Private Search Engines
Search engines like Google, Bing, and Yahoo record your web searches and link your web searches together.
The Solution: Use a non-tracking search engine like Neeva.
Private Web Browsers
The Problem: Web browsers like Internet Explorer, Google Chrome, and Safari are not privacy-friendly.
The Solution: Use a secure, open-source web browser like Firefox or Brave.
If you want to browse anonymously, you can use the Tor Browser Bundle. It is a free application available for Windows, Macs, and Linux. See my article on Tor for more details.
Private Email
The Problem: Gmail, MS Outlook, and Yahoo Mail automatically scan your email.
The Solution: Use FastMail
You can use an independent email service like FastMail. Based in Australia, the service has been running for 15 years, and they have a good privacy policy regarding email storage. Their prices start at $10 per year. Fastmail is designed for email privacy, not email anonymity. The company states:
- we use encrypted SMTP for sending your mail when the receiving server supports it
- we mandate encrypted access for webmail, IMAP, and POP
- we use Perfect Forward Secrecy where possible for all encrypted connections
- we encrypt all email while at rest on our servers
- we encrypt communications between our data centers
Private Cloud Storage
An easy, private cloud option is to use pCloud and get the encryption account add-on.
For a business, Tresorit is an encrypted cloud storage provider based in Switzerland. See this article for more information.
Virtual Private Networks (VPNs)
The Problem: Your ISP and other organizations can monitor your online activities.
The Solution: Use a virtual private network (VPN) service like ExpressVPN. ExpressVPN is a virtual private network (VPN) service that is fast and reliable. It’s my top pick for a VPN (see more details here). Prices are $58 per year or $9 per month.
Private Instant Messaging
The Problem: Your text messages are not encrypted and may be recorded.
The Solution: Use Wire instead — a private messaging application.
Password Managers
Password managers allow you to create strong, unique passwords for all your website accounts. They can also automatically log you into websites, thus preventing key-logging (attempts to capture your keystrokes and hence your passwords).
Bitwarden is an excellent open-source password manager.
Privacy-Friendly Operating Systems
I recommend the Linux operating system. This free OS has many useful privacy features and applications. If you’ve never used Linux before, I recommend using the Elementary OS distribution. It was designed to replicate features found in Windows and OS X. Linux distributions are maintained by technical users worldwide, so they tend to be less vulnerable to malware. Privacy-Friendly Mobile Devices
Other Information Sources
- Prism Break provides a well-researched list of software to help you opt out of surveillance.
- AlternativeTo provides lists of software that can replace existing software with better, more open substitutes. This well-organized site allows people to vote on software choices.
- The Best Self-Hosted Alternatives provides a list of cloud software that you can run yourself
- The book Data and Goliath (by Bruce Schneier) provides a great overview of the companies and organizations tracking you.
Firefox is a pretty good solution. I use it together with the DNS solution by CloudFlare. My set is FireFox + DNS Cloudflare + LastPass
Mozilla have great addons and privacy policy, Duck&Go is good one but it isn’t popular one and that cause some loses, then yandx is not for me but well, they have pretty good translator
Mozzila is the most user friendly one and then duck and go alongside yandex works fine for me
Tresorit features end to end encryption. What about Amazon’s storage offering? I thought it had end to end encryption as well.
A friend of mine is working for a company you might be interested in (hardware for crypto): https://www.crypto4a.com/
They are still a startup, but they have designs for chips which you deploy a CA on and if anyone opens them, X-rays them, tries to scan them in some other ways, will zeroize the contents. They are working on a universal cybersecurity platform.
Said friend uses Amazon for cloud storage but pointed out you can’t be sure if they are actually safely encrypting your data (and that’s not unique to Amazon, it’ll be true just about with any service) so you provide them with a well-encrypted blob to store and you dencrypt it locally once you get it back to your machine if you really want a higher grade of security. It’s nice that Amazon or Tresorit would encrypt your data, but you still have to consider the possibility they aren’t doing what they say (or aren’t doing it well) and the best security is thus encrypting your data before uploading yourself (with lots of entropy).
Crypto4a sounds interesting, I will check it out.
Amazon offering is not designed to be a syncing cloud storage service for personal use. Amazon Cloud Drive is their consumer product and doesn’t have client-side encryption.
In regards to trusting that Tresorit doesn’t have any backdoors — this is a common question about encrypted services. The answer is basically that ultimately you do have the trust the company to some extent. If trust that Tresorit doesn’t have any backdoors, then your data is safe they have no way to access to you data. Tresorit ha a reputation — their software is used by thousands of individuals and businesses. If they did anything questionable or risky they would be out of business. Here is an article were they address this issue to some extent: https://tresorit.com/blog/we-care-about-your-privacy-you-should-too/
For an added layer of security, you can encrypt your own files (with open-source software before). You would not have to trust a cloud storage provider in this case.
I appreciate your efforts in preparing this post. I really like your blog articles. Well thanks for posting such an outstanding idea. I like this blog & I like the topic and thinking of making it right.
the prices for ThinkPenguin notebooks are between 700-900 us dollars before tax and the desktops are 500 u.s dollars before tax. does that seem pricey just to be sure Linux is installed on your computer?
You are not paying that much to have Linux installed, you are paying for the machine itself.
For me duck and go can surpass google in future. The quality of the results is at a really high level, and for that they care about privacy. I wonder how it will be in the future but for the time being they manage.
Do you have any good suggestion for storing the contacts on the android phone and on the mac?
Duck and Go is definetly the best browser, they need some improvments and better index but i really recomend it to everyone!
http://freegamesonsteam.com
really good article covering all the bases. I think the use of Linux solves so many threats that are tied to Windows and it is a constant arms race trying to keep windows secure.
Thanks for this info!
For password management, I like roboform password manager possibly with the relevant browser add-on to connect it to the browser. I use it for managing my website’s password at: https://savvycomsoftware.com/
I like the idea of the Tails OS but am not overly fond of its UI. Instead, could running elementary on a Live USB achieve close to the same?
Hi, what about protonmail?
That’s another good private email service.
Why do you prefer FastMail and Kolab over Proton in some of your other articles? What do you see as the pros/cons / advantages/disadvantages? Great site! Thanks for openly sharing all your knowledge, research and recommendations!
I still recommend all three.
I recommend Fastmail as a reliable (non-encrypted) email provider.
Protonmail is a reliable encrypted email provider. They just started supporting Bitcoin as a payment option.
Kolab is a more business-oriented solution — it is a combination of an encrypted email and an encrypted cloud service.
Hope this helps.
the prices for ThinkPenguin notebooks are between 700-900 us dollars before tax and the desktops are 500 u.s dollars before tax. does that seem pricey just to be sure Linux is installed on your computer?
Installing Linux is difficult for many people, so it might be worth it for the convenience. Perhaps someone can let me know of Linux vendor with better prices?
‘Blur’ has many of the functions that are recommended on this site. Any comments on this operation?
I used to recommend Blur, but I found that their products often didn’t work correctly, and their customer service was awful.
really good article covering all the bases. I think the use of Linux solves so many threats that are tied to Windows and it is a constant arms race trying to keep windows secure.
Keypass link is broken. Is there an update?
Sorry, this link has been fixed: http://keepass.info/
I discovered GREYCODER about a month ago and I definitely appreciate all the research and thought that has been expended on a great many privacy and security topics … plus all contributions by many others in the comments! Thank you!
I was wondering is it still worthwhile to use a VPN when I read on endgaget that NSA had special tools to monitor encrypted VPN messages?
It is possible that the NSA has sophisticated de-encryption abilities. If you are concerned about this, I’d advise you to look for providers that offer high levels of encryption, and read up on other methods of obfuscation.
Can you provide a little more background on the comment about SPider Oak’s apps being problematical? Is it the app or the security that is an issue? Also, what is your opinion of CrashPlan? I’ve seen lots of good reviews about it as a backup service. Although it is not zero knowledge like SpiderOak or Seafile, it appears that you can generate an encryption key. Thanks, as always, for your good work!
What’s your opinion of 1Password as compared to LastPass? I haven’t used KeyPass, but one issue I have with LastPass is that it’s not intuitive in terms of ensuring that you are completely logged off when you close the browser window. It took me awhile to figure out how to set it up so that a login was required each time I re-opened the browser and even then it hasn’t been consistent in shutting down the app — which then leads to a security flaw.
I like 1Password but it only recently became available for Windows and Android. I like Keypass but it requires technical knowledge to sync it correct.
Are you using Lastpass with a browser? It shuts down when the browser shuts down.
Thanks for the reply; I’m on a Mac so have used 1Password for almost 10 years and love both the security and the support from the company itself. I like that it has a full featured app for mobile devices — recently my computer AND wireless external backup were stolen (along with all my credit cards) and having 1Password on my mobile was what enabled me to easily contact all the card companies, banks, etc., and get online access to my accounts.
I do use LastPass with Firefox on a friend’s computer where I occasionnally work. My experience has been that, when I reopen the browser, LP is still running, even if it’s been weeks since I accessed it before. Could just be that computer/browser, but I now manually log out each time before I close the browser itself. Apart from that I enjoy LP’s functionality, but feel a bit uncertain about it’s security.
Brilliant as always.
Thanks for this info!
For password management, I like Keepass http://keepass.info/, possibly with the relevant browser add-on to connect it to the browser.
As a mail provider, I recommend Posteo (http://www.posteo.de). It’s a German mail provider (Berlin) that takes privacy (and sustainability) very seriously. Cost: from 1 EUR/month (you can even pay cash).
When I was looking for a new email provider, I checked out Fastmail. One thing that I did not like about the service is that when using Thunderbird, they showed my real IP address (both my private IP address on my network as well as my public IP address) in the header information. For this reason, I would not recommend Fastmail.
Thanks for the feedback. Fastmail is not designed to be an anonymous email provider. I recommend it as a privacy-friendly provider that doesn’t scan you emails.
Nice post, thanks.
There should be a security guides for Windows which we can use and secure ourself
See our article How To Make Windows 10 More Private.