List of privacy tools

As efforts on decentralization, privacy and zero-knowledge cryptography constantly develop, we should not see privacy and distribution as a goal in a distant future. LunarDAO aims to see what tools and possibilities are there here and now. As a community of Lunarpunks we have the ability to compile a solid pool of resources, links, manuals which constantly evolves. It is import for everyone to make their own evaluation of these projects privacy standard and make an informed decision what to use based on that.

Online video sharing platforms

FreeTube
A private YouTube client.

Invidious
Invidious is an open-source alternative to YouTube and is intended as a privacy alternative to the official YouTube website.
Documentation

Calls

  • Jitsi
    The calls can be with out without video, there is a texting function that can be used during the call, the chat room have a generated name and can also be used with a password.

Messaging apps/clients

For all the private messaging options it is necessary to use an application to hide your IP address, such as ProtonVPN, RiseupVPN or TOR. If used on phone - do not use a sim-card and set up an automatic reset of the mac address on every re-connection.

  • Darkirc
    Darkirc is a fully anonymous peer-to-peer communication tool developed by DarkFi which can be used encrypted or unencrypted, supports DM and group chats. Works with clients like Weechat directly in terminal. No need to create an account, no captchas, no bloated app with extra empty screen space. Fully distributed, runs on tor.

  • Simplex chat
    End-to-end encrypted messaging for chat, audio and video with no identifiers assigned to the users. Can be set up for terminal usage. Documentation

  • Session
    Session is an open source messenger that supports private and anonymous communications; DM, group chats, and voice calls.
    Documentation and Whitepaper.

  • Signal
    Signal is a free, end-to-end private messenger for DM, group chats and calls. At present, to set up Signal you need a phone number.
    Documentation

  • Molly
    Molly is an independent Signal fork for Android. Molly is compatible with Signal user but also has a few more unique features, including SOCKS proxy and Tor support.
    Documentation

  • Element
    End-to-end encrypted messenger for DM and group chats, and video. Bridges to other chat app, even commercial/centralized an not private ones, such as Whatsapp and Telegram.
    Documentation

  • XMPP with Jabber or Pidgin
    XMPP is a set of open technologies for instant messaging, group chat, voice and video calls. It is decentralized and open source.
    Documentation

  • Threema
    Is an end-to end encrypted messenger for phone and desktop. User don't have to provide a phone number. Costs $6.

  • My Sudo
    End-to-end encrypted messaging with the possibility to create multiple numbers, group chats, disappearing messages and soon also ability to create virtual cards. Available in US.

  • Hushed
    Offers phone number aliases. The user can create multiple phone numbers.

Phone numbers

An important note is to use Tor browser or VPN (ideally with a browser which is focused on privacy such as Librewolf) when setting up the number, managing wallet and making transactions. Check Anonymizing assets for the payment. For jmp.chat use Sideshift to exchange to BTC.

  • jmp.chat
    Provides a phone number, from US, which can be used for other apps. In Privacy setup you can go through the steps needed to set it up. Is payed with BTC.

  • Crypton
    Provide UK SIMs. The data is stored encrypted on their server which is located on Iceland. To sign up username and password is needed (email is optional). It's possible to pay with crypto, ie. Monero or Bitcoin.

Twitter front-end

Organizer

  • Logseq
    Functions like mdbook. The user can create their own wiki and to-do lists in markdown. Also check out how to build an mdbook which can be used locally for own usage only, if that is the rquirement.

Virtual machines and Tails

  • Tails
    Tails is a portable operating system which protects against surveillance. The entire OS is on a USB without accessing or storing data in the computer (only using RAM). No metadata stored after shut down. MAc adress spoofing and tor network to connect to internet by default. Data on USB encrypted. Based on a minimalistic version of Debian - Gnome. GPG encryption, email client, onion file share, pidgin, wiping option, keepass, metadata cleaner etc by default. Tails has a function which shuts down the computer immediatly after USB removal.
    Documentation

  • Whonix
    Whonix is a virtual machine that runs like a process (an app) inside the OS, to help user stay anonymous on internet by for example randomizing IP address and using TOR. When shut down, no data is stored.
    Documentation

  • Qubes
    Works on a model of secure compartmentalization through virtualization, isolating both hardware and virtual machines (qubes) from each other. Creating not only a technical solution under the assumption that a user will suffer exploits, but also a mindset and praxis how to protect the user and limit the damage when events such as opening malicious links or files happen, by doing so in a disposable virtual machine.
    Documentation

Email and file encryption

  • OpenPGP
    OpenPGP is end-to-end encryption protocol used for email communication.
    Documentation

  • Rage
    File encryption to single or multiple recipients. Run in terminal.

Email provider

These email providers are without cost and end-to-end encrypted. For Riseup and Systemli an invite code is required to be able to create a new email.

  • Tutanota
    Is an end-to-end encrypted mail (between Tutanota email addresses). Tutanota also encrypts the entire mailbox and also offer encrypted address book and calendar. It is not possible to set up an account with Tor browser, but it is possible to use a more private browser alternative such as Librewolf together with VPN. After registration it takes 48h before activated as the address need to be approved.

  • Protonmail
    Is an end-to-end encrypted email service between protonmail accounts. It is possible to set up a free email, and the user have access directly.

  • Riseup

  • Systemli

Email aliases

  • SimpleLogin
    SimpleLogin provides email aliases so the user don't have to give their real email address. The email sent to the alias address will arrive to the real one.

PGP

  • OpenPGP
    OpenPGP is used for authenticating or encrypting data, using public key cryptography.

  • OpenKeyChain
    OpenKeychain stores and manages your keys, and those of the people you communicate with, on your Android smartphone.

Read more: PGP and OpenPGP.

Password manager

OTP Authenticator

  • FreeOTP Authenticator
    Generates a one-time passwords on your mobile devices which can be used in conjunction with the regular password to make your login nearly impossible to hack.

Disk encryption

  • VeraCrypt
    VeraCrypt is a free open source disk encryption software for creating encrypted storage; hidden or visible partitions or devices.

  • LUKS
    LUKS is a feature in linux distributions as well as on Tails. It is used for encryption of particitions, such as USB or disk.

VPN and Onion routing

VPN just like Tor protects your IP address. You can read more about the difference between Tor and VPN here.

  • Geph
    Free VPN. Can be used on Windows, Mac, Linux and android.
    Documentation

  • ProtonVPN
    Free option. The other options can be payed in cash or with Bitcoin.

  • RiseupVPN
    Free VPN.

  • Mullvad
    Can be payed in cash and Monero. No free option.

  • Tor browser
    A private browser which hides your IP address. The project is using onion routing; relays which are run by volonteers. The browser stores no data and also block trackers.

  • Lokinet
    A private browser (onion routing) that hides your IP address. It is decentralized and run on nodes in Oxen network. More info about how it works and differences with other options in their faq.

  • IVPN
    Documentation
    No logs, no user data stored. Protecting IP address from exposure.

Browsers

  • Librewolf
    Is a custom version of Firefox which is privacy oriented. It includes search providers like Duck duck go, uBlock content blocker, no telemetry (automatic recording and transmission of data for monitoring and analysis).
  • Brave blocks tracking,fingerprinting, third-party ads and cookie acceptance pop-ups.
  • Tor browser is developed to circumvent censorship and enable privacy. This is done using onion routing of data through multiple servers.

Private network layer

  • I2P
    Is an encrypted private network layer. The traffic inside I2P does not interact with the internet directly, it is a layer on top of the Internet. I2P protects activity, no one can see the origin, destination, or contents of the data. It is a peer-to-peer network and if the user wants to protect their IP address they also need to use a VPN while using I2P.

MAC address randomization

Wi-Fi, Bluetooth, and Ethernet connections all use MAC addresses (Media Access Control Address). MAC addresses are always a 12 digit hexadecimal number, with the numbers separated every two digits by a colon or hyphen. MAC addresses are used to identify which device is which on users local network. Because they’re unique, MAC addresses can be used to track a user. When walking around, a smartphone scans for nearby Wi-Fi networks and broadcasts its MAC address. For better privacy it is good to learn how to change the MAC address. Here are three pages which addresses this issue:

  • Android developers

  • GrapheneOS
    Read more under 'Secure android phone'.

  • Cyberithub
    A guide on how to install macchanger on Debian based OS and how to change the mac address manually (the random changes during testing didn't work so far, but doing it manually works well).

IMEI randomization

Banana phone

IMEI stands for International Mobile Equipment Identity. It is a unique numeric identifier of GSM, or 3GPP and iDEN mobile phones, as well as some satellite phones.

IMEI randomization: Nokia "Banana" phone (Nokia 8110) has different ways to be hacked for IMEI randomization. The most simple way is to install Wallace Toolbox.

eSIM cards/virtual numbers

  • Silent link
    An eSIM that can be acquired with crypto such as Monero. US number, UK number or data only.

  • Crypton
    Virtual SIM which can be paid in crypto. Data is encrypted with user key (though note that some metadata, such as dates remain unencrypted).

Digital photo metadata removal

  • Exiftool

  • ExifCleaner

  • ObscuraCam
    With this app you can blur faces and remove metadata.

  • Scrambled Exif
    To use Scrambled Exif, you don't need to open the application. Instead, go directly to the Gallery, select the picture you want to share --> click on the share icon --> select Scrambled Exif --> choose the app you want to use to send the picture --> choose contact and send --> Done.

File sharing tools

  • Onionshare
    With Onionshare the user can anonymously share files, host websites, and chat with friends using the Tor network.
    Documentation

  • Send
    Private file sharing, easy to use drag-and-drop.

Shred/Wipe files

  • Shred files on linux
    The shred command helps to overwrite the data of a file or disk several times. This makes it harder for third party software and hardware probing to recover the data, which is supporting users privacy.

  • Bleachbit
    Free software to free cache, delete cookies, clear Internet history, shred temporary files and delete logs.

Public wifi networks

  • Freifunk
    A non-commercial initiative for free wireless networks.

  • Wifi Map
    A free wifi search tool. Enter city and receive all free wifi options in ths city.

Search engines

  • Whoogle for example Whoogle instance via Seth for privacy.
    Google search results, but without any ads, javascript, AMP links, cookies, or IP address tracking.

  • Startpage
    Search engine without tracking and search history. Can be used with Anonymous view, which protects your IP address.

  • Duck duck go
    No tracking, no ads and no storing of personal information.

Collaboration tools

  • Hedgedoc
    Hedgedoc is a collaboration tool which can also be self hosted without needing a lot of resources (can ie. run on rasperry pi). In Hedgedoc it's possible to write documents in Markdown with immediate rendering or even make markdown slides.

  • Nextcloud
    Nextcloud is a collaboration platform where it is possible to co-edit document, share files, chat, make video calls, manage mail and share calendar. For additional privacy the team can encrypt the files that they want to share with each other on Nextcloud.

  • Cryptpad
    Is a tool for co-editing documents (also possible to do in markdown) and provide a storage space.

Publishing platforms

  • Freenet
    Freenet supports file sharing, browsing and publishing of so called "freesites" (web sites accessible only through Freenet). It can be used in "darknet" mode, which means that user only connect to their friends. This makes it more difficult for third party to detect.

Offline maps

For android phones.

These two applications are very useful as they are offline maps. They also contain ads and asks for some permissions that are not needed for functionality. Check Privacy setup for more information.

Virtual payment cards

  • Fastcoincard
    Is a virtual Visa card, which can be used in stores and on sites that accept Visa for payments. It is possible to deposit with for example BTC and ETH, one time or reloadable card.

  • Coincards
    Gift cards, mobile top-ups, and prepaid Vouchers. Can be used in Canada, USA, and UK. Australia and Europe is said to be coming soon.

To be anonymous when depositing money to the card, see steps on how to anonymize ETH in Anonymizing assets. Use Sideshift to swap from ETH to BTC, or explore Panther protocol for anonymizing USDC. No KYC.