Skip to content

Instantly share code, notes, and snippets.

Last active March 28, 2024 15:23
Show Gist options
  • Save marksherman/c647c4d5b5a52387bc25c8dd5443af7b to your computer and use it in GitHub Desktop.
Save marksherman/c647c4d5b5a52387bc25c8dd5443af7b to your computer and use it in GitHub Desktop.
Dr. Mark's Personal Security Tools Hot List Spring '24


Always investigate services you want to use. Read the Terms of Service and/or the Privacy Policy, as they tell you right there what data they'll be collecting from you and how they'll share that data. Always do your own diligence to find the right tools that best fit your life. Here are my recommendations as of March 2024.


Protects from cross-site ad cookies accessing your browsing history, and protects from advertisers collecting 'breadcrumb' data in general.

  1. uBlock Origin - my favorite ad-blocker. Fully open source and community-run. Fast and efficient. Easy to turn off in a pinch.
  2. Privacy Badger - by the EFF, a non-profit that fights for our digital rights against governments and corporations. Blocks trackers, specifically. I currently use this, in combination with uBlock Origin.
  3. - a powerful tracker blocker. So powerful it sometimes breaks websites. Highly configurable, but can be tricky.
  • pi-hole - block ads across a whole network at the DNS-level. Put ad-blocking over your whole house or apartment- anything on your wifi, which includes devices that can't install ad-blockers like smart tvs and other devices. Requires a "server" (an old laptop or computer will do). Takes some effort to set up, but once it's going, super easy to maintain, and works great. I use this is my own home (and set it up for my parents because I love them).


Makes your traffic appear to enter the internet from a different location, the location of your VPN server. With that, can hide all of your connections from your ISP, and can trick your destination service into thinking you're somewhere else in the world.

  • ProtonVPN - Proton is a not-for-profit built around personal security. Never keeps logs, never collects your data, and is based in Switzerland where they can't be legally forced to give over data. They offer a completely usable free tier, subsidized by the pay tiers. I've tried the free tier, and it is sufficient for most things. I now pay them, so if you use the free version, you're welcome!
  • Mozilla VPN - From the makers of FireFox, also a not-for-profit centered on personal security. Is an easier-to-use reselling of Mullvad, which is one of the best VPN networks going right now. Both Mozilla and Mullvad are keep-no-log systems.

This isn't a VPN, but ensures that your traffic is always encrypted end-to-end. This is less important than it was in the past, as the vast majority of services use encryption by default. It does NOT hide your connection information.

  • HttpsEverywhere - a browser plug-in that forces sites to use the encrypted HTTPS protocol. Not a VPN, but pairs nicely with one for full end-to-end data security.

Two-Factor Authentication

Google Authenticator - despite being google, this one is fully open-source and independently inspected. It's secure, and uses industry standards so it's compatible with tons of sites. I have two authenticator apps: Duo, because I have to for Emmanuel, and Google Authenticator for everything else. Google Authenticator is free, and available from both the Google Play Store , and Apple's App Store .

Want to get a physical second factor that's not your phone? A yubikey , using the FIDO standard, are become more and more supported by services. I don't use it as often as the apps, but it's a great backup in case you lose your phone. I also use it when I'm setting up a new computer and will need to do 2FA a lot that day- I leave it plugged in and tap the button whenever I log into something.

Avoid text message and email 2FA whenever you can. If it's the only thing a service offers, it's still better than nothing.

Password Managers

Lets you free your mind of multiple passwords, and makes you more secure by letting you use totally unique passwords for each service. Presented in order of my recommendation, most recommended first.

  1. BitWarden - free and open source. Uses open standards that are widely accepted. What I personally use. Very good free tier. Can be used for free, and upgraded for a little money.
  2. 1Password - often used by businesses. Better support than BitWarden, but costs more. Not open source, but well trusted by important organizations, including MIT. I previously used 1Password, but switched to BitWarden which is open source and cheaper. If your busineess gives you one of these for free, jump on it!
  3. KeePass - completely free and purely open source. Fewer features. Requires you to manage syncing data yourself, usually over dropbox. Good community around it, but no corporate support. The free-est kind of free!

REMOVED from recommendations: LastPass - LastPass suffered multiple data breaches in the past few years, exposing user data and master keys. I would recommend you do not trust LastPass.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment