Create a gist now

Instantly share code, notes, and snippets.

What would you like to do?
Crypto Privacy Copy Pasta

Do your part to resist Government surveillance and take back your privacy:

If you have any problems installing or using the above software, please contact the projects. They would love to get feedback and help you use their software.

Have no clue what Cryptography is or why you should care? Checkout the Crypto Party Handbook or the EFF's Surveillance Self-Defense Project.

Just want some simple tips? Checkout EFF's Top 12 Ways to Protect Your Online Privacy.


If you liked this comment, feel free to copy/paste it.

Owner

postmodern commented Feb 23, 2013

Why?

I got tired of redditors constantly shouting "contact your congress person about SOPA/PIPA/CISPA/Whatever-Its-Called-Next-Week". Many of us did contact our congress person, some congress people were already staunchly for or against the legislation. After all of that, then we had CISPA.

Only contacting your congress person will not guarantee your privacy. However, Cryptography will ensure your privacy, with complex mathematics instead of legislation. Cryptography cannot be restricted by law nor can it be coerced by violence. Feel free to still contact your congress person, after you install the above software. Just don't expect the relentless march of SOPA/PIPA/CISPA to stop. Expect new legislation with a different acronym next month.

How to Copy/Pasta?

  1. View the raw version.
  2. Copy/Paste as a comment on CISPA links
  3. ???
  4. Privacy
Owner

postmodern commented Mar 20, 2013

Added EasyList and Ghostery.

Owner

postmodern commented Mar 20, 2013

I might add Spore as a free (as in beer) alternative to SilentPhone. Someone needs to review it's code-base for bugs before I start recommending it to users.

Owner

postmodern commented Apr 15, 2013

Added VPNs that do not log IP Addresses from this document.

Owner

postmodern commented Apr 15, 2013

Reduced the VPN list to only the P2P friendly VPNs.

Thanks for updating this list and caring, mate :)

I personally use Firefox with the NoScript addon and it allows me to avoid:

  • google tracking
  • undesired advertisements
  • nasty js going on that I may be unaware of

And when I'm sure a site is clean, I whitelist them.

The internet is a big, full of love, full of scary place. Shield yourself from the scary and enjoy the love :)

Owner

postmodern commented Apr 19, 2013

Enigmail works on OSX as well.

Owner

postmodern commented Apr 19, 2013

Multiple redditors recommend http://privateinternetaccess.com.

Owner

postmodern commented Apr 19, 2013

Added DuckDuckGo as a Google alternative.

Owner

postmodern commented Apr 19, 2013

TrueCrypt is also available for OSX.

Thank you @ivals and @postmodern.

By the way @ivals is their such a thing as a VPN for cell phone carriers?

Saw this on Reddit. Consider adding in RequestPolicy to the browser privacy addons. It gives you finer grained control for cross-site requests. Eg. If you allow javascript on Google's sites, you can't control if another (non-Google) site is allowed access them. (Of course, Ghostery takes care that for most things.) RequestPolicy would let you change access to Google from a different site.

Owner

postmodern commented May 5, 2013

Considering adding Spore and Ostel to Voice Encryption.

Consider dm-crypt + LUKS as an alternative to TrueCrypt for Disk Encryption under Linux.
http://forums.fedoraforum.org/showthread.php?p=1397886
http://www.privacylover.com/encryption/analysis-is-there-a-backdoor-in-truecrypt-is-truecrypt-a-cia-honeypot/

Also consider using S/MIME for Email Encryption on all platforms.

Owner

postmodern commented May 24, 2013

@ScarletEmerald I thought about including them, but most Linux installers already support them out of the box (create a partition, select "Encrypted"). I also suspected that Linux users would already know about them.

Owner

postmodern commented May 24, 2013

A redditor suggested adding the following Chrome extensions to Browser Privacy:

@postmodern That may be true, but I would still suggest including them to make the list comprehensive, especially since they may be the superior alternatives. There may also be Linux users looking to add encryption post-install who would benefit from hearing about all available alternatives.

adunuale commented Jun 8, 2013

Please remove Ghostery and substitute in EasyPrivacy or Fanboy's Privacy List instead. Using either of these subscriptions will block the same things as Ghostery does.

Ghostery is written by an ad company. There's a conflict an interest. Meanwhile, AdBlock Plus isn't, nor are these lists' maintainers, affiliated with ad companies.

Owner

postmodern commented Jun 10, 2013

Added Private Internet Access to the VPNs list, based on this recommendation

Great list :-)
Take a look to http://www.opennicproject.org/ for alternative DNS servers.

Any chance you'll put Project Meshnet on there?

Also maybe just cjdns

Owner

postmodern commented Jul 25, 2013

Replace Ghostery with DoNotTrackMe or Disconnect? Apparently Ghostery's parent company actually sells the anonymous data it collects.

slacka commented Aug 11, 2013

Another great source of privacy protecting tools can be found at https://prism-break.org/

@postmodern I'd say Disconnect looks better. HN discussion here

And why not Ad-Block instead of ABP?

Owner

postmodern commented Aug 18, 2013

Added GPG4Win

Owner

postmodern commented Aug 18, 2013

Added Threema

Owner

postmodern commented Aug 18, 2013

@PhearTheCeal replaced Ghostery with Disconnect. You can opt-out of the "acceptable ads" in Ad Block Plus.

I recommend µBlock over AdBlock, it's more resource efficient. The EFF's Privacy Badger is a good alternative to Ghostery. Ixquick is another privacy-focused search engine (they even have a new, less 1999 look coming soon, I see!).

For the Browser Privacy category, I recommend adding uBlock Origin and uMatrix (also by @gorhill, like NoScript but with much more granularity) as well as ScriptSafe for Chrome (which is like NoScript but with a better interface). KB SSL Enforcer is a good alternative to HTTPS Everywhere, too; it learns which sites support HTTPS and which don't rather than relying on a central list.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment