Privacy

Android is a very secure and robust operating system out of the box. This post will be less of a “hardening guide”, but more of a non-exhaustive list of tips when it comes to buying and using Android phones. Android Devices Recommended Phones Google Pixel phones are the only devices I would recommend for purchase. Pixel phones have stronger hardware security than any other Android devices currently on the market, due to proper AVB support for third-party operating systems and Google’s custom Titan security chips acting as the Secure Element....

Badness enumeration is the concept of making a list of known bad actors and attempting to block them. While it seems intuitive at first glance, badness enumeration should not be relied upon for privacy or security. In many cases, it actually does the exact opposite and directly harms the user. This post will attempt to explain why badness enumeration as a concept is flawed and give some examples of its failings in practice....

Android is a secure operating system that has strong app sandboxing, Verified Boot (AVB), and a robust permission control system. When you buy an Android phone, the device’s default operating system often comes with invasive integration with apps and services that are not part of the Android Open-Source Project. An example of such is Google Play Services, which has irrevocable privileges to access your files, contacts storage, call logs, SMS messages, location, camera, microphone, hardware identifiers, and so on....

Virtual Private Networks are a way of creating a protected and private network over the open Internet. It was originally designed to provide remote access to an internal corporate network. However, in recent years, it has also been used by commercial VPN companies to hide their clients’ real IP address from third-party websites and services. Should I use a VPN? Yes, unless you are already using Tor. A VPN does two things: shifting the risks from your Internet Service Provider to itself and hiding your IP from a third-party service....

While source code is critical for user autonomy, it isn’t required to evaluate software security or understand run-time behavior. One of the biggest parts of the Free and Open Source Software definitions is the freedom to study a program and modify it; in other words, access to editable source code. I agree that such access is essential; however, far too many people support source availability for the wrong reasons. One such reason is that source code is necessary to have any degree of transparency into how a piece of software operates, and is therefore necessary to determine if it is at all secure or trustworthy....

PrivacyTools.io is a fairly popular website recommending software and providers for the privacy communities. However, the website lacks any sort of quality control, recommending many products without technical merits or with severe vulnerabilities, and ending up harming user privacy. This post will go over a non-exhaustive list of bad recommendations from PrivacyTools.io. Web Browsers Duckduckgo Duckduckgo Browser on Android is a Webview based browser. It does not support Site Isolation. This is in contrast with Standalone or Trichrome browsers which support this feature and come preinstalled out of the box with most Android-based operating systems....

The first task a person should do when taking steps to protect their privacy and security is to make a threat model. Defining a threat To make a threat model, we must first define a threat. A common mistake made by people who are just getting into the privacy space is to define the threat as “big-tech companies.” There is a fundamental problem with this definition: Why are we not trusting “big-tech companies,” but then shift our trust to “small-tech companies”?...

Lokinet is an Internet overlay network utilizing onion routing to provide anonymity for its users, similar to Tor network. This post will provide a quick (and non exhaustive) list of its pros and cons from an end user perspective and go over how to set it up on Qubes OS. Advantages Provides anonymity by removing trust in a service provider (as opposed to a traditional VPN) Better versatility than Tor by supporting any IP based protocols (Tor only supports TCP) Generally faster speed than the Tor Network Disadvantages Only works well on Debian-based distributions....