Semantic search

Jump to: navigation, search


Chameleon Addon
Chameleon is a WebExtension port of the popular Firefox addon Random Agent Spoofer. The UI is near identical and contains most of the features found in the original extension.
Cjdns
Cjdns implements an encrypted IPv6 network using public key cryptography for address allocation and a distributed hash table for routing. This provides near zero-configuration networking without many of the security and robustness issues that regular IPv4 and IPv6 networks have. Hyperboria is the largest cjdns network, with hundreds of active nodes around the world.
ClassyShark3xodus
Checks apps for code signatures of known trackers (provided by Exodus). Also can list all classes for launchable (via the app drawer) packages. Can be used against any APK: - installed: via an app manager, - downloaded: via any file manager (long press and open with ClassyShark3xodus), - launchable installed: via the first screen list (long press to list all classes, including obfuscated ones). Note: doesn't work on odexed/system packages (it's a work-in-progress). Finally, the app doesn't sync or connect to the Internet and thus cannot sneak on end users. The app is updated when Exodus updates their list of trackers: https://reports.exodus-privacy.eu.org/api/trackers ClassyShark3xodus is based on Google's ClassyShark: https://github.com/google/android-classyshark
Conversations.im
Conversations is a Jabber/XMPP client for Android 5.0+ smartphones that has been optimized to provide a unique mobile experience. A port to iOS is envisaged in the medium-term future. Conversations allows you to easily send images, show if your contact has received and read your message, permit dynamic history and handles multiple devices (especially sync with desktop clients), allow you to create group chats and support one-to-one Audio/Video calls ! And thanks to the XMPP Protocol (that is a push protocol) you battery life is safe. Conversations also does not require a Google Account or specifically Google Cloud Messaging (GCM). Using the XMPP federated protocol, you can freely choose a trustworthy server (your own if you want) for yourself while still chatting with contacts that are using other servers. The communication between Conversations and the XMPP server as well as the communication between the individual servers is TLS encrypted. This way, not only your messages are safe but more importantly it is impossible for an outside attacker to intercept your meta data (with whom you are chatting) without attacking your server first. On top of that, Conversations gives you the choice to enable one of two end-to-end encryption mechanisms. The first one is OMEMO, a state of the art multi-end-to-multi-end encryption method which is very easy to setup and gives you forward secrecy and plausible deniability. For backwards compatibility reasons Conversations also supports OpenPGP.
CryptPad
CryptPad is a libre and encrypted collaboration suite that can be used for forms, presentations and other collaborative documents.
Crypton
Crypton is a software framework for remote storage, where the remote server has no knowledge of what is being stored. The content is encrypted client-side before it reaches the server. The framework is designed to be easy for application developers to use, without needing experience in encryption.
Ddgr
ddgr is a cmdline utility to search DuckDuckGo from the terminal. While googler is extremely popular among cmdline users, in many forums the need of a similar utility for privacy-aware DuckDuckGo came up. DuckDuckGo Bangs are super-cool too! So here's ddgr for you! Unlike the web interface, you can specify the number of search results you would like to see per page. It's more convenient than skimming through 30-odd search results per page. The default interface is carefully designed to use minimum space without sacrificing readability. A big advantage of ddgr over googler is DuckDuckGo works over anonymous networks. ddgr isn't affiliated to DuckDuckGo in any way.
Decentraleyes
Protects you against tracking through "free", centralized, content delivery. It prevents a lot of requests from reaching networks like Google Hosted Libraries, and serves local files to keep sites from breaking. Complements regular content blockers. Technical Information - Supported Networks: Google Hosted Libraries, Microsoft Ajax CDN, CDNJS (Cloudflare), jQuery CDN (MaxCDN), jsDelivr (MaxCDN), Yandex CDN, Baidu CDN, Sina Public Resources, and UpYun Libraries. - Bundled Resources: AngularJS, Backbone.js, Dojo, Ember.js, Ext Core, jQuery, jQuery UI, Modernizr, MooTools, Prototype, Scriptaculous, SWFObject, Underscore.js, and Web Font Loader. FAQ If you're using uMatrix, Edit in and Commit these lines to My rules in the Dashboard: (Please note that each line must also START with a '*' character but this Wiki is broken and does not allow to render this properly!)
  • ajax.aspnetcdn.com script allow
  • ajax.googleapis.com script allow
  • ajax.microsoft.com script allow
  • cdn.jsdelivr.net script allow
  • cdnjs.cloudflare.com script allow
  • code.jquery.com script allow
  • lib.sinaapp.com script allow
  • libs.baidu.com script allow
  • upcdn.b0.upaiyun.com script allow
  • yandex.st script allow
  • yastatic.net script allow
Note: Decentraleyes currently only bundles scripts, and if you want other resources to load you need to change script in the above rules to * and disable "Block requests for missing resources" in the Decentraleyes preferences. This will however result in network requests to these CDNs. If you use uBlock0 it shouldn't normally block these resources, but if you enable Advanced mode you might have a rule to block third-party scripts by default. Unlike with uMatrix we can't whitelist only scripts for individual hosts, but you can still control whether other resources are loaded with "Block requests for missing resources" in the Decentraleyes preferences. We also have the ability to let normal filtering take place as opposed to completely whitelisting everything from these domains: (Please note that each line must also START with a '*' character but this Wiki is broken and does not allow to render this properly!)
  • ajax.aspnetcdn.com * noop
  • ajax.googleapis.com * noop
  • ajax.microsoft.com * noop
  • cdn.jsdelivr.net * noop
  • cdnjs.cloudflare.com * noop
  • code.jquery.com * noop
  • lib.sinaapp.com * noop
  • libs.baidu.com * noop
  • upcdn.b0.upaiyun.com * noop
  • yandex.st * noop
  • yastatic.net * noop
With these rules, uBlock0 in Advanced mode will behave as in "normal" mode for these particular CDNs, which is usually what you want, but if you prefer you can change noop above to allow to ensure nothing from Decentraleyes is blocked.
Directnet
DirectNet is a peer-to-peer instant messaging protocol and client software for multiple platforms, including Windows, GNU/Linux and Mac OS X, developed by Gregor Richards.
DuckDuckGo (HTML SSL)
DuckDuckGo is the search engine that doesn't track you.
DuckDuckGo (Lite SSL)
DuckDuckGo is the search engine that doesn't track you. We also have smarter answers and less clutter. This extension adds DuckDuckGo (non-JS Lite version) to the search bar. For more features, see the DuckDuckGo Plus add-on. Enjoy!
Feather
Feather is a free Monero wallet for GNU/Linux, Tails, macOS and Windows. It has many useful features and it is focused on privacy and security, it works through Tor network and websocket connection
Free Software Directory search
The Free Software Directory is a catalog of useful free software that runs under free operating systems. FSF staff and volunteers work together to collect detailed information about free software programs and organize it in a clear and accessible format. This is a search plugin for the Free Software Directory. A program is free software if the program's users have the four essential freedoms: 1) The freedom to run the program as you wish, for any purpose (freedom 0). 2) The freedom to study how the program works, and change it so it does your computing as you wish (freedom 1). Access to the source code is a precondition for this. 3) The freedom to redistribute copies so you can help your neighbor (freedom 2). 4) The freedom to distribute copies of your modified versions to others (freedom 3). By doing this you can give the whole community a chance to benefit from your changes. Access to the source code is a precondition for this.
FreeTube
FreeTube is a free software desktop YouTube player built with privacy in mind. Use YouTube without advertisments and prevent Google tracking from you with their cookies and JavaScript. Available for Windows, Mac & GNU/Linux thanks to Electron.
Gitenc
Gitenc is a simple shell script that works as a placeholder for git add and will parse filenames for sensitive names from git diff and apply GPG encryption as needed (filenames matching config, connection or sqlbackup) while handing everything off to git.
Gnunet Heckert gnu.tiny.png
GNUnet is a framework for secure peer-to-peer networking that does not use any centralized or otherwise trusted services. Its high-level goal is to provide a strong free software foundation for a global network that provides security and privacy. GNUnet started with an idea for anonymous censorship-resistant file-sharing, but has grown to incorporate other applications as well as many generic building blocks for secure networking applications. In particular, GNUnet now includes the GNU Name System, a privacy-preserving, decentralized public key infrastructure.
Gnupg
GnuPG is a complete implementation of the OpenPGP standard. It is used to encrypt and sign data and communication. It features powerful key management and the ability to access public key servers. This package, also known as GPG, is a command line tool with features for easy integration with other applications. A wealth of frontend applications and libraries are available.

Notes

Even if you have nothing to hide, using encryption helps protect the privacy of people you communicate with, and makes life difficult for bulk surveillance systems. If you do have something important to hide, you are in good company; GnuPG is one of the tools that Edward Snowden used to uncover the secrets of the NSA.

See also the Email Self-Defense site to learn how and why you should use GnuPG for your electronic communication.
Gnuzilla
Outdated official binary release

Since 2019, IceCat is maintained only as source code. The last IceCat binary release was version 60.7.0, and is no longer supported. Guix and Parabola have up-to-date IceCat binaries. Please ask your distro to package IceCat.
GNU IceCat (originally GNU IceWeasel) is part of GNUzilla (the GNU version of the Mozilla Application Suite). GNU IceCat is based on the the current Firefox Extended Support Release (ESR), with removal of trademarked name, trademarked artwork, and proprietary components, and enhanced privacy settings.

However, IceCat is not a straight fork of Firefox ESR; instead, it is a parallel effort that works closely with and re-bases in synchronization on the latest Firefox ESR as the upstream supplier, with patches merged upstream whenever possible; although it should be noted that additional security updates are customized to IceCat occasionally.

Differences between IceCat and Firefox ESR

Important differences between Mozilla's Firefox and GNU IceCat is that IceCat has a focus on freedom and privacy (see settings.js for details).

  • Encrypted Media Extensions (EME) is not implemented: Whereas Firefox are being created such that they support Digital Restrictions Management (DRM) systems through their implementation of the Encrypted Media Extension (EME), GNU IceCat doesn't include an EME implementation as it opposes efforts to popularize and ease the dissemination of DRM technology.
    • Widevine Content Decryption Module provided by Google Inc. is not installed in about:addons > Plugins
    • The Play DRM-controlled content option (used to download and enable Widevine Content Decryption Module provided by Google Inc.) has been removed from about:preferences > Content
  • "Accept third-party cookies: Never"
  • WebRTC is enabled like in Firefox but prevent leaking the LAN ip. (Test WebRTC)
  • The proprietary web chat IRC client Mibbit has been removed.
  • Telemetry is disabled.
  • DuckDuckGo is the default search engine, which means that you can run "!Bangs" keywords in the location bar to use any search engine.

Philosophy

"We will always make IceCat block non-free JavaScript by default. If you want to permit nonfree software to run, you can easily disable LibreJS." - Richard Stallman

Customized add-ons

  • SpyBlock (Adblock Plus fork) to block privacy trackers.

History

GNU IceCat was formerly known as GNU IceWeasel but changed its name in 2008 to avoid confusion with Debian IceWeasel (who was rebranded back to Firefox in 2017 after Debian was being granted special permission from Mozilla ref).

The GNU IceCat developers dropped support for IceCatMobile on Replicant after version 38.6.0 because these builds are already provided by F-Droid. See Collection:Replicant for more information about IceCatMobile in the F-Droid repository.

GNU IceCat developers dropped support for macOS, and Windows, after version 38.8.0 in 2016: "Note that building binary packages for Windows and macOS currently requires non-free software, so we no longer distribute binary releases for those platforms."

See also

GoVPN
GoVPN is simple virtual private network daemon, aimed to be reviewable, secure, DPI/censorship-resistant, written on Go. It uses fast strong passphrase authenticated key agreement protocol with augmented zero-knowledge mutual peers authentication (PAKE DH A-EKE). Encrypted, authenticated data transport that hides message's length and timestamps. Optional encryptionless mode, that still preserves data confidentiality. Perfect forward secrecy property. Resistance to: offline dictionary attacks, replay attacks, client's passphrases compromising and dictionary attacks on the server side. Built-in heartbeating, rehandshaking, real-time statistics. Ability to work through UDP, TCP and HTTP proxies. IPv4/IPv6-compatibility.
Gofoss.net
gofoss.net is a beginners guide to free software, privacy, data ownership and durable tech. Learn how to: safely browse the Internet; keep your conversations private; protect your data; unlock your computer's full potential; stay mobile and free; own your cloud; avoid filter bubbles, surveillance & censorship.
HTTPS Everywhere
HTTPS Everywhere is a Firefox extension produced as a collaboration between The Tor Project and the Electronic Frontier Foundation. It encrypts your communications with a number of major websites. Many sites on the web offer some limited support for encryption over HTTPS, but make it difficult to use. For instance, they may default to unencrypted HTTP, or fill encrypted pages with links that go back to the unencrypted site. The HTTPS Everywhere extension fixes these problems by rewriting all requests to these sites to HTTPS.
Haven
It is an Android application that leverages on-device sensors to provide monitoring and protection of physical areas. Haven turns any Android phone into a motion, sound, vibration and light detector, watching for unexpected guests and unwanted intruders.
Historical/RequestPolicy
RequestPolicy's new version is under development as RequestPolicy Continued. This addon prevents all connections to external domains or IPs from any website you visit, this means no connections to external advertisement hosters, analytics not on their servers and more things that you might not want to connect to or load. Saves bandwidth and privacy. It does require you to give explicit permission for these connections to happen, which is easily done with a drop-down menu of attempted connections and whether you wish to allow them each permanently or temporarily.
I2P
The Invisible Internet Project (I2P) is a project to build, deploy, and maintain a network supporting secure and anonymous communication. People using I2P are in control of the tradeoffs between anonymity, reliability, bandwidth usage, and latency. There is no central point in the network on which pressure can be exerted to compromise the integrity, security, or anonymity of the system. The network supports dynamic reconfiguration in response to various attacks, and has been designed to make use of additional resources as they become available. Of course, all aspects of the network are open and freely available. Unlike many other anonymizing networks, I2P doesn't try to provide anonymity by hiding the originator of some communication and not the recipient, or the other way around. I2P is designed to allow peers using I2P to communicate with each other anonymously — both sender and recipient are unidentifiable to each other as well as to third parties. For example, today there are both in-I2P web sites (allowing anonymous publishing / hosting) as well as HTTP proxies to the normal web (allowing anonymous web browsing).
IceCat/Disconnect
Disconnect lets you visualize and block the otherwise invisible websites that track your search and browsing history.
  • Load the pages you go to 27% faster.
  • Stop tracking by 2,000+ third-party sites.
  • Encrypt the data you share with popular sites.
IceCat/NoScript
The NoScript (aka NoScript Security Suite) Firefox extension provides extra protection for Firefox, Seamonkey and other Mozilla-based browsers. Its aim is to allow active content to run only from sites you trust, and protect yourself against XSS and Click-jacking attacks. It is also useful to prevent Flash running on the browser. But its main advantage could be the alerts given on its interface. There is an increasing number of Web sites that cannot run without non-free JavaScript programs downloaded and executed on the visitor's computer. Richard Stallman first raised this another concern with his article The JavaScript Trap, pointing out that most JavaScript programs are not freely licensed, and that even free software Web browsers are usually configured to download and run these non-free programs without informing the user. So maybe NoScript could encourage people to keep informed about this related issue and take action. Anyway, NoScript is an extremely valuable Firefox extension for security. Its unique white-list based pre-emptive script blocking approach prevents exploitation of security vulnerabilities (known and even not known yet!) with no loss of functionality...
IceCat/User-Agent Switcher
Quickly and easily switch between popular user-agent strings.
Inboxen
Email service that allows a person to create an almost infinite amount of unique email addresses that the user can give to 3rd party websites. This lets the user have more control of their identity/privacy and keeps their personal email address free of junk.
Invizi
Invizi helps you track your cryptocurrency transactions. All your data is stored locally, encrypted and never leaves your computer. Invizi can calculate your profit and loss, your historical balance, your assets allocations and more. Your transactions can be automatically synchronized with exchanges, entered manually or imported via csv files.
JavaScript-Toggle-On-and-Off
It's a simple program used to enable and disable JavaScript easily. You can add websites to a whitelist and decide if the website will be reloaded when pressing the button.
JiveSearch
Self hostable search engine focused on privacy
Karpion Anti-Phishing Toolbar
This is the first release of Karpion, the Anti-Phishing toolbar for the web browser Konqueror. This tool bar is a part of the Open Phishing Database project.
Kontalk
Kontalk is a free software, secure and distributed instant messaging driven by the community. Kontalk protocol is based on XMPP with end-to-end encryption in both server-to-server and server-to-client. Kontalks is basically for phone, but it's also available for desktop now (GNU/Linux, Windows, and macOS).
Libphish
Freshports link available but no download links available. All maintainer emails broken. Poppy-one (talk) 15:21, 6 August 2018 (EDT) Libphish is part of the Open Phishing Database project, an effort to create and maintain and open database of phishing sites in order to protect users, in addition to providing extensions to browsers that utilize the database. Libphish is a library which interacts with the Open Phishing Database, providing a consistent API which browsers and other programs can use to verify the safety and risk level of URLs.
MAT2
mat2 is a metadata removal tool, supporting a wide range of commonly used file formats, written in python3: at its core, it's a library, used by an eponymous command-line interface, as well as several file manager extensions.
MasterPassword
Most password managers are password vaults: they let you store or generate a strong password for your services and then encrypt that key and store it for later retrieval. This approach presents many problems, in particular in the modern mobile age, that result in many frustrations: * Vault availability: If your vault is not available, you cannot use any of your services. * Added risk of identity loss: If you lose (eg. HDD failure/house fire) your vault, you instantly lose your entire online identity. * Force of law: Many countries have laws that require you to divulge the encryption key if a lawful search discovers your vault. Some password vaults implement features to try and address these issues, such as Internet sync, cloud-based vaults or backups and self-destructing vaults. These features all work around issues inherent to the solution and bring their own set of issues: * Network sync: Keeping data secure in transit is non-trivial and adds security risks. * Backups: Requires that you keep multiple locations secure from loss and theft, as well as the vault in transit. * Cloud-based services: Requires you to trust an external party and sacrifices transparency and freedom. * Defensive destruction: Reliability issues and again, risk total identity loss. Master Password is a completely different approach to passwords. The core issue that brings forth these problems is the vault used to store passwords. Master Password removes the vault from the solution by being a stateless solution, thus avoiding each of these issues. Master Password works by being an offline and stateless algorithm used to calculate your site passwords on-demand. Your passwords exist only as long as you need them and then disappear from disk and memory. Passwords are calculated based on a master password and the user's full name, combined with the name of the site. Calculation is based on strong, known and understood cryptographic hashes. Hash-based password generation is not new, but Master Password is a careful implementation that avoids many issues that other hash-based password managers suffer from. Cryptography is not easy and upon inspection, the security of most hash-based password generators completely falls apart. Master Password uses scrypt combined with hmac-sha256 and salting to prevent all known attack vectors.
Metager
MetaGer is a meta search-engine written in PHP. It is licenced under the terms of the AGPL-3. This and other open-source projects are developed by the german non-profit NGO SUMA-EV. They run an instance on https://metager.de/en . The developer version is available at https://metager3.de/en .
Mobilizon
Mobilizon is a federated system for organizing events developed by French non-profit Framasoft. It features the ability to create multiple profiles per account for increased privacy, as well as tools for co-ordinating events both with the general public (which allow participation without an account) and among organizers using "groups". However, it aims to be just "a tool", and rejects "features like subscriptions counters, thumbs ups or info walls with infinite scrolling". The ActivityPub protocol is used for federation.
Movim
Movim (My Open Virtual Identity Manager) is a distributed social network built on top of XMPP. It can be accessed using existing XMPP clients and Jabber accounts. Movim is a distributed social networking platform. It builds an abstraction layer for communication and data management while leveraging the strength of the underlying XMPP protocol. XMPP is a widely used open standards communication platform. Using XMPP allows the service to interface with existing XMPP clients like Conversations, Pidgin, Xabber and Jappix. Users can directly login to Movim using their existing Jabber account. Movim addresses the privacy concerns related to centralized social networks by allowing users set up their own server (or "pod") to host content; pods can then interact to share status updates, photographs, and other social data. Users can export their data to other pods or offline allowing for greater flexibility. It allows its users to host their data with a traditional web host, a cloud-based host, an ISP, or a friend. The framework, which is being built on PHP, is a free software and can be experimented with by external developers. Movim supports OMEMO, group chats (public and private, with or without password) with reactions, stickers and GIFs, it supports also screen-sharing, VOIP (1 to 1) and microblogging.
NNCP
NNCP (Node to Node copy) is a collection of utilities simplifying secure store-and-forward files, mail and commands exchanging. This utilities are intended to help build up small size (dozens of nodes) ad-hoc friend-to-friend (F2F) statically routed darknet delay-tolerant networks for fire-and-forget secure reliable files, file requests, Internet mail and commands transmission. All packets are integrity checked, end-to-end encrypted (E2EE), explicitly authenticated by known participants public keys. Onion encryption is applied to relayed packets. Each node acts both as a client and server, can use push and poll behaviour model. Out-of-box offline sneakernet/floppynet, dead drops, sequential and append-only CD-ROM/tape storages, air-gapped computers support. But online TCP daemon with full-duplex resumable data transmission exists.
Nextcloud
Nextcloud is a free, decentralized and open cloud platform. It allows you to sync your files, calendars and contacts while staying in control of your data. As a platform you can extend it with many existing apps or write your own. With federated sharing, Nextcloud allows you to collaborate with people across different Nextcloud installations. Nextcloud also provides real-time communication through Spreed.me and collaborative editing through LibreOffice Online integration.
ObscuraCam
https://f-droid.org/en/packages/org.witness.sscphase1/ Obscuracam is a photo and video app for Android that keeps certain information private. Ever capture someone in a photo or video, then realize they may not want to be in it? Not comfortable posting a friend, family member or child’s face on the internet? Worried about the geolocation data in the picture giving away private hideaway? Tired of Facebook, Google and other sites “auto detecting” faces in your photos? Then this is for you, giving you the power to better protect the identity of those captures in your photos, before you post them online. Take a picture or load a photo or video from the Gallery, and ObscuraCam will automatically detect faces that you can pixelate, redact (blackout) or protect with funny nose and glasses. You can also invert pixelate, so that only the person you select is visible, and no one in the background can be recognized. This app will also remove all identifying data stored in photos including GPS location data and phone make & model. You can save the protected photo back to the Gallery or any other “Share” enabled app.
OnionShare
What is OnionShare? OnionShare lets you securely and anonymously share files of any size. It works by starting a web server, making it accessible as a Tor onion service, and generating an unguessable URL to access and download the files. It doesn't require setting up a server on the internet somewhere or using a third party filesharing service. You host the file on your own computer and use a Tor onion service to make it temporarily accessible over the internet. The other user just needs to use Tor Browser to download the file from you. How to Use Open OnionShare, drag and drop files and folders you wish to share into it, and click Start Sharing. After a moment, it will show you a .onion URL. This is the secret URL that can be used to download the file you're sharing. Send this URL to the person you're sending the files to. If the files you're sending aren't secret, you can use normal means of sending the URL, like by emailing it, or sending it in a Facebook or Twitter private message. If you're sending secret files then it's important to send this URL securely. The person who is receiving the files doesn't need OnionShare. All they need is to open the URL you send them in Tor Browser to be able to download the file.\
OpenVPN
OpenVPN lets you to treat a collection of remote machines as though they are on the same network. The connections on this new, virtual network are secured by TLS/SSL. One machine acts as the network server, the others as clients. OpenVPN can also be a component in a TLS tunnel, where the client connects only to the OpenVPN server, which makes additional connections on the client's behalf.
Openbazaar-desktop
This is the reference client for the OpenBazaar network. It is an interface for your OpenBazaar node, to use it you will need to run an OpenBazaar node either locally or on a remote server.
PHPkrm
PHPkrm is a Web-based GnuPG keyring manager. It lets anonymous visitors add their own public keys and download all keyrings, and allows synchronization with external servers to refresh the keys and/or upload the keys.
Pagekite
PageKite is a system for connecting your localhost servers to the public Internet, giving them names and making them globally accessible. It works on most common operating systems and it doesn't matter what kind of Internet connection you have. The PageKite back-end configures DNS for your server and establishes communication with our global pool of front-end relays. These relays have public IP addresses and are visible on the global Internet, which makes it possible for them to accept incoming requests on your server's behalf. These requests get forwarded (proxied) over the tunnel to your server, and any replies travel back the same way.
Panopticlick
From the homepage: When you visit a website, online trackers and the site itself may be able to identify you – even if you’ve installed software to protect yourself. It’s possible to configure your browser to thwart tracking, but many people don’t know how. Panopticlick will analyze how well your browser and add-ons protect you against online tracking techniques. We’ll also see if your system is uniquely configured—and thus identifiable—even if you are using privacy-protective software.
Pidgin-otr
"Off-the-Record Messaging plugin" (or pidgin-otr) is a Pidgin plugin for secure messaging using a protocol known as OTR. Like similar protocols, OTR allows you to hold secure (encrypted and authenticated) conversations. In addition, messages themselves are not signed (that is, they are off-the-record) and remain secure even if your private key is compromised (previous communication streams cannot be decrypted). These features are useful, for example, for journalists. Note, though, that these are technical restrictions not legal ones (a court may consider other evidence). This plugin offers various methods of initial authentication (challenge/response, shared secret), autogenerates keys, and retains keys so that you can continue conversations with people you have previously authenticated. It does not interfere with unencrypted conversations, although you can prompt the other user to install pidgin-otr (or another OTR client) themselves.
Privacy Badger
Privacy Badger automatically blocks spying ads and invisible trackers as you browse. It's there to ensure that companies can't track your browsing without your consent. Privacy Badger sends the Do Not Track header with each request and evaluates the likelihood that you are still being tracked. If a domain appears to be tracking you on multiple websites, Privacy Badger automatically blocks your request from being sent to the tracking domain. Our extension shows you one of three states for each tracker. Red means block the tracker. Yellow means that we don't send cookies or referers to the tracker. Green means unblocked (probably because the third party does not appear to be tracking you - yet). You can click on the Privacy Badger icon in your browser's toolbar if you wish to override the automatic blocking settings. Nothing can stop the Privacy Badger from eating cookies when it's hungry! Privacy Badger is a project of the Electronic Frontier Foundation (https://www.eff.org)
Privacy Redirect
Redirects Twitter, YouTube, Instagram, Google Maps and Reddit requests to privacy friendly alternatives such as Nitter, Invidious, Bibliogram and OpenStreetMap. Allows for setting custom instances or random choice, toggling all redirects on/off and more.
Privoxy
Privoxy is a Web proxy based on Internet Junkbuster with advanced filtering capabilities for protecting privacy, filtering Web page content, managing cookies, controlling access, and removing ads, banners, pop-ups, and other obnoxious Internet junk. It is useful for both stand-alone systems and multi-user networks.
Prousdata
Prousdata restores files and folders for next user session. Main tool helps to manage protections scope: user, elements, forbids.
Proxyknife Heckert gnu.tiny.png
GNU Proxyknife is a customizable multithread proxy hunter. It can help users behind strict firewall find suitable free proxies. gnu Proxyknife reads proxylist1 from the file, stdin or the web, then validates the free proxies and prints the good ones. Time intervals and the others which are userful to estimate the speed or capability of every proxy are also printed. The whole processing can be customized by the user, which is different from the other hunters. In url mode, Proxyknife can read a large number of proxies on machines with little memory. It works on GNU/Linux, SunOS, OSF1 and more.
PyBitmessage
PyBitmessage is the official instant messaging client designed for Bitmessage(a P2P encrypted decentralised communication protocol).
Red Matrix
Originally authored by Mike Macgirvin (also the original author of Friendica), the RedMatrix is a super network created from a huge number of smaller independent and autonomous websites - which are linked together into a cooperative publishing and social platform. It consists of an open source webapp providing a complete multi-user decentralised publishing, sharing, and communications system - known as a "hub". Each hub provides communications (private messaging, chat, blogging, forums, and social networking), along with media management (photos, events, files, web pages, shareable apps) for its members; all in a feature-rich platform. These hubs automatically reach out and connect with each other and the rest of the matrix. Privacy and content ownership always remain under the direct personal control of the individual; and permission to access any item can be granted or denied to anybody in the entire matrix. What makes the RedMatrix unique is what we call "magic authentication" - which is based on our groundbreaking work in decentralised identity services. No other platform provides this ability. Within the matrix the boundaries between different hubs are blurred or seemingly non-existent. Identity in the matrix is considered transient and potentially nomadic. "Who you are" has nothing to do with "what computer you're connected to", and website content can adapt itself according to who is viewing it. You have the ability to "clone" your identity to other hubs; which allows you to continue to communicate with your friends seamlessly if your primary hub is ever disabled (temporarily or permanently). The RedMatrix is ideal for communities of any size, from private individuals and families to online forums, business websites, and organisations. It can be used by anybody who has communications or web content that they wish to share, but where they desire complete control of whom they share it with.
Ricochet
Ricochet uses the Tor network to reach your contacts without relying on messaging servers. It creates a hidden service, which is used to rendezvous with your contacts without revealing your location or IP address. Instead of a username, you get a unique address that looks like ricochet:rs7ce36jsj24ogfw. Other Ricochet users can use this address to send a contact request - asking to be added to your contacts list. You can see when your contacts are online, and send them messages (and soon, files!). Your list of contacts is only known to your computer - never exposed to servers or network traffic monitoring. Everything is encrypted end-to-end, so only the intended recipient can decrypt it, and anonymized, so nobody knows where it’s going and where it came from.
Sandstorm
Some web applications, particularly federated ones, are suitable for running on your local machine rather than hosting on an remote server you don't control. Sandstorm is a platform designed to help you run and maintain these applications, retain your data on your own machine, and optionally use their federation features to contact and publish to remote servers at your own discretion. Representative webapps supported include Ghost (blogging), GNU MediaGoblin (media sharing), Mailpile (email), Tiny Tiny RSS (feedreading) and others.
Seafile
Seafile provides the full facilities to replace proprietary cloud storage and file syncing solutions. It offers the ability to self-host the server on your own hardware as well as make use of commercial services that host it for you. It offers a desktop client for all major operating systems. Major features include:
  • File syncing
  • File version control
  • Client side encryption
  • Public share linking
  • Group and Organisation collaboration
Seafile Community Edition may be used as a free software replacement for Dropbox, Spideroak, Wuala and similar proprietary programs and services. Seafile Professional Edition is not free software as per the license outlined here: https://manual.seafile.com/deploy_pro/seafile_professional_sdition_software_license_agreement/
Searx.me 0.9.x
An add-on bassed on searx.me, a hackable metasearch default engine for Firefox searx.me 0.9.x is an add-on for privacy-respecting search for Firefox. searx.me 0.9.x is bassed on searx.me wich is a privacy-respecting free metasearch engine. Features
  • Self hosted
  • Does not track its users
  • Does not share its users data with third parties
  • Does not use cookies by default
  • Does not profile its users
  • Does not collect its users data
  • Offers secure, encrypted connections (HTTPS/SSL)
  • Hosted by organisations, such as La Quadrature du Net, which promote digital rights
SecureChatAnywhere
SecureChatAnywhere is a lightweight program written in Java with the purpose of making it easy to encrypt and decrypt any kind of text messages using AES-128/CBC symmetric encryption. The graphical user interface (GUI) is designed as a convenient "copy & paste tool" for computers to manage encryption and decryption stand-alone, in other words without relying on any kind of external communication.
Send (file sharing)
Send is a self-hosted tool that allows sending files with encryption. It's a community fork of Firefox Send, a discontinued service by Mozilla. Files are encrypted in the browser before being uploaded to the server. Files are stored for 24 hours then deleted from the server. ffsend is a CLI client for Send. A list of available instances can be found here.
SilverTunnel-NG
SilverTunnel-NG is a Java library that implements and encapsulates all the complex network protocol stuff needed for anonymous communication over the Tor anonymity network. SilverTunnel-NG Netlib can be easily integrated in almost every existing and new Java application. The library requires Java 1.6/Java SE 6 or a newer version. This is a fork of silvertunnel (https://silvertunnel.org)
SimpleLogin
SimpleLogin is a service that allows users to use email aliases through its web application. Users can prevent online services from knowing their real email address by using email aliases when signing up. If an alias is no longer needed, it can simply be deleted.
Smart HTTPS
Automatically changes HTTP addresses to the secure HTTPS, and if loading encounters error, reverts it back to HTTP.
Startpage HTTPS Privacy Search Engine
Add Startpage - The World's Most Private Search Engine - to your search box. Startpage does not record your IP address. Search the Web in the best possible privacy!
Subrosa
Subrosa is an end to end encrypted messaging, voice, and video chat app that runs in the browser. Subrosa supports group chats, desktop notifications, and much more without requiring a download. Encrypted user blobs are synchronized to Subrosa's servers, however Subrosa never has access to the keys required to decrypt the blob or messages.
Terms of Service; Didn’t Read
Terms of Service; Didn't Read (ToS;DR) is a community project and browser plugin which aims to analyze and grade the terms of service (TOS) and privacy policies of major Internet sites and services. Each aspect of a TOS or privacy policy is assessed as positive, negative, or neutral. Services are graded from A (best) to E (worst).
Tor Browser
Tor Browser, previously known as Tor Browser Bundle (TBB), is the flagship product of the Tor Project. It consists of a modified Mozilla Firefox ESR web browser, the TorButton, TorLauncher, NoScript and HTTPS Everywhere Firefox extensions and the Tor proxy. The Tor software protects you by bouncing your communications around a distributed network of relays run by volunteers all around the world: it prevents somebody watching your Internet connection from learning what sites you visit, it prevents the sites you visit from learning your physical location, and it lets you access sites which are blocked. The Tor Browser can run off a USB flash drive, comes with a pre-configured web browser to protect your anonymity, and is self-contained.

See also

Tor2web
The software originally developed by Aaron Swartz and Virgil Griffith is now developed and mainteined by the Hermes Center for Transparency and Digital Human Rights as part of the (GlobaLeaks) project.
TorBirdy
The TorBirdy extension configures Mozilla Thunderbird (Icedove and possibly other related Mozilla mail clients) to make connections over the Tor anonymity network. It also takes steps to protect anonymity at the application level by reducing unique identifiers, disabling unsafe plugins, disabling insecure protocols, helpfully configuring other software such as Enigmail and GnuPG in anonymity protecting ways and more.
UBO-Scope
Warnings: uBO-Scope will be able to function accurately only for WebExtensions-based blockers -- it is unable to do its job properly with legacy-based blockers. The popup panel of this extension may sometimes be affected by an issue which has been fixed in Firefox 57: "WebExtension browser action popup scrolls to the top on changing an element's style" https://bugzilla.mozilla.org/show_bug.cgi?id=1324499 You should read the documentation to better understand purpose and usage: https://github.com/gorhill/uBO-Scope#preamble To inform you about your own third-party exposure on the web pages you visit through a third party exposure score. Important: The lower the 3rd-party exposure score, the better. Third-party ("3rd-party") exposure is quite an important component of the more general concept of privacy exposure. In the scope of uBO-Scope, "3rd-party" is defined as follow: A network request to a remote server which has a different base domain name than the base domain name of the URL in the address bar is deemed "3rd-party". A 3rd-party exposure score is derived not only from the number of distinct third parties on a web page, but also from the ubiquitousness of each of these distinct third parties. The ubiquitousness of a specific 3rd party is measured according to how frequently this 3rd party is used on web pages you visit. This means the ubiquitousness of a 3rd party will be representative of your browsing history and whether the 3rd party was blocked or not on the pages you visited. uBO-Scope does not alter network traffic, it only observes it. For every network request, blocked or allowed, it will extract the base domain name. If the base domain name of the network request is different from the base domain name extracted from the URL of the web page, the network request will be deemed 3rd-party and uBO-Scope will store the pair [3rd-party base domain name, 1st-party base domain name] in its database, to be used to compute and show your overall 3rd-party exposure score of web pages you visit in the future. Your 3rd-party exposure score depends on your past browsing history and the tools you used (if any) which have blocked network requests, and how these tools (if any) are configured. uBO-Scope does not depend on uBlock Origin to do its job, it will work with any content blocker, or no content blocker.
UBlock Origin
µBlock Origin (µBO, pronounced micro-block origin) is a wide-spectrum blocker for browsers with a simple point-and-click interface to allow users to filter and block server requests, domains, scripts, and more. By default it blocks ads, trackers and malware sites. Users should note that uBlock Origin and uBlock, while they have some history, are now distinct programs whose code base has diverged form each other for some time, with uBlock Origin being the more actively developed and better maintained of the two.
UMatrix
uMatrix (stylized µMatrix) is a point-and-click matrix-based firewall, with many privacy-enhancing tools. Point & click to forbid/allow any class of requests made by your browser. Use it to block scripts, iframes, ads, facebook, etc.
Ublock-origin
uBlock Origin (or uBlock) is not an ad blocker; it's a general-purpose blocker. uBlock blocks ads through its support of the Adblock Plus filter syntax. uBlock extends the syntax and is designed to work with custom rules and filters. Furthermore, advanced mode allows uBlock to work in default-deny mode, which mode will cause all 3rd-party network requests to be blocked by default, unless allowed by the user. That said, it's important to note that using a blocker is NOT theft. Don't fall for this creepy idea. The ultimate logical consequence of blocking = theft is the criminalisation of the inalienable right to privacy. Ads, "unintrusive" or not, are just the visible portions of privacy-invading apparatus entering your browser when you visit most sites nowadays. uBlock₀'s main goal is to help users neutralize such privacy-invading apparatus — in a way that welcomes those users who don't wish to use more technical, involved means (such as µMatrix). EasyList, Peter Lowe's Adservers, EasyPrivacy and Malware domains are enabled by default when you install uBlock₀. Many more lists are readily available to block trackers, analytics, and more. Hosts files are also supported. Once you install uBlock₀, you may easily un-select any of the pre-selected filter lists if you think uBlock₀ blocks too much. For reference, Adblock Plus installs with only EasyList enabled by default.
VoteOn.Date
Quickly and easily coordinate meetups. Free, but also anonymous, with no login required. Name your event, select time slots, and invite participants
Wellenreiter
Wellenreiter is a GTK/Perl wireless network discovery and auditing tool. Prism2, Lucent, and Cisco based cards are supported. It is the easiest to use Linux scanning tool. No card configuration has to be done anymore. The whole look and feel is pretty self-explaining. It can discover networks (BSS/IBSS), and detects ESSID broadcasting or non-broadcasting networks and their WEP capabilities and the manufacturer automatically. DHCP and ARP traffic are decoded and displayed to give you further information about the networks. An ethereal/tcpdump-compatible dumpfile and an Application savefile will be automaticly created. gpsd can be used to track the location of the discovered networks.
Wikipedia (English SSL)
Wikipedia is an openly-editable, free content internet encyclopedia. This search bar add-on utilizes SSL to protect searches between You and Wikipedia.
Wikipedia (SSL)
Wikipedia is an openly-editable, free content internet encyclopedia. This search bar add-on utilizes SSL to protect searches between You and Wikipedia.
Wireguard
WireGuard is a virtual private network software. It is built in to the Linux (and linux-libre) kernel by default. It intends to be faster and simpler than IPSec and OpenVPN. While initially released for the Linux kernel, it is now a cross-platform project. Some users consider WireGuard to already be the most secure and easiest to use among all of the VPN solutions.


Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the page “GNU Free Documentation License”.

The copyright and license notices on this page only apply to the text on this page. Any software or copyright-licenses or other similar notices described in this text has its own copyright notice and license, which can usually be found in the distribution or license text itself.