Tools
Why Privacy Matters • A Cypherpunk's Manifesto • Cypherpunks Write Code Series • Why I Wrote PGP by Zimmermann • The Priv/Acc Manifesto • What is threat modeling?
The computer can be used as a tool to liberate and protect people, rather than to control them. ~Hal Finney
Password Manager
• KeePassXC Encryption Local
• KeePassXC Features (docs)
• Avoid LastPass, Dashlane
Two-Factor Authentication
• Aegis Android Encryption
• Yubikey Security key FIDO2
• Why Should I Enable 2FA?
• Avoid SMS, Biometrics, Authy
Use a password manager. Backup your database (regularly, multiple locations). Use strong and unique passwords. Do not reuse passwords. Enable 2FA. Be proactive, not reactive. Avoid single points of failure.
Operating System
• Linux [Fedora] for Desktop
• CalyxOS for Mobile
• GrapheneOS for Mobile
• Avoid Windows, Mac, iOS
Encrypt your devices. Keep your OS updated. Manage app permissions. Remove bloatware. GrapheneOS Installation guide. OS for anonymity and security. Use a firewall. Avoid using public computers.
VPN Provider
• Mullvad Linux F-Droid Bitcoin
• ProtonVPN Linux F-Droid 2FA
• Obscura macOS Bitcoin
• Avoid public Wifi, free VPN
Comparison table
Mullvad
ProtonVPN
Payment
Bitcoin, Lightning, Monero
Cash, Bitcoin
No-logs
No PII
Open Source
WireGuard
Killswitch
Custom DNS
IPv6 Support
2FA
Servers
650+
9,500+
Connectivity
10-20 Gbps
10 Gbps
Countries
49
117
Devices
5 devices
10 devices
Turtle
Multihop, Obfuscation, DAITA
Multihop, Obfuscation
Download
Linux, F-Droid, APK
Linux, F-Droid, APK
Audited
Cure53, Assured, X41
Securitum, ISO 27001
DNS Resolver
• 1.1.1.1 DoH DoT No-logs
• Quad9 DoH DoT No-logs
• DNS Performance & Uptime
• Avoid your ISP's default DNS
Encryption
• VeraCrypt Linux Mac Windows
• Read more about encryption
• Key Escrow Failures
System Cleaner
• BleachBit Linux Shredder
• Delete history/cookies/cache. Shred sensitive files
Be Your Own Bank • Bitcoin [BTC] — P2P, Open Source, Decentralized, Censorship-resistant, Pseudonymous, Permissionless • Avoid KYC, Creditcard, PayPal
Bitcoin Wallet
• Sparrow Linux Desktop
• Ashigaru Android APK
• Samourai Android APK
• Self-custody & Open Source
• Avoid Coinbase, Ledger, Exodus
Quick start guide for Sparrow & spending privately. What is PayNym? Ashigaru code analysis [2|3]. If you need a public Dojo. Samourai spending tools [2]. Consider using a HWW.
Sparrow Wallet features
Accounts
Batching
BIP39 Passphrase
Block Explorer
Coin Control
Connect your node
CPFP
Fee Control
Freeze UTXO
HD Wallet
HWW support
Master fingerprint
Multisig
Offline mode
Open Source
Password
Payjoin
PayNym
Plausible deniability
PSBT
RBF
SegWit
Self-custody
Sign message
Soroban (cahoots)
STONEWALL
STONEWALLx2
Stowaway
Sweep private key
Taproot (p2tr)
Tx labels
Verify message
Watch-only
Whirlpool
Ashigaru Wallet features
Auth47
Batching
BIP39 Passphrase
Broadcast tx
Coin Control
Connect your node
CPFP
Explorer
Fee Control
Fee Estimator
Freeze UTXO
HD Wallet
Offline mode
Open Source
PayNym
PIN Code
Postmix spending
PSBT
RBF
Ricochet
Scramble PIN
Self-custody
SegWit
Sign message
Soroban (cahoots)
Stealth mode
STONEWALL
STONEWALLx2
Stowaway
Sweep private key
Taproot
Tor-only
Tx labels
Verify message
Samourai Wallet features
Auth47
Batching
BIP39 Passphrase
Broadcast tx
Coin Control
Connect your node
CPFP
Fee Control
Freeze UTXO
HD Wallet
Joinbot
Offline mode
Open Source
PayNym
PIN Code
Postmix spending
PSBT
RBF
Ricochet
Scramble PIN
SegWit
Self-custody
Sign message
Soroban (cahoots)
Stealth mode
STONEWALL
STONEWALLx2
Stowaway
Sweep private key
Taproot
Tor support
Tx labels
Verify message
Whirlpool
Create an offline wallet
1 Install Ashigaru (or Sparrow). 2 Turn off network/wifi. 3 Open Ashigaru to create your offline wallet. 4 Write down the 12 words and passphrase! 5 Add XPUBs to watch-only wallet (or use Sparrow). 6 Uninstall Ashigaru.
Scam Alert ⚠️
⚠️ sparrowwallet.net
⚠️ ashigarumobile.com
⚠️ There is no Sparrow Wallet for android/ios
⚠️ There is no Samourai Wallet for ios/windows/mac
Eclair BOLT12
• What is Lightning Network?
• Self-custody & Open Source
• Avoid Wallet of Satoshi, Strike
Phoenix Wallet features
BOLT12
CPFP
Fee Control
Lightning node
LNURL
LNURL-Auth
Open Source
Password
Self-custody
Single dynamic channel
Swap-out
Taproot (p2tr)
Tx labels
Android HD
• Sparrow Linux Desktop
• Track your cold storage and receive without your private keys
Bitcoin Node
• Installing a Wallet Server
• Umbrel Home Core Dojo
• MyNode Core Lightning
• Blockstream public server
• Public Dojo for Ashigaru
Coinjoin • Whirlpool FAQ by QnA • Whirlpool Anonymity Sets • Why We Coinjoin (Nitter) • Status: 💔
Buy Bitcoin
• Bisq P2P Linux KYC-free
• Peach P2P KYC-free Mobile
• Bitonic KYC iDEAL NL
• Avoid Coinbase, Binance
Block Explorer • Mempool & Blockstream • Search transaction / address...
Fee Estimator
• Mempool & NextBlock
• Real-time fee estimates
Payment Processor
• BTCPay Bitcoin Lightning
• Self-custody & Open Source
• Avoid Bitpay, Coinbase
Miscellaneous • Bitcoin price calculator. KYC-free Visa & gift cards. Home mining. News and releases.
Education & Resources • Bitcoin Whitepaper [Español] • Escaping the Global Banking Cartel • The Internet of Money by Andreas • Money as a System-of-Control • Read more about Bitcoin | 21ideas • Understanding Bitcoin Privacy [4] • Bitcoiner.Guide by QnA • Executive Order 6102 (1933) • Hard Money (documentary)
Security and privacy tips Backup your bitcoin seed. Double check your seed phrase & test your backup. Write down: script type & derivation path. Never share your seed phrase. Never take screenshots of your seed phrase. Run your own node. Avoid custodial wallets. Avoid web wallets. Avoid address reuse. Don't trust, verify. Avoid KYC. Practice good OPSEC. Minimize the attack surface. Verify the release of your Bitcoin wallet. Withdraw your coins from exchanges. Beware of scams/shitcoins.
What is needed... is an electronic payment system based on cryptographic proof instead of trust, allowing any two willing parties to transact directly with each other without the need for a trusted third party. ~Satoshi Nakamoto
Separation of money and state.
Email
• ProtonMail Encryption PGP
• How to use PGP with ProtonMail
• Avoid Gmail, Outlook, Yahoo
ProtonMail features
2FA
Auto-delete trash
Block email tracking
Calendar
Contacts
Email aliases
Encryption
Folders
Open Source
PIN Code
PGP
2FA PGP
• DuckDuckGo Email Protection
• Disposable Email Address
Messenger
• Signal Encryption FOSS
• Signal Proxy & EFF's Signal Proxy
• Avoid SMS, Facebook, Telegram
eSIM
• Silentlink Bitcoin Lightning
• KYC-free, No PII, Global
Use encrypted communications. Minimize PII. Do not overshare. Delete (or fake) unused accounts. Keep a low profile. Manage your digital footprint. Review privacy settings. Stop Chat Control (update).
Browser
• Firefox Linux Desktop
• DuckDuckGo Android iOS
• Avoid Chrome, Edge
Firefox about:config
Linux Dark Web
• 10 questions about the Dark Web
• Aquí puedes aprender más
Extensions
• Privacy Badger Block trackers
• uBlock Origin Content blocker
uBlock Origin filters
! Twitter (source)
x.com##[aria-label$=“trending now” i]
x.com##[aria-label$=“who to follow” i]
x.com##[aria-label$=“relevant people” i]
! Youtube
youtube.com##.html5-endscreen-content
youtube.com##.html5-endscreen
youtube.com##.ytp-ce-element
Search Engine
• DuckDuckGo Web F-Droid
• Leta for Mullvad VPN customers
• Avoid Google Search
Domains
• Njalla 2FA Bitcoin Monero
• Mynymbox Bitcoin Lightning
• Avoid GoDaddy
Notepad
• Zim Linux Markup Links
• Standard Notes Encryption
• ProtectedText Encryption
• Safe Notes Encryption Android
• Avoid Evernote, OneNote
Cloud Storage
• Ente Encryption 2FA Linux
• ProtonDrive Encryption 2FA
• Avoid Google, OneDrive, Dropbox
Blogging
• Write.as Minimalist
• How to Use Write.as
• CSShorse: Real-time preview
Calendar
• Proton Calendar Encryption
• Avoid Google Calendar
Google Play Alternative
• F-Droid & Aurora Store
• Avoid Google Play, Amazon
Frontends • Nitter > Twitter
More Resources • PRISM Break • Electronic Frontier Foundation • Surveillance Self-Defense • Have I Been Pwned? • Privacy Audit Platform