ClamAV is an open source antivirus, but I would recommend against using an antivirus altogether due to their invasive nature. You shouldn’t need one with proper sandboxing and isolation.

Mainly because it’s proprietary, privacy invasive by nature, and invasive on computers.

The size on the list does not matter. I resized them so they could fit better on the page.

The intention was more “Banks keep my data safe,” but I wanted to provide a clearer explanation that if your data isn’t safe, neither is your money. I didn’t have enough room to put my full thoughts.

Encryption is a type of security, and Tor/VPNs encrypt your traffic. Accessing .onion sites over Tor is (at least in theory) more secure than accessing clearnet sites.

Proton VPN and Mullvad VPN are both open source, meaning their code can be publicly audited to make sure they’re upholding their standards of privacy and security. Furthermore, Proton VPN offers a free tier. These are the main 2 reasons. NordVPN only protects your privacy against other websites, not NordVPN themselves. Hope this helps! Let me know if you want more details.

Edit: Mullvad VPN can also be paid for in cash/Monero, and they don’t ask for any personal information to use it (not even a username!)

Good question! There are hundreds of good resources, some of which include Privacy Guides and my friends at Punching Up Press (they have a lot of other good infographics). Naomi Brockwell TV is a YouTuber with some great beginner friendly videos to guide you step by step. Let me know if you’re interested in others!

I don’t understand how this is possible if this is a private, account free service.

It’s likely there in case (for example) you, in court, testified to using Duck.ai for illegal purposes. DuckDuckGo themselves would not be the ones dragging you to court, but they could get caught in the crossfire, so they want to avoid liability.

Overall, I don’t get what ddg gets out of this very expensive to offer service. Which means I don’t teust its a way to privately use LLMs.

These are the possible motives for each side:

DuckDuckGo gets to add AI to their service, which attracts users. DuckDuckGo is paid in sponsored results at the top of searches, so more users means more money.

The AI providers are willing to provide free/cheap service as a sort of sponsorship to attract users of their own. If you are using GPT on Duck.ai and decide you like it, you may be incentivized to use OpenAI’s own service to chat with the better model, since the models on Duck.ai are not top of the line. It’s the same thought process behind free tiers in services.

Both sides win in this arrangement.

You can add &kbe=0 to the end of the URL when you search to disable it. If you know how to add custom search engines this is the easiest way.

Otherwise, you can add "kbe":"0" as a value inside the duckduckgo_settings parameter in the bookmarklet, like this:

		'duckduckgo_settings': '{"description":"Each key is a setting documented in https://duckduckgo.com/duckduckgo-help-pages/settings/params/","kdcm":"6","kdcs":"0","kbe":"0"}',

Cheers!

There are plenty of options:

• You can carry around a spare burner phone that is powered off. These are relatively cheap ($30 + the cost of your cell plan), and has the benefit of working even when your main phone dies. You can leave it charging in your car.
• You can carry around a cellular hotspot, such as one from the Calyx Institute. This also helps fund a pro-privacy organization, and this hotspot can be used to provide internet for multiple devices. See this video for more information.
• You can still call emergency services even without a SIM card.
• If there are public Wi-Fi networks nearby, you can connect to those in order to get in touch with people you need.
• You can ask anyone nearby for help. Whether it be borrowing their phone to make a phone call, using their phone as a hotspot, or having them help you directly.
• Hike to the nearest civilization for help.
• Wait for a bus to pass by, if they are in your area.
• Some smart cars have the option to call for help built-in.
• Use GrapheneOS with a carrier. It will still be much more private than using iOS, and you can disable the cellular radios when they are not in use by enabling Airplane Mode.

Even without any of those, the chances that you will be completely stranded with no one to help and no way to call emergency services are very, very slim. Privacy protects you from more likely scenarios, such as data breaches or identity theft.

How did you find these yourself?

I’ve been learning about privacy for the better part of 6 years. At first, most of my information came from lurking on Reddit and Lemmy, but then I started getting first-hand experience and doing my own research.

A beginner will choose what seems private, regardless of whether or not it actually is.

How the heck is TOR less secure than any of the vpns?

This isn’t a ranking of security. It is ranked based on the experience level at which people generally begin to start using certain software. They build on top of each other.

“As seen on TV” does not imply privacy, it just implies a large advertising budget. These are software that market themselves as private (and are sometimes better than nothing at all) but may still be just as bad as software on the tip of the iceberg.

I considered adding security keys, but I ran out of space and couldn’t decide on a “de facto” brand

If you want to pay using a private cryptocurrency such as Monero, you can shop on XmrBazaar. Otherwise, you can buy a prepaid VISA with cash and find stores like eBay that accept fake personal information while ordering. Remember to ship to a PO box and not your real address (or mail to an abandoned home if you’re feeling risky).

If you can, avoid online shopping altogether and use in-person stores with cash.

Was not aware of the existence of Coincarp (logo by GrapheneOS). Is a crypto price tracker used by Activists? I left crypto a couple of years ago but though Activists just don´t trade much and stick for the long haul and use Monero for purchases.

The logos next to it are Vanadium, which is a web browser made by GrapheneOS, and Aegis Authenticator, which is a time-based one-time password (TOTP) application.

Hello there!

I was wondering where you stand on the following topic: email obfuscation by using different aliases or throwaway email addresses for web accounts.

This is a matter of threat model, but part of my threat model is making sure none of my accounts can be correlated with each other and that my real email is not given out. For those reasons, I use addy.io for email aliasing.

While I thought that it was cool in the beginning, I found that even with a PW manager, things can become messy very quickly, and at a later stage, moving away entirely from iCloud’s “Hide my email” for example could turn out to be a nightmare and make things even more complicated.

Bitwarden is a password manager that allows you to generate email aliases natively, and integrates nicely with addy.io. Switching between email aliasing services is a tedious process, but hopefully one you will only need to do a couple of times in your lifetime.

So to cut to the chase: use your own email addresses every time or use a, preferably, self-hosted service for that specific use case of generating more or less random email addresses?

Email aliasing provides numerous other benefits than what I listed here, such as being able to fight spam by fully disabling the leaked email alias, so there’s plenty more reasons to use it. I would avoid self-hosting an email alias service, because the domain you use is a unique identifier across aliases and defeats the purpose of anonymity. Furthermore, if you accidentally mess something up, you end up putting your own security at risk. It’s up to you.

Thank you!

On my list it shows that I have not personally used the software, so I have no idea. This is good to know, though, so thank you! I’ll be sure to replace it with a better alternative if one exists.