Skip to content

Latest commit

 

History

History
78 lines (31 loc) · 3.33 KB

readme.md

File metadata and controls

78 lines (31 loc) · 3.33 KB

Contents

Introduction

True privacy cannot be accomplished without a competent layer of security, and often times than not users make compromise security for "privacy". As a wise man once said "we must not assume that there are power users. If anything they could take decisions that reduce their security and feel they are improving it"

Operating System

Use GrapheneOS or stock operating system on a google pixel device, the only recommended OEM is google

Warning: Do not root or keep the bootloader unlocked. Avoid custom roms like Lineage OS and its derivatives. It weakens various SELinux polices and exposes root access via adb. The majority of custom ROMs severely weaken the security model by disabling verified boot, failing to provide firmware patches, using userdebug builds, disabling SELinux, and various other issues, they focus on customization not security or privacy. Also Comparing Magisk manager (as an excuse to root the device) to Android's incredibly tight SELinux policy is ludicrous

Browser

Use Vanadium (if posible) or Bromite

Warning: These projects don't priorities on anonimity, if that is your top priority use the Tor browser instead

Social Media

s1

VPN

Don't use VPN services Use Orbot instead. It is a Proxy server project to provide anonymity on the Internet. It acts as an instance of the Tor network on such devices and allows traffic routing from a device's web browser, e-mail client, map program, etc., through the Tor network, providing anonymity for the user. The VPN mode in Orbot, is not a real VPN. the VPN mode makes use of Androd VPN-api to force all apps to through its own tor connection. They do it this way because the only alternative would require rooting your device.

Messenger

Signal with VoIP number

Email

ProtonMail and Tutanota are providers with a strong focus on security

Warning: Email itself is a legacy technology and there is no private or secure email, Don't go anywhere near email at all if any remotely sophisticated adversary is involved.

Passwords

Use a password manager like Keepassdx or Bitwarden that generates secure passwords and stores them for you safely.

Authenticator

Use two-factor authentication (2FA) wherever possible, Use Aegis.