FOSS and privacy-related software

This list contains Free and Open Source Software (FOSS) and services I’m recommending to use instead of proprietary. Most of them are privacy-related.

Providers

Search Engine

Search engines can track everything you are looking for. If you are currently using search engines like Google, Bing, or Yahoo, you should pick an alternative that don’t track you or sell your information to advertisers.

  • DuckDuckGo - most popular privacy-related search engine. Doesn’t collect or share any of your personal information. Some of DuckDuckGo’s code is free and available at GitHub, but the core is proprietary.
  • Quant - GDPR-compliant search engine, that respect your privacy. Source code available at GitHub.

E-Mail

Gmail, Outlook and Yahoo currently are the most popular email providers, but none of them take your privacy seriously. For example, Gmail gives third parties access to information inside your account, and they even have the ability to target ads to you based on what’s inside your inbox. I recommend using the following providers, that store all your data encrypted and provides an option to send encrypted e-mails.

  • Tutanota - email service with a focus on security and privacy through the use of encryption. Doesn’t allow the use of third-party email clients and provide own app for Web, Linux, Windows, macOS, Android and iOS. Completely Google-free. Source code available at GitHub.
  • ProtonMail - email service with a focus on privacy, encryption and security. Source code available at GitHub.

Cloud Storage

Cloud storage is a convenient way to keep files synced and access them from everywhere. If you’ll read terms of service of most popular cloud storage, such as Google Drive and Dropbox, you’ll find, that they have a right to read and use your files as needed. To keep your files private, take a look at the following provides.

  • Nextcloud - suite of free and open-source client-server software for creating your own file hosting services on a private server you control. Source code available at GitHub.
  • Tresorit - GDPR-compliant end-to-end encrypted cloud storage. No source code available.

File Sharing

Start sharing your files the secure way, with services that not only respect your privacy but offer end-to-end encryption.

  • Firefox Send - simple, private end-to-end encrypted file sharing. Source code available at GitHub.
  • Tresorit Send - GDPR-compliant end-to-end encrypted file sharing. No source code available.

DNS

Instead of using DNS from your ISP or Google, you should use the following DNS resolvers. They can prevent such things as DNS hijacking, or can be used to block malicious sites, ads, and trackers. These don’t make you anonymous or hide your traffic from your ISP (Internet Service Provider), but they still make you safer online.

  • Cloudflare - the fastest DNS out there. US based. Doesn’t log your IP and doesn’t sell your data1.
  • NextDNS - powerful DNS resolver with rich functionality, such as ad blocking and rewrites. Some features require some sort of data retention. In that case, users are given the option, control, and full access on what is logged and for how long2.

VPN

Using a VPN will not keep your browsing habits anonymous, nor will it add additional security to non-secure (HTTP) traffic. It can be used only to hide your traffic from only your ISP and to access content that is blocked in your own country.
All VPN providers can see and modify your traffic the same way your ISP could. And there is no way to verify a VPN provider’s “no logging” policies in any way.
If you are looking for anonymity, you should use the Tor Browser instead of a VPN.
If you still want to use VPN service, here’s what I’d recommend:

  • ProtonVPN - strong contender in the VPN space. Based in Switzerland and offers a limited free pricing tier, as well as premium options. As of January 2020 ProtonVPN has undergone an independent audit by SEC Consult3.

Maps

If you’re looking for good Google Maps alternative, you should check out this:

Social Networks

Stop using Facebook. Seriously, stop. It’s a privacy nightmare. Here’s a list of reasons, why you should stop using it.
If you already decided to delete your Facebook account - do it now.
Here’s a social networks, that doesn’t violate your privacy and puts you in control of your personal data:

  • Mastodon - social network based on open web protocols and free, open-source software. It is decentralized like email, users can exist on different servers or even different platforms but still communicate with each other. Source code available at GitHub.
  • Pixelfed - free and ethical photo sharing platform, similar to Instagram. Source code available at GitHub.

Software

Browser

Google Chrome is dominating today’s browser market, but it’s tracking and monetizing your every move. Opera was purchased by China-based investor group4 and was caught on predatory lending business5.
So, if you care about your privacy, I’m recommending to use one of the browsers below.

  • Firefox - fast, reliable and open-source browser, that respects your privacy. Source code available at Mozilla’s Mercurial.
  • Tor Browser - modified version of Firefox ESR, which comes with pre-installed privacy add-ons, encryption, and an advanced proxy for an extra layer of anonymity. Available on all platforms. Source code available at torproject.org.
  • Brave - lightweight privacy-related Chromium-based web browser. Has own built-in ad block, block most trackers by default. Also, provides a way for users to send cryptocurrency contributions in the form of Basic Attention Tokens to websites and content creators. Available on most platforms. Source code available at GitHub.
  • Vivaldi - highly customizable web browser. Available on Linux, Windows and Android. Source code available at vivaldi.com.

Browser Extensions

  • uBlock Origin (Firefox/Chrome) - efficient blocker add-on for various browsers. It blocks ads, support custom rules and filters. Also, allows working in default-deny mode, which will cause all 3rd-party network requests to be blocked by default, unless allowed by the user. Source code available at GitHub.
  • HTTPS Everywhere (Firefox/Chrome) - protects your communications by enabling HTTPS encryption automatically on sites that are known to support it, even when you type URLs or follow links that omit the https: prefix. Source code available at GitHub.
  • FoxyProxy Standard (Firefox/Chrome) - advanced proxy management tool, which automatically switches an internet connection across one or more proxy servers based on URL patterns. Source code available at GitHub.
  • ClearURLs (Firefox/Chrome) - extension automatically removes tracking elements from URLs to help protect your privacy. Source code available at GitLab.
  • Cookie Quick Manager (Firefox) - complete manager for cookies accumulated during browsing. It allows you to view, edit, create, delete, backup, restore cookies and search them by domain names. Source code available at GitHub.
  • Don’t touch my tabs! (Firefox) - prevents tabs opened by a hyperlink from hijacking the previous tab by adding the “rel=noopener” attribute to all hyperlinks. Source code is not provided, but can be extracted from .xpi extension file.
  • Facebook Container (Firefox) - isolates your Facebook identity into a separate container that makes it harder for Facebook to track your visits to other websites with third-party cookies. Source code available at GitHub.

Password Manager

To keep yourself secure, you should never use the same password twice. And you don’t have to remember all of your passwords. If some password is exposed, you only have to change one.
I’m recommending to one of the following password managers, that are open source.

  • Bitwarden - free and open-source password manager. Can be self-hosted. Apps available for Web, Linux, Windows, macOS, Android and iOS. Also, has browser extensions for all browsers. Source code available at GitHub.
  • KeePassXC - offline open-source password manager. Official apps available for Linux, macOS and Windows. For other platforms (incl. Android) there’s a lot of apps created by community. Source code available at GitHub.

Android-Specific Software

  • F-Droid. It is an installable catalogue of FOSS (Free and Open Source Software) applications for the Android platform. It also has a client app, which can be installed as apk (PGP Signature). Source code available at GitLab.
    There’s also available unofficial client - Aurora Droid.

  1. NextDNS privacy policy available at nextdns.io. ↩︎

  2. Read more at 1.1.1.1. ↩︎

  3. You can view individual reports for each platform at protonvpn.com. ↩︎

  4. “The Norwegian company has sold its browser, performance apps and name”, - engadget.com. ↩︎

  5. According to a report published by Hindenburg Research. ↩︎


Vladislav Pashinskikh
WRITTEN BY
Vladislav Pashinskikh
DevOps Engineer, GNU/Linux enthusiast, FOSS and privacy activist from Ukraine