Disk Encryption
Verdt å merke seg

2014-05-28: TrueCrypt currently has security issues and is not recommended.

If you’re running GNU/Linux, dm-crypt with LUKS is the recommended encryption option.

Gentoo GNU/Linux maintains a guide for dm-crypt with LUKS.

Arch GNU/Linux maintains a guide to dm-crypt with LUKS. Also useable for Parabola GNU/Linux.

Verdt å merke seg

Google Public DNS lagrer din ISP og stedsinformasjon for analyse permanent, pluss IP-adressen din i 24 timer.

OpenNIC har ikke bestemt seg for en offisiell policy for loganonymisering ennå.

Google Public DNS
Email Accounts
Verdt å merke seg

Den beste måten å garantere personvern og sikkerhet på er å kjøre din egen e-posttjener.

Bitmessage er et lovende kryptert alternativ til e-post. Det er dog ikke erklært stabilt til daglig bruk ennå.

MyKolab kjører på fri programvare og lar deg eksportere alt. Det kjører i Sveits, og drar nytte av de sterke personvernslovene der nede.

Riseup tilbyr VPN, lynmeldinger og etherpad.

FreedomBox er ikke ferdig ennå, men har et edelt mål. Det skal nemlig gjøre kål på sentraliserte tjenere som aggregerer informasjon om alt og alle, til fordel for personlig lagring av alt, på en så enkel måte at selv bestemor kan gjøre det.

Yahoo! Mail
Email Alternatives
Verdt å merke seg

Bitmessage is a promising alternative to email, but it has not yet been audited by security professionals. Use at your own risk. If you decide to try out Bitmessage, make sure to generate a completely random ID to greatly reduce the probability of ID collisions.

RetroShare has not been thoroughly audited by security professionals for possible security issues.

Email Clients
Verdt å merke seg

Switching from a proprietary service like Gmail to one of the more transparently-run email services on PRISM Break is the first step to a secure email account.

The second step is getting you and your contacts to encrypt your plain text messages with PGP encryption. This section contains free email clients that support PGP.

Read the Email Self-Defense guide by the Free Software Foundation to learn how to encrypt your email messages.

Her finner du en guide for å kryptere din e-post med Mozilla Thunderbird, GPG og Enigmail.

Find out more about the differences between Mozilla Thunderbird and Icedove.

Verdt å merke seg

Bruk Pretty Good Privacy (PGP)! PGP er en måte å kryptere og autentisere ting. Den kan brukes til enhver fil, men brukes som oftest til e-post.

Read the Email Self-Defense guide by the Free Software Foundation to learn how to encrypt your email messages.

Enterprise Suite
Verdt å merke seg
The enterprise suite category is for solutions for organizations that cover more than 10 categories in an integrated fashion (ex.: logins work throughout all apps, etc.)
Mail Servers
Verdt å merke seg

A beginner’s guide to running your own mail server is available here: “NSA-proof your e-mail in 2 hours”.

Kolab integrates Roundcube into its webclient and offers desktop clients as well. Recent versions also feature a file cloud turning it into a complete solution for personal information management.

What is an MTA?

“Within Internet message handling services (MHS), a message transfer agent or mail transfer agent (MTA) or mail relay is software that transfers electronic mail messages from one computer to another using a client–server application architecture. An MTA implements both the client (sending) and server (receiving) portions of the Simple Mail Transfer Protocol.

The terms mail server, mail exchanger, and MX host may also refer to a computer performing the MTA function. The Domain Name System (DNS) associates a mail server to a domain with mail exchanger (MX) resource records containing the domain name of a host providing MTA services.”

Operating Systems
Verdt å merke seg

Apple, Google, and Microsoft are allegedly a part of PRISM. Their proprietary operating systems cannot be trusted to safeguard your personal information from the NSA. We have two free alternatives: GNU/Linux and BSD.

GNU/Linux has a much larger community to help you with the transition. It’s recommended that you begin your explorations by looking for a GNU/Linux distribution that suits your needs. Additionally the Free Software Foundation hosts a list of completely Free distributions.

Debian has a long tradition of software freedom. Contributors have to sign a social contract and adhere to the ethical manifesto. Strict inclusion guidelines make sure that only certified open source software gets packaged in the main repositories. You may also want to disable contrib and non-free repositories.

Fedora is a community edition that serve as the stable basis for enterprise ready GNU/Linux distributions with commercial support. Companies all over the world trust Red Hat Inc. because of their transparency throughout the whole development process.

Canonical’s Ubuntu is not recommended by PRISM Break because it contains Amazon ads and data leaks by default. GNU/Linux distributions based on Ubuntu are also currently not recommended due to several other reasons.

Operating Systems (Live)
Verdt å merke seg

A live distribution like Tails is the fastest and easiest way to a secure operating system. All you have to do is create a bootable CD or USB drive with the files provided and you’re set. Everything else will be preconfigured for you.

A virtual machine (VM) image like Whonix is designed to be run inside of a virtualization package like VirtualBox. VirtualBox can be installed on Windows, Linux, macOS, and Solaris. This means that if you're stuck using Windows or macOS for whatever reason, you can install VirtualBox and use Whonix to increase your privacy and security.

VPN Clients
Free Recommendations
Verdt å merke seg

Krypterte virtuelle private nettverk (VPN) er en teknologi for å skjule dine fotspor på nettet.

Utvidelser til nettleser
Verdt å merke seg

Installing your own add-ons into Tor Browser is not recommended, as they may bypass Tor or otherwise harm your anonymity and privacy. Check the EFF's Panopticlick to see how trackable your browser configuration is by third parties.

If you're using a Firefox-based browser, you can safeguard your browsing habits and stop advertising companies from tracking you by installing uBlock Origin, Request Policy, and HTTPS Everywhere.

A more advanced alternative to Request Policy would be uMatrix.

Install NoScript and enable ‘Forbid scripts globally’ to improve the security of your browser by preventing 0day JavaScript attacks. This is a drastic option as it will render many websites unusable as they rely heavily on JavaScript. NoScript offers a whitelist you can use to selectively enable JavaScript for sites you trust, but this is considered especially bad for your anonymity if you're using NoScript with Tor Browser.

Why is Adblock Plus not recommended? Adblock Plus shows “acceptable ads” by default, which works against the purpose of the add-on. Either disable acceptable ads or use uBlock Origin instead.

Web Browsers
Verdt å merke seg

Betjen verdensvevet med en kombinasjon av Tor Browser og en fri nettleser. Det anbefales å bruke Tor til så mye som mulig. Å betjene vevet gjennom Tor kan være litt tregere enn uten, men det vil medføre bedre anonymitet. Les litt om Tor før du begynner å bruke det.

Pass på dersom du bruker PayPal eller banksider, så kan det hende at de deres anti-svindel-systemer tror at du er en illegitim bruker. Pass også på at du bruker HTTPS istedenfor HTTP, slik at ingen kan fange opp informasjonen din. Pass særlig på at du alltid bruker HTTPS på sider du må logge inn for å bruke.

Mozilla Firefox bruker Google sin søkemotor som standard. Du burde heller anvende en søkemotor som tar hensyn til ditt personvern.

Hvis du lurer på hvorfor PRISM break ikke anbefaler Chromium, les her.

Verdt å merke seg

DuckDuckGo is a software-as-a-service (SaaS) hosted around the world that provides you with anonymous search results from these sources. DDG open source components are available here.

There is also a DuckDuckGo hidden service at 3g2upl4pq6kufc4m.onion for Tor users.

MetaGer is a SaaS by the German non-profit SUMA e.V. that provides you with anonymous meta search results.

Startpage is a SaaS hosted in the USA and the Netherlands that provides you with anonymous Google search and image results through a free proxy.

Ixquick (run by the same company as Startpage) is a meta search engine that returns combined results from nearly 100 sources - excluding Google.

Seeks acts as a personalizing Web server or proxy between you and your data feeds. Connect most search engines, RSS/ATOM feeds, Twitter/Identica, Youtube/Dailymotion, wikis, and basically any source of data, and Seeks will produce a fused personalized stream of results to your queries. See list of Web Seeks nodes.

Tor users may use Seeks hidden service at 5plvrsgydwy2sgce.onion.

YaCy is a promising project that offers fully decentralized peer-to-peer search. The more people who start using it, the better the results will become.

Google Search
Microsoft Bing
Yahoo Search
Yandex Search
World Maps
Verdt å merke seg

OpenStreetMap er helt fritt. Koden er fri, og databasen er fri. For at OpenStreetMap skal bli en bedre tjeneste er det bare å bidra til prosjektet. Alle kan hjelpe til!

Apple Maps
Bing Maps
Google Earth