Tools
Why Privacy Matters • A Cypherpunk's Manifesto • Cypherpunks Write Code Series • Why I Wrote PGP by Zimmermann • The Priv/Acc Manifesto • What is threat modeling?
The computer can be used as a tool to liberate and protect people, rather than to control them. ~Hal Finney
Password Manager
• KeePassXC Encryption Local
• KeePassXC features (docs)
• Avoid LastPass, Dashlane
Two-Factor Authentication
• Aegis Authenticator
• Proton Authenticator
• Yubikey Security key FIDO2
• Avoid SMS, Biometrics, Authy
Use a password manager. Backup your database (regularly, multiple locations). Use strong and unique passwords. Do not reuse passwords. Enable 2FA. Be proactive, not reactive. Avoid single points of failure.
Operating System
• Linux [Fedora] for Desktop
• CalyxOS for Mobile
• GrapheneOS for Mobile
• Avoid Windows, Mac, iOS
Encrypt your devices. Keep your OS updated. Manage app permissions. Remove bloatware. Minimize the attack surface. Avoid biometrics. GrapheneOS Installation guide. OS for anonymity and security. Use a firewall. Avoid using public computers. Cover your camera.
VPN Provider
• Mullvad Linux F-Droid Bitcoin
• ProtonVPN Linux F-Droid 2FA
• Avoid public Wifi, free VPN
Comparison table
Mullvad
ProtonVPN
Payment
Bitcoin, Lightning, XMR
Bitcoin, Cash
No-logs
No PII
Open-Source
WireGuard
Killswitch
Custom DNS
IPv6 Support
2FA
Servers
660+
14,500+
Connectivity
10-20 Gbps
10 Gbps
Countries
50
127
Devices
5 devices
10 devices
Turtle
Multihop, Obfuscation, DAITA
Multihop, Obfuscation
Download
Linux, F-Droid, APK
Linux, F-Droid, APK
Audited
Cure53, Assured, X41
Securitum, ISO 27001, Securitum
DNS Resolver
• 1.1.1.1 DoH DoT No-logs
• Quad9 DoH DoT No-logs
• DNS Performance & Uptime
Encryption
• VeraCrypt Linux Mac Windows
• Read more about encryption
• Key Escrow Failures
System Cleaner
• BleachBit Linux Shredder
• Delete history/cookies/cache. Shred sensitive files.
Be Your Own Bank • Bitcoin [BTC] — P2P, Open Source, Decentralized, Censorship-resistant, Pseudonymous, Permissionless • Avoid KYC, Creditcard, PayPal
Bitcoin Wallet
• Sparrow Linux Desktop
• Ashigaru Android APK
• Self-custody & Open Source
• Avoid Coinbase, Ledger, Exodus, Bitkey
FREE SAMOURAI. Quick start guide for Sparrow & spending privately. What is PayNym? Ashigaru code analysis [2|3]. If you need a public Dojo. Samourai spending tools [2].
Sparrow Wallet features
Accounts
Batching
BIP39 Passphrase
Coin control
Connect your node
CPFP
Fee control
Freeze UTXO
HD Wallet
HWW support
In-app explorer
Master fingerprint
Multisig support
Offline mode
Open Source
Password
Payjoin
PayNym
Plausible deniability
PSBT
RBF
SegWit
Self-custody
Sign message
Soroban (cahoots)
STONEWALL
STONEWALLx2
Stowaway
Sweep private key
Taproot
Tx labels
Verify message
Watch-only
Whirlpool
Ashigaru Wallet features
Auth47
Batching
BIP39 Passphrase
Broadcast tx
Coin control
Connect your Dojo
CPFP
Fee control
Fee Estimator
Freeze UTXO
HD Wallet
In-app explorer
Offline mode
Open Source
PayNym
PIN protection
Postmix spending
PSBT
RBF
Ricochet
Scrambled PIN
Self-custody
SegWit
Sign message
Soroban (cahoots)
Stealth mode
STONEWALL
STONEWALLx2
Stowaway
Sweep private key
Taproot (sending)
Tor-only
Tx labels
Verify message
Create an offline wallet
1 Install Ashigaru (or Sparrow). 2 Turn off network/wifi. 3 Open Ashigaru to create your offline wallet. 4 Write down the 12 words and passphrase! 5 Add XPUBs to watch-only wallet. 6 Uninstall Ashigaru. Alternatively, consider using a hardware wallet.
Fake website/app ⚠️
⚠️ sparrowwallet .net
⚠️ ashigarumobile .com
⚠️ ashigaruwallet .com
⚠️ initcapital .online
Android iOS
• What is Lightning Network?
• Self-custody & Open Source
• Avoid Wallet of Satoshi, Strike
Phoenix Wallet features
BIP353
BOLT12
CPFP
Easy backup
Fee control
Lightning node
LNURL
LNURL-Auth
Multi-wallet support
NFC payments
Open Source
Password
Scrambled PIN
Self-custody
Single dynamic channel
Spending PIN
Swap-out
Taproot
Tx labels
Android HD
• Sparrow Linux Desktop
• Track your cold storage and receive without your private keys
Bitcoin Node
• Installing a Wallet Server
• Samourai Dojo Soroban
• Umbrel Home Core Dojo
• Blockstream public server
• Public Dojo for Ashigaru
• Avoid Raspberry Pi
Coinjoin
• Ashigaru Whirlpool Desktop
• Whirlpool FAQ by QnA
• Whirlpool Anonymity Sets
• Why We Coinjoin (Nitter)
Block Explorer • Mempool & Blockstream • Search transaction / address...
Fee Estimator • Mempool & NextBlock
Payment Processor
• BTCPay Bitcoin Lightning
• Self-custody & Open Source
• Avoid Bitpay, Coinbase
Miscellaneous • Bitcoin price calculator. KYC-free Visa & gift cards. News and releases.
Information • Bitcoin Whitepaper [Español] • Escaping the Global Banking Cartel • The Internet of Money by Andreas • Money as a System-of-Control • What is Bitcoin? 21ideas • Understanding Bitcoin Privacy [4] • Passphrases & Bitcoin Address • Bitcoiner.Guide by QnA • Executive Order 6102 (1933) • Hard Money (documentary)
Security and privacy tips Backup your bitcoin seed. Double check your seed phrase & test your backup. Write down: script type & derivation path. Never share your seed phrase. Never take screenshots of your seed phrase. Run your own node. Avoid custodial wallets. Avoid web wallets. Avoid address reuse. Avoid seedless wallets. Don't trust, verify. Practice good OPSEC. Minimize the attack surface. Avoid KYC [2]. Verify the release of your bitcoin wallet. Withdraw your coins from exchanges. Consolidate your UTXOs.
What is needed... is an electronic payment system based on cryptographic proof instead of trust, allowing any two willing parties to transact directly with each other without the need for a trusted third party. ~Satoshi Nakamoto
Separation of money and state.
Email
• ProtonMail Encryption PGP
• How to use PGP with ProtonMail
• Avoid Gmail, Outlook, Yahoo
ProtonMail features
2FA
Auto-delete trash
Block email tracking
Block screenshots
Contacts
Custom domains
Email aliases
Encryption
Folders
Offline mode
Open Source
PGP Support
PIN protection
Messenger
• Signal Encryption FOSS
• How to Use Signal (SSD)
• Read more: Signal Proxy
• Avoid SMS, Facebook, Telegram
Use encrypted communication. Use multiple email addresses. Minimize PII. Do not overshare. Delete (or fake) unused accounts. Keep a low profile. Manage your digital footprint. Review privacy settings. Read the privacy policy. Use disappearing messages. Verify the URL & don't click suspicious links. Stop Chat Control (update). Web instead of apps (Twitter).
Browser
• Firefox Linux Desktop
• DuckDuckGo Android iOS
• Avoid Chrome, Edge
Firefox about:config
Linux Dark Web
• 10 questions about the Dark Web
• Aquí puedes aprender más
Extensions
• Privacy Badger Block trackers
• uBlock Origin Content blocker
• Remove unnecessary extensions
uBlock Origin filters
! Twitter (source)
x.com##[aria-label$=“trending now” i]
x.com##[aria-label$=“who to follow” i]
x.com##[aria-label$=“relevant people” i]
! Youtube
youtube.com##.html5-endscreen-content
youtube.com##.html5-endscreen
youtube.com##.ytp-ce-element
Search Engine
• Startpage Web Images
• Mojeek Web Beta
• Avoid Google
Domains
• Njalla 2FA Bitcoin Monero
• Mynymbox Bitcoin Lightning
• Avoid GoDaddy
Notepad
• Zim Linux Markup Links
• Standard Notes Encryption
• ProtectedText Encryption
• Safe Notes Encryption Android
• Avoid Evernote, OneNote
SCAM: protectedtextpro.com
Cloud Storage
• Ente & ProtonDrive
• Avoid Google, OneDrive, Dropbox
Comparison table
Ente #1
ProtonDrive
Payment
Bitcoin, Stripe
Bitcoin
Encryption
2FA
Open Source
Files
Photos, Videos
Photos, Videos, Documents
Document editor
Sharing
Descriptions
Guest view
Datacenters
Multiple
Multiple
Storage (GB)
50, 200, 1000
200, 500
Free storage
10 GB
2-5 GB
Audited
Cure53
Securitum
Download
Linux, APK, F-Droid
APK, Mac, iOS
Blogging
• Write.as Privacy .Onion
• CSShorse: Real-time preview
• How to Use Write.as
Calendar
• Proton Calendar Encryption
• Avoid Google Calendar
Google Play Alternative
• F-Droid & Aurora
• Privacy Audit Platform
• Avoid Google Play, Amazon
Pastebin • IDRIX Secure Pastebin • PrivateBin
Frontends • Nitter (alt) > Twitter • Invidious > Youtube
Other Resources • PRISM Break • Electronic Frontier Foundation • Surveillance Self-Defense