Any privacy focussed tools you swear by?

Hey folks!

With the lockdown seeming to last longer, we’ll all probably do remote work for a while. :face_with_head_bandage: So I’ve been researching about tech tools that focus on privacy any don’t store our data. Any tools you and your workplaces swear by? Drop recommendations please!

Let’s stay protected from Covid-19 and surveillance! :exploding_head:

3 Likes

Syncthing for storing private files. Defeats the privacy questions of cloud storage by syncing directly between two or more of your devices. Drawback is that your devices need to be online at the same time. I use two raspberry pi’s for this purpose.

https://syncthing.net

Keepass for passwords. https://keepass.info

A password manager that lets you control your data. I use this in conjunction with syncthing.

Greenify/Island on android: you can configure Greenify to automatically ‘force stop’ rogue apps when you aren’t using them. Ex: Paytm, Amazon, uber. For extra safety, island lets you run apps in a dedicated ‘work profile’ which for all intents and purposes becomes a sandbox. Switch out of island and the apps get hibernated at the OS level.

Island is still in early access and it seems I can’t share the URL but I remember signing up for it through Greenify.

2 Likes

Privacy focussed tools that I trust in would be:

  • Securedrop - @kushaldas can speak more about it
  • Signal for communication
  • Keybase for teams
  • Onionshare for sharing documents.
  • Tor Browser for browsing

But these are not necessary tools that are used at my workplace, but used over different projects and personal communications.

1 Like

In my view, the problem, per se, is not that the tools collect or store our data. The main issue is where the “tool” runs, who operates and controls it and then, where the data that tool operates on is stored.

As long as third-parties control the software (ie. the tool) and don’t disclose the source code of the tool (under a free software license), they might capture and store any data about us or even share it and use it in a manner that we might not permit or consent to.

So it might be meaningless to ask which tools focus on privacy. If we can control this tool and host it ourselves (or have someone we trust do it for us), then, by definition, the tool focuses on privacy.

How do we know if we control the tool? We could ask two questions:

  1. Is the tool licensed under a free/libre / open source software license?
  2. Can we self-host it? (This question is redundant actually – it follows from the first one.)

Maybe, then - we could try three things:

  1. choose to minimize (even eliminate) the use of hosted services (ie. hosted by third parties using non-free / proprietary software including services offered as a substitute for software)
  2. self-host services that we need for our work using free/open source software
  3. insist on free software on our computers, servers, network, mobile phones, gadgets etc.

This way we might be able to choose tools that provide much greater privacy to us by default.

Of course, this does eliminate the data that we leak out via web-browsing and DNS queries – for which using the Tor Browser and a DoH (DNS over HTTPS) is the best option. Not to mention surveillance via trackers and ad networks.

Can there be any privacy challenges with free/libre/open source software too? Its possible - there could be – (a) but it might be possible to fix them (we have the source code and we are free to use it under the terms of the FLOSS license), and (b) they might not be a because of the design or intent of the software but the way it is setup or even an inherent vulnerability.

4 Likes

All of these are Free Software iirc :slight_smile:

On a bit different note, I wrote this article this week about maintaining a bit more security while working from home.

3 Likes

Does anyone have any thoughts on e-mail providers? I’ve been very happy with Protonmail for my personal e-mail and things look fine from a privacy standpoint :mag:

3 Likes

I have been away from the forum little bit. I’m working on building a privacy-focused survey platform. An alternative to GForms. You can access them at https://blocksurvey.io. The data is fully owned by user and Blocksurvey has zero knowledge. Let me know if there are any suggestions or feedback. Planning to launch it officially soon.

5 Likes

You can also refer https://restoreprivacy.com/ for privacy focused tools list.

2 Likes

Privacy-focused tools that I trust are :

  • Signal for communication
  • Brave Browser / Tor Browser/ New Firefox with added Privacy Badger and UBlock Origin.
  • DuckDuckGo - Search Engine
  • Email - ProtonMail , Tutanota
  • File Send - Firefox, Onionshare
  • Blogging Platform - Sigle
  • Image Compression tool - Compress.Studio

Also, my go-to place to find out privacy-focused tools are RestorePrivacy or PrivacyTools.io.

Plus I am a part of the team BlockSurvey, we are working towards building a privacy-focused alternate to survey platforms. Kindly requesting you to give us a try and let us know your feedback/suggestions. We will be officially launching soon !! Thanks.

I have been using these tools for years. Take a look.

For video conferencing - Jitsi
Password Manager - Bitwarden and KeepassXC
For Notes - Standard Notes
Podcast - Antennapod
Email - Tutanota and Protonmail

If you are looking for Youtube alternative - https://invidio.us/

1 Like

We’ve been using Jitsi too! But I’ve been told that it’s not very efficient if more than 25 people join the call? Have you experienced something like this as well?

1 Like

We’d used BlockSurvey for the first time for our last members’ quarterly call and it’s a great tool! It’s wonderful to see so many homegrown initiatives do such great work :slight_smile: Thank you @Wilson and @Harini!

This is very well put. Thank you @abhas!

For us at FPF we had enough trouble with more than 5 participants :slight_smile:

I’ve heard of complaints about Jitsi so here’s a popular alternative:

From our testing at Discourse (https://meta.discourse.org/t/bigbluebutton-video-conference/148050), BigBlueButton seems to work well all modern browsers and scale better. It is also fully open source and has been battle-tested through school wide deployments :ok_hand:

3 Likes

I was trying it out on one of my server, works well. No easy way to download a recorded session, but can be viewed on the browser. Only issue is to get a powerful server to run it.

3 Likes

Kind of OT, but any recommendations for cheap reliable privacy-friendly servers nearby? I’d like to self-host a DNS-over-TLS server with decent ping so I can get pihole even while on mobile data.

Privacy friendly servers are mostly in EU.

I’d like to suggest https://cryptpad.fr for collaborative documents. Disroot and https://fsci.in offer many Free Software powered services (I’m part of the team that runs many of the services at FSCI, including a video conferencing service). For communications, I recommend Matrix, which allows anyone to self host (Unlike Signal which does not interoperate with your self hosted instances making it not very useful in practice to self host). FSCI has a matrix instance too (we also support XMPP which is similar to Matrix, but a different federated protocol).

3 Likes

Communications - signal
Dns - pihole, adguard
browser plugins - adguard, decentraleyes
File share & backup - syncthing
password manager - keepassxc ( with syncthing for sync)
cryptomator for file encryption on cloud data stores like icloud and gdrive.