A FOSS hacker's guide to CLI, privacy, security, self-hosting, and the Internet.
Github: https://github.com/hashbang/book
A curated checklist of tips to protect your digital security and privacy.
BadWolf is a minimalist and privacy-oriented WebKitGTK+ browser.
Privacy-oriented - No browser-level tracking, multiple ephemeral isolated sessions per new unrelated tabs, JavaScript off by default.
Minimalist - Small codebase (~1 500 LoC), reuses existing components when available or makes them available.
Customizable - WebKitGTK native extensions, Interface customizable through CSS.
Powerful & Usable - Stable User-Interface; The common shortcuts are available, no vi-modal edition or single-key shortcuts are used.
No annoyances - Dialogs are only used when required (save file, print, …), javascript popups open in a background tab.
Git repo: https://hacktivis.me/git/badwolf/
In the AUR.
Generate random phone numbers for all countries using the mobile phone generator. These numbers are fake, but they are built using the validations of telephone numbers.
A daemon which implements an API bridge to the Signal network. This is for hooking bots into the Signal messaging network as well as connecting other kinds of software and webhooks in.
For a price of a cinema ticket a month we offer a physical phone number. All your messages are encrypted with your personal key that we cannot access. Has a REST API you can send and receive messages through. They can store contact lists for you, deniably they claim. Accepts cryptocurrency for payment.
This updated guide aims to provide introduction to various tracking techniques, id verification techniques and guidance to creating and maintaining anonymous identities online including social media accounts safely.
Will this guide help you protect yourself from the NSA, the FSB, Mark Zuckerberg or the Mossad if they’re out to find you? Probably not … Mossad will be doing “Mossad things” and will probably find you no matter how hard to try to hide.
Github: https://github.com/AnonymousPlanet/thgtoa
Creative Commons Attribution 4.0 International (cc-by-4.0)
A curated list of services and alternatives that respect your privacy because PRIVACY MATTERS.
A service that allows to receive email at a temporary address that self-destructed after a certain time elapses. It is also known by names like : tempmail, 10minutemail, throwaway email, fake-mail or trash-mail. Many forums, Wi-Fi owners, websites and blogs ask visitors to register before they can view content, post comments or download something. Temp-Mail - is most advanced throwaway email service that helps you avoid spam and stay safe.
Facepixelizer is a specialized image editor for anonymizing images. Use Facepixelizer to quickly hide information in images that you don't want to become public. For example, you can blur out text and pixelate faces that appear in your images.
Even though Facepixelizer runs in the browser, your images are secure because they never leave your browser and are never sent over the network. All the processing happens in your browser.
A Dockerized service for running a disposable e-mail service. Can be personal or public. Requires MariaDB. Has an API. Also has a web front end. Requires binding port 25/tcp.
Invidious is an alternative front-end to YouTube. Extremely lightweight - loading the HTML page takes 4kb at most. Has an audio-only mode. Supports subscriptions to channels. Does NOT require a Google account. Does not require Javascript, does not use the Youtube API. Presents its own developer API.
Requires Postgres as its back-end database.
Written in a programming language called Crystal.
A site that tests the capabilities of the VPN you're using for privacy leaks.
An implementation of Textsecure/Signal in Golang as a CLI tool. Can send and receive one-to-one and group messages.
A web application that sits in front of a command line Signal client that lets you send messages from a web browser. Seems to also have a REST API. Requires a second phone number to set up an account, it's not an extension to an existing Signal setup. Looks like all-Docker-all-the-time but it looks like you can also run it as a system service (a systemd .service file is in the docs, and it says nothing about using Docker for that).
Interestingly, it's a couple of shell scripts.
A single command sets up a brand new Ubuntu 16.04 server running a wide variety of anti-censorship software that can completely mask and encrypt all of your Internet traffic. Uses Vagrant and Ansible to automate the process, from creation of OS image to deployment. Generates documentation as an HTML page to send to whomever you want to use the VPN server. Sets up a verified mirror of all the software the user might need, including VPN clients. Even implements techniques for evading some network blocking methods.
Autocrypt is a set of guidelines for developers to achieve convenient end-to-end-encryption of e-mails. It specifies how e-mail programs negotiate encryption capabilities using regular e-mails.
For users, Autocrypt Level 1 offers single-click, opt-in encryption, eases encrypted group communications, and provides a way to setup encryption on multiple devices.
A site that documents the practice of letterlocking - cleverly folding, cutting, and sealing letters in the 17th century for tamper evidence and security.
Designed to reduce the burden of blocking when many accounts are attacking you, or when a few accounts are attacking many people in your community. It uses the Twitter API. If you choose to share your list of blocks, your friends can subscribe to your list so that when you block an account, they block that account automatically. When blocklists are updated, the changes are propagated without your having to do anything.
Requires that you grant access to your Twitter account to the service.
If there are accounts that you blocked before you started using Block Together, and then you subscribe to a blocklist which happens to include that account, and then you stop using that blocklist, the accounts will stay blocked. It doesn't un-do any blocks you put in yourself.
Blocklists top out at 250k accounts.
A crowdsourced mapping project which aims to document the trunk lines underlying the Net, and where privacy violations and surveillance infrastructure can watch it. Has open source, cross-platform software for download that runs traceroutes to various places, correlates the data, and uploads it to the project (anonymously, by default) for analysis.