Privacy is a Fundamental Human Right recognized in the United Nations Declaration of Human Rights, the International Covenant on Civil and Political Rights, and in many other international and regional treaties.
Privacy underpins Human Dignity and other key values such as Freedom of Association, Freedom of Press, and Freedom of Speech.
Yet, most people choose convenience over privacy when it comes to their digital lives.
The key is to have a balance of both. With both governments and corporate entities undermining the privacy rights of people around the world, choosing the right privacy tools is as important as ever.
Privacy, Security, Anonymity?
Let’s first settle what Privacy, Security, and Anonymity actually mean as they are often misunderstood.
Privacy allows everyone else in the world to see your life through a selective lens of your choosing.
Privacy means to have the choice to not allow other people to view your bank account information. It means displaying only certain information on your online profile to the public. And it means having curtains on your bedroom windows to conceal your sexual acts from onlookers.
Security is what keeps you safe; Privacy is the idea, security is the thing.
Security means protecting your Stuff from hackers, thieves, Joe sitting next to you at the coffee shop, and even from the Government and Corporations who want a little more data and control.
There is a whole host of things like Encryption, Firewalls, Strong passwords, and Protocols that are used to keep our data compliant with the privacy rules we, or the organizations and services we use, specify.
Anonymity is the concept of not being identifiable as your true self.
Anonymity means protecting your Identity from hackers, thieves, Joe sitting next to you at the coffee shop, and even from the Government and Corporations who want a little more data and control.
It usually has an awful reputation as lots of hackers and online criminals are referred to as being anonymous. But is a very positive thing — like in cases where a teenager living in a conservative society who is questioning their sexuality wants to conceal their online activities until they are ready to come out. Or for a police officer doing undercover work to takedown a child pornography ring. Or for Journalists, Activists, Whistleblowers working in a repressive regime. Check out this page to learn about who uses Tor, a popular browser that protects your anonymity online.
Anonymity isn’t necessarily important for people as in individuals but people as in a collective — to have a truly open democratic system, anonymity grants us free speech, allowing us to question without negative repercussions, and gives us a means by which we have choice.
Alright, enough meta talk, lets get in to the good stuff:
How to Choose Privacy and Security tools?
Finding the best privacy tools can be tricky, especially when there is an affinity of apps like VPNs and Web browsers that have terrible security and privacy practices, but still claim as “private” and “secure”.
Here are a few things that I look for when finding a security and privacy tool, feel free to add your suggestions in comments below:
- Jurisdiction: The place where the company is based affects its privacy and security practices, look for the companies from places that have robust privacy and security laws. Look for “The Fourteen Eyes” and “Key Disclosure Laws”.
- Open Sourceness: I believe that every privacy and security software should be open source as this allows anyone to look around the code to find vulnerabilities and privacy holes independently by experts today and in the future.
Privacy and Security Tools
Here are some best privacy and security tools that I use, and recommend that make privacy just a bit more convenient. Feel free to do your research, and find the tools that suit your needs.
- Web Browsers
- Browser Add-ons
- Search Engines
- Password Managers
- DNS Resolvers
- Virtual Private Networks (VPNs)
- Instant Messaging Apps
- Video Conferencing Apps
- Email Service Providers
- Two-factor Authentication
- Cloud Storage and Syncing
- File Sharing Tools
- File Encryption Tools
- Productivity Tools like Office and Notes
- Firewall and Network Monitoring
- Operating Systems
- Social Media
- More Privacy and Security Tools
- Privacy and Security Tools for Phones
- Additional Resources
- Privacy and Security Tools Summary
You need to have a secure and private web browser as they are the primary way you connect to the Internet.
And, they contain lots of private information like your browsing history, passwords, auto-fill information, etc.
All of that combined with attacks from spyware and malware leaves your browser with a large attack surface.
It’s not recommended using default browsers like Microsoft Edge, Google Chrome, and Safari.
Alternate browser Forks like Water Fox, Pale Moon, Iridium are also not recommended due to severe security and privacy holes.
Here are some of the most secure browsers that respects your privacy:
Firefox is an awesome browser by Mozilla, after some minor modifications and helpful add-ons, you can increase your privacy and security to the next level.
Thanks to its open sourceness and customizability, you can get the perfect state of privacy and security.
Tor Browser is hardened version of Firefox, designed to run on the Tor Network. It’s already modified to provide you extreme privacy and security.
And, since all other Tor Browsers have same configuration, it will help prevent Browser Fingerprinting.
Brave is hands-down the best Chromium-based browser out there.
Both Firefox and Tor browser uses Blink engine which may break some websites like Google Earth, Hangouts, Skype Online, etc.
It blocks all kinds of ads and trackers, and has built-in protection against browser fingerprinting.
As discussed in Firefox privacy and security guide, these add-ons will help you block ads, trackers and defend your privacy:
An efficient and light-weight wide-spectrum blocker which blocks all kinds of ads, trackers and malware sites.
Upgrades HTTP connections to HTTPS wherever it is possible, developed by EFF.
Emulates CDNs locally hence preventing tracking via Content Delivery Networks.
Automatically deletes any tracking cookies that are not needed.
Blocks “Invisible Trackers” by analyzing tracker or ads that violate the principle of user consent, by EFF.
Removes tracking elements from URLs to help protect your privacy when browse through the Internet.
User-Agent Switcher and Manager
Lets you spoof your browser type and operating system, making it harder for websites to track you and deliver distinct content.
Firefox Multi-Account Containers
Lets you isolate your work, shopping or personal browsing without having to clear your history, log in and out, or use multiple browsers.
Lets you filter net request according to source, destination and type, might be an overkill for normal users.
NoScript Security Suite
A Script Blocker that uses “ClearClick Technology” to protect you against XSS, cross-zone DNS rebinding / CSRF attacks, and Clickjacking attempts.
You should switch to a privacy-friendly Search engine, if you are using Google, Bing or Yahoo as not only they store everything you have searched ever.
And, also track you online, so that they can serve you with ads. Here are some of the most private search engines that respects your privacy:
Searx is an open source, privacy-friendly and self-hostable search engine.
It works by aggregating results from other search engines while not storing any personal data.
DuckDuckGo is a privacy-friendly “Search Engine that doesn’t track you” that works by aggregating results from “over 400 sources”.
Qwant is another privacy-respecting search engine based in France, with two key principles: Privacy and Neutrality.
It protects its users freedoms and ensures that the digital ecosystem remains healthy.
Password management is a whole topic in itself. The key is to use strong, different passwords and not store them in your browser.
You should not use your browsers’ built-in password manager. Here are the best password managers that I recommend:
Bitwarden is a freemium, and open source password manager, developed by Kyle Spearrin.
It is among the easiest and safest ways to store all of your logins and passwords and syncing them between all of your devices.
Bitwarden is available across all platforms and the web, you can easily host your own Bitwarden server too.
KeePassXC is a free, open source password manager that unlike Bitwarden, stores all your passwords locally in an encrypted database.
It started as community fork of KeePassX, which itself is a cross-platfrom fork of KeePass.
KeePassXC is feature rich and is available for all devices.
LessPass is a free, open source stateless password manager that unlike both Bitwarden and KeePassXC doesn’t store passwords anywhere, neither in cloud nor locally.
It’s an interesting concept, that computes a unique password using a site, login and a master password.
There is no need to sync anything, and it can be used across all devices.
A DNS Resolver is basically a server that converts domain names of websites into IP addresses.
You should not use default DNS Resolver given by your ISP or Google DNS.
An encrypted and privacy-respecting DNS Resolver will help prevent DNS hijacking, and can block malicious sites, ads, and trackers.
An encrypted DNS Resolver won’t make you anonymous, neither will it hide your internet traffic from your Internet Service Provider.
Here are some best encrypted DNS Resolvers that I recommend:
AdGuard DNS is an encrypted DNS Resolver by AdGuard, an ad-blocking and privacy protection software company.
It uses Anycast network addressing and routing technique, has servers in Cyprus, and lets you filter ads, trackers, malicious domains.
BlahDNS is an encrypted DNS Resolver that started as a hobby by edoo.
It has servers in Finland, Germany, and Japan, and lets you filter ads, trackers, malicious domains.
Cloudflare’s 184.108.40.206 is a fast encrypted DNS Resolver by CDN giant — Cloudflare.
It also uses Anycast network addressing and routing technique, and has servers in US.
There is another version with Malware and Adult Content Blocking. You can set up Cloudflare DNS using their app too.
Virtual Private Networks (VPNs)
Virtual Private Networks (or a VPN) is a no-brainer when it comes to privacy and security online.
It is the easiest and most effective ways to protect your privacy on Internet, and access restricted content.
A VPN will not make you anonymous, neither will it add any additional security to non-HTTPS traffic. Use Tor Browser if you want anonymity.
Here are some of the best VPN services:
ProtonVPN is a freemium VPN service made by the same folks behind ProtonMail.
It is based in Switzerland, and has been in operation since 2016.
They have servers in 44 countries, and have apps for all your devices. Premium plans start at €48/year.
Mullvad is a premium VPN service with a serious focus on transparency and security, they don’t even need you to create an account.
It is based in Sweden, and has been in operation since 2009.
They have servers in 35 Countries, and have apps for all platforms. Mullvad offers one flat rate of €5/month.
Psiphon is a free(-ish) VPN Service designed to support users in countries considered to be “enemies of the Internet”.
It is based in Canada, and has been in operation since 2006. They have servers in about 25 countries, and have apps on all platforms.
I don’t recommend using Psiphon as the speeds are capped at 2 Mbps, and they are not really made for the developed economies.
Instant Messaging Apps
Using unencrypted plain-text messages (SMS) is a security and privacy nightmare.
You should also not trust Instant Messengers like WhatsApp, Viber, WeChat, etc as they aren’t open source.
I recommend using an open source messaging app that is end-to-end encrypted as this protects both the authenticity and confidentiality of the messages as they pass through any devices or servers.
Here are some of the most secure Instant messaging apps that respects your privacy:
Signal is hands-down the best free and open source messaging app that checks pretty much all the boxes.
It uses end-to-end encryption, and doesn’t store any personal information on their servers, and is available on Windows, macOS, Linux, iOS, and Android.
Riot.im is a federated instant messenger based on Matrix protocol, an open source standard for decentralized and secure real-time communication with E2E encryption.
You can also connect to other chat protocols such as IRC or Telegram, thanks to its bridging functionality.
Jami is a free and open source peer-to-peer messaging app that is end-to-end encrypted.
It connects directly to each other without requiring any Servers in between, and is available on all devices.
Video Conferencing Apps
All the Instant Messaging Apps listed above also let you do video calls, but they aren’t suitable to Video Conferencing as they lack features like screen sharing, multiple people, etc.
Here are some of the most secure and private video conferencing apps other than the ones mentioned in instant messaging section:
Jitsi Meet is an open source, encrypted video conferencing app that you can use for free without any account sign ups.
It lets share desktop and presentations and with just a link can invite new members for videoconference. It can be used by downloading the app or directly in a browser.
You can use Jitsi.org servers or can download and install the server software on a Linux-based machine.
Tox is a free and open source peer-to-peer instant-messaging and video-calling protocol that offers end-to-end encryption.
It lets you do video calls, voice calls, screen sharing, file sharing, and transfer easily and securely.
Nextcloud Talk is a premium, open source, encrypted, peer-to-peer video conferencing solution.
It lets you easily share your screen for group chats, webinars and public web meetings.
Email Service Providers
You should always use an encrypted and privacy-friendly email service provider.
It’s also not recommended using free email services like Gmail or Outlook as they rely on your personal data to serve ads.
Here are some secure and privacy-respecting email service providers:
Tutonota is a freemium end-to-end encrypted mail service that encrypts the entire mailbox.
It is based in Germany, and has been in operation since 2011. It’s free plan gives you 1 GB storage, and premium starts at €12/year.
ProtonMail is a popular email service designed for privacy and security by the same folks behind ProtonVPN.
It is based in Switzerland, and has been in operation since 2013. It’s free plan gives you 500 MB storage, and premium starts at €48.00/year.
Soverin is a premium email service with the motto “No data footprint, no carbon footprint”.
It’s private, secure, ad-free, and powered by sustainable energy. It is based in Amsterdam, and pricing starts at €29/year.
Two-Factor authentication is a method of confirming a user’s identity by two different authentication factors — something you know (password) and a second factor, something you have (SMS, push notifications, software or hardware tokens) or something you are (fingerprint, iris, voice).
Don’t choose 2FA via SMS as it is vulnerable to attacks. Always choose App-based 2FA or Hardware-based 2FA.
Here are some of the best two-factor authentication apps:
Authenticator by Matt Rubin is a simple, free, and open source two-factor authentication app for your iOS, that grew out of the abandoned source for Google Authenticator for iOS.
Aegis Authenticator is a free, secure and open source two-factor authentication app for Android to manage your 2-step verification tokens for your online services.
Authy is a popular freemium 2-factor authentication app for both Android and iOS by Twilio. It has lots of great features, but is closed source.
Cloud Storage and Syncing
Nextcloud is a free and open source suite of client-server software for file hosting services on a private server you control. You can host it on home-local computer or on off-premise.
It combines the convenience and ease of use of consumer-grade solutions like Office 365 and Google Drive with the security, privacy and control.
Syncthing is a free and open source peer-to-peer file sync software that is end-to-end encrypted.
It is a great replacement for proprietary sync and cloud services, and is available on Windows, macOS, Linux, and Android.
EteSync is a premium open source, end-to-end encrypted, and privacy-respecting cloud synchronization and backup for your contacts, calendars and tasks.
It is available for all your devices, and pricing starts at $2/month.
Easily share files securely and anonymously with your friends and family with these privacy-respecting services:
OnionShare lets you send files with utmost protection via the Tor Network.
It is open source, there is no limit on file size, and is available on Windows, macOS, and Linux.
Firefox Send is a simple way to send files that uses end-to-end encryption to keep your data secure during transmission.
You can choose when your file link expires, the number of downloads, and add password for an extra layer of security.
File size is limited to 2.5 GB, and is available on the Web and Android.
Tresorit Send is a free and secure way to send up to 5 GB of data confidentially.
It is based in Switzerland, and is available on the Web, Android, and iOS.
You should always encrypt any, and all personal data. Password Protection is not the same as Encryption.
Encrypt your sensitive data using these free, open source, and secure softwares to keep them away from prying eyes.
Veracrypt is a free and open source software for on-the-fly encryption.
You can encrypt the entire disk with pre-boot authentication. It also lets you create a virtual encrypted disk within a file or encrypt a partition.
Veracrypt is a fork of discontinued TrueCrypt project, initially released on 22 June 2013.
It is available on Linux, Windows, macOS, and FreeBSD.
7-Zip is free and open source file archiver that lets you encrypt files using 256-bit AES cypher.
It creates a container called archive that holds the files that can be encrypted and protected with a password, and is available on Windows, Linux, and macOS.
It provides secure file encryption using the AES-256-GCM from WebCryptoAPI in your browser. You can also download it on your Windows, Linux or macOS.
Writing docs, creating spreadsheets, taking notes shouldn’t come with the cost of privacy. Embrace these open source software and get hold of your data:
LibreOffice is a free and open source office suite alternative to Microsoft Office.
It has all the productivity tools you need like word processor, spreadsheet, presentation, etc, works offline, and is available for Windows, macOS, and Linux.
CryptPad is a freemium, open source, secure and private alternative to Office suites and cloud services.
It lets you collaborate on all kinds of Productivity tools like word processor, spreadsheet, presentation, code, etc.
You can use it anonymously for free or pay for premium which starts at €5-15/month.
Joplin is a free and open source note taking and to-do app with end-to-end encryption and synchronization capabilities with Nextcloud, Dropbox, OneDrive, etc.
You can also save Web pages and screenshots from your browser using the Web Clipper, and is available to download on Windows, Linux, macOS, Android, and iOS.
Firewalls and Network Monitors
The Built-in Firewalls on Windows, Linux, and macOS are pretty good for most people But, they lack in features like Real-Time monitoring features.
Here are the best Firewall and Network Monitoring apps that lets you see what apps are making connections to where in the background:
GlassWire is beautiful, easy-to-use and feature-rich network monitor and firewall, it is not open source and costs reasonably.
There is a Free version that lets you monitor your network activity forever, but you will have to pay for Firewall and other features.
It is available on Windows and Android, there will be a macOS and iOS version soon.
Just like GlassWire, Little Snitch lets you Monitor your Network and has a Firewall.
It’s not Free, but it is reasonably priced and Feature-rich, and is available only on macOS.
Windows Firewall Notifier
Windows Firewall Notifier (WFN) is an ppen source Network Monitor that has Connections Map and Bandwidth usage monitoring.
It is not a Firewall but a complement to Windows Firewall, that notifies you about outgoing connections attempts and lets you to allow or block them, either permanently or temporarily.
Operating System is at the core of your device and manages virtually everything on your device that’s why I recommend using a secure, privacy-friendly and open source operating system.
I would recommend against Windows or macOS as they track and collect vast amounts of private data.
Here are some of the Most Secure and Private OS that I recommend:
Everything about QubesOS screams privacy and security. It utilizes the principle of privacy and Security by Compartmentalization.
QubesOS leverages xen-based virtualization which Isolates different Desktop Environments.
You can even use multiple operating systems at the same time, including Fedora, Debian, or Windows.
ParrotOS is “All-in-one framework for Cyber Security, Software Development and privacy Defense”.
It is a great alternative to Kali Linux for developers and security professionals as it has robust features like AnonSurf.
It is light-weight, and there are different versions suitable for home as well as professional users.
Tails OS is a live operating system that can start on any computer from a DVD, or a USB Stick. It uses Tor Network for all kinds of Internet connections hence preserving privacy and anonymity. It leaves no trace on the computer, and encrypts files, emails, and instant messages.
There are lots of awesome alternatives to Social Media like Facebook, Twitter, and Instagram that don’t violate your privacy and put you in control your Data.
Mastodon is a great alternative to Twitter and Facebook, and is based on open web protocols and free, open source software.
You can run your own, or join one of thousands of decentralized and independent communities for free.
diaspora* is a decentralized, free, and private social media like Google+.
You can set up your own server (or “pod”) to host content, pods can interact with each other to share status updates, photographs, and other social data.
PixelFed is a free and open source federated alternative to Instagram, by ActivityPub federation.
It is a photo-oriented social network with filters, comments, likes, shares without the ads and tracking. You can run your own, or join one of existing ones for free.
More Privacy Tools
I have already listed the best privacy and security tools above, they are all open source, unless mentioned otherwise.
Here are some awesome tools that you may be interested in:
Bleachbit is my favorite privacy cleaner, It is free and open source disk space cleaner, privacy manager, and system optimizer.
It lets you free disk space by clearing cache, cookies, internet history, temporary files, logs, etc, and is available for Linux, Windows, and macOS.
ClamAV is an open source antivirus engine for detecting Trojans, viruses, malware and other malicious threats, and has a command line interface (CLI).
ClamWin is a free and open source antivirus for Windows with a Graphical user interface (GUI), and uses ClamAV antivirus engine and database
ClamTK is a free and open source interface for Fedora, CentOS, Ubuntu and other Linux distros, and uses ClamAV antivirus engine and database.
Thunderbird is a free and open source email application, newsfeed, chat, and calendaring client.
It is easy to set up and customize, and is backed by the people behind Firefox — Mozilla, and is available on Windows, Linux, and macOS.
DNSCrypt is a flexible DNS proxy that authenticates communications between a DNS client and a DNS resolver.
It supports all modern encrypted DNS protocols such as DNSCrypt v2, DNS-over-HTTPS and Anonymized DNSCrypt, and is available on Windows, Linux, and macOS.
Visual Studio Code
Visual Studio Code is a great free and open source code editor, by Microsoft.
VS Code is easily customizable, and comes with a lot of features like IntelliSense, debugging, built-in Git and hundreds of extensions.
You should consider covering your webcams when not in use.
I always feel surprised when I see people who don’t cover their webcams at all — all you have to do is move the sticker and replace it after for use.
There are stickers that have slide switches that you can toggle back and forth to cover it.
Privacy Tools for Phones
Most of the Apps mentioned above are also available for your phones be it android or iOS. Here are some best privacy and security apps for your phone:
LineageOS is a free and open source operating system for smartphones, tablets, and set-top boxes. It is the successor to the CyanogenMod, and is available on lots of devices.
GrapheneOS is a free and open source privacy and security focused mobile OS for selected devices.
F-Droid is an installable catalog of free and open source software for Android. It lets you easily browse, install, and keep track of app updates on your device.
K-9 Mail is a free and open source email client focused on making it easy to chew through large volumes of email on your Android. It is fast with no ads or tracking.
Nebulo is a free, open source, non-root DNS changer for Android that utilizes dns-over-https and dns-over-tls. It is fast, contains no ads or tracking and offers a lot of flexibility.
DNSCloak is basically an open source version of DNSCrypt for iOS that supports modern encrypted DNS protocols.
Orbot is a free and open source app that lets you connect to Tor Network, providing privacy and anonymity on the Internet for Android.
Onion Browser is a free and open source version of Tor Browser for iOS. It is primarily developed by Mike Tigas, who works as a developer and investigative journalist at ProPublica by day.
Blokada is the best free blocker that blocks ads, trackers, malware. It is open source, lets you install Filter Lists, whitelist apps, and much more.
Better is a premium open source privacy tool for Safari on iPhone, iPad, and Mac. It protects you from behavioral ads and companies that track and profile you on the Web. It costs $1.99.
Jumbo is a free privacy assistant that helps you delete your social media and voice assistant activity, adjust your privacy setting for Facebook, Google, Twitter and more. It is available for both iOS and Android.
I would be remiss if I ended this articles without giving a shout out to awesome.re — it is a great collection of all kinds of awesome tools.
I also recommend reading Edward Snowden’s new book, “Permanent Record” — it really shows you the importance of privacy in today’s age.
Also check out Exodus Privacy Report, privacy audit platform for Android apps helping you know which trackers and permissions are embedded in apps installed on your device.
Privacy and Security Tools
Merely using these tools won’t make you private and secure or anonymous to say the least, privacy and security is a mindset, not a boolean expression — keep learning. These are some of the best privacy and security tools that I recommend and use, and would serve as a great starting point for being more private and secure. I hope you enjoyed reading about these privacy and security tools.
That’s all Folks!
I will be updating this page frequently with more privacy and security tools and information. You can check out this privacy and security checklist here.
Do let me know of any feedback, tips, or suggestions based on privacy and security tools you are using, feel free to drop a comment below!