Tools

Why Privacy Matters A Cypherpunk's ManifestoCypherpunks Write Code SeriesWhy I Wrote PGP by ZimmermannThe Priv/Acc ManifestoWhat is threat modeling?

The computer can be used as a tool to liberate and protect people, rather than to control them. ~Hal Finney

Password Manager KeePassXC Encryption LocalKeePassXC Features (docs) • Avoid LastPass, Dashlane

Two-Factor Authentication KeePassXC Encryption Local Aegis Encryption Local Yubikey Security key FIDO2 • Avoid SMS, Biometrics, Authy

Use a password manager. Backup your database (regularly, multiple locations). Use strong and unique passwords. Do not reuse passwords. Enable 2FA. Be proactive, not reactive. Avoid single points of failure.

Operating System Linux [Fedora] for Desktop CalyxOS for Mobile GrapheneOS for Mobile • Avoid Windows, Mac, iOS

Encrypt your devices. Keep your OS updated. Manage app permissions. Remove bloatware. GrapheneOS Installation guide. OS for anonymity and security. Use a firewall. Avoid using public computers. Cover your camera.

VPN Provider Mullvad Linux F-Droid Bitcoin ProtonVPN Linux F-Droid 2FA • Avoid public Wifi, free VPN

Comparison table
Mullvad ProtonVPN
Payment Bitcoin, Lightning, XMR Cash, Bitcoin
No-logs
No PII
Open Source
WireGuard
Killswitch
Custom DNS
IPv6 Support
2FA
Servers 690+ 10,200+
Connectivity 10-20 Gbps 10 Gbps
Countries 49 117
Devices 5 devices 10 devices
Turtle Multihop, Obfuscation, DAITA Multihop, Obfuscation
Download Linux, F-Droid, APK Linux, F-Droid, APK
Audited Cure53, X41, Assured Securitum, ISO 27001
• 'No logs' is a promise • ProtonVPN Plus subscription ^

DNS Resolver 1.1.1.1 DoH DoT No-logs Quad9 DoH DoT No-logsDNS Performance & Uptime • Avoid your ISP's default DNS

Encryption VeraCrypt Linux Mac WindowsRead more about encryptionKey Escrow Failures

System Cleaner BleachBit Linux Shredder • Delete history/cookies/cache. Shred sensitive files.

Be Your Own Bank Bitcoin [BTC] — P2P, Open Source, Decentralized, Censorship-resistant, Pseudonymous, Permissionless • Avoid KYC, Creditcard, PayPal

Bitcoin Wallet Sparrow Linux Desktop Ashigaru Android APK Samourai Free SamouraiSelf-custody & Open Source • Avoid Coinbase, Ledger, Exodus, Bitkey

Quick start guide for Sparrow & spending privately. What is PayNym? Ashigaru code analysis [2|3]. If you need a public Dojo. Samourai spending tools [2].

Sparrow Wallet features
Accounts Batching BIP39 Passphrase Coin control Connect your node CPFP Fee control Freeze UTXO HD Wallet HWW support In-app explorer Master fingerprint Multisig Offline mode Open Source Password Payjoin PayNym Plausible deniability PSBT RBF SegWit Self-custody Sign message Soroban (cahoots) STONEWALL STONEWALLx2 Stowaway Sweep private key Taproot Tx labels Verify message Watch-only Whirlpool
Ashigaru Wallet features
Auth47 Batching BIP39 Passphrase Broadcast tx Coin control Connect your node CPFP Fee control Fee Estimator Freeze UTXO HD Wallet In-app explorer Offline mode Open Source PayNym PIN protection Postmix spending PSBT RBF Ricochet Scrambled PIN Self-custody SegWit Sign message Soroban (cahoots) Stealth mode STONEWALL STONEWALLx2 Stowaway Sweep private key Taproot (sending) Tor-only Tx labels Verify message
Samourai Wallet features
Auth47 Batching BIP39 Passphrase Broadcast tx Coin control Connect your node CPFP Fee control Freeze UTXO HD Wallet Joinbot Offline mode Open Source PayNym PIN protection Postmix spending PSBT RBF Ricochet Scrambled PIN SegWit Self-custody Sign message Soroban (cahoots) Stealth mode STONEWALL STONEWALLx2 Stowaway Sweep private key Taproot (sending) Tor support Tx labels Verify message Whirlpool
Create an offline wallet
1 Install Ashigaru (or Sparrow). 2 Turn off network/wifi. 3 Open Ashigaru to create your offline wallet. 4 Write down the 12 words and passphrase! 5 Add XPUBs to watch-only wallet (or use Sparrow). 6 Uninstall Ashigaru. Alternatively, consider using a hardware wallet.
What is a good wallet?
Coin control Connect your node Fee control HD Wallet Offline mode Open Source Seed phrase SegWit Self-custody
Fake website/app ⚠️
⚠️ sparrowwallet .net ⚠️ ashigarumobile .com ⚠️ initcapital .online
Lightning Wallet Phoenix Eclair BOLT12What is Lightning Network?Self-custody & Open Source • Avoid Wallet of Satoshi, Strike

Phoenix Wallet features
BIP353 BOLT12 CPFP Easy backup Fee control Lightning node LNURL LNURL-Auth NFC payments Open Source PIN protection Scrambled PIN Self-custody Single dynamic channel Spending PIN Swap-out Taproot Tx labels
Watch Only Sentinel Android HD Sparrow Linux Desktop • Track your cold storage and receive without your private keys

Bitcoin Node Installing a Wallet Server Samourai Dojo Soroban Umbrel Home Core Dojo MyNode Core Lightning Blockstream public server Public Dojo for Ashigaru • Avoid Raspberry Pi

Coinjoin Whirlpool FAQ by QnA • Whirlpool Anonymity SetsWhy We Coinjoin (Nitter) • Status: 💔

Buy bitcoin Bisq P2P Linux KYC-free Peach P2P KYC-free Mobile Bitonic KYC iDEAL NL • Avoid Coinbase, Binance

Block Explorer Mempool & Blockstream • Search transaction / address...

Fee Estimator Mempool & NextBlock

Payment Processor BTCPay Bitcoin LightningSelf-custody & Open Source • Avoid Bitpay, Coinbase

Miscellaneous Bitcoin price calculator. KYC-free Visa & gift cards. News and releases.

Information Bitcoin Whitepaper [Español] • Escaping the Global Banking CartelThe Internet of Money by Andreas • Money as a System-of-ControlWhat is Bitcoin? 21ideas • Understanding Bitcoin Privacy [4]Read more: PassphrasesRead more: Bitcoin AddressBitcoiner.Guide by QnA • Executive Order 6102 (1933) • Hard Money (documentary)

Security and privacy tips Backup your bitcoin seed. Double check your seed phrase & test your backup. Write down: script type & derivation path. Never share your seed phrase. Never take screenshots of your seed phrase. Run your own node. Avoid custodial wallets. Avoid web wallets. Avoid address reuse. Avoid seedless wallets. Don't trust, verify. Practice good OPSEC. Minimize the attack surface. Avoid KYC [2]. Verify the release of your bitcoin wallet. Withdraw your coins from exchanges. Consolidate your UTXOs.

What is needed... is an electronic payment system based on cryptographic proof instead of trust, allowing any two willing parties to transact directly with each other without the need for a trusted third party. ~Satoshi Nakamoto

Separation of money and state.

Email ProtonMail Encryption PGPHow to use PGP with ProtonMail • Avoid Gmail, Outlook, Yahoo

ProtonMail features
2FA Auto-delete trash Block email tracking Block screenshots Contacts Custom domains Email aliases Encryption Folders Open Source PGP Support PIN protection
Disposable Email Address Tmail.link & GuerrillaMail

Messenger Signal Encryption FOSSHow to Use Signal (SSD)Read more: Signal ProxyEFF's Signal Proxy • Avoid SMS, Facebook, Telegram

eSIM Silentlink Bitcoin LightningKYC-free & Global

Use encrypted communication. Use multiple email addresses. Minimize PII. Do not overshare. Delete (or fake) unused accounts. Keep a low profile. Manage your digital footprint. Review privacy settings. Verify the URL & don't click suspicious links. Read the privacy policy. Stop Chat Control (update).

Browser Firefox Linux Desktop DuckDuckGo Android iOS • Avoid Chrome, Edge

Firefox about:config
Name Value
activity-stream.telemetry false
activity-stream.feeds.telemetry false
beacon.enabled false
browser.formfill.enable false
dom.event.clipboardevents.enabled false
crashReporting.sendReport false
geo.enabled false
media.peerconnection.enabled false
network.IDNshowpunycode true
pdfjs.enableScripting false
ping-centre.telemetry false
browser.safebrowsing.blockedURIs.enabled false
browser.safebrowsing.malware.enabled false
browser.safebrowsing.phishing.enabled false
toolkit.telemetry.archive.enabled false
toolkit.telemetry.bhrPing.enabled false
telemetry.firstShutdownPing.enabled false
telemetry.hybridContent.enabled false
toolkit.telemetry.updatePing.enabled false
toolkit.telemetry.server leave empty
toolkit.telemetry.unified false
trackingprotection.cryptomining.enabled true
signon.rememberSignons false
signon.autofillForms false
extensions.pocket.enabled false
download.alwaysOpenPanel false (UI)
• Learn more: restoreprivacy & brainfucksec
Tor Network Tor Browser Linux Dark Web10 questions about the Dark WebAquí puedes aprender más

Extensions Privacy Badger Block trackers uBlock Origin Content blockerRemove unnecessary extensions

uBlock Origin filters
! Twitter (source) x.com##[aria-label$=“trending now” i] x.com##[aria-label$=“who to follow” i] x.com##[aria-label$=“relevant people” i]

! Youtube youtube.com##.html5-endscreen-content youtube.com##.html5-endscreen youtube.com##.ytp-ce-element

Search Engine Startpage Web Images Leta for Mullvad VPN customers Mojeek Web Beta • Avoid Google

Domains Njalla 2FA Bitcoin Monero Mynymbox Bitcoin Lightning • Avoid GoDaddy

Notepad Zim Linux Markup Links Standard Notes Encryption ProtectedText Encryption Safe Notes Encryption Android • Avoid Evernote, OneNote

Cloud Storage Ente Encryption 2FA Linux ProtonDrive Encryption 2FA • Avoid Google, OneDrive, Dropbox

Comparison table
Ente #1 ProtonDrive
Payment Bitcoin, Stripe Bitcoin
Encryption
2FA
Open Source
Files Photos, Videos Photos, Videos, Documents
Document editor
Sharing
Descriptions
Guest view
Datacenters Multiple Multiple
Storage (GB) 50, 200, 1000 200, 500
Free storage 10 GB 2-5 GB
Audited Cure53 Securitum
Download Linux, APK, F-Droid APK, Mac, iOS
• Best for photos: Ente

Blogging Write.as Privacy .OnionCSShorse: Real-time previewHow to Use Write.as

Calendar Proton Calendar Encryption • Avoid Google Calendar

Google Play Alternative F-Droid & AuroraPrivacy Audit Platform • Avoid Google Play, Amazon

Pastebin IDRIX Secure Pastebin PrivateBin

Frontends Nitter (alt) > Twitter

Other Resources PRISM BreakElectronic Frontier FoundationSurveillance Self-DefenseHave I Been Pwned?