](https://getutm.app/) version (so you can run Windows on your iPhone!)[…](https://awesome-privacy.xyz/utilities/virtual-machines/utm "View full UTM report")
- -
- Stats
-
- [](https://github.com/utmapp/UTM) [](https://tosdr.org/en/service/8038) [](https://awesome-privacy.xyz/utilities/virtual-machines/utm)ㅤ
-
-
-
-
-✳️ Notable Mentions
-
-> [QEMU](https://wiki.qemu.org/Main_Page) is a virtual hardware emulation tool,
-> meaning it is less appropriate for creating fully independant sandboxes,
-> but performance is considerable better than that of a traditional virtual machine.
->
-> [VMWare](https://www.vmware.com/) is popular in the enterprise world,
-> it is not open source, and although there is a free version, a license
-> is required to access all features. VMWare performs very well when running
-> on a server, with hundreds of hosts and users.
->
-> For Mac users, [Parallels](https://www.parallels.com/uk/) is a popular
-> option which performs really well, but again is not open source.
->
-> For Windows users, there's
-> [Hyper-V](https://docs.microsoft.com/en-us/virtualization/hyper-v-on-windows/quick-start/enable-hyper-v),
-> which is a native Windows product, developed by Microsoft.
->
-
-⬆️ [Back to Top]
-
----
-
-### PGP Managers
-
-Tools for signing, verifying, encrypting and decrypting text and files using [GnuPG](https://www.gnupg.org) standard
-
-- **[
SeaHorse](https://wiki.gnome.org/Apps/Seahorse)** - Application for managing encryption keys and passwords, integrated with the GNOME Keyring.
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/utilities/pgp-managers/seahorse) [](https://wiki.gnome.org/Apps/Seahorse)ㅤ
-
-
-- **[
Kleopatra](https://apps.kde.org/kleopatra)** - Certificate manager and a universal crypto GUI. It supports managing X.509 and OpenPGP certificates in the GpgSM
-keybox and retrieving certificates from LDAP servers.
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/utilities/pgp-managers/kleopatra) [](https://apps.kde.org/kleopatra)ㅤ
-
-
-- **[
GPG4Win](https://www.gpg4win.org)** - Kleopatra ported to Windows.
-
- -
- Stats
-
- [](https://github.com/gpg/gpg4win) [](https://tosdr.org/en/service/8276) [](https://awesome-privacy.xyz/utilities/pgp-managers/gpg4win)ㅤ
-
-
-- **[
GPG Suite](https://gpgtools.org)** - Successor of MacGPG. Plays nice with MacOS apps, including Finder, Appple Mail, Keychain and Spotlight.
-Makes encrypting files, emails, and messages / data very easy.
-As well as GUI for generating key[…](https://awesome-privacy.xyz/utilities/pgp-managers/gpg-suite "View full GPG Suite report")
- -
- Stats
-
- [](https://awesome-privacy.xyz/utilities/pgp-managers/gpg-suite)ㅤ
-
-
-- **[
OpenKeychain](https://www.openkeychain.org)** - Android app for managing keys, and encrypting messages.
-Works both stand-alone, and as integrated into other apps, including k9-Mail.
-Everything can be done through a simple yet powerful GUI.
-Open sou[…](https://awesome-privacy.xyz/utilities/pgp-managers/openkeychain "View full OpenKeychain report")
- -
- Stats
-
- [](https://github.com/open-keychain/open-keychain) [](https://tosdr.org/en/service/7378) [](https://awesome-privacy.xyz/utilities/pgp-managers/openkeychain) ㅤ
-
-
-- **[
PGP Everywhere](https://www.pgpeverywhere.com)** - iOS app for encrypting/ decrypting text.
-Has native keyboard integration, keychain support and app integrations which makes it quick to use in any app.
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/utilities/pgp-managers/pgp-everywhere)ㅤ
-
-
-- **[
FlowCrypt](https://flowcrypt.com)** - Browser extension for using PGP within Gmail, for Chrome and Firefox.
-Mobile version supported on Android and iOS.
-
- -
- Stats
-
- [](https://github.com/FlowCrypt/flowcrypt-browser) [](https://awesome-privacy.xyz/utilities/pgp-managers/flowcrypt)ㅤ
-
-
-- **[
EnigMail](https://enigmail.net)** - OpenPGP extension for Thunderbird and PostBox, integrates natively within mail app.
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/utilities/pgp-managers/enigmail) [](https://enigmail.net)ㅤ
-
-
-- **[
Mailvelope](https://www.mailvelope.com)** - Mailvelope is an addon for email applications, that makes using PGP very easy for beginners. You can use the hosted
-version for free, or opt to host your own instance.
-Works with Gmail, Yahoo, Outlook[…](https://awesome-privacy.xyz/utilities/pgp-managers/mailvelope "View full Mailvelope report")
- -
- Stats
-
- [](https://github.com/mailvelope/mailvelope) [](https://tosdr.org/en/service/6210) [](https://awesome-privacy.xyz/utilities/pgp-managers/mailvelope) ㅤ
-
-
-
-⬆️ [Back to Top]
-
----
-
-### Metadata Removal
-
-[Exif](https://en.wikipedia.org/wiki/Exif)/ [Metadata](https://en.wikipedia.org/wiki/Metadata)
-is "data about data", this additional information attached to files can
-lead us to
-[share significantly more information than we intended](https://gizmodo.com/vice-magazine-just-accidentally-revealed-where-john-mca-5965295) to.
-
-For example, if you upload an image of a sunset to the internet, but don't remove the metadata,
-it [may reveal the location](https://www.nytimes.com/2010/08/12/technology/personaltech/12basics.html?_r=1) (GPS lat + long)
-of where it was taken, the device is was taken on, precise camera data, details about modifications and the
-picture source + author. Social networks that remove metadata from your photos, often collect and store it,
-for their own use.
-This could obviously pose a security risk, and that is why it is recommended to strip out this data from a file before sharing.
-
-- **[
ExifCleaner](https://exifcleaner.com)** - Cross-platform, open source, performant EXIF meta data removal tool. This GUI tool makes cleaning media files really
-easy, and has great batch process support. Created by @szTheory, and uses ExifTool.[…](https://awesome-privacy.xyz/utilities/metadata-removal/exifcleaner "View full ExifCleaner report")
- -
- Stats
-
- [](https://github.com/szTheory/exifcleaner) [](https://awesome-privacy.xyz/utilities/metadata-removal/exifcleaner)ㅤ
-
-
-- **[
ExifTool](https://exiftool.org)** - Platform-independent open source Perl library & CLI app, for reading, writing and editing meta data. Built by Phill
-Harvey. Very good performance, and supports all common metadata formats. An official[…](https://awesome-privacy.xyz/utilities/metadata-removal/exiftool "View full ExifTool report")
- -
- Stats
-
- [](https://github.com/exiftool/exiftool) [](https://awesome-privacy.xyz/utilities/metadata-removal/exiftool)ㅤ
-
-
-- **[
ImageOptim](https://imageoptim.com/mac)** - Native MacOS app, with drag 'n drop image optimization and meta data removal.
-
- -
- Stats
-
- [](https://github.com/ImageOptim/ImageOptim) [](https://awesome-privacy.xyz/utilities/metadata-removal/imageoptim)ㅤ
-
-
-
-
-✳️ Notable Mentions
-
-> It's possible (but slower) to do this without a third-party tool.
-> For Windows, right click on a file, and go to: `Properties --> Details --> Remove Properties --> Remove from this File --> Select All --> OK`.
->
-> Alternatively, with [ImageMagic](https://imagemagick.org) installed, just run
-> `convert -strip path/to/image.png` to remove all metadata.
->
-> If you have [GIMP](https://www.gimp.org) installed, then just go to `File --> Export As --> Export --> Advanced Options --> Uncheck the "Save EXIF data" option`.
->
-> Often you need to perform meta data removal programmatically, as part of a script or automation process.
-> - GoLang: [go-exif](https://github.com/dsoprea/go-exif) by @dsoprea
-> - JS: [exifr](https://github.com/MikeKovarik/exifr) by @MikeKovarik
-> - Python: [Piexif](https://github.com/hMatoba/Piexif) by @hMatoba
-> - Ruby: [Exif](https://github.com/tonytonyjan/exif) by @tonytonyjan
-> - PHP: [Pel](https://github.com/pel/pel) by @mgeisler
->
-
-⬆️ [Back to Top]
-
----
-
-### Data Erasers
-
-Simply deleting data, does
-[not remove it](https://uk.norton.com/internetsecurity-privacy-is-my-personal-data-really-gone-when-its-deleted-from-a-device.html)
-from the disk, and recovering deleted files is a
-[simple task](https://www.lifewire.com/how-to-recover-deleted-files-2622870).
-
-Therefore, to protect your privacy, you should erase/ overwrite data from
-the disk, before you destroy, sell or give away a hard drive.
-
-- **[
Eraser](https://eraser.heidi.ie)** - Allows you to completely remove sensitive data from your hard drive by overwriting it several times with carefully
-selected patterns.
-
- -
- Stats
-
- [](https://github.com/gtrant/eraser) [](https://awesome-privacy.xyz/utilities/data-erasers/eraser)ㅤ
-
-
-- **[
Hard Disk Scrubber](http://www.summitcn.com/hdscrub.html)** - Easy to use, but with some advanced features, including custom wipe patterns. Data Sanitation Methods: AFSSI-5020,
-DoD 5220.22-M, and Random Data.
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/utilities/data-erasers/hard-disk-scrubber)ㅤ
-
-
-- **[
SDelete](https://docs.microsoft.com/en-us/sysinternals/downloads/sdelete)** - Microsoft Secure Delete is a CLI utility, uses DoD 5220.22-M.
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/utilities/data-erasers/sdelete)ㅤ
-
-
-- **[
OW Shredder](https://schiffer.tech/ow-shredder.html)** - File, folder and drive portable eraser for Windows. Bundled with other tools to scan, analyze, and wipe, and other
-traces that were left behind. Includes context menu item, recycle bin integration.
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/utilities/data-erasers/ow-shredder)ㅤ
-
-
-- **[
DBAN](https://dban.org)** - Darik's Boot and Nuke ("DBAN") is a self-contained boot disk that securely wipes the hard disks of most computers.
-DBAN will automatically and completely delete the contents of any hard disk that it c[…](https://awesome-privacy.xyz/utilities/data-erasers/dban "View full DBAN report")
- -
- Stats
-
- [](https://awesome-privacy.xyz/utilities/data-erasers/dban)ㅤ
-
-
-- **[
nwipe](https://github.com/martijnvanbrummelen/nwipe)** - C-based secure light-weight disk eraser, operated through the easy-to-use CLI or a GUI interface.
-
- -
- Stats
-
- [](https://github.com/martijnvanbrummelen/nwipe) [](https://awesome-privacy.xyz/utilities/data-erasers/nwipe)ㅤ
-
-
-- **[
shred](https://www.gnu.org/software/coreutils/manual/html_node/shred-invocation.html)** - A CLI utility that can be used to securely delete files and devices, to make them extremely difficult to recover.
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/utilities/data-erasers/shred) [](https://www.gnu.org/software/coreutils/manual/html_node/shred-invocation.html)ㅤ
-
-
-- **[
Secure Remove](https://www.systutorials.com/docs/linux/man/1-srm/)** - CLI utility for securely removing files, directories and whole disks, works on Linux, BSD and MacOS.
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/utilities/data-erasers/secure-remove) [](https://www.systutorials.com/docs/linux/man/1-srm/)ㅤ
-
-
-- **[
Mr. Phone](https://drfone.wondershare.com)** - Proprietary, closed-source suite of forensic data tools for mobile. The data eraser allows for both Android and iOS to
-be fully wiped, through connecting them to a PC.
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/utilities/data-erasers/mr.-phone)ㅤ
-
-
-
-
-✳️ Notable Mentions
-
-> There's no need to use a third-party tool. You can boot into a UNIX-based
-> system, mount the disk you need to erase, and use a command to write it
-> with arbitrary data. For best results, this process should be repeated
-> several times. This is a good way to wipe a disk, before selling or
-> destroying it, to protect your data.
->
-> Such as the [`dd`](https://en.wikipedia.org/wiki/Dd_%28Unix%29) command,
-> is a tool to convert and copy files, but running
-> `sudo dd if=/dev/zero of=/dev/sdX bs=1M` will quickly overwrite the whole disk with zeros.
-> Or [badblocks](https://linux.die.net/man/8/badblocks) which is intended to search for all bad blocks,
-> but can also be used to write zeros to a disk,
-> by running `sudo badblocks -wsv /dev/sdd`.
->
-> An effective method of erasing an SSD, it to use [hdparm](https://en.wikipedia.org/wiki/Hdparm)
-> to issue a [secure erase](https://en.wikipedia.org/wiki/Parallel_ATA#HDD_passwords_and_security)
-> command, to your target storage device,
-> for this, see step-by-step instructions via: [wiki.kernel.org](https://ata.wiki.kernel.org/index.php/ATA_Secure_Erase).
->
-> Finally, [srm](https://www.systutorials.com/docs/linux/man/1-srm/) can be
-> use to securely remove files or directories, just run `srm -zsv /path/to/file`
-> for a single pass over.
->
-
-⬆️ [Back to Top]
-
----
-
-## Operating Systems
-
-### Mobile Operating Systems
-
-If you are an Android user, your device has Google built-in at its core.
-[Google tracks you](https://digitalcontentnext.org/blog/2018/08/21/google-data-collection-research/),
-collecting a wealth of information, and logging your every move.
-
-A [custom ROM](https://en.wikipedia.org/wiki/List_of_custom_Android_distributions),
-is an open source, usually Google-free mobile OS that can be flashed to your device.
-
-- **[
GrapheneOS](https://grapheneos.org/)** - GrapheneOS is an open source privacy and security focused mobile OS with Android app compatibility. Developed by Daniel Micay.
-GrapheneOS is a young project, and currently only supports Pixel devices,[…](https://awesome-privacy.xyz/operating-systems/mobile-operating-systems/grapheneos "View full GrapheneOS report")
- -
- Stats
-
- [](https://github.com/GrapheneOS/hardened_malloc) [](https://awesome-privacy.xyz/operating-systems/mobile-operating-systems/grapheneos)ㅤ
-
-
-- **[
CalyxOS](https://calyxos.org)** - CalyxOS is an free and open source Android mobile operating system that puts privacy and security into the hands of everyday users.
-Plus, proactive security recommendations and automatic updates take[…](https://awesome-privacy.xyz/operating-systems/mobile-operating-systems/calyxos "View full CalyxOS report")
- -
- Stats
-
- [](https://github.com/CalyxOS/calyxos) [](https://tosdr.org/en/service/2558) [](https://awesome-privacy.xyz/operating-systems/mobile-operating-systems/calyxos)ㅤ
-
-
-- **[
DivestOS](https://divestos.org)** - DivestOS is a vastly diverged unofficial more secure and private soft fork of LineageOS. DivestOS primary goal is prolonging the life-span of
-discontinued devices, enhancing user privacy, and providin[…](https://awesome-privacy.xyz/operating-systems/mobile-operating-systems/divestos "View full DivestOS report")
- -
- Stats
-
- [](https://github.com/Divested-Mobile/DivestOS-Build) [](https://tosdr.org/en/service/2550) [](https://awesome-privacy.xyz/operating-systems/mobile-operating-systems/divestos)ㅤ
-
-
-- **[
LineageOS](https://www.lineageos.org)** - A free and open-source operating system for various devices, based on the Android mobile platform - Lineage is light-weight, well maintained,
-supports a wide range of devices, and comes bundled with P[…](https://awesome-privacy.xyz/operating-systems/mobile-operating-systems/lineageos "View full LineageOS report")
- -
- Stats
-
- [](https://github.com/LineageOS/android) [](https://tosdr.org/en/service/7188) [](https://awesome-privacy.xyz/operating-systems/mobile-operating-systems/lineageos)ㅤ
-
-
-
-
-⚠️ Word of Warning
-
-> It is not recommended to root, or flash your device with a custom ROM if you are not an advanced user.
-There are risks involved
-- Although the above ROMs omit Google, they do open up other security issues: Without DM-verity on the system partition, the file system *could* be tampered with, and no verified boot stack, the kernel/initramfs also *could* be edited. You should understand the risks, before proceeding to flash a custom ROM to your device
-- You will need to rely on updates from the community, which could be slower to be released - this may be an issue for a time-urgent, security-critical patch
-- It is also possible to brick your device, through interrupted install or bad software
-- Finally, rooting and flashing your device, will void your warranty
-
-
-
-
-
-✳️ Notable Mentions
-
-> [Replicant OS](https://www.replicant.us/) is a fully-featured distro,
-> with an emphasis on freedom, privacy and security.
->
-> [OmniRom](https://www.omnirom.org/),
-> [Resurrection Remix OS](https://resurrectionremix.com/)
-> and [Paranoid Android](http://paranoidandroid.co/) are also popular options.
->
-> Alternatively, [Ubuntu Touch](https://ubports.com/) is a Linux (Ubuntu)- based OS.
-> It is secure by design and runs on almost any device, - but it does fall short when it comes to the app store.
->
-> To install apps on the Play Store without using the Play Store app see
-> [Aurora Store](https://gitlab.com/AuroraOSS/AuroraStore).
-> For Google Play Service see [MicroG](https://microg.org/)
->
-
-⬆️ [Back to Top]
-
----
-
-### Desktop Operating Systems
-
-Windows and MacOS have many features that violate your privacy.
-Microsoft and Apple are able to collect all your data (including, but not
-limited to: keystrokes, searches and mic input, calendar data, music,
-photos, credit card information and purchases, identity, passwords, contacts,
-conversations and location data). Microsoft Windows is also more susceptible
-to malware and viruses, than alternative systems.
-
-Switching to Linux is a great choice in terms of security and privacy -
-you don't need necessarily need to use a security distro, any well-maintained
-stable distro is going to be considerably better than a proprietary OS
-
-- **[
Qubes OS](https://www.qubes-os.org/)** - Open-source security-oriented operating system for single-user desktop computing. It uses virtualisation,
-to run each application in its own compartment to avoid data being leaked. It features Split G[…](https://awesome-privacy.xyz/operating-systems/desktop-operating-systems/qubes-os "View full Qubes OS report")
- -
- Stats
-
- [](https://tosdr.org/en/service/2258) [](https://awesome-privacy.xyz/operating-systems/desktop-operating-systems/qubes-os)ㅤ
-
-
-- **[
Whonix](https://www.whonix.org/)** - Whonix is an anonymous operating system, which can run in a VM, inside your current OS. It is the best way to
-use Tor, and provides very strong protection for your IP address. It comes bundled with ot[…](https://awesome-privacy.xyz/operating-systems/desktop-operating-systems/whonix "View full Whonix report")
- -
- Stats
-
- [](https://awesome-privacy.xyz/operating-systems/desktop-operating-systems/whonix)ㅤ
-
-
-- **[
Tails](https://tails.boum.org/)** - Tails is a live operating system (so you boot into it from a USB, instead of installing). It preserves your
-privacy and anonymity through having no persistent memory/ leaving no trace on the computer.[…](https://awesome-privacy.xyz/operating-systems/desktop-operating-systems/tails "View full Tails report")
- -
- Stats
-
- [](https://awesome-privacy.xyz/operating-systems/desktop-operating-systems/tails)ㅤ
-
-
-- **[
Parrot](https://www.parrotsec.org/)** - Parrot Linux, is a full Debian-based operating system, that is geared towards security, privacy and development.
-It is fully-featured yet light-weight, very open. There are 3 editions: General Purpose[…](https://awesome-privacy.xyz/operating-systems/desktop-operating-systems/parrot "View full Parrot report")
- -
- Stats
-
- [](https://tosdr.org/en/service/8267) [](https://awesome-privacy.xyz/operating-systems/desktop-operating-systems/parrot)ㅤ
-
-
-- **[
Discreete Linux](https://www.privacy-cd.org/)** - Aimed at journalists, activists and whistle-blowers, Discreete Linux is similar to Tails, in that it is booted
-live from external media, and leaves no/ minimal trace on the system. The aim of the proj[…](https://awesome-privacy.xyz/operating-systems/desktop-operating-systems/discreete-linux "View full Discreete Linux report")
- -
- Stats
-
- [](https://awesome-privacy.xyz/operating-systems/desktop-operating-systems/discreete-linux)ㅤ
-
-
-- **[
Alpine Linux](https://www.alpinelinux.org/)** - Alpine is a security-oriented, lightweight distro based on musl libc and busybox. It compiles all user-space
-binaries as position-independent executables with stack-smashing protection. Install and se[…](https://awesome-privacy.xyz/operating-systems/desktop-operating-systems/alpine-linux "View full Alpine Linux report")
- -
- Stats
-
- [](https://awesome-privacy.xyz/operating-systems/desktop-operating-systems/alpine-linux)ㅤ
-
-
-
-
-✳️ Notable Mentions
-
-> [Septor](https://septor.sourceforge.io/) is a Debian-based distro with the
-> KDE Plasma desktop environment, and Tor baked-in. Designed for surfing the
-> web anonymously, and completing other internet-based activities (with
-> Thunderbird, Ricochet IM, HexChat, QuiteRSS, OnionShare).
-> Septor is light-weight, but comes bundled with all the essential privacy +
-> security utilities (including: Gufw, Ark, Sweeper, KGpg, Kleopatra,
-> KWallet, VeraCrypt, Metadata Anonymisation Toolkit and more).
->
-> [Subgraph OS](https://subgraph.com) is designed to be an *adversary resistant
-> computing platform*, it includes strong system-wide attack mitigations,
-> and all key applications run in sandbox environments. Subgraph is still
-> in beta (at the time of writing), but still is well tested, and has some
-> nice anonymization features
->
-> For defensive security, see [Kali](https://www.kali.org) and [BlackArch](https://blackarch.org),
-> both are bundled with hundreds of security tools, ready for pretty much any job
-> (not reccomended as a daily driver!)
->
-> Other security-focused distros include: [TENS OS](https://www.tens.af.mil/),
-> [Fedora CoreOS](https://getfedora.org/coreos?stream=stable),
-> [Kodachi](https://www.digi77.com/linux-kodachi/) and [IprediaOS](https://www.ipredia.org)
-> (Avoid systems that are not being actively maintained)
->
-
-
-ℹ️ Further Info
-
->
-#### General Purpose Linux Distros
-If you do not want to use a specalist security-based distro, or you are
-new to Unix - then just switching to any well-maintained Linux distro,
-is going to be significantly more secure and private than Windows or Mac OS.
-Since it is open source, major distros are constantly being audited by
-members of the community. Linux does not give users admin rights by default -
-this makes is much less likely that your system could become infected with malware.
-And of course, there is no proprietary Microsoft or Apple software constantly
-monitoring everything you do.
-
-Some good distros to consider would be: **[Fedora](https://getfedora.org/)**,
-**[Debian](https://www.debian.org/)**, or **[Arch](https://www.archlinux.org/)**-
-all of which have a large community behind them. **[Manjaro](https://manjaro.org/)**
-(based of Arch) is a good option, with a simple install process, used by new comers,
-and expers alike.
-**[POP_OS](https://pop.system76.com/)** and **[PureOS](https://www.pureos.net/)**
-are reasonably new general purpose Linux, with a strong focus on privacy, but also
-very user-friendly with an intuitive interfac and install process.
-See [Detailed Comparison](https://en.wikipedia.org/wiki/Comparison_of_Linux_distributions).
-
-#### BSD
-BSD systems arguably have far superior network stacks.
-**[OpenBSD](https://www.openbsd.org)** is designed for maximum security —
-not just with its features, but with its implementation practices.
-It's a commonly used OS by banks and critical systems.
-**[FreeBSD](https://www.freebsd.org)** is more popular, and aims for high
-performance and ease of use.
-
-#### Windows
-Two alternative options for Windows users are Windows 10 AME (ameliorated)
-project and the LTSC stream.
-- **[Windows 10 AME](https://ameliorated.info/)** AME project aims at delivering
-a stable, non-intrusive yet fully functional build of Windows 10 to anyone,
-who requires the Windows operating system natively. Core applications, such
-as the included Edge web-browser, Windows Media Player, Cortana, as well as
-any appx applications (appx apps will no longer work), have also been successfully
-eliminated. The total size of removed files is about 2 GB. Comes as a pre-built
-ISO or option to build from scratch with de-bloat scripts. Strong, supportive
-community on Telegram.
-- **[Windows 10 LTSC](https://docs.microsoft.com/en-us/windows/whats-new/ltsc/)**
-LTSC provides several security benefits over a standard Win 10 Installation.
-LTSC or Long Term Servicing Channel is a lightweight, low-cost Windows 10
-version, that is intended for specialized systems, and receives less regular
-feature updates. What makes it appealing, is that it doesn't come with any
-bloatware or non-essential applications, and needs to be configured from the
-ground up by the user. This gives you much better control over what is running
-on your system, ultimately improving security and privacy. It also includes
-several enterprise-grade
-[security features](https://docs.microsoft.com/en-us/windows/whats-new/ltsc/whats-new-windows-10-2019#security),
-which are not available in a standard Windows 10 instance. It does require
-some technical knowledge to get started with, but once setup should perform
-just as any other Windows 10 system. Note that you should only download the
-LTSC ISO from the Microsoft's
-[official page](https://www.microsoft.com/en-in/evalcenter/evaluate-windows-10-enterprise)
-
-
-#### Improve the Security and Privacy of your current OS
-After installing your new operating system, or if you have chosen to stick
-with your current OS, there are a couple of things you can do to improve security.
-See: [Windows 10 security guide](https://heimdalsecurity.com/en/windows-10-security-guide/privacy),
-[Mac OS security guide](https://spreadprivacy.com/mac-privacy-tips/) or
-[Linux security guide](https://spreadprivacy.com/linux-privacy-tips/).
-
-
-⬆️ [Back to Top]
-
----
-
-### Linux Defenses
-
-- **[
Firejail](https://github.com/netblue30/firejail)** - Firejail is a SUID sandbox program that reduces the risk of security breaches by restricting the running environment
-of untrusted applications using Linux namespaces and seccomp-bpf. Written in C, vir[…](https://awesome-privacy.xyz/operating-systems/linux-defenses/firejail "View full Firejail report")
- -
- Stats
-
- [](https://github.com/netblue30/firejail) [](https://awesome-privacy.xyz/operating-systems/linux-defenses/firejail)ㅤ
-
-
-- **[
Gufw](https://man.archlinux.org/man/gufw.8.en)** - Open source GUI firewall for Linux, allowing you to block internet access for certain applications. Supports both simple
-and advanced mode, GUI and CLI options, very easy to use, lightweight/ low-over[…](https://awesome-privacy.xyz/operating-systems/linux-defenses/gufw "View full Gufw report")
- -
- Stats
-
- [](https://awesome-privacy.xyz/operating-systems/linux-defenses/gufw)ㅤ
-
-
-- **[
ClamTk](https://gitlab.com/dave_m/clamtk/-/wikis/home)** - ClamTk is basically a graphical front-end for ClamAV, making it an easy to use, light-weight, on-demand virus scanner
-for Linux systems.
-
- -
- Stats
-
- [](https://github.com/dave_m/clamtk) [](https://awesome-privacy.xyz/operating-systems/linux-defenses/clamtk)ㅤ
-
-
-- **[
chkrootkit](http://www.chkrootkit.org)** - Locally checks for signs of a rootkit.
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/operating-systems/linux-defenses/chkrootkit)ㅤ
-
-
-- **[
Snort](https://www.snort.org)** - Open source intrusion prevention system capable of real-time traffic analysis and packet logging.
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/operating-systems/linux-defenses/snort)ㅤ
-
-
-- **[
BleachBit](https://www.bleachbit.org)** - Clears cache and deletes temporary files very effectively. This frees up disk space, improves performance, but most
-importantly helps to protect privacy.
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/operating-systems/linux-defenses/bleachbit)ㅤ
-
-
-
-
-✳️ Notable Mentions
-
-> [SecTools.org](https://sectools.org) is a directory or popular Unix security tools.
->
-
-⬆️ [Back to Top]
-
----
-
-### Windows Defences
-
-- **[
Windows Spy Blocker](https://github.com/crazy-max/WindowsSpyBlocker)** - Capture and interprets network traffic based on a set of rules, and
-depending on the interactions certain assignments are blocked.
-Open source, written in Go and delivered as a single executable.
-
- -
- Stats
-
- [](https://github.com/crazy-max/WindowsSpyBlocker) [](https://awesome-privacy.xyz/operating-systems/windows-defences/windows-spy-blocker)ㅤ
-
-
-- **[
HardenTools](https://github.com/securitywithoutborders/hardentools)** - A utility that disables a number of risky Windows features. These "features"
-are exposed by the OS and primary consumer applications,
-and very commonly abused by attackers, to execute malicious code o[…](https://awesome-privacy.xyz/operating-systems/windows-defences/hardentools "View full HardenTools report")
- -
- Stats
-
- [](https://github.com/securitywithoutborders/hardentools) [](https://awesome-privacy.xyz/operating-systems/windows-defences/hardentools)ㅤ
-
-
-- **[
ShutUp10](https://www.oo-software.com/en/shutup10)** - A portable app that lets you disable core Windows features (such as Cortana,
-Edge) and control which data is passed to Microsoft.
-(Note: Free, but not open source).
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/operating-systems/windows-defences/shutup10)ㅤ
-
-
-- **[
WPD](https://wpd.app)** - Portable app with a GUI, that makes it really easy to safely block key
-telemetry features, from sending data to Microsoft and other third parties
-(It uses the Windows API to interact with key features[…](https://awesome-privacy.xyz/operating-systems/windows-defences/wpd "View full WPD report")
- -
- Stats
-
- [](https://awesome-privacy.xyz/operating-systems/windows-defences/wpd)ㅤ
-
-
-- **[
GhostPress](https://schiffer.tech/ghostpress.html)** - Anti low-level keylogger: Provides full system-wide key press protection,
-and target window screenshot protection.
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/operating-systems/windows-defences/ghostpress)ㅤ
-
-
-- **[
KeyScrambler](https://www.qfxsoftware.com)** - Provides protection against software keyloggers. Encrypts keypresses at
-driver level, and decrypts at application level, to protect against
-common keyloggers.
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/operating-systems/windows-defences/keyscrambler)ㅤ
-
-
-- **[
SafeKeys V3.0](http://www.aplin.com.au)** - Portable virtual keyboard. Useful for protecting from keyloggers when
-using a public computer, as it can run of a USB with no administrative
-permissions.
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/operating-systems/windows-defences/safekeys-v3.0)ㅤ
-
-
-- **[
RKill](https://www.bleepingcomputer.com/download/rkill)** - Useful utility, that attempts to terminate known malware processes,
-so that your normal security software can then run and clean your
-computer of infections.
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/operating-systems/windows-defences/rkill)ㅤ
-
-
-- **[
IIS Crypto](https://www.nartac.com/Products/IISCrypto)** - A utility for configuring encryption protocols, cyphers, hashing methods,
-and key exchanges for Windows components. Useful for sysadmins on Windows
-Server.
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/operating-systems/windows-defences/iis-crypto)ㅤ
-
-
-- **[
NetLimiter](https://www.netlimiter.com)** - Internet traffic control and monitoring tool.
-
- -
- Stats
-
- [](https://tosdr.org/en/service/9043) [](https://awesome-privacy.xyz/operating-systems/windows-defences/netlimiter)ㅤ
-
-
-- **[
Sticky-Keys-Slayer](https://github.com/linuz/Sticky-Keys-Slayer)** - Scans for accessibility tools backdoors via RDP.
-
- -
- Stats
-
- [](https://github.com/linuz/Sticky-Keys-Slayer) [](https://awesome-privacy.xyz/operating-systems/windows-defences/sticky-keys-slayer)ㅤ
-
-
-- **[
SigCheck](https://docs.microsoft.com/en-us/sysinternals/downloads/sigcheck)** - A CLI utility that shows file version number, timestamp information,
-and digital signature details.
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/operating-systems/windows-defences/sigcheck)ㅤ
-
-
-- **[
BleachBit](https://www.bleachbit.org)** - Clears cache and deletes temporary files very effectively.
-This frees up disk space, improves performance, but most importantly
-helps to protect privacy.
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/operating-systems/windows-defences/bleachbit)ㅤ
-
-
-- **[
Windows Secure Baseline](https://github.com/nsacyber/Windows-Secure-Host-Baseline)** - Group Policy objects, compliance checks, and configuration tools that
-provide an automated and flexible approach for securely deploying and
-maintaining the latest releases of Windows 10.
-
- -
- Stats
-
- [](https://github.com/nsacyber/Windows-Secure-Host-Baseline) [](https://awesome-privacy.xyz/operating-systems/windows-defences/windows-secure-baseline)ㅤ
-
-
-- **[
USBFix](https://www.usb-antivirus.com)** - Detects infected USB removable devices.
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/operating-systems/windows-defences/usbfix)ㅤ
-
-
-- **[
GMER](http://www.gmer.net)** - Rootkit detection and removal utility.
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/operating-systems/windows-defences/gmer)ㅤ
-
-
-- **[
ScreenWings](https://schiffer.tech/screenwings.html)** - Blocks malicious background applications from taking screenshots.
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/operating-systems/windows-defences/screenwings)ㅤ
-
-
-- **[
CamWings](https://schiffer.tech/camwings.html)** - Blocks unauthorized webcam access.
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/operating-systems/windows-defences/camwings)ㅤ
-
-
-- **[
SpyDish](https://github.com/mirinsoft/spydish)** - Open source GUI app built upon PowerShell, allowing you to perform a quick and easy privacy check, on Windows 10 systems.
-
- -
- Stats
-
- [](https://github.com/mirinsoft/spydish) [](https://awesome-privacy.xyz/operating-systems/windows-defences/spydish)ㅤ
-
-
-- **[
SharpApp](https://github.com/mirinsoft/sharpapp)** - Open source GUI app built upon PowerShell, for disabling telemetry functions in Windows 10, uninstalling preinstalled apps, installing software packages and automating Windows tasks with integrated Po[…](https://awesome-privacy.xyz/operating-systems/windows-defences/sharpapp "View full SharpApp report")
- -
- Stats
-
- [](https://github.com/mirinsoft/sharpapp) [](https://awesome-privacy.xyz/operating-systems/windows-defences/sharpapp)ㅤ
-
-
-- **[
Debotnet](https://github.com/Mirinsoft/Debotnet)** - Light-weight, portable app for controlling the many privacy-related settings within Windows 10- with the aim of helping to keep private data, private.
-
- -
- Stats
-
- [](https://github.com/Mirinsoft/Debotnet) [](https://awesome-privacy.xyz/operating-systems/windows-defences/debotnet)ㅤ
-
-
-- **[
PrivaZer](https://privazer.com/)** - Good alternative to CCleaner, for deleting unnecessary data - logs, cache, history, etc.
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/operating-systems/windows-defences/privazer)ㅤ
-
-
-
-
-⚠️ Word of Warning
-
-> (The above software was last tested on 01/05/20).
-Many of the above tools are not necessary or suitable for beginners,
-and can cause your system to break - only use software that you need,
-according to your threat model. Take care to only download from an
-official/ legitimate source, verify the executable before proceeding,
-and check reviews/ forums.
-Create a system restore point, before making any significant changes to
-your OS (such as disabling core features).
-
-From a security and privacy perspective, Linux may be a better option.
-
-
-
-
-
-✳️ Notable Mentions
-
-> See also these lists:
-> - [github.com/Awesome-Windows/Awesome#security](https://github.com/Awesome-Windows/Awesome#security)
-> - [github.com/PaulSec/awesome-windows-domain-hardening](https://github.com/PaulSec/awesome-windows-domain-hardening)
-> - [github.com/meitar/awesome-cybersecurity-blueteam#windows-based-defenses](https://github.com/meitar/awesome-cybersecurity-blueteam#windows-based-defenses)
->
-
-⬆️ [Back to Top]
-
----
-
-### Mac OS Defences
-
-- **[
LuLu](https://objective-see.com/products/lulu.html)** - Free, open source macOS firewall. It aims to block unknown outgoing connections, unless explicitly approved by the user.
-
- -
- Stats
-
- [](https://github.com/objective-see/LuLu) [](https://tosdr.org/en/service/3069) [](https://awesome-privacy.xyz/operating-systems/mac-os-defences/lulu)ㅤ
-
-
-- **[
Stronghold](https://github.com/alichtman/stronghold)** - Easily configure macOS security settings from the terminal.
-
- -
- Stats
-
- [](https://github.com/alichtman/stronghold) [](https://awesome-privacy.xyz/operating-systems/mac-os-defences/stronghold)ㅤ
-
-
-- **[
Fortress](https://github.com/essandess/macOS-Fortress)** - Kernel-level, OS-level, and client-level security for macOS. With a Firewall, Blackhole, and Privatizing Proxy for Trackers, Attackers, Malware, Adware, and Spammers; with On-Demand and On-Access Anti[…](https://awesome-privacy.xyz/operating-systems/mac-os-defences/fortress "View full Fortress report")
- -
- Stats
-
- [](https://github.com/essandess/macOS-Fortress) [](https://awesome-privacy.xyz/operating-systems/mac-os-defences/fortress)ㅤ
-
-
-
-⬆️ [Back to Top]
-
----
-
-### Anti-Malware
-
-Cross-platform, open source malware detection and virus prevention tools
-
-- **[
ClamAV](https://www.clamav.net)** - An open source cross-platform antivirus engine for detecting viruses, malware & other malicious threats. It is versatile, performant and very effective.
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/operating-systems/anti-malware/clamav)ㅤ
-
-
-- **[
VirusTotal](https://www.virustotal.com)** - Web-based malware scanner, that inspects files and URLs with over 70 antivirus scanners, URL/domain services, and other tools to extract signals and determine the legitimacy.
-
- -
- Stats
-
- [](https://tosdr.org/en/service/1886) [](https://awesome-privacy.xyz/operating-systems/anti-malware/virustotal)ㅤ
-
-
-
-
-⚠️ Word of Warning
-
-> For Microsoft Windows, Windows Defender provides totally adequate virus
-protection in most cases. These tools are intended for single-use in
-detecting/ removing threats on an infected machine, and are not recommended
-to be left running in the background, use portable editions where available.
-
-Many anti virus products have a history of introducing vulnerabilities themselves,
-and several of them seriously degrade the performance of your computer, as well as
-decrease your privacy. Never use a free anti-virus, and never trust the companies
-that offer free solutions, even if you pay for the premium package.
-This includes (but not limited to) Avast, AVG, McAfee and Kasperky.
-For AV to be effective, it needs intermate access to all areas of your PC,
-so it is important to go with a trusted vendor, and monitor its activity closely.
-
-
-
-
-
-✳️ Notable Mentions
-
-> For 1-off malware scans on Windows, [MalwareBytes](https://www.malwarebytes.com)
-> is portable and very effective, but [not open source](https://forums.malwarebytes.com/topic/5495-open-source)
->
-
-⬆️ [Back to Top]
-
----
-
-## Development
-
-### Code Hosting
-
-- **[
SourceHut](https://sourcehut.org)** - Git and mercurial code hosting, task management, mailing lists, wiki hosting and Alpine-based build pipelines. Can be self-hosted, or used through the managed instance at sr.ht.
-
- -
- Stats
-
- [](https://tosdr.org/en/service/1607) [](https://awesome-privacy.xyz/development/code-hosting/sourcehut)ㅤ
-
-
-- **[
Codeberg](https://codeberg.org)** - A fully-managed instance of Forgejo.
-
- -
- Stats
-
- [](https://tosdr.org/en/service/3370) [](https://awesome-privacy.xyz/development/code-hosting/codeberg)ㅤ
-
-
-- **[
GitLab](https://gitlab.com)** - Fully-featured git, CI and project management platform. Managed instance available, but can also be self-hosted.
-
- -
- Stats
-
- [](https://tosdr.org/en/service/514) [](https://awesome-privacy.xyz/development/code-hosting/gitlab)ㅤ
-
-
-- **[
Gitea](https://gitea.io/)** - Lightweight self-hosted git platform, written in Go.
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/development/code-hosting/gitea)ㅤ
-
-
-- **[
Gogs](https://gogs.io/)** - Lightweight self-hosted git platform, written in Go.
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/development/code-hosting/gogs)ㅤ
-
-
-
-⬆️ [Back to Top]
-
----
-
-### IDEs
-
-⚠️ This section is still a work in progress ⚠️
Check back soon, or help us complete it by submitting a pull request
-⬆️ [Back to Top]
-
----
-
-### Terminal Emulators
-
-⚠️ This section is still a work in progress ⚠️
Check back soon, or help us complete it by submitting a pull request
-⬆️ [Back to Top]
-
----
-
-## Smart Home & IoT
-
-### Voice Assistants
-
-Google Assistant, Alexa and Siri don't have the best
-[reputation](https://srlabs.de/bites/smart-spies) when it comes to protecting
-consumers privacy, there have been
-[many recent breaches](https://www.theverge.com/2019/10/21/20924886/alexa-google-home-security-vulnerability-srlabs-phishing-eavesdropping).
-
-For that reason it is recommended not to have these devices in your house.
-The following are open source AI voice assistants, that aim to provide a
-human voice interface while also protecting your privacy and security
-
-- **[
Mycroft](https://mycroft-ai.gitbook.io/mark-ii)** - An open source privacy-respecting AI platform, compatible with a wide range of
-devices including Raspberry Pi, desktop computers, or dedicated Mycroft hardware.
-Actively developed, with extensive docu[…](https://awesome-privacy.xyz/smart-home-and-iot/voice-assistants/mycroft "View full Mycroft report")
- -
- Stats
-
- [](https://github.com/MycroftAI/mycroft-core) [](https://tosdr.org/en/service/1824) [](https://awesome-privacy.xyz/smart-home-and-iot/voice-assistants/mycroft)ㅤ
-
-
-- **[
Kalliope](https://kalliope-project.github.io)** - A modular, always-on, voice-controlled personal assistant geared towards home automation.
-Optimized for Raspberry Pi, Debian, or Ubuntu. Skills are easily programmable in YAML,
-though the library of p[…](https://awesome-privacy.xyz/smart-home-and-iot/voice-assistants/kalliope "View full Kalliope report")
- -
- Stats
-
- [](https://github.com/kalliope-project/kalliope) [](https://awesome-privacy.xyz/smart-home-and-iot/voice-assistants/kalliope)ㅤ
-
-
-
-
-⚠️ Word of Warning
-
-> If you are building your own assistant, you may want to consider a hardware-switch
-for disabling the microphone. Keep tabs on issues and check the code, to ensure
-you are happy with how it works, from a privacy perspective.
-
-
-
-
-
-✳️ Notable Mentions
-
-> If you choose to continue using Google Home/ Alexa, then check out
-> **[Project Alias](https://github.com/bjoernkarmann/project_alias)**.
-> It's a small app that runs on a Pi, and gives you more control over your smart assistants, for both customisation and privacy.
->
-> For a desktop-based assistant, see
-> [Dragonfire](https://github.com/DragonComputer/Dragonfire) for Ubuntu,
-> and [Jarvis](https://github.com/sukeesh/Jarvis) for MacOS.
->
-> [LinTO](https://linto.ai), [Jovo](https://www.jovo.tech) and [Snips](https://snips.ai)
-> are private-by-design voice assistant frameworks that can be built on by developers,
-> or used by enterprises.
->
-> [Jasper](https://jasperproject.github.io),
-> [Stephanie](https://github.com/SlapBot/stephanie-va) and
-> [Hey Athena](https://github.com/rcbyron/hey-athena-client) are Python-based voice assistant, but neither is under active development anymore.
-> See also [OpenAssistant](https://openassistant.org).
->
-
-⬆️ [Back to Top]
-
----
-
-### Smart Home
-
-- **[
Gladys Assistant](https://gladysassistant.com/)** - An open source privacy-respecting Home Assistant, compatible with a wide range of
-devices including Raspberry Pi, desktop computers, or NAS systems.
-Actively developed, with good french community and[…](https://awesome-privacy.xyz/smart-home-and-iot/smart-home/gladys-assistant "View full Gladys Assistant report")
- -
- Stats
-
- [](https://github.com/gladysassistant/gladys) [](https://awesome-privacy.xyz/smart-home-and-iot/smart-home/gladys-assistant)ㅤ
-
-
-
-⬆️ [Back to Top]
-
----
-
-## Finance
-
-### Cryptocurrencies
-
-- **[
Monero](https://www.getmonero.org)** - One of the most private cryptocurrencies, since no meta data is available
-(not even the transaction amount). It uses complex on-chain cryptographic
-methods such as Ring signatures, RingCT, Kovri, and[…](https://awesome-privacy.xyz/finance/cryptocurrencies/monero "View full Monero report")
- -
- Stats
-
- [](https://github.com/monero-project/monero) [](https://tosdr.org/en/service/8279) [](https://awesome-privacy.xyz/finance/cryptocurrencies/monero)ㅤ
-
-
-- **[
ZCash](https://z.cash)** - Uses zero-knowledge proofs to protect privacy cryptographic technique,
-that allows two users to transact without ever revealing their true identity
-or address. The Zcash blockchain uses two types of a[…](https://awesome-privacy.xyz/finance/cryptocurrencies/zcash "View full ZCash report")
- -
- Stats
-
- [](https://github.com/zcash/zcash) [](https://tosdr.org/en/service/8258) [](https://awesome-privacy.xyz/finance/cryptocurrencies/zcash)ㅤ
-
-
-
-
-⚠️ Word of Warning
-
-> Not all cryptocurrencies are anonymous, and without using a privacy-focused coin,
-a record of your transaction will live on a publicly available distributed ledger, forever.
-If you send of receive multiple payments, ensure you switch up addresses or use a mixer,
-to make it harder for anyone trying to trace your transactions.
-Cryptocurrencies that allow private and public transactions may reveal meta
-data about your transactions and balances when funds are moving from
-private to public addresses which can compromise your privacy with methods
-similar to a knapsack problem.
-
-Always store private keys somewhere safe, but offline
-
-Note: Cryptocurrency prices can go down. Storing any wealth in crypto may result in losses.
-If you are new to digital currencies - do your research first, don't invest more than you can afford to loose,
-and be very weary crypto-related scams are very common. as is and cryptocurrency-related malware.
-
-**This is NOT financial advice**
-
-
-
-
-
-✳️ Notable Mentions
-
-> Other privacy-focused cryptocurrencies include:
-> [PIVX](https://pivx.org),
-> [Verge](https://vergecurrency.com), and [Piratechain](https://pirate.black/).
->
-
-
-ℹ️ Further Info
-
-> It is still possible to use currencies that have a public ledger 'privately',
-but you will need to take great care not to cause any transactions to be
-linked with your identity or activity. For example, avoid exchanges that
-require KYC, and consider using a service such as
-[Local Bitcoins](https://localbitcoins.net).
-If you use a [Bitcoin ATM](https://coinatmradar.com), then take care to not
-be physically tracked (CCTV, phone location, card payments etc)
-
-
-⬆️ [Back to Top]
-
----
-
-### Crypto Wallets
-
-- **[
Wasabi Wallet](https://www.wasabiwallet.io)** - An open source, native desktop wallet for Windows, Linux, and MacOS. Wasabi implements trustless CoinJoins over the Tor network. Neither an observer nor the participants can determine which output bel[…](https://awesome-privacy.xyz/finance/crypto-wallets/wasabi-wallet "View full Wasabi Wallet report")
- -
- Stats
-
- [](https://github.com/zkSNACKs/WalletWasabi) [](https://awesome-privacy.xyz/finance/crypto-wallets/wasabi-wallet)ㅤ
-
-
-- **[
Trezor](https://trezor.io)** - Open source, cross-platform, offline, crypto wallet, compatible with 1000+ coins. Your private key is generated on the device, and never leaves it, all transactions are signed by the Trezor, which ens[…](https://awesome-privacy.xyz/finance/crypto-wallets/trezor "View full Trezor report")
- -
- Stats
-
- [](https://github.com/trezor/trezor-firmware) [](https://awesome-privacy.xyz/finance/crypto-wallets/trezor)ㅤ
-
-
-- **[
ColdCard](https://coldcardwallet.com/)** - An easy-to-use, super secure Bitcoin hardware wallet, which can be used independently as an air-gapped wallet. ColdCard is based on partially signed Bitcoin transactions following the BIP174 standard.[…](https://awesome-privacy.xyz/finance/crypto-wallets/coldcard "View full ColdCard report")
- -
- Stats
-
- [](https://github.com/Coldcard/firmware) [](https://awesome-privacy.xyz/finance/crypto-wallets/coldcard)ㅤ
-
-
-- **[
Electrum](https://electrum.org/)** - Long-standing Python-based Bitcoin wallet with good security features. Private keys are encrypted and do not touch the internet and balance is checked with a watch-only wallet. Compatible with other w[…](https://awesome-privacy.xyz/finance/crypto-wallets/electrum "View full Electrum report")
- -
- Stats
-
- [](https://github.com/spesmilo/electrum) [](https://tosdr.org/en/service/2761) [](https://awesome-privacy.xyz/finance/crypto-wallets/electrum)ㅤ
-
-
-- **[
Sparrow Wallet](https://sparrowwallet.com/)** - Sparrow is a Bitcoin wallet for those who value financial self-sovereignty. Sparrow’s emphasis is on security, privacy, and usability. Sparrow does not hide information from you - on the contrary, it[…](https://awesome-privacy.xyz/finance/crypto-wallets/sparrow-wallet "View full Sparrow Wallet report")
- -
- Stats
-
- [](https://github.com/sparrowwallet/sparrow) [](https://awesome-privacy.xyz/finance/crypto-wallets/sparrow-wallet)ㅤ
-
-
-- **[
Atomic Wallet](https://atomicwallet.io/)** - Atomic is an open-source desktop and mobile-based wallet, where your private keys are stored on your local device, and do not touch the internet. Atomic has a great feature set, and supports swapping,[…](https://awesome-privacy.xyz/finance/crypto-wallets/atomic-wallet "View full Atomic Wallet report")
- -
- Stats
-
- [](https://github.com/Atomicwallet/bip38) [](https://awesome-privacy.xyz/finance/crypto-wallets/atomic-wallet)ㅤ
-
-
-- **[
CryptoSteel](https://cryptosteel.com/how-it-works)** - A steel plate, with engraved letters which can be permanently screwed - CryptoSteel is a good fire-proof, shock-proof, water-proof, and stainless cryptocurrency backup solution.
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/finance/crypto-wallets/cryptosteel)ㅤ
-
-
-- **[
BitBox02](https://shiftcrypto.ch/)** - Open source hardware wallet, supporting secure multisig with the option for making encrypted backups on a MicroSD card.
-
- -
- Stats
-
- [](https://github.com/digitalbitbox/bitbox-wallet-app) [](https://awesome-privacy.xyz/finance/crypto-wallets/bitbox02)ㅤ
-
-
-
-
-⚠️ Word of Warning
-
-> Avoid using any online/ hot-wallet, as you will have no control over
-the security of your private keys.
-
-Offline paper wallets are very secure, but ensure you store it
-properly - to keep it safe from theft, loss or damage.
-
-
-
-
-
-✳️ Notable Mentions
-
-> [Metamask](https://metamask.io/) (Ethereum and ERC20 tokens) is a bridge
-> that allows you to visit and interact with distributed web apps in your browser.
-> Metamask has good hardware wallet support, so you can use it to swap, stake,
-> sign, lend and interact with dapps without you're private key ever leaving your device.
-> However the very nature of being a browser-based app means that you need to stay vigilant with what services you give access to.
->
-
-⬆️ [Back to Top]
-
----
-
-### Crypto Exchanges
-
-- **[
Bisq](https://bisq.network)** - An open-source, peer-to-peer application that allows you to buy and sell
-cryptocurrencies in exchange for national currencies. Fully decentralized,
-and no registration required.
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/finance/crypto-exchanges/bisq)ㅤ
-
-
-- **[
LocalBitcoins](https://localbitcoins.com/)** - Person-to-person exchange, find people local to your area, and trade
-directly with them, to avoid going through any central organization.
-Primarily focused on Bitcoin, Ethereum, Ripple, and LiteCoin,[…](https://awesome-privacy.xyz/finance/crypto-exchanges/localbitcoins "View full LocalBitcoins report")
- -
- Stats
-
- [](https://tosdr.org/en/service/3645) [](https://awesome-privacy.xyz/finance/crypto-exchanges/localbitcoins)ㅤ
-
-
-- **[
AtomicDEX](https://atomicdex.io/)** - Person-to-person cryptocurrency exchange with no KYC or registration
-required and uses atomic swaps to perform trustless trades.
-The orderbook uses a modified libp2p protocol to prevent censorship and[…](https://awesome-privacy.xyz/finance/crypto-exchanges/atomicdex "View full AtomicDEX report")
- -
- Stats
-
- [](https://github.com/KomodoPlatform/atomicDEX-Pro) [](https://awesome-privacy.xyz/finance/crypto-exchanges/atomicdex)ㅤ
-
-
-- **[
RoboSats](https://learn.robosats.com)** - RoboSats is an easy way to privately exchange Bitcoin for national currencies.
-It simplifies the peer-to-peer experience and makes use of lightning hold
-invoices to minimize custody and trust requirem[…](https://awesome-privacy.xyz/finance/crypto-exchanges/robosats "View full RoboSats report")
- -
- Stats
-
- [](https://github.com/RoboSats/robosats) [](https://awesome-privacy.xyz/finance/crypto-exchanges/robosats)ㅤ
-
-
-
-
-✳️ Notable Mentions
-
-> For traders, [BaseFEX](https://www.basefex.com/) doesn't require ID and has a good privacy policy.
->
-> [BitMex](https://www.bitmex.com/) has more advanced trading features,
-> but ID verification is required for higher value trades involving Fiat currency.
->
-> For buying and selling alt-coins, [Binance](https://www.binance.com/en/register?ref=X2BHKID1) has a wide range of currencies,
-> ~and ID verification is not needed for small-value trades~ but ID verification is required in most countries.
->
-
-⬆️ [Back to Top]
-
----
-
-### Virtual Credit Cards
-
-Virtual cards generated provide an extra layer of security, improve privacy
-and help protect from fraud. Most providers have additional features,
-such as single-use cards (that cannot be charged more than once),
-card limits (so you can be sure you won't be charged more than you expected)
-and other security controls.
-
-In most countries KYC is required. The bank will of course be able to see all your transactions.
-Be sure to read their privacy policy and terms of service beforehand.
-Not all services are available in all countries.
-
-- **[
Privacy.com](https://privacy.com)** - Privacy.com has a good reputation, and is the largest virtual card provider
-in the US. Unlike other providers, it is free for personal use (up to 12 cards
-per month) with no fees, apps and support is[…](https://awesome-privacy.xyz/finance/virtual-credit-cards/privacy.com "View full Privacy.com report")
- -
- Stats
-
- [](https://tosdr.org/en/service/3262) [](https://awesome-privacy.xyz/finance/virtual-credit-cards/privacy.com)ㅤ
-
-
-- **[
Revolut Premium](https://www.revolut.com/)** - Revolut is more of a digital bank account, and identity checks are required
-to sign up. Virtual cards are only available on Premium/ Metal accounts, which
-start at $7/month.
-
- -
- Stats
-
- [](https://tosdr.org/en/service/2310) [](https://awesome-privacy.xyz/finance/virtual-credit-cards/revolut-premium)ㅤ
-
-
-- **[
MySudo](https://mysudo.com)** - Much more than just virtual cards, MySudo is a platform for creating
-compartmentalised identities, each with their own virtual cards, virtual phone
-numbers, virtual email addresses, messaging, private[…](https://awesome-privacy.xyz/finance/virtual-credit-cards/mysudo "View full MySudo report")
- -
- Stats
-
- [](https://tosdr.org/en/service/1351) [](https://awesome-privacy.xyz/finance/virtual-credit-cards/mysudo)ㅤ
-
-
-
-⬆️ [Back to Top]
-
----
-
-### Other Payment Methods
-
-- **[
Cash]()** - Actual physical cash is still the most private option, with no chance of leaving
-any transactional records.
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/finance/other-payment-methods/cash)ㅤ
-
-
-- **[
Gift Cards]()** - Gift cards can be purchased for cash in many convenience stores, and redeemed
-online for goods or services. Try to avoid CCTV as best as possible.
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/finance/other-payment-methods/gift-cards)ㅤ
-
-
-- **[
Pre-paid Cards]()** - Similarly to gift cards, buying a pre-paid card for cash can enable you to
-purchase goods and services in stores that only accept card payments.
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/finance/other-payment-methods/pre-paid-cards)ㅤ
-
-
-
-
-⚠️ Word of Warning
-
-> Note that credit card providers heavily track transaction metadata, which build
-up a detailed picture of each persons spending habits. This is done both to
-provide improved fraud alerts, but also because the data is extremely valuable
-and is often 'anonymized' and sold to 3rd parties. Hence your privacy is degraded
-if these cards are used for daily transactions
-
-
-
-
-
-ℹ️ Further Info
-
-> Paying for goods and services is a good example of where privacy and security conflict;
-the most secure option would be to pay with credit card, since most providers include
-comprehensive fraud protection, whereas the most private option would be to pay using
-crypto currency or cash, since neither can be easily tied back to your identity.
-
-
-⬆️ [Back to Top]
-
----
-
-### Secure Budgeting
-
-- **[
Firefly III](https://www.firefly-iii.org)** - A free and open source personal finance manager. Firefly III features a clean
-and clear UI, is easy to set up and use, and is backed by a strong community.
-Regular updates bring new features, improvem[…](https://awesome-privacy.xyz/finance/secure-budgeting/firefly-iii "View full Firefly III report")
- -
- Stats
-
- [](https://github.com/firefly-iii/firefly-iii) [](https://awesome-privacy.xyz/finance/secure-budgeting/firefly-iii)ㅤ
-
-
-- **[
GnuCash](https://www.gnucash.org)** - A full-featured cross-platform accounting application suitable for personal
-and small business finance. Stable and reliable, GnuCash offers a comprehensive
-suite of financial management tools. Availab[…](https://awesome-privacy.xyz/finance/secure-budgeting/gnucash "View full GnuCash report")
- -
- Stats
-
- [](https://github.com/Gnucash/gnucash) [](https://awesome-privacy.xyz/finance/secure-budgeting/gnucash)ㅤ
-
-
-- **[
Plain Text Accounting](https://plaintextaccounting.org)** - Utilizes plain text files and scriptable, command-line-friendly software for
-bookkeeping/accounting, offering full control over data. Popular tools include
-Ledger, hledger, and Beancount among others,[…](https://awesome-privacy.xyz/finance/secure-budgeting/plain-text-accounting "View full Plain Text Accounting report")
- -
- Stats
-
- [](https://github.com/plaintextaccounting/plaintextaccounting) [](https://awesome-privacy.xyz/finance/secure-budgeting/plain-text-accounting)ㅤ
-
-
-
-
-✳️ Notable Mentions
-
-> Spreadsheets remain a popular choice for managing budgets and financial planning.
-> [Collabora](https://nextcloud.com/collaboraonline) or
-> [OnlyOffice](https://nextcloud.com/onlyoffice) (on [NextCloud](https://nextcloud.com)),
-> [Libre Office](https://www.libreoffice.org) and [EtherCalc](https://ethercalc.net)
-> are popular open source spread sheet applications. [Mintable](https://github.com/kevinschaich/mintable)
-> allows you to auto-populate your spreadsheets from your financial data,
-> using publicly accessible API - mitigating the requirement for a dedicated budgeting application.
->
-> Other notable open source budgeting applications include:
-> [Smart Wallet](https://apps.apple.com/app/smart-wallet/id1378013954) (iOS),
-> [My-Budget](https://rezach.github.io/my-budget) (Desktop),
-> [MoneyManager EX](https://www.moneymanagerex.org),
-> [Skrooge](https://skrooge.org), and
-> [kMyMoney](https://kmymoney.org).
->
-
-⬆️ [Back to Top]
-
----
-
-## Social
-
-### Social Networks
-
-Over the past decade, social networks have revolutionized the way we communicate
-and bought the world closer together - but it came at the
-[cost of our privacy](https://en.wikipedia.org/wiki/Privacy_concerns_with_social_networking_services).
-
-Social networks are built on the principle of sharing - but you, the user
-should be able to choose with whom you share what, and that is what the
-following sites aim to do.
-
-- **[
Aether](https://getaether.net)** - Offers self-governing communities with auditable moderation, akin to Reddit but
-prioritizing privacy, democracy, and transparency. Aether is peer-to-peer and open
-source, available for Windows, Mac, a[…](https://awesome-privacy.xyz/social/social-networks/aether "View full Aether report")
- -
- Stats
-
- [](https://github.com/getaether/aether-community-firmware) [](https://awesome-privacy.xyz/social/social-networks/aether)ㅤ
-
-
-- **[
Discourse](https://www.discourse.org)** - A fully open-source, self-hostable discussion platform usable as a mailing list,
-discussion forum, or long-form chat room.
-
- -
- Stats
-
- [](https://github.com/discourse/discourse) [](https://tosdr.org/en/service/1340) [](https://awesome-privacy.xyz/social/social-networks/discourse)ㅤ
-
-
-- **[
Mastodon](https://mastodon.social)** - An open-source, distributed social media platform functioning similarly to Twitter,
-without algorithmic timeline manipulations. It operates across independent servers.
-
- -
- Stats
-
- [](https://github.com/mastodon/mastodon) [](https://tosdr.org/en/service/639) [](https://awesome-privacy.xyz/social/social-networks/mastodon)ㅤ
-
-
-- **[
nostr](https://github.com/nostr-protocol/nostr)** - nostr stands for Notes and other stuff transmitted by relays.
-It is an open protocol, not merely a platform.
-This distinction enables truly censorship-resistant and global value-for-value publishing o[…](https://awesome-privacy.xyz/social/social-networks/nostr "View full nostr report")
- -
- Stats
-
- [](https://github.com/https://github.com/nostr-protocol) [](https://awesome-privacy.xyz/social/social-networks/nostr)ㅤ
-
-
-- **[
Minds](https://www.minds.com)** - A social media platform designed to foster open conversations and community
-engagement. Rewards content creation.
-
- -
- Stats
-
- [](https://github.com/minds/minds) [](https://awesome-privacy.xyz/social/social-networks/minds)ㅤ
-
-
-
-
-✳️ Notable Mentions
-
-> - [diaspora\*](https://diasporafoundation.org), [Pleroma](https://pleroma.social), [Friendica](https://friendi.ca) and [Hubzilla ](https://hubzilla.org) - distributed, decentralized social networks, built on open protocols
-> - [Tildes](https://tildes.net), [Lemmy](https://dev.lemmy.ml) and [notabug.io](https://notabug.io) - bulletin boards and news aggregators (similar to Reddit)
-> - [Pixelfed](https://pixelfed.org) - A free, ethical, federated photo sharing platform (FOSS alternative to Instagram)
->
-
-
-ℹ️ Further Info
-
-> The content on many of these smaller sites tends to be more *niche*.
-To continue using Twitter, there are a couple of
-[tweaks](https://www.offensiveprivacy.com/blog/twitter-privacy),
-that will improve security. For Reddit, use a privacy-respecting client -
-such as [Reditr](http://reditr.com/).
-Other main-stream social networking sites do not respect your privacy,
-so should be avoided, but if you choose to keep using them see
-[this guide](https://proprivacy.com/guides/social-media-privacy-guide) for tips on protecting your privacy
-
-
-⬆️ [Back to Top]
-
----
-
-### Video Platforms
-
-- **[
PeerTube](https://joinpeertube.org)** - A federated video platform leveraging peer-to-peer technology to decrease server
-load during video streaming. Supports self-hosting or joining existing instances,
-enabling video viewing from any PeerT[…](https://awesome-privacy.xyz/social/video-platforms/peertube "View full PeerTube report")
- -
- Stats
-
- [](https://tosdr.org/en/service/1596) [](https://awesome-privacy.xyz/social/video-platforms/peertube)ㅤ
-
-
-- **[
DTube](https://d.tube)** - A decentralized, ad-free video platform emphasizing minimal moderation. It rewards
-users with cryptocurrency, leveraging blockchain technology.
-
- -
- Stats
-
- [](https://tosdr.org/en/service/2798) [](https://awesome-privacy.xyz/social/video-platforms/dtube)ㅤ
-
-
-- **[
BitChute](https://www.bitchute.com)** - Established in 2017, BitChute is a video hosting service that offers a platform for
-uploaders to evade the content restrictions found on other sites like YouTube.
-
- -
- Stats
-
- [](https://tosdr.org/en/service/513) [](https://awesome-privacy.xyz/social/video-platforms/bitchute)ㅤ
-
-
-
-
-⚠️ Word of Warning
-
-> Without moderation, some of these platforms accommodate video creators
-whose content may not be appropriate for all audiences
-
-
-
-
-
-ℹ️ Further Info
-
-> #### YouTube Proxies
-The content on many of the smaller video sites, often just doesn't compare to YouTube.
-So another alternative, is to access YouTube through a proxy client, which reduces what Google can track.
-- Good options are: [Invidious](https://invidious.io/) (web), [Piped](https://piped.kavin.rocks) (web), [FreeTube](https://freetubeapp.io/) (Windows, Mac OS, Linux), [NewPipe](https://newpipe.schabi.org/) (Android), [YouTube++](https://iosninja.io/ipa-library/download-youtube-plus-ipa-ios) (iOS)
-- Or download videos with [youtube-dl](https://ytdl-org.github.io/youtube-dl/) (cli) or [youtube-dl-gui](https://github.com/MrS0m30n3/youtube-dl-gui) (gui). For just audio, there is [PodSync](https://podsync.net/)
-
-#### Video Search Engines
-[Petey Vid](https://www.peteyvid.com) is a non-biased video search engine.
-Unlike normal search engines it indexes videos from a lot of sources,
-including Twitter, Veoh, Instagram, Twitch, MetaCafe, Minds, BitChute,
-Brighteon, D-Tube, PeerTube, and many others.
-
-
-⬆️ [Back to Top]
-
----
-
-### Blogging Platforms
-
-- **[
Write Freely](https://writefreely.org)** - A minimalist, federated blogging platform offering a clean UI. It's free, open source,
-and caters to writers seeking simplicity and federation capabilities. For hosted options,
-visit Write.as.
-
- -
- Stats
-
- [](https://github.com/writeas/writefreely) [](https://awesome-privacy.xyz/social/blogging-platforms/write-freely)ㅤ
-
-
-- **[
Telegraph](https://telegra.ph)** - A quick, anonymous blogging platform by Telegram. It's designed for simplicity and speed,
-allowing for straightforward content publishing without registration.
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/social/blogging-platforms/telegraph)ㅤ
-
-
-- **[
Mataroa](https://mataroa.blog)** - A minimalist blogging platform focused on privacy and simplicity. It's open source and
-eschews complex features for a straightforward writing and publishing experience.
-
- -
- Stats
-
- [](https://github.com/mataroa-blog/mataroa) [](https://awesome-privacy.xyz/social/blogging-platforms/mataroa)ㅤ
-
-
-- **[
Bear Blog](https://bearblog.dev/)** - A no-nonsense, super-fast blogging platform prioritizing privacy. It strips back
-unnecessary features to focus on straightforward blogging. The platform is open source.
-
- -
- Stats
-
- [](https://github.com/HermanMartinus/bearblog) [](https://awesome-privacy.xyz/social/blogging-platforms/bear-blog)ㅤ
-
-
-- **[
Movim](https://movim.eu/)** - A web frontend for XMPP, offering decentralized blogging and chatrooms. Movim is open source,
-integrating social and communication tools in a unified platform.
-
- -
- Stats
-
- [](https://github.com/movim/movim) [](https://awesome-privacy.xyz/social/blogging-platforms/movim)ㅤ
-
-
-- **[
Pico](https://pico.sh/)** - Web services over SSH, including blogging with Prose, microsites with Pages, and a pastebin with
-Pastes. The services use public-key cryptography by default with no browser-based tracking and
-minimal[…](https://awesome-privacy.xyz/social/blogging-platforms/pico "View full Pico report")
- -
- Stats
-
- [](https://github.com/picosh/pico) [](https://awesome-privacy.xyz/social/blogging-platforms/pico) [](https://github.com/picosh/pico)ㅤ
-
-
-
-
-✳️ Notable Mentions
-
-> If you use [Standard Notes](https://standardnotes.com/?s=chelvq36),
-> then [Listed.to](https://listed.to) is a public blogging platform with
-> strong privacy features.
-> It lets you publish posts directly through the Standard Notes app or web interface.
->
-> Other minimalistic platforms include [Notepin.co](https://notepin.co) and [Pen.io](http://pen.io).
->
-> Want to write a simple text post and promote it yourself?
-> Check out [telegra.ph](https://telegra.ph), [txt.fyi](https://txt.fyi) and [NotePin](https://notepin.co).
-> For seriously anonymous platforms, aimed at activists, see [noblogs](https://noblogs.org/)
-> and [autistici](https://www.autistici.org).
-> It is also possible to host a normal [WordPress](https://wordpress.com) site,
-> without it being linked to your real identity, although WP does not have
-> the best reputation when it comes to privacy.
->
-> Of course you could also host your blog on your own server,
-> using a standard open source blog platform, such as
-> [Ghost](https://ghost.org) and configure it to disable all trackers, ads and analytics.
->
-
-⬆️ [Back to Top]
-
----
-
-### News Readers
-
-- **[
Tiny RSS](https://tt-rss.org)** - A web-based news feed reader and aggregator, supporting RSS/Atom feeds. It's free, open source,
-and offers a customizable and self-hostable platform for managing your news feeds.
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/social/news-readers/tiny-rss)ㅤ
-
-
-- **[
RSSOwl](http://www.rssowl.org)** - A powerful, desktop-based RSS reader offering extensive organization features. It facilitates
-managing and curating news feeds from various sources.
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/social/news-readers/rssowl)ㅤ
-
-
-- **[
Feedly](https://feedly.com)** - Offers a premium news aggregation experience, presenting news from chosen sources in a clean,
-modern interface. Beyond RSS, it integrates with various news outlets, ensuring a tailored
-news feed witho[…](https://awesome-privacy.xyz/social/news-readers/feedly "View full Feedly report")
- -
- Stats
-
- [](https://tosdr.org/en/service/405) [](https://awesome-privacy.xyz/social/news-readers/feedly)ㅤ
-
-
-
-⬆️ [Back to Top]
-
----
-
-### Proxy Sites
-
-These are websites that enable you to access existing social media platforms,
-without using their primary website - with the aim of improving privacy &
-security and providing better user experience. The below options are open
-source (so can be self-hosted, if you wish), and they do not display ads
-or tracking (unless otherwise stated).
-
-- **[
Nitter](https://nitter.net)** - A privacy-centric alternative to Twitter's front-end, focusing on preventing user tracking.
-It's free, open source, lightweight, supports multiple themes, and offers customizable RSS feeds.
-All client[…](https://awesome-privacy.xyz/social/proxy-sites/nitter "View full Nitter report")
- -
- Stats
-
- [](https://awesome-privacy.xyz/social/proxy-sites/nitter)ㅤ
-
-
-- **[
Invidious](https://invidious.io)** - An open source, privacy-focused YouTube frontend. It minimizes Google tracking, supports audio-only mode,
-integrates Reddit comments, and offers advanced playback options. Lightweight and can function[…](https://awesome-privacy.xyz/social/proxy-sites/invidious "View full Invidious report")
- -
- Stats
-
- [](https://tosdr.org/en/service/1471) [](https://awesome-privacy.xyz/social/proxy-sites/invidious)ㅤ
-
-
-- **[
Libreddit](https://libreddit.spike.codes)** - A private, fast Reddit frontend written in Rust. Excludes ads, trackers, and bloat, making it much faster
-than the official site. Can be self-hosted via Docker or other methods. Implements most Reddit[…](https://awesome-privacy.xyz/social/proxy-sites/libreddit "View full Libreddit report")
- -
- Stats
-
- [](https://awesome-privacy.xyz/social/proxy-sites/libreddit)ㅤ
-
-
-- **[
WebProxy](https://weboproxy.com)** - A free proxy service offering a Tor mode for evading censorship and accessing geo-restricted content.
-Claims to encrypt traffic, but caution is advised for personal information. Managed by DevroLabs.
-
- -
- Stats
-
- [](https://awesome-privacy.xyz/social/proxy-sites/webproxy)ㅤ
-
-
-
-
-⚠️ Word of Warning
-
-> When proxies are involved - only use reputable services, and **never** enter any personal information
-
-
-
-
-
-✳️ Notable Mentions
-
-> - [NewPipe](https://newpipe.schabi.org) - An open source, privacy-respecting YouTube client for Android.> - [FreeTube](https://freetubeapp.io) - An open source YouTube client for Windows, MacOS and Linux, providing
-a more private experience, with a native-feel desktop app.
-It is built upon the [Invidious](https://invidious.io/) API.
-
-
-
-ℹ️ Further Info
-
-> *[alternative-front-ends](https://github.com/mendel5/alternative-front-ends) provides information on
-dozens of alternative front-end options for popular platforms, such as YouTube, Twitter, Reddit,
-TikTok, and more.*
-
-
-⬆️ [Back to Top]
-
----
-
-## Media
-
-### Gaming
-
-⚠️ This section is still a work in progress ⚠️
Check back soon, or help us complete it by submitting a pull request
-⬆️ [Back to Top]
-
----
-
-### Media Servers
-
-⚠️ This section is still a work in progress ⚠️
Check back soon, or help us complete it by submitting a pull request
-⬆️ [Back to Top]
-
----
-
-### Music Players
-
-⚠️ This section is still a work in progress ⚠️
Check back soon, or help us complete it by submitting a pull request
-⬆️ [Back to Top]
-
----
-
-### Video Players
-
-⚠️ This section is still a work in progress ⚠️
Check back soon, or help us complete it by submitting a pull request
-⬆️ [Back to Top]
-
----
-
-### Photo Viewers
-
-⚠️ This section is still a work in progress ⚠️
Check back soon, or help us complete it by submitting a pull request
-⬆️ [Back to Top]
-
----
-
-### E-Book Readers
-
-⚠️ This section is still a work in progress ⚠️
Check back soon, or help us complete it by submitting a pull request
-⬆️ [Back to Top]
-
----
-
-### Podcast Players
-
-⚠️ This section is still a work in progress ⚠️
Check back soon, or help us complete it by submitting a pull request
-⬆️ [Back to Top]
-
----
-
-### Torrent Downloaders
-
-⚠️ This section is still a work in progress ⚠️
Check back soon, or help us complete it by submitting a pull request
-⬆️ [Back to Top]
-
----
-
-### File Converters
-
-- **[
FFmpeg](https://ffmpeg.org/)** - A complete, cross-platform solution to record, convert, and stream audio and
-video. It's the industry standard multimedia framework, handling a vast range
-of formats. As a command-line tool, it guaran[…](https://awesome-privacy.xyz/media/file-converters/ffmpeg "View full FFmpeg report")
- -
- Stats
-
- [](https://github.com/FFmpeg/FFmpeg) [](https://awesome-privacy.xyz/media/file-converters/ffmpeg) [](https://github.com/FFmpeg/FFmpeg)ㅤ
-
-
-
-⬆️ [Back to Top]
-
----
-
-## Creativity
-
-### Image Editors
-
-- **[
Gimp](https://www.gimp.org)** - A free, open source, cross-platform image editor. GIMP is a powerful tool for
-photo retouching, image composition, and image authoring. It is highly customizable,
-and supports a wide range of file for[…](https://awesome-privacy.xyz/creativity/image-editors/gimp "View full Gimp report")
- -
- Stats
-
- [](https://github.com/GNOME/gimp) [](https://awesome-privacy.xyz/creativity/image-editors/gimp) [](https://github.com/GNOME/gimp)ㅤ
-
-
-- **[
InkScape](https://inkscape.org)** - A free, open source, professional vector graphics editor. It is a powerful tool
-for creating illustrations, icons, logos, diagrams, maps, and web graphics.
-
- -
- Stats
-
- [](https://github.com/inkscape/inkscape) [](https://tosdr.org/en/service/6568) [](https://awesome-privacy.xyz/creativity/image-editors/inkscape) [](https://github.com/inkscape/inkscape)ㅤ
-
-
-- **[
Paint.NET](https://www.getpaint.net)** - A more advanced take on Microsoft Paint. Suitable for basic image editing,
-with support for basic layers, unlimited undo/redo, and extendable via plugins
-
- -
- Stats
-
- [](https://github.com/paintdotnet/release) [](https://awesome-privacy.xyz/creativity/image-editors/paint.net) [](https://github.com/paintdotnet/release)ㅤ
-
-
-- **[
PixlrX](https://pixlr.com/express)** - A free web-based image editor, with a modern UI.
-Also offers premium/paid features, such as AI-powered generation, touchup and editing
-
- -
- Stats
-
- [](https://tosdr.org/en/service/3240) [](https://awesome-privacy.xyz/creativity/image-editors/pixlrx)ㅤ
-
-
-- **[
RawTherapee](https://rawtherapee.com)** - A powerful raw photo processing system and editor, for non-destructive editing
-of raw digital photos
-
- -
- Stats
-
- [](https://github.com/Beep6581/RawTherapee) [](https://awesome-privacy.xyz/creativity/image-editors/rawtherapee) [](https://github.com/Beep6581/RawTherapee)ㅤ
-
-
-- **[
PhotoPea](https://photopea.com)** - A free online image editor, for both raster and vector graphics,
-with a very wide range of supported formats
-
- -
- Stats
-
- [](https://github.com/photopea/photopea) [](https://tosdr.org/en/service/4105) [](https://awesome-privacy.xyz/creativity/image-editors/photopea) ㅤ
-
-
-- **[
Krita](https://krita.org/en)** - Digital painting application.
-Free and open source (backed by KDE), with cross-platform support,
-Krita is popular among both professional and amateur artists
-due to it's comprehensive feature set, and[…](https://awesome-privacy.xyz/creativity/image-editors/krita "View full Krita report")
- -
- Stats
-
- [](https://github.com/KDE/krita) [](https://awesome-privacy.xyz/creativity/image-editors/krita) [](https://github.com/KDE/krita)ㅤ
-
-
-- **[
DarkTable](https://www.darktable.org)** - A photography workflow application (similar to Adbobe Lightroom)
-Includes a non-destructive raw developer for raw images and managing digital negatives.
-
- -
- Stats
-
- [](https://github.com/darktable-org/darktable) [](https://awesome-privacy.xyz/creativity/image-editors/darktable) [](https://github.com/darktable-org/darktable)ㅤ
-
-
-
-⬆️ [Back to Top]
-
----
-
-### Video Editors
-
-- **[
Shotcut](https://shotcut.org)** - A free, open source, cross-platform video editor, using FFmpeg
-Shotcut supports a wide range of formats, and has a comprehensive feature set,
-including 4K & 8k resolution, webcam + audio capture, batc[…](https://awesome-privacy.xyz/creativity/video-editors/shotcut "View full Shotcut report")
- -
- Stats
-
- [](https://github.com/mltframework/shotcut) [](https://awesome-privacy.xyz/creativity/video-editors/shotcut) [](https://github.com/mltframework/shotcut)ㅤ
-
-
-- **[
OpenShot](https://www.openshot.org)** - A free, simple, cross-platform video editor.
-Great for trimming/slicing, video effects, adding titles, scene animations
-and [more](https://www.openshot.org/features/)
-
- -
- Stats
-
- [](https://github.com/OpenShot/openshot-qt) [](https://awesome-privacy.xyz/creativity/video-editors/openshot) [](https://github.com/OpenShot/openshot-qt)ㅤ
-
-
-- **[
Kdenlive](https://kdenlive.org)** - KDE Non-Linear Video Editor, is an editor based on the MLT Framework, KDE and Qt,
-written using C++ and using FFmpeg
-
- -
- Stats
-
- [](https://github.com/kdenlive/kdenlive) [](https://awesome-privacy.xyz/creativity/video-editors/kdenlive) [](https://github.com/kdenlive/kdenlive)ㅤ
-
-
-- **[
FlowBlade](https://jliljebl.github.io/flowblade)** - A multitrack non-linear video editor with a simple interface
-
- -
- Stats
-
- [](https://github.com/jliljebl/flowblade) [](https://awesome-privacy.xyz/creativity/video-editors/flowblade) [](https://github.com/jliljebl/flowblade)ㅤ
-
-
-- **[
Cinelerra GG Infinity](https://www.cinelerra-gg.org)** - Simple video editor, for applying transitions, effects and text as well
-as splicing video clips
-
- -
- Stats
-
- [](https://github.com/cinelerra-gg/cinelerra-gg) [](https://awesome-privacy.xyz/creativity/video-editors/cinelerra-gg-infinity)ㅤ
-
-
-- **[
VitCutter](https://sourceforge.net/projects/vidcutter/)** - A simple Python-based cross-platform tool for cutting and splicing videos
-
- -
- Stats
-
- [](https://github.com/ozmartian/vidcutter) [](https://awesome-privacy.xyz/creativity/video-editors/vitcutter)ㅤ
-
-
-- **[
Natron](https://natrongithub.github.io)** - Free & open desktop node-graph based video compositing software.
-Similar in functionalities to Adobe After Effects.
-Features flexible rotoscoping, 2D & planner tracking, keying tools,
-curve & dope-shi[…](https://awesome-privacy.xyz/creativity/video-editors/natron "View full Natron report")
- -
- Stats
-
- [](https://github.com/NatronGitHub/Natron) [](https://awesome-privacy.xyz/creativity/video-editors/natron) [](https://github.com/NatronGitHub/Natron)ㅤ
-
-
-
-⬆️ [Back to Top]
-
----
-
-### Audio Editors & Recorders
-
-- **[
Audacity](https://www.audacityteam.org)** - An easy-to-use, multi-track audio editor and recorder for desktops,
-great free alternative to Adobe Audition.
-Features recording from real and virtual devices,
-import/export to a wide range of formats[…](https://awesome-privacy.xyz/creativity/audio-editors-and-recorders/audacity "View full Audacity report")
- -
- Stats
-
- [](https://github.com/audacity/audacity) [](https://tosdr.org/en/service/4516) [](https://awesome-privacy.xyz/creativity/audio-editors-and-recorders/audacity) [](https://github.com/audacity/audacity)ㅤ
-
-
-
-⬆️ [Back to Top]
-
----
-
-### Casting & Streaming
-
-- **[
OBS Studio](https://obsproject.com)** - Powerful desktop software for live streaming and screen recording.
-Free and open source software for video recording and live streaming.
-Features real-time video/audio capturing, scene composition, en[…](https://awesome-privacy.xyz/creativity/casting-and-streaming/obs-studio "View full OBS Studio report")
- -
- Stats
-
- [](https://github.com/obsproject/obs-studio) [](https://tosdr.org/en/service/4227) [](https://awesome-privacy.xyz/creativity/casting-and-streaming/obs-studio) [](https://github.com/obsproject/obs-studio)ㅤ
-
-
-
-⬆️ [Back to Top]
-
----
-
-### Screenshot Tools
-
-⚠️ This section is still a work in progress ⚠️
Check back soon, or help us complete it by submitting a pull request
-⬆️ [Back to Top]
-
----
-
-### 3D Graphics
-
-- **[
Blender](https://www.blender.org)** - Free desktop 3D creation suite, with a wide range of tools for
-modeling, sculpting, texturing, rigging, animation, rendering, compositing,
-motion tracking, and video editing. It's easily extendable vi[…](https://awesome-privacy.xyz/creativity/3d-graphics/blender "View full Blender report")
- -
- Stats
-
- [](https://github.com/blender/blender) [](https://tosdr.org/en/service/8114) [](https://awesome-privacy.xyz/creativity/3d-graphics/blender) [](https://github.com/blender/blender) ㅤ
-
-
-- **[
Wings3D](https://wings3d.com)** - A simple and easy-to-use subdivision 3D modeler
-with AutoUV facility for unfolding a models surface for painting/texturing.
-Unlike Blender, it has no built-in animation capabilites, and it's feature s[…](https://awesome-privacy.xyz/creativity/3d-graphics/wings3d "View full Wings3D report")
- -
- Stats
-
- [](https://github.com/dgud/wings) [](https://awesome-privacy.xyz/creativity/3d-graphics/wings3d)ㅤ
-
-
-
-⬆️ [Back to Top]
-
----
-
-### Animation
-
-- **[
Aseprite](https://www.aseprite.org/)** - An animated sprite editor & pixel art tool for Windows, macOS and Linux.
- -
- Stats
-
- [](https://github.com/https://github.com/aseprite/aseprite) [](https://awesome-privacy.xyz/creativity/animation/aseprite) [](https://github.com/https://github.com/aseprite/aseprite)ㅤ
-
-
-
-⬆️ [Back to Top]
-
----
@@ -5311,7 +35,7 @@ Many corporations put profit before people, collecting data and exploiting priva
However, that's not all you need to do. It is also important to: use strong and unique passwords, 2-factor authentication,
adopt good networking practices and be mindful of data that are collected when browsing the web. You can see the full
-**[personal security checklist](https://github.com/Lissy93/personal-security-checklist/blob/HEAD/CHECKLIST.md)** for more tips to stay safe.
+**[personal security checklist](https://github.com/Lissy93/personal-security-checklist/blob/HEAD/CHECKLIST.md)** for more tips to stay safe.
### Important Considerations
@@ -5329,14 +53,14 @@ There is often a trade-off between convenience and security. Construct a threat
When using a hosted or managed application that is open-source software - there is often no easy way to tell if the version running is the same as that of the published source code (even published signatures can be faked). There is always the possibility that additional backdoors may have been knowingly or unknowingly implemented in the running instance. One way round this is to self-host software yourself. When self-hosting you will then know for sure which code is running, however you will also be responsible for the managing security of the server, and so may not be recommended for beginners.
**Open Source Software Considerations**
-Open source software has long had a reputation of being more secure than its closed source counterparts. Since bugs are raised transparently, fixed quickly, the code can be checked by experts in the community and there is usually little or no data collection or analytics.
+Open source software has long had a reputation of being more secure than its closed source counterparts. Since bugs are raised transparently, fixed quickly, the code can be checked by experts in the community and there is usually little or no data collection or analytics.
That being said, there is no piece of software that it totally bug free, and hence never truly secure or private. Being open source, is in no way a guarantee that something is safe. There is no shortage of poorly-written, obsolete or sometimes harmful open source projects on the internet. Some open source apps, or a dependency bundled within it are just plain malicious (such as, that time [Colourama was found in the PyPI Repository](https://hackaday.com/2018/10/31/when-good-software-goes-bad-malware-in-open-source/))
**Proprietary Software Considerations**
When using a hosted or proprietary solution - always check the privacy policy, research the reputation of the organisation, and be weary about which data you trust them with. It may be best to choose open source software for security-critical situations, where possible.
**Maintenance**
-When selecting a new application, ensure it is still being regularly maintained, as this will allow for recently discovered security issues to be addressed. Software in an alpha or beta phase, may be buggy and lacking in features, but more importantly - it could have critical vulnerabilities open to exploit. Similarly, applications that are no longer being actively maintained may pose a security risk, due to lack of patching. When using a forked application, or software that is based on an upstream code base, be aware that it may receive security-critical patches and updates at a slightly later date than the original application.
+When selecting a new application, ensure it is still being regularly maintained, as this will allow for recently discovered security issues to be addressed. Software in an alpha or beta phase, may be buggy and lacking in features, but more importantly - it could have critical vulnerabilities open to exploit. Similarly, applications that are no longer being actively maintained may pose a security risk, due to lack of patching. When using a forked application, or software that is based on an upstream code base, be aware that it may receive security-critical patches and updates at a slightly later date than the original application.
**This List: Disclaimer**
This list contains packages that range from entry-level to advanced, a lot of the software here will not be appropriate for all audiences. It is in no way a definitive list of secure applications, and aims only to be a guide, a collection of software and services that myself and other contributors have used, and would recommend. There will always be new vulnerabilities discovered or introduced, bugs and security-critical glitches, malicious actors and poorly configured systems. It is up to you to do your research, draw up a threat model, and decide where and how your data are managed.
@@ -5398,7 +122,7 @@ Alternatively, you can fork the repo and import it into either Vercel or Netlify
## Contributing
We welcome suggestions, additions, edits and removals to the list.
-It's thanks to contributors like you that this project is possible 💜
+It's thanks to contributors like you that this project is possible 💜
All data is stored in [`awesome-privacy.yml`](https://github.com/Lissy93/awesome-privacy/blob/main/awesome-privacy.yml).
If you're adding, editing or removing a listing - **this is the only file you need to edit**.
@@ -5406,7 +130,7 @@ If you're adding, editing or removing a listing - **this is the only file you ne
Please familiarise yourself with the [Contributing Guidelines](https://github.com/Lissy93/awesome-privacy/blob/main/.github/CONTRIBUTING.md) before submiting your pull request, as we have some guidelines that **must be followed** to ensure your PR can be accepted.
If you're new to open source, you can find some resources to get you started at [git-in.to](https://git-in.to),
-but feel free to reach out if you need any help 😊
+but feel free to reach out if you need any help 😊
---
@@ -5427,356 +151,17 @@ or self-host your own, with the source of the [`api/`](https://github.com/Lissy9
### Sponsors
Huge thanks to the following sponsors, for their ongoing support 💖
-
-
-
-
+[](https://github.com/sponsors/Lissy93)
### Contributors
This project exists thanks to all the people who've helped build and maintain it 🌟
-
-
-
+[](https://github.com/Lissy93/awesome-privacy/graphs/contributors)
+
+### And, of course our Stargazers, forkers and followers!
+[](https://github.com/Lissy93/awesome-privacy/stargazers)
+[](https://github.com/Lissy93/awesome-privacy/forks)
+[](https://github.com/Lissy93?tab=followers)
---
@@ -5784,7 +169,7 @@ This project exists thanks to all the people who've helped build and maintain it
> _**[Lissy93/Awesome-Privacy/web](https://github.com/Lissy93/awesome-privacy/tree/main/web)** is licensed under [MIT](https://gist.github.com/Lissy93/143d2ee01ccc5c052a17)_
> _**[awesome-privacy.yml](https://github.com/Lissy93/awesome-privacy/blob/main/awesome-privacy.yml)** is licensed under [CC0-1.0 license](https://github.com/Lissy93/awesome-privacy/blob/HEAD/LICENSE)_
-> _Copyright © Alicia Sykes <[aliciasykes.com](https://aliciasykes.com)> 2024._
+> _Copyright © Alicia Sykes <[aliciasykes.com](https://aliciasykes.com)> 2026._
> For information, see TLDR Legal > MIT
@@ -5792,16 +177,16 @@ This project exists thanks to all the people who've helped build and maintain it
```
The MIT License (MIT)
-Copyright (c) Alicia Sykes
+Copyright (c) Alicia Sykes
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sub-license, and/or sell
-copies of the Software, and to permit persons to whom the Software is furnished
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sub-license, and/or sell
+copies of the Software, and to permit persons to whom the Software is furnished
to do so, subject to the following conditions:
-The above copyright notice and this permission notice shall be included install
+The above copyright notice and this permission notice shall be included install
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED,
@@ -5816,15 +201,15 @@ SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
- © Alicia Sykes 2024
+ © Alicia Sykes 2026
Licensed under MIT &
CC0-1.0
-
+
Thanks for visiting :)
-\nHello @{user}\n",
@@ -59,7 +97,7 @@ def format_comment(findings, user, changes_summary, run_id):
f"But a human will review your submission shortly!"
)
else:
- parts.append("> ✅ All our automated checks have passed.")
+ parts.append("> \u2705 All our automated checks have passed.")
if changes_summary:
parts.append(
@@ -67,6 +105,12 @@ def format_comment(findings, user, changes_summary, run_id):
f"{changes_summary}\n "
)
+ if repo_stats:
+ parts.append(
+ f"Submission Info
\n\n"
+ f"{repo_stats}\n "
+ )
+
if run_id:
parts.append(
f'For full details, please see workflow run '
@@ -76,18 +120,80 @@ def format_comment(findings, user, changes_summary, run_id):
return "\n\n".join(parts) + "\n"
-def write_step_summary(findings):
- """Write a summary to GITHUB_STEP_SUMMARY."""
+def write_step_summary(errors, warnings, user, pr_number, run_id, changes_summary,
+ repo_stats=None):
+ """Write a structured summary to GITHUB_STEP_SUMMARY."""
summary_file = os.environ.get("GITHUB_STEP_SUMMARY")
if not summary_file:
return
- lines = ["## PR Check Summary\n"]
- if findings:
- lines.append(f"⚠️ Found {len(findings)} issue(s):\n")
- for f in findings:
- lines.append(f"- {f}")
+
+ lines = ["## Status Check Results\n"]
+
+ # Summary sentence
+ ne, nw = len(errors), len(warnings)
+ lines.append("### Summary\n")
+ if ne and nw:
+ lines.append(
+ f"There are {ne} error(s) which must be resolved before this PR can be"
+ f" reviewed, as well as {nw} warning(s) which need to be addressed or"
+ f" justified.\n"
+ )
+ elif ne:
+ lines.append(
+ f"There are {ne} error(s) which must be resolved before this PR can be"
+ f" reviewed.\n"
+ )
+ elif nw:
+ lines.append(
+ f"There were no errors but {nw} warning(s) which need to be addressed"
+ f" or justified before the PR can be merged.\n"
+ )
else:
- lines.append("✅ All checks passed.\n")
+ lines.append(
+ "All checks are passing, with no errors and no warnings \U0001f389\n"
+ "A maintainer has been notified, and will review the submission shortly.\n"
+ )
+
+ # Errors
+ lines.append("### Errors\n")
+ if errors:
+ for e in errors:
+ lines.append(f"- \U0001f534 {e}")
+ else:
+ lines.append("\u2705 None")
+ lines.append("")
+
+ # Warnings
+ lines.append("### Warnings\n")
+ if warnings:
+ for w in warnings:
+ lines.append(f"- \U0001f7e1 {w}")
+ else:
+ lines.append("\u2705 None")
+ lines.append("")
+
+ # Meta Info
+ lines.append("### Meta Info\n")
+ now = datetime.now(timezone.utc)
+ timestamp = now.strftime("%H:%M UTC on %d %b %Y")
+ if pr_number:
+ lines.append(
+ f"This workflow run was triggered at {timestamp}"
+ f" for PR #{pr_number} which was opened by @{user}\n"
+ )
+ else:
+ lines.append(
+ f"This workflow run was triggered at {timestamp} by @{user}\n"
+ )
+
+ if changes_summary:
+ lines.append("The PR introduces the following changes:\n")
+ lines.append(f"{changes_summary}\n")
+
+ if repo_stats:
+ lines.append("#### Submission Info\n")
+ lines.append(f"{repo_stats}\n")
+
with open(summary_file, "a") as f:
f.write("\n".join(lines) + "\n")
@@ -107,13 +213,17 @@ def main():
with open(os.path.join(OUTPUT_DIR, "run-id.txt"), "w") as f:
f.write(run_id)
- findings = collect_findings()
+ errors, warnings = collect_findings()
+ all_findings = errors + warnings
with open(os.path.join(OUTPUT_DIR, "findings-count.txt"), "w") as f:
- f.write(str(len(findings)))
+ f.write(str(len(all_findings)))
changes_summary = load_diff_summary()
- write_step_summary(findings)
+ changes_bullets = _extract_changes_bullets(changes_summary)
+ repo_stats = load_repo_stats()
+ write_step_summary(errors, warnings, user, pr_number, run_id, changes_bullets,
+ repo_stats)
- comment = format_comment(findings, user, changes_summary, run_id)
+ comment = format_comment(all_findings, user, changes_summary, run_id, repo_stats)
with open(os.path.join(OUTPUT_DIR, "comment.md"), "w") as f:
f.write(comment)
except Exception:
diff --git a/lib/checks/make-info-stats.py b/lib/checks/make-info-stats.py
new file mode 100644
index 0000000..dc7839c
--- /dev/null
+++ b/lib/checks/make-info-stats.py
@@ -0,0 +1,639 @@
+"""
+This fetches info about a project/service which is being submitted.
+It's used when a PR is open, to show some additional context.
+
+Everything fetched here, is basically just a sneak peek of
+what will be fetched by the main awesome-privacy.xyz website
+once this submission is deployed. And it uses all the same endpoints.
+It covers (where applicable) the following look ups:
+ - Repo - basic community checks
+ - Website - security sanity checks
+ - Android app - permissions, trackers, meta
+ - iOS app - reviews, and meta info
+ - Privacy policy - overall grade, link (if tosdr)
+
+The output is in markdown, and has some color grading with circle emojis.
+This is not a pass/fail check, and is not required for a PR to get merged.
+It just adds a bit of context, to make reviewing it a tiny bit quicker!
+Excuse the code, it's a bit scrappy! But it's never used in the prod app.
+"""
+
+import argparse
+import json
+import os
+import sys
+from datetime import datetime, timezone
+from urllib.parse import urlparse
+
+import requests
+
+DIFF_PATH = "/tmp/pr-diff.json"
+OUTPUT_PATH = "/tmp/repo-stats.md"
+TIMEOUT = 10
+USER_AGENT = "awesome-privacy-ci/1.0"
+AI_BOT_AUTHORS = [
+ "noreply@anthropic.com",
+ "devin-ai-integration[bot]",
+ "copilot-swe-agent.github.com",
+ "noreply@cursor.com",
+]
+RESTRICTIVE_LICENSES = {
+ "AGPL-3.0-only", "AGPL-3.0-or-later", "SSPL-1.0", "BSL-1.0", "BUSL-1.1",
+}
+
+SITE_INFO_URL = "https://site-info-fetch.as93.workers.dev"
+ANDROID_API_URL = "https://android-app-privacy.as93.net"
+IOS_API_URL = "https://ios-app-info.as93.net"
+TOSDR_API_URL = "https://privacy-policies.as93.workers.dev"
+
+GREEN, ORANGE, RED, BLUE, WHITE = "\U0001f7e2", "\U0001f7e0", "\U0001f534", "\U0001f535", "\u26aa"
+
+
+def _api_get(url, params=None, timeout=TIMEOUT, headers=None):
+ """GET a URL, return parsed JSON on 200, else None."""
+ hdrs = {"User-Agent": USER_AGENT}
+ if headers:
+ hdrs.update(headers)
+ try:
+ resp = requests.get(url, headers=hdrs, timeout=timeout, params=params)
+ if resp.status_code == 200:
+ return resp.json()
+ except Exception as e:
+ print(f"Fetch failed for {url}: {e}", file=sys.stderr)
+ return None
+
+
+def relative_time(iso_str):
+ """Convert ISO timestamp to human-readable relative time, or None."""
+ if not iso_str:
+ return None
+ try:
+ dt = datetime.fromisoformat(str(iso_str).replace("Z", "+00:00"))
+ days = (datetime.now(timezone.utc) - dt).days
+ if days < 1:
+ return "today"
+ if days < 7:
+ return f"{days} day{'s' if days != 1 else ''}"
+ if days < 30:
+ w = days // 7
+ return f"{w} week{'s' if w != 1 else ''}"
+ if days < 365:
+ m = days // 30
+ return f"{m} month{'s' if m != 1 else ''}"
+ y, rm = days // 365, (days % 365) // 30
+ s = f"{y} year{'s' if y != 1 else ''}"
+ return f"{s}, {rm} month{'s' if rm != 1 else ''}" if rm else s
+ except Exception:
+ return None
+
+
+def _days_since(iso_str):
+ """Return number of days since an ISO timestamp, or None."""
+ if not iso_str:
+ return None
+ try:
+ dt = datetime.fromisoformat(iso_str.replace("Z", "+00:00"))
+ return (datetime.now(timezone.utc) - dt).days
+ except Exception:
+ return None
+
+
+def _friendly_date(iso_str):
+ """Return relative time string with 'ago' suffix, falling back to raw string."""
+ if not iso_str:
+ return None
+ rt = relative_time(iso_str)
+ if rt is None:
+ return str(iso_str)
+ return rt if rt == "today" else f"{rt} ago"
+
+
+def _format_bytes(n):
+ """Format bytes to human-readable size."""
+ try:
+ n = int(n)
+ except (TypeError, ValueError):
+ return None
+ for unit, threshold in [("GB", 1e9), ("MB", 1e6), ("KB", 1e3)]:
+ if n >= threshold:
+ return f"{n / threshold:.1f} {unit}"
+ return f"{n} B"
+
+
+def _info_or_unknown(label, value):
+ """Return a blue info stat, or white Unknown if value is falsy."""
+ return (BLUE, label, value) if value else (WHITE, label, "Unknown")
+
+
+def format_markdown(stats):
+ """Format graded stats as markdown bullet list."""
+ return "\n".join(f"- {emoji} **{label}:** {value}" for emoji, label, value in stats)
+
+
+def parse_github_field(value):
+ """Parse 'owner/repo' or full URL into (owner, repo) or (None, None)."""
+ if not value:
+ return None, None
+ if value.startswith("https://github.com/"):
+ parts = value.removeprefix("https://github.com/").strip("/").split("/")
+ if len(parts) >= 2:
+ return parts[0], parts[1]
+ return None, None
+ if "/" in value:
+ parts = value.split("/")
+ if len(parts) == 2:
+ return parts[0], parts[1]
+ return None, None
+
+
+def gh_get(path, token, params=None):
+ """GET a GitHub API endpoint. Returns JSON on 200, else None."""
+ headers = {"Accept": "application/vnd.github.v3+json"}
+ if token:
+ headers["Authorization"] = f"token {token}"
+ return _api_get(f"https://api.github.com{path}", params=params, headers=headers)
+
+
+def fetch_all_data(owner, repo, token):
+ """Fetch all repo data. Returns dict or None if main repo call fails."""
+ base = gh_get(f"/repos/{owner}/{repo}", token)
+ if not base:
+ return None
+
+ data = {
+ "license": base.get("license"),
+ "created_at": base.get("created_at"),
+ "pushed_at": base.get("pushed_at"),
+ "stars": base.get("stargazers_count", 0),
+ "fork": base.get("fork", False),
+ "archived": base.get("archived", False),
+ "homepage": base.get("homepage"),
+ "owner": base.get("owner", {}).get("login"),
+ "open_issues_count": base.get("open_issues_count", 0),
+ }
+
+ releases = gh_get(f"/repos/{owner}/{repo}/releases", token, {"per_page": 11})
+ data["release_count"] = len(releases) if releases is not None else None
+
+ contributors = gh_get(
+ f"/repos/{owner}/{repo}/contributors", token, {"per_page": 11, "anon": "true"},
+ )
+ data["contributor_count"] = len(contributors) if contributors is not None else None
+
+ commits = gh_get(f"/repos/{owner}/{repo}/commits", token, {"per_page": 100})
+ if commits is not None:
+ bot_set = {a.lower() for a in AI_BOT_AUTHORS}
+ ai_count = 0
+ for c in commits:
+ author = c.get("commit", {}).get("author", {})
+ email = (author.get("email") or "").lower()
+ name = (author.get("name") or "").lower()
+ if email in bot_set or name in bot_set:
+ ai_count += 1
+ continue
+ message = (c.get("commit", {}).get("message") or "").lower()
+ for line in message.splitlines():
+ if line.strip().startswith("co-authored-by:"):
+ if any(bot in line for bot in bot_set):
+ ai_count += 1
+ break
+ data["commit_count"] = len(commits)
+ data["ai_commit_count"] = ai_count
+ else:
+ data["commit_count"] = None
+ data["ai_commit_count"] = None
+
+ alerts = gh_get(
+ f"/repos/{owner}/{repo}/dependabot/alerts", token,
+ {"state": "open", "severity": "critical,high", "per_page": 1},
+ )
+ data["has_security_alerts"] = bool(alerts) if alerts is not None else None
+
+ languages = gh_get(f"/repos/{owner}/{repo}/languages", token)
+ data["languages"] = list(languages.keys()) if languages is not None else None
+
+ return data
+
+
+def grade_stats(data):
+ """Grade repo stats, returning list of (emoji, label, value_str) tuples."""
+ stats = []
+
+ lic = data.get("license")
+ if not lic:
+ stats.append((RED, "License", "Missing"))
+ else:
+ spdx = lic.get("spdx_id", "")
+ if spdx == "NOASSERTION":
+ stats.append((WHITE, "License", "Unknown"))
+ elif spdx in RESTRICTIVE_LICENSES:
+ stats.append((ORANGE, "License", spdx))
+ else:
+ stats.append((GREEN, "License", lic.get("name") or spdx or "Present"))
+
+ age_days = _days_since(data.get("created_at"))
+ age_str = relative_time(data.get("created_at"))
+ if age_days is None:
+ stats.append((WHITE, "Repo Age", "Unknown"))
+ elif age_days >= 730:
+ stats.append((GREEN, "Repo Age", age_str))
+ elif age_days >= 180:
+ stats.append((ORANGE, "Repo Age", age_str))
+ else:
+ stats.append((RED, "Repo Age", age_str))
+
+ updated_days = _days_since(data.get("pushed_at"))
+ updated_str = _friendly_date(data.get("pushed_at"))
+ if updated_days is None:
+ stats.append((WHITE, "Last Updated", "Unknown"))
+ elif updated_days <= 7:
+ stats.append((GREEN, "Last Updated", updated_str))
+ elif updated_days <= 56:
+ stats.append((ORANGE, "Last Updated", updated_str))
+ else:
+ stats.append((RED, "Last Updated", updated_str))
+
+ rc = data.get("release_count")
+ if rc is None:
+ stats.append((WHITE, "Releases", "Unknown"))
+ elif rc >= 10:
+ stats.append((GREEN, "Releases", f"{rc}+" if rc >= 11 else str(rc)))
+ elif rc >= 1:
+ stats.append((ORANGE, "Releases", str(rc)))
+ else:
+ stats.append((RED, "Releases", "0"))
+
+ stars = data.get("stars")
+ if stars is None:
+ stats.append((WHITE, "Stars", "Unknown"))
+ elif stars >= 1000:
+ stats.append((GREEN, "Stars", f"{stars:,}"))
+ elif stars >= 100:
+ stats.append((ORANGE, "Stars", f"{stars:,}"))
+ else:
+ stats.append((RED, "Stars", f"{stars:,}"))
+
+ cc = data.get("contributor_count")
+ if cc is None:
+ stats.append((WHITE, "Contributors", "Unknown"))
+ elif cc >= 10:
+ stats.append((GREEN, "Contributors", f"{cc}+" if cc >= 11 else str(cc)))
+ elif cc >= 3:
+ stats.append((ORANGE, "Contributors", str(cc)))
+ else:
+ stats.append((RED, "Contributors", str(cc)))
+
+ fork = data.get("fork")
+ if fork is None:
+ stats.append((WHITE, "Is Fork", "Unknown"))
+ else:
+ stats.append((ORANGE if fork else GREEN, "Is Fork", "Yes" if fork else "No"))
+
+ archived = data.get("archived")
+ if archived is None:
+ stats.append((WHITE, "Is Archived", "Unknown"))
+ else:
+ stats.append((RED if archived else GREEN, "Is Archived", "Yes" if archived else "No"))
+
+ alerts = data.get("has_security_alerts")
+ if alerts is None:
+ stats.append((WHITE, "Security Alerts", "Unknown"))
+ elif alerts:
+ stats.append((RED, "Security Alerts", "Open critical/high alerts"))
+ else:
+ stats.append((GREEN, "Security Alerts", "None"))
+
+ ai = data.get("ai_commit_count")
+ if ai is None:
+ stats.append((WHITE, "Vibe Coded", "Unknown"))
+ elif ai >= 20:
+ stats.append((RED, "Vibe Coded", f"{ai} AI commits"))
+ elif ai >= 1:
+ stats.append((ORANGE, "Vibe Coded", f"{ai} AI commit{'s' if ai != 1 else ''}"))
+ else:
+ stats.append((GREEN, "Vibe Coded", "0 AI commits"))
+
+ commit_count = data.get("commit_count")
+ if commit_count is None:
+ stats.append((WHITE, "Commits", "Unknown"))
+ else:
+ stats.append((BLUE, "Commits", f"{commit_count:,}+" if commit_count >= 100 else f"{commit_count:,}"))
+
+ issues = data.get("open_issues_count")
+ stats.append((BLUE, "Open Issues", f"{issues:,}") if issues is not None else (WHITE, "Open Issues", "Unknown"))
+
+ stats.append(_info_or_unknown("Website", data.get("homepage")))
+ stats.append(_info_or_unknown("Author", data.get("owner")))
+
+ langs = data.get("languages")
+ stats.append(_info_or_unknown("Languages", ", ".join(langs) if langs else None))
+
+ return stats
+
+
+def fetch_website_data(url):
+ """Fetch site info from the worker API."""
+ return _api_get(SITE_INFO_URL, params={"url": url}, timeout=15)
+
+
+def check_security_txt(url):
+ """Check for a valid security.txt. Returns True/False/None on error."""
+ parsed = urlparse(url)
+ base = f"{parsed.scheme}://{parsed.netloc}"
+ for path in ("/.well-known/security.txt", "/security.txt"):
+ try:
+ resp = requests.get(
+ base + path, headers={"User-Agent": USER_AGENT},
+ timeout=TIMEOUT, allow_redirects=True,
+ )
+ if resp.status_code == 200 and "contact:" in resp.text.lower():
+ return True
+ except Exception:
+ continue
+ try:
+ requests.head(base, headers={"User-Agent": USER_AGENT}, timeout=TIMEOUT)
+ return False
+ except Exception:
+ return None
+
+
+def _header_present(data, key):
+ """Check if a response header is present. Returns GREEN/RED/WHITE tuple helper."""
+ if not data:
+ return WHITE
+ val = data.get("response_headers", {}).get(key)
+ if key == "content_security_policy" and not val:
+ val = data.get("response_headers", {}).get("content_security_policy_report_only")
+ return GREEN if val else RED
+
+
+def grade_website_stats(data, url, has_security_txt):
+ """Grade website stats."""
+ stats = []
+
+ code = data.get("response_headers", {}).get("code") if data else None
+ if code is None:
+ stats.append((WHITE, "Status", "Unknown"))
+ elif 200 <= code < 300:
+ stats.append((GREEN, "Status", str(code)))
+ elif 300 <= code < 400:
+ stats.append((ORANGE, "Status", str(code)))
+ else:
+ stats.append((RED, "Status", str(code)))
+
+ stats.append((GREEN, "HTTPS", "Yes") if url.startswith("https://") else (RED, "HTTPS", "No"))
+
+ bl = data.get("domain_blacklist", {}) if data else {}
+ detections = bl.get("detections") if isinstance(bl, dict) else None
+ if detections is None:
+ stats.append((WHITE, "Blacklist", "Unknown"))
+ elif detections == 0:
+ stats.append((GREEN, "Blacklist", "Not listed"))
+ else:
+ stats.append((RED, "Blacklist", f"{detections} detection(s)"))
+
+ redir = data.get("redirection", {}) if data else {}
+ if not isinstance(redir, dict):
+ redir = {}
+ found, external = redir.get("found"), redir.get("external")
+ if found is None:
+ stats.append((WHITE, "Redirect", "Unknown"))
+ elif not found:
+ stats.append((GREEN, "Redirect", "None"))
+ elif external:
+ stats.append((RED, "Redirect", "External redirect"))
+ else:
+ stats.append((ORANGE, "Redirect", "Internal redirect"))
+
+ risk_data = data.get("risk_score", {}) if data else {}
+ risk = risk_data.get("result") if isinstance(risk_data, dict) else None
+ if risk is None:
+ stats.append((WHITE, "Risk Score", "Unknown"))
+ elif risk == 0:
+ stats.append((GREEN, "Risk Score", "0"))
+ elif risk <= 5:
+ stats.append((ORANGE, "Risk Score", str(risk)))
+ else:
+ stats.append((RED, "Risk Score", str(risk)))
+
+ for key, label in [("strict_transport_security", "HSTS"),
+ ("content_security_policy", "CSP"),
+ ("x_frame_options", "X-Frame-Options")]:
+ emoji = _header_present(data, key)
+ stats.append((emoji, label, "Present" if emoji == GREEN else "Missing" if emoji == RED else "Unknown"))
+
+ if has_security_txt is None:
+ stats.append((WHITE, "Security.txt", "Unknown"))
+ else:
+ stats.append((GREEN if has_security_txt else RED, "Security.txt",
+ "Present" if has_security_txt else "Missing"))
+
+ sd = data.get("server_details", {}) if data else {}
+ if not isinstance(sd, dict):
+ sd = {}
+ server_parts = [v for k in ("ip", "country", "asn") if (v := sd.get(k))]
+ stats.append(_info_or_unknown("Server", ", ".join(server_parts) if server_parts else None))
+
+ loc_parts = [v for k in ("city_name", "region_name", "country_name") if (v := sd.get(k))]
+ stats.append(_info_or_unknown("Server Location", ", ".join(loc_parts) if loc_parts else None))
+
+ title = None
+ if data and isinstance(data.get("web_page"), dict):
+ title = data["web_page"].get("title")
+ stats.append(_info_or_unknown("Title", title))
+
+ return stats
+
+
+def fetch_android_data(package_id):
+ """Fetch Android app privacy data."""
+ package_id = package_id.split("id=")[-1] if "id=" in package_id else package_id
+ data = _api_get(f"{ANDROID_API_URL}/{package_id}")
+ return data if data and not data.get("error") else None
+
+
+def grade_android_stats(data):
+ """Grade Android app stats."""
+ stats = []
+
+ trackers = data.get("trackers")
+ if trackers is None:
+ stats.append((WHITE, "Trackers", "Unknown"))
+ else:
+ n = len(trackers)
+ stats.append((GREEN if n == 0 else ORANGE if n <= 2 else RED, "Trackers", str(n)))
+
+ perms = data.get("permissions")
+ if perms is None:
+ stats.append((WHITE, "Permissions", "Unknown"))
+ else:
+ n = len(perms)
+ stats.append((GREEN if n <= 2 else ORANGE if n <= 10 else RED, "Permissions", str(n)))
+
+ stats.append(_info_or_unknown("Downloads", data.get("downloads")))
+ stats.append(_info_or_unknown("Created", _friendly_date(data.get("created"))))
+ stats.append(_info_or_unknown("Last Updated", _friendly_date(data.get("updated"))))
+
+ return stats
+
+
+def fetch_ios_data(app_url):
+ """Fetch iOS app info."""
+ return _api_get(IOS_API_URL, params={"appStoreUrl": app_url})
+
+
+def grade_ios_stats(data):
+ """Grade iOS app stats."""
+ stats = []
+
+ rating = data.get("averageUserRating")
+ if rating is None:
+ stats.append((WHITE, "Rating", "Unknown"))
+ else:
+ stats.append((GREEN if rating >= 4.5 else ORANGE if rating >= 3.5 else RED,
+ "Rating", f"{rating:.1f} / 5"))
+
+ stats.append(_info_or_unknown("Created", _friendly_date(data.get("releaseDate"))))
+ stats.append(_info_or_unknown("Last Updated", _friendly_date(data.get("currentVersionReleaseDate"))))
+ stats.append(_info_or_unknown("Size", _format_bytes(data.get("fileSizeBytes"))))
+
+ return stats
+
+
+def fetch_tosdr_data(service_id):
+ """Fetch ToS;DR privacy policy data."""
+ return _api_get(f"{TOSDR_API_URL}/{service_id}")
+
+
+def grade_tosdr_stats(data):
+ """Grade ToS;DR privacy policy stats."""
+ stats = []
+ params = data.get("parameters") or {}
+
+ rating = params.get("rating")
+ if not rating:
+ stats.append((WHITE, "Score", "Unknown"))
+ else:
+ r = str(rating).upper()
+ stats.append((GREEN if r == "A" else ORANGE if r in ("B", "C") else RED,
+ "Score", f"Grade {r}"))
+
+ doc_url = None
+ docs = params.get("documents")
+ if docs and isinstance(docs, list) and isinstance(docs[0], dict):
+ doc_url = docs[0].get("url")
+ stats.append(_info_or_unknown("Privacy Policy", doc_url))
+
+ return stats
+
+
+def _resolve_args(argv):
+ """Return dict with keys: owner, repo, url, android, ios, tosdr. All optional."""
+ parser = argparse.ArgumentParser(description="Generate submission info stats")
+ parser.add_argument("--repo", default=None, help="owner/repo")
+ parser.add_argument("--url", default=None, help="Website URL to check")
+ parser.add_argument("--android", default=None, help="Android package ID")
+ parser.add_argument("--ios", default=None, help="iOS App Store URL")
+ parser.add_argument("--tosdr", default=None, help="ToS;DR service ID")
+ args = parser.parse_args(argv[1:])
+
+ result = {"owner": None, "repo": None, "url": args.url,
+ "android": args.android, "ios": args.ios, "tosdr": args.tosdr}
+
+ if any(vars(args).values()):
+ if args.repo:
+ owner, repo = parse_github_field(args.repo)
+ if not owner:
+ print(f"Invalid repo format: {args.repo}", file=sys.stderr)
+ sys.exit(1)
+ result["owner"], result["repo"] = owner, repo
+ return result
+
+ # CI mode: extract from diff file
+ try:
+ with open(DIFF_PATH) as f:
+ diff = json.load(f)
+ except Exception:
+ print("No arguments and no diff file found", file=sys.stderr)
+ sys.exit(0)
+
+ field_map = {"github": "owner", "url": "url", "androidApp": "android",
+ "iosApp": "ios", "tosdrId": "tosdr"}
+ for svc in diff.get("services", {}).get("added", []):
+ fields = svc.get("fields", {})
+ for yaml_key, result_key in field_map.items():
+ if not result.get(result_key) and fields.get(yaml_key):
+ if yaml_key == "github":
+ result["owner"], result["repo"] = parse_github_field(fields[yaml_key])
+ else:
+ result[result_key] = str(fields[yaml_key])
+ break # only first added service
+
+ if not any(result.values()):
+ print("No checkable fields found in diff", file=sys.stderr)
+ sys.exit(0)
+
+ return result
+
+
+def main():
+ try:
+ args = _resolve_args(sys.argv)
+ cli_mode = len(sys.argv) > 1
+ sections = []
+
+ if args["owner"] and args["repo"]:
+ token = os.environ.get("GITHUB_TOKEN", "")
+ data = fetch_all_data(args["owner"], args["repo"], token)
+ if data:
+ sections.append(("Repo Stats", format_markdown(grade_stats(data))))
+ else:
+ print(f"Failed to fetch repo data for {args['owner']}/{args['repo']}", file=sys.stderr)
+
+ if args["url"]:
+ site_data = fetch_website_data(args["url"])
+ has_sec_txt = check_security_txt(args["url"])
+ if site_data or has_sec_txt is not None:
+ sections.append(("Website Checks",
+ format_markdown(grade_website_stats(site_data, args["url"], has_sec_txt))))
+
+ if args["android"]:
+ data = fetch_android_data(args["android"])
+ if data:
+ sections.append(("Android App", format_markdown(grade_android_stats(data))))
+
+ if args["ios"]:
+ data = fetch_ios_data(args["ios"])
+ if data:
+ sections.append(("iOS App", format_markdown(grade_ios_stats(data))))
+
+ if args["tosdr"]:
+ data = fetch_tosdr_data(args["tosdr"])
+ if data:
+ sections.append(("Privacy Policy", format_markdown(grade_tosdr_stats(data))))
+
+ if not sections:
+ sys.exit(0)
+
+ md_parts = []
+ for heading, body in sections:
+ md_parts.append(f"#### {heading}\n{body}")
+ md = "\n\n".join(md_parts)
+
+ md += "\n\nThe above data does not determine a submissions eligibility. Human review is still needed.\n"
+ md += "Key: 🟢 = good. 🟠 = warning. 🔴 = attention required. 🔵 = info. ⚪ = unknown. \n\n"
+
+ if cli_mode:
+ print(md)
+ else:
+ with open(OUTPUT_PATH, "w") as f:
+ f.write(md + "\n")
+ print(f"Stats written to {OUTPUT_PATH}")
+ except Exception as e:
+ print(f"make-info-stats failed: {e}", file=sys.stderr)
+
+ sys.exit(0)
+
+
+if __name__ == "__main__":
+ main()