Welcome to the The Privacy Raccoon!We aim to help people defending their rights in the era of mass surveillance.
This is our list of privacy tools that will help you to remain private online. It has been carefully handcrafted by a group of privacy activists. There is no silver bullet when it comes to privacy, but these tools will make tracking you online a very difficult task.
Privacy Service Providers
Essential Privacy Tools
SELECT FULL DISK ENCRYPTION ON THE INSTALLER! Encryption is essential for privacy and security. It will help to keep your data out of prying eyes, in case of theft, cyber-attack or from authorities.
A GNU/Linux distribution which works out of the box. It's a user friendly desktop operative system which, unlike Windows, respects your privacy and won't waste your computer resources.
For advanced users
Qubes is an operative system with a strong focus on security and sandboxing. It's based on Xen and Linux. It's built out of securely-isolated compartments called qubes. Each program runs completely isolated in it's own qube for a better security. Qubes is better used together with Whonix.
Note that we recommend Linux Mint because it's popularity and ease of use, but most Linux distributions are far better than Windows in terms of privacy. It's just a matter of taste
Anonymity-Focused Operative Systems
Based on a hardened Debian (Kicksecure), Whonix routes all it's traffic through the Tor network. It runs as two separated virtual machines, one being the gateway and the other the workstation. The workstation connects to the internet solely through the gateway which routes it's connections through Tor. This way, even if a malware infected the workstation, your real IP would never get compromised.
Tails is a live OS based on Debian which routes all it's connections through the Tor network. It runs from a USB stick and it never writes anything to your hard drive. It also resets itself after each reboot, leaving no evidence of any activity over your sessions. It's not security hardened as Whonix, so beware of malware.
Mobile Operative Systems
Remember that mobile phones are a privacy nightmare, by design. Even if these OSs are far better than the stock ones, they aren't a silver bullet. Consider moving most of your online activity to your desktop or laptop.
For Linux phones
Based on Alpine Linux and with a variety of Desktop Environments to choose from it's probably the best mobile experience you can get. At the end you have the flexibility of desktop linux because it's that but ported to mobile. Every privacy tool available for desktop can be used. It supports full disk encryption.
Warning: Home page is Cloudflared
UBports is a community maintained GNU/Linux distribution based on Ubuntu for mobile phones. Although PostmarketOS is generally better, UBports may have support for your device so consider checking their supported devices list.
Android custom ROMs
DivestOS is derived from LineageOS, being more focused on security. It supports bootloader relocking, automatic kernel CVE patching, a custom hosts file blocking known advertising and malware domains, Mull which is their own fork of Firefox focused on privacy, it includes F-Droid by default and other various improvements while supporting a decent amount of devices.
Graphene OS is a custom ROM for Android with a strong focus in security. They only support newer Pixel phones.
Warning: Home page is Cloudflared
LineageOS is a custom ROM which removes most of Google's spyware. They maintain their ROM for a extensive catalog of devices. Check if your phone is supported by DivestOS first, since it's a hardened and more private version of LineageOS.
Replicant is the only fully free Android distribution. Every other Custom ROM has proprietary blobs in it. Unfortunately, it only supports a very few, specific devices. It's also the only custom ROM that does no unsolicited connections.
A linux distribution prepared to be used as the firmware for your router. It supports a wide variety of routers, you should check if your router is supported and if not, consider buying one that is supported. A properly configured router is key for your privacy.
Great Firewall solution, built on top of FreeBSD. It's probably more suited for enterprises or large networks. In any case, it's a fully featured firewall with a lot of options and additional packages, a great UI and configuration options.
OpenBSD is a great, portable and security focused OS and one of it's best usecases is using it as a router. The site Openbsdrouterguide.net is a great resource to get started.
Librewolf is Firefox but private by default. Tweaking Firefox yourself may seem overwhelming for less advanced users or people who just want something out of the box. Librewolf provides the hardened Firefox experience without the need of changing anything.
The Tor Browser Bundle is a modified version of Firefox which is hardened against fingerprinting taking the approach of blending in, trying to make every user look the same. That's why they don't recommend installing add-ons in the Tor Browser or using other browser through the Tor Network.
We recommend avoiding Chromium based browsers because we don't want a Chromium monopoly over the web. But if you desperately need a Chromium based browser for certain pages, avoid Brave and use Ungoogled Chromium
Note these useful addons may improve your privacy, but some addons may impact your fingerprint, making your browser unique. Be careful and try to keep low the number of installed addons.
A lightweight, efficient blocker which is easy on memory and CPU. It comes with several filter lists ready to use out-of-the-box. Best content blocker out there if you do not want to use more advanced and powerful tools like uMatrix.
Blocks or fakes the JS-API for modifying canvas to prevent Canvas-Fingerprinting.
Redirects YouTube, Twitter, Instagram... requests to alternative privacy friendly frontends and backends. Take a look at the Private Frontends section for more information.
Remember that being private in mobile phones is nearly impossible by design! Try to move your browsing habits to your laptop or desktop
Mull is a privacy focused Firefox fork which has been deblobbed and hardened with the Tor Uplift project and with the arkenfox userjs. It's recommended over Chromium browsers because you are able to install uBlock Origin which outclass any other content blocker.
Note that Chromium based browsers are more secure in Android than Firefox based ones.
The Tor Browser Bundle is available for Android. It's also based on Firefox and connects exclusively through the Tor network.
Mulch is a security oriented Chromium based browser. Many anti-features are disabled/removed and a handful security features are enabled/added. It's the only recommended Chromium browser for Android although Mull is preferrable in privacy terms because it has access to the powerful uBlock Origin. You'll need Divest OS' F-Droid repo to install it.
We used to recommend Bromite but it has suffered from slow updates, Mulch is up to date, see this table.
Posteo is a paid provider and although you can't pay with Monero, you're able to pay with cash. It has been independently audited and it does not recollect IPs either when visiting their website or when retrieving/sending mails with your mail client. And it's completely powered by renewable energies.
We recommend you to choose POP3 when configuring your email client. This will save your emails in your computer for offline use and you might be able to delete them from the server once downloaded.
Best GUI email client. Ligthweight, nice old school UI, excellent OpenPGP support, no unsolicited connections and multi-account.
The terminal wizard's email client. Probably the best terminal mail client in existence. Muttwizard makes setting Neomutt up painless.
For a more in-depth analysis and a comparison with other IMs, take a look at our Instant Messenger Analysis.
XMPP has existed for a long time. It's federated, it supports multiple encryption methods, it's easy to self-host, there are various implementations and there isn't a corporation behind. Probably the best Instant Messenger available.
Check our recommended XMPP clients.
SimpleX is decentralized and doesn't depend on any single unique identifiers such as phone numbers, usernames, nor even randomly generated strings. Servers (which act as relays and you can swap them on the fly) have zero knowledge about the clients connecting to them.
Briar is a peer to peer messenger which can work without a SIM card in the phone, just through WiFi or Bluetooth. That's the main advantage it offers. It's onion routed and end 2 end encrypted. The desktop client isn't really good, but you might find Briar useful for certain situations like riots or zones where Internet access is restricted.
IRC is the perfect tool for group communication. Simple, fast, well supported and there are a lot of clients to choose from. You don't need an account to access an IRC channel, which is nice. It can work over I2P if you need anonymity. If you need more advanced features like voice or video, look in this section. IRC is just enough for group communication and it has been the gold standard for more than 20 years.
Check our recommended IRC clients.
Voice & Video
Mumble is a free, open source, low latency, high quality voice chat application. Mumble is the gold standard as a private, secure and libre voice chat.
Note that Mumble isn't end to end encrypted, since it's thought to be self-hosted.
GNU Jami is a peer to peer messenger which supports voice and video. It's end to end encrypted and it doesn't need any server to work.
Jitsi is a set of free software projects that allows you to easily build and deploy secure videoconferencing solutions. It's really easy to self-host or you can use a public instance
The best social network is your own blog with an RSS feed. Please consider that if you have something to say.
In Social Media, even the free software ones, posts are ephemeral and they will stop reaching people after they are a few days old. This is by design. It is good for trivial conversations or for sharing your cat pics but it should never replace blogs.
Microblogging platform, similar to Twitter, but decentralized. It is not owned by anyone since there are multiple servers operated by different people and you could set up your own. It's free software and it's part of the Fediverse.
Lemmy is the link aggregator of the Fediverse, with a usage remminiscent of Reddit but without all the limitations and bullshit imposed by the company behind. It is hosted by volunteers and has a friendly community.
Also part of the Fediverse, Pixelfed is image focused, being a good alternative to Instagram. Even if Pixelfed is more "Instagram-like", it federates with Pleroma and Mastodon. This means that you can follow and interact with people in Mastodon or Pleroma from your Pixelfed account.
Hugo is one of the most popular open-source static site generators. With its amazing speed and flexibility, Hugo makes building websites fun again.
A single Bash script to create blogs. Ultra simple usage, zero dependencies, no installation required, just download the script and start writing!
Search engines, very much like web browsers, it is a gray area where there isn't a clearly good solution because it is quite hard to create one from scratch and most options use Google's or Microsoft's under the hood.
There are a lot of so-called private search engines, but most of them are fake privacy initiatives, and even when they respect your privacy, it is hard to find an independent one that does not rely on the results from Google or Bing.
SearXNG is a self-hosted metasearch engine which fetches results from other search engines. While this makes SearXNG dependant on other search engines, it can merge the results from a multitude of search engines and acts as a proxy so none of them gets any information about you and helps avoiding censorship. It's probably the best option because any other search engine you like, it may be used through SearX.
SearxNG's privacy depends on the instance you choose, but in general it is hosted by privacy advocators and they seem to respect user's privacy. There are multiple .onion instances availabe too.
Be sure to avoid Cloudflared instances or even better: use a .onion instance.
Note that SearX results may vary depending on the configuration of the instance, you'll have to test a few to choose the best one
Use only the .onion service, the clearnet one stores your IP
Note that it requires the use of iframes and won't work on text based browsers like lynx
Check the DNS clients section. Those have multiple advantages, especially for privacy. They are a superior option and it's highly preferrable to use one of them instead of trusting a provider from this list.
A hobby Adblock DNS project with DoH, DoT, DoQ, DNSCryptv2 support, DNSSEC ready, Yggdrasil, OpenNIC support, prevents CNAME Cloacking and claims to store no logs.
Mullvad provides their DNS services for free. They claim to store no logs
Warning: VPNs don't make you anonymous! Use Tor instead
VPNs shouldn't be blindly trusted! They are good for hiding your traffic from your ISP. But you can't really know if they're keeping logs or not, they may be analysing your whole traffic. So be careful and consider using Tor instead. They are useful for torrenting.
Mullvad is always the recommended VPN for privacy. They claim to store no logs, that they not share any data with third parties and they accept Monero and cash payments. Probably the closest you can get to a good VPN provider.
They claim to store no logs and they accept Monero and cash. They support Wireguard and IPv6. It seems to be a good VPN provider overall.
Hosting & Domain
Kyun does requires not require any personal information to sign up. No KYC, no phone/email verification, although you might add an email for recovery purposes. They have an onion domain. They allow payment exclusively in Monero.
Icelandic hosting provider. Their prices are good and they accept Monero as a payment. No onion domain.
We encourage you to also host your site in Tor and I2P. Those require no domain!
Njalla is also a domain registrar, they act as a proxy buyer for the domain you want so you don't have to give any information to use a domain. They accept payments in Monero. Remember to use their onion domain.
Remember that there's no cloud, just other people computers. Or even worse, mega corporation's computers. Do not trust anyone with your personal data and host your "cloud" storage yourself. If you don't have the knowledge, you may pay a system admin to manage it for you.
Nextcloud is a software suite that will let you create your own "cloud" storage. It's intended to be self-hosted, and this is our recommendation. Although there are also some Nextcloud hosting providers which will manage hosting for you. In either case, be sure to enable end to end encryption, which Nextcloud supports.
Seafile is a high performance file syncing and sharing software. It also comes with an integrated markdown wiki. It has support for every platform and it offers better performance than Nextcloud. It also supports encryption. The company behind Seafile offers hosting, but we recommend self-hosting instead.
PeerTube aspires to be a decentralized and free/libre alternative to video broadcasting services. PeerTube is not meant to become a huge platform that would centralize videos from all around the world. Rather, it is a network of inter-connected small videos hosters. Anyone with a modicum of technical skills can host a PeerTube server, aka an instance. Each instance hosts its users and their videos. In this way, every instance is created, moderated and maintained independently by various administrators.
Private frontends acts as a proxy for viewing content of sites like YouTube, Twitter, etc without needing an account or being spied on. We encourage their use instead of visiting the "official" sites, since those are terrible for your digital privacy.
If you use Librewolf or Ungoogled Chromium, try Libredirect which will automatically manage privacy frontends and redirections for you. If you use Pale Moon you may need to setup custom rules in URL rewriter.
Invidious is a private frontend for Youtube which can work without JS.
Note that most Invidious instances do not act as a proxy for the videos by default. You may enable this in Invidious' settings.
Private frontend for Tiktok, just in case you think there's worth content there.
Private frontend for the image hosting site Imgur.
Private frontend for Quora.
A simple and lightweight frontend for various translation engines: Google, ICIBA, Reverso and LibreTranslate.
A JS-free proxy for IMDb.
A private frontend for Fandom.com, which hosts wikis mainly on entertainment topics. Fandom is centralizing the wikis of thousands of topics, it's also full of ads.
A private frontend for the bloated and spyware Odyssey.
If, for whatever reason, you do not want to give Wikipedia your IP address, Wikiless is a private frontend with an nicer UI for desktop. The main usecase is that Wikipedia does not have an .onion mirror. You may use Wikiless instead.
If you don't know what a password manager is, read our Easy Introduction to Password Managers
Our main recommendation. KeePassXC provides an easy to use GUI to store your passwords locally in strongly encrypted databases. Your passwords never leave your device. You may use file synching tools to sync your password database between devices without trusting a third party server. Securely store passwords using industry standard encryption, quickly auto-type them into desktop programs, and use ther browser extension to log into websites. It's cross-platform, with compatible apps for mobile phones
Bitwarden synchronizes your passwords between all your devices. Your passwords are stored encrypted in a server. While Bitwarden free plan is good enough, we strongly advise you to self-host or just use an off-line option like KeePassXC.
Note that depending on your threat model, you might be better using an off-line solution like KeePassXC. Self-hosting requires skills to secure it, all your passwords and accounts are critical data. And when using official Bitwarden accounts, your vault is encrypted, but they need to store some data in order to provide their services. This data could be requested by law enforcement.
Our top choice. A flexible DNS proxy, with support for modern encrypted DNS protocols such as DNSCrypt v2, DNS-over-HTTPS, Anonymized DNSCrypt and ODoH (Oblivious DoH). In order to maximize your privacy, we recommend that you use only the Anonymized DNSCrypt protocol.
Unbound is a validating, recursive, caching DNS resolver. It is designed to be fast and lean and incorporates modern features based on open standards. Unbound has been rigorously audited. We suggest to use DNS-over-TLS.
These networks are designed to make you anonymous. Also known as "darknets", although this term is usually associated in mainstream media with criminal activity, which isn't the purpose of these networks. They are frequently used by scientists, journalists and activists. They are mainly used to circumvent censorship and surveillance by those who need it and they play a key role to protect free speech on the internet.
The Invisible Internet Project (I2P) is a fully encrypted private network layer. The network is people powered. Peers make a portion of their resources, particularly bandwidth, available to other network participants. This allows the network to function without relying on centralized servers. So unlike Tor, I2P is completely decentralized. No one can see where traffic is coming from, where it is going, or what the contents are. Additionally I2P offers resistance to pattern recognition and blocking by censors.
The Tor network is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. You use the Tor network by connecting through a series of virtual tunnels rather than making a direct connection to the host you're trying to connect to, making you anonymous and circumventing censorship.
Freenet is a peer-to-peer platform for censorship-resistant and privacy-respecting publishing and communication. It uses a decentralized distributed data store to keep and deliver information, you don't host your website in a server for Freenet, you just need to upload it to the distributed network.
GNUnet is a network protocol stack for building secure, distributed, and privacy-preserving applications. The framework offers link encryption, peer discovery, resource allocation, communication over many transports (such as TCP, UDP, HTTP, HTTPS, WLAN and Bluetooth) and various basic peer-to-peer algorithms for routing, multicast and network size estimation.
Yggdrasil is an overlay network implementation of a new routing scheme for mesh networks. It is designed to be a future-proof decentralised alternative to the structured routing protocols commonly used today on the Internet and other networks. It provides end-to-end encrypted IPv6 routing between all network participants. Peerings between nodes can be configured using TCP/TLS connections over local area networks, point-to-point links or the Internet. Even though the Yggdrasil Network provides IPv6 routing between nodes, peering connections can be set up over either IPv4 or IPv6.
Note that Yggdrasil's goal isn't to provide anonymity.
GnuPG is a GPL-licensed implementation of OpenPGP. It let's you cryptograpically sign and encrypt files. It has been the standard for a long time. One of it's uses is, for example, email encryption.
When creating a new key, we suggest using future-default, like this example:
gpg --quick-gen-key firstname.lastname@example.org future-default
That option will use modern ciphers based on elliptic curves.
Tomb is an is a simple shell script which acts as a wrapper for dm-crypt. Tomb aims to be a really simple to use software to manage "encrypted directories", called tombs. A tomb can only be opened if you both have a keyfile and you know the password. It also has advanced features, like steganography.
Note that Tomb only works on GNU/Linux.
Picocrypt is a small and portable encryption tool which uses the XChaCha20 cipher to encrypt your files. It provides the user with an easy to use GUI.
File Sharing & Sync
Croc is a tool that allows any two computers to securely transfer files and directories. Croc uses relays for transmitting data instead of uploading and downloading to a server, this makes Croc faster than other alternatives. It's E2E encrypted, cross-platform, ipv6-first, allows for multiple files, supports proxies and it's easy to use. We encourage you to host your own relay, which is stupidly simple to do.
Onion Share creates an onion web server which allows you to easily transfer files, chatting and even hosting websites while remaining anonymous. Everything is routed through the Tor network. It's E2EE.
Syncthing is a peer-to-peer continuous file synchronization utility. It is used to synchronize files between two or more devices over the local network or the internet. Syncthing does not need a central server. That makes it perfect to sync your files between your desktop and laptop, or your laptop and your mobile phone without sending your data to a third party server.
Warning: According to the Debian Wiki, Syncthing collects the following data: data transfer volume, unique ID submission, version check and lots more. Remember to opt out of "anonymous data collection".
Fully-featured note-taking and to-do program which can handle a large number of markdown notes organized into notebooks and tags. It offers E2EE. We recommend you to sync it with your own Nextcloud server, so that you're in control of your data.
A GNU Emacs major mode for keeping notes, authoring documents, computational notebooks, literate programming, maintaining to-do lists, planning projects, and more — in a fast and effective plain text system. Note that it is not encrypted since it's intended to be stored on your own device with full disk encryption. Sync is possible using file sync tools
CLI first plain text note‑taking, bookmarking, and archiving with linking, tagging, filtering, search, Git versioning & syncing, Pandoc conversion, + more, in a single portable script. It supports encryption with OpenPGP. A personal favorite.
Metadata in some file types, especially in images, can reveal a lot about your private data: exact hour it was taken, location data, device used, etc. It's important to remove this metadata before sharing your files.
A simple to use graphical tool that let's you view and remove the metadata of various file types.
The classic Perl command line tool for manipulating metadata. It's quite powerful and it has a lot of options, but for our purposes a single command will do the job:
exiftool -all= *.file_extension
This will remove all the metadata of the files .file_extension in your current directory.
Remember to enable encryption in your client settings! Every client we recommend supports OMEMO encryption
Dino is a modern open-source chat client for the desktop (Linux, BSD). It focuses on providing a clean and reliable Jabber/XMPP experience while having your privacy in mind.
Conversations is a Jabber/XMPP client for Android 5.0+ smartphones that has been optimized to provide a unique mobile experience. Free on F-Droid.
Profanity is a console based XMPP client written in C using ncurses and libstrophe, inspired by Irssi. Available on Linux, FreeBSD, OpenBSD, OSX, Windows and Android (Termux).
HexChat is a feature-rich and easy to use GUI IRC client. Our top recommendation for people that don't like the terminal.
Irssi is a modular text mode chat client. It comes with IRC support built in. Irssi is completely themeable. Every single message can be themed. It's also highly scriptable and there are a lot of scripts available for extending it.
Catgirl is a TLS-only terminal IRC client. It has a focus on minimalism and security. It comes with sandboxing by default on OpenBSD.
Torrenting is prosecuted in some countries. Consider using a VPN to avoid legal problems if you're torrenting. Remember that VPNs do not provide anonymity!
A multiplatform Bittorrent client with a lot of features. It has a uTorrent like UI but without the adware or the spyware that uTorrent has. Probably the best torrent client for those that have only used uTorrent.
A lightweight and feature complete Bittorrent client. It has a GTK frontend for those that prefer GUI clients, but it also has a CLI version.
The Bittorrent Protocol Daemon. If you were looking for a minimal Bittorrent CLI client, you'll love BTPD
A download manager is a program capable of making multiple connections to multiple servers, sometimes using different protocols, to accelerate your downloads
Some of these download managers support Bittorrent, which is prosecuted in some countries. Consider using a VPN.
Xtreme Download Manager is a powerful GUI tool to increase download speed up-to 500%, save streaming videos from websites, resume broken/dead downloads, schedule and convert downloads. XDM seamlessly integrates with Firefox, to take over downloads and saving streaming videos from web. XDM has a built in video converter which lets you convert your downloaded videos to different formats.
Aria2 is a utility for downloading files. The supported protocols are HTTP(S), FTP, SFTP, BitTorrent, and Metalink. aria2 can download a file from multiple sources/protocols and tries to utilize your maximum download bandwidth. There are extensions like a webUI and a Firefox add-on to integrate it with your browser.
The most complete download manager and our top choice if you aren't scare of the terminal.
Axel tries to accelerate the download process by using multiple connections per file, and can also balance the load between different servers. Axel tries to be as light as possible, so it might be useful on byte-critical systems. Axel supports HTTP, HTTPS, FTP and FTPS protocols.
If all you need is a command line tool for fast downloads, then you'll love Axel.
A GNOME program. It's a GTK news aggreator with a simple to use UI.
A text based news aggregator to use it from your terminal. It's fast, minimalist and it may be used through SSH.
Make backups regularly and remember to encrypt your backups. Even if encrypted, we recommend to store them in a self-hosted server. Déjà Dup works with Nextcloud. It's recommended for not technical users.
Déjà Dup is a simple backup tool. It hides the complexity of backing up the Right Way (encrypted, off-site, and regular) and uses duplicity as the backend. It's the only graphical tool in this list and the one we recommend to people afraid of the command line.
Restic is a backup program which supports encrypted, secure and verifiable backups. It's fast and easy to use, while supporting different storage types.
CLI backup utility. Borg is a deduplicating archiver with compression and encryption. It supports remote backups over SSH.
From Wikipedia: Gemini is an application-layer internet communication protocol for accessing remote documents, similarly to the Hypertext Transfer Protocol (HTTP) and Gopher. It is intended as a third alternative to those protocols. It comes with a special document format, commonly called "gemtext", that allows linking to other documents.
Lagrange is a desktop GUI client for browsing Geminispace. It offers modern conveniences familiar from web browsers, such as smooth scrolling, inline image viewing, multiple tabs, visual themes, Unicode fonts, bookmarks, history, and page outlines.
Astro is a terminal client using less written in POSIX shell script.
Telescope is a w3m-like browser for Gemini, but it also supports the Gopher and Finger protocols.
From Wikipedia: The Gopher protocol is a communication protocol designed for distributing, searching, and retrieving documents in Internet Protocol networks. The design of the Gopher protocol and user interface is menu-driven, and presented an alternative to the World Wide Web in its early stages, but ultimately fell into disfavor, yielding to HTTP.
Gopherus is a free, multiplatform, console-mode gopher client that provides a classic text interface to the gopherspace. Gopherus is published under the '2-clause' BSD license.
Gophernicus is a modern, full-featured and secure gopher daemon. It has special security features for OpenBSD and it supports encryption.
Motsognir, a robust, reliable and easy to install gopher server. Written in ANSI C, will run in any POSIX OS, all the configuration is done in a single config file.