App Store
vlasnički*
Amazon Appstore
Google Play
Disk Encryption
vlasnički*
Apple FileVault
McAfee Endpoint Encryption
BitLocker Drive Encryption
Symantec Drive Encryption
Email Accounts
Beleške

For more email providers, take a look at Privacy-Conscious Email Services. Please decide for yourself whether if you trust them with your data. For more discussion about safe email providers, please see issue #461.

MyKolab is hosted in Switzerland and benefits from the strong Swiss privacy laws. It is run exclusively with free software and using the service supports the development of Kolab. Also, it lets you export all your data at any time.

Riseup’s services may also be accessed via their Tor Hidden Service addresses. A list is available here.

Why not Hushmail? See 'compromises to email privacy'.

If you have the technical aptitude, consider running your own mail server.

vlasnički*
Facebook
Gmail
Microsoft Outlook.com
Yahoo! Mail
Yandex.Mail
Email Alternatives
Beleške

Bitmessage is a promising alternative to email, but it has not yet been audited by security professionals. Use at your own risk. If you decide to try out Bitmessage, make sure to generate a completely random ID to greatly reduce the probability of ID collisions.

RetroShare has not been thoroughly audited by security professionals for possible security issues.

vlasnički*
Email Clients
Beleške

Switching from a proprietary service like Gmail to one of the more transparently-run email services on PRISM Break is the first step to a secure email account.

The second step is getting you and your contacts to encrypt your plain text messages with PGP encryption. This section contains free email clients that support PGP.

Read the Email Self-Defense guide by the Free Software Foundation to learn how to encrypt your email messages.

Here is a guide by Security In A Box to encrypting your email with Mozilla Thunderbird, GNU Privacy Guard (GPG), and Enigmail.

Find out more about the differences between Mozilla Thunderbird and Icedove.

vlasnički*
Apple Mail
Microsoft Office Outlook
Enterprise Suite
Beleške
The enterprise suite category is for solutions for organizations that cover more than 10 categories in an integrated fashion (ex.: logins work throughout all apps, etc.)
vlasnički*
Zoho Office Suite
Office 365 Enterprise E5
Google Apps for Work
File Storage & Sync
Beleške

Cloud file storage is also available via Chwala/iRony components of Kolab with the capability to integrate various storage backends. Files are accessible via storage layer access options, WebDAV and Kolab web interface integrating Roundcube.

Tarsnap is not recommended on PRISM Break due to its lack of anonymous payment options and strict copyright on the client that makes it difficult to replace the service in the event Tarsnap is shut down.

BitTorrent Sync, MEGA, and SpiderOak are services that are built on either partially or fully proprietary software. They will not be recommended on PRISM Break until they open source the entirety of their codebase.

With closed source software, you need to have 100% trust in the vendor because there's nothing except for their morality in the way of them leaking your personal information. Even if you can vouch for their integrity, proprietary software invariably has more uncaught security bugs and exploits because there are fewer eyes examining the source code.

Another alternative to cloud storage is local backup with external hard drives and USB flash drives. This method is reliably more secure than storing data on a network, but comes at a convenience cost.

vlasnički*
Apple iCloud
Dropbox
Google Drive
Microsoft OneDrive
Firmware
Dopisivanje
Free Recommendations
Beleške

“Off-the-Record Messaging, često nazivan OTR, je kriptografski protokol koji pruža jaku enkripciju za instant messaging razgovore. OTR koristi kombinaciju AES algoritma sa simetričnim ključem, Diffie–Hellman razmenu ključa i SHA-1 hash funkciju. Kao dodatak autentičnosti i enkripciji, OTR pruža i perfect forward tajnovitost and malleable enkripciju.

Primarna motivacija koja se krije iza ovog protokola je pružanje poverljivih razgovora, kao razgovori u pravom životu i nepoznati izvori u novinarstvu.”

Wikipedia

Wikipedia

Imajte u obziru da Pidgin čuva šifre za Vaše korisničke račune bez enkripcije. Ovo možete zaobići tako što ne čuvate šifre unutar Pidgin-a, enkriptujete Vaš operativni sistem ili čuvate Vaše Pidgin šifre sigurno sa Debian pidgin-gnome-keyring paketom.

Pidgin sa omogućenim OTR-om i dbus-om ima lokali sigurnosti bug. Pogledajte upstream bug izveštaj za više informacija i moguće rešenje.

vlasnički*
AOL Instant Messenger
Apple Messages
Facebook
Google Hangouts
Skype
Trillian
Viber Messenger
WhatsApp
Google Allo
ICQ
LINE
Tencent QQ
WeChat
iMessage
Mail Servers
Beleške

A beginner’s guide to running your own mail server is available here: “NSA-proof your e-mail in 2 hours”.

Kolab integrates Roundcube into its webclient and offers desktop clients as well. Recent versions also feature a file cloud turning it into a complete solution for personal information management.

What is an MTA?

“Within Internet message handling services (MHS), a message transfer agent or mail transfer agent (MTA) or mail relay is software that transfers electronic mail messages from one computer to another using a client–server application architecture. An MTA implements both the client (sending) and server (receiving) portions of the Simple Mail Transfer Protocol.

The terms mail server, mail exchanger, and MX host may also refer to a computer performing the MTA function. The Domain Name System (DNS) associates a mail server to a domain with mail exchanger (MX) resource records containing the domain name of a host providing MTA services.”

vlasnički*
Mesh Networks
Beleške

Meshnet je decentralizovana P2P mreža, sa korisnički konitronisanim fizičkim linkovima koji su obično wireless.

“Mesh networking (topologija) je tip networking-a gde svaki čvor mora ne samo snimati i prosleđivati svoje podatke, nego i da služi kao relej za druge čvorove. To znači da mora sarađivati pri prenošenju podataka u mreži.“

Wikipedia

vlasnički*
Operating Systems
Free Recommendations
Beleške

Apple, Google, and Microsoft are allegedly a part of PRISM. Their proprietary operating systems cannot be trusted to safeguard your personal information from the NSA. We have two free alternatives: GNU/Linux and BSD.

GNU/Linux has a much larger community to help you with the transition. It’s recommended that you begin your explorations by looking for a GNU/Linux distribution that suits your needs.

Debian has a long tradition of software freedom. Contributors have to sign a social contract and adhere to the ethical manifesto. Strict inclusion guidelines make sure that only certified open source software gets packaged in the main repositories.

Gentoo describes itself as a meta-distribution. The source code is compiled to binary applications on the user's machine allowing near-unlimited adaptability and complete retraceability of the program logic.

Both Fedora and openSUSE are community editions that serve as the stable basis for enterprise ready GNU/Linux distributions with commercial support. Companies all over the world trust Red Hat Inc. and SUSE Linux GmbH because of their transparency throughout the whole development process.

Parabola GNU/Linux is effectively 99% Arch Linux with a de-blobbed kernel and a meta-package that blocks unfree licenses. Both of these features can be installed under Arch.

Canonical’s Ubuntu is not recommended by PRISM Break because it contains Amazon ads and data leaks by default. GNU/Linux distributions based on Ubuntu are also currently not recommended due to several other reasons.

vlasnički*
Apple macOS
Apple macOS Server
Microsoft Windows
Microsoft Windows Server
Operating Systems (Live)
Beleške

A live distribution like Tails is the fastest and easiest way to a secure operating system. All you have to do is create a bootable CD or USB drive with the files provided and you’re set. Everything else will be preconfigured for you.

A virtual machine (VM) image like Whonix is designed to be run inside of a virtualization package like VirtualBox. VirtualBox can be installed on Windows, Linux, macOS, and Solaris. This means that if you're stuck using Windows or macOS for whatever reason, you can install VirtualBox and use Whonix to increase your privacy and security.

vlasnički*
Operating Systems (Mobile)
Beleške

iOS i WP su vlasnički operativni sistemi čiji izvorni kod nije dostupan za reviziju od strane treće osobe. Ne trebate im verovati niti pri komunikaciji niti pri skladištenju podataka uređaju koji je zatvoren kao crna kutija.

vlasnički*
Apple iOS
BlackBerry
Google Android
CyanogenMod
Microsoft Windows Phone
Social Networks
vlasnički*
Facebook
Google+
LinkedIn
Twitter
VPN Clients
Beleške

Encrypted virtual private network (VPN) technology can be used by ordinary Internet users to connect to proxy servers for the purpose of protecting one’s identity and online footprint.

More on Wikipedia.

vlasnički*
Cisco Systems VPN Client
Viscosity
Dodaci za internet pretraživače
Beleške

Installing your own add-ons into the Tor Browser is not recommended, as they may bypass Tor or otherwise harm your anonymity and privacy. Check the EFF's Panopticlick to see how trackable your browser configuration is by third parties.

If you're using a Firefox-based browser, you can safeguard your browsing habits and stop advertising companies from tracking you by installing uBlock Origin, Request Policy, and HTTPS Everywhere.

A more advanced alternative to Request Policy would be uMatrix.

Install NoScript and enable ‘Forbid scripts globally’ to improve the security of your browser by preventing 0day JavaScript attacks. This is a drastic option as it will render many websites unusable as they rely heavily on JavaScript. NoScript offers a whitelist you can use to selectively enable JavaScript for sites you trust, but this is considered especially bad for your anonymity if you're using NoScript with the Tor Browser Bundle.

Why is Adblock Plus not recommended? Adblock Plus shows “acceptable ads” by default, which works against the purpose of the add-on. Either disable acceptable ads or use uBlock Origin instead.

vlasnički*
Ghostery
Web Browsers
Beleške

Try to use Tor Browser Bundle (TBB) for all of your web surfing. It will offer you far better anonymity than any other browser. Make sure to learn the basics of Tor before using it. If the site you want to visit will not work in the TBB, try Firefox intead, but realize these browsers do not anonymize your ip by default.

TBB notes: Using the TBB to sign into websites that contain your real ID is counterproductive, and may trip the site's fraud protection. Make sure to check for HTTPS before signing in to a website through Tor. Signing into HTTP websites can result in your ID being captured by a Tor exit node.

Firefox notes: This browser uses Google search by default: replace it with a more private alternative. Another debranded alternative to Firefox is Iceweasel, a browser for Debian-based distributions.

Why are Chromium, SRWare Iron, et al. not recommended on PRISM Break? More info here.

Warning for mobile devices & Tor: Websites using HTML5 <video> tags will leak <video>-related DNS queries and data transfer outside of Tor.

vlasnički*
Apple Safari
Google Chrome
Microsoft Internet Explorer
Opera
Yandex.Browser
Beleške

DuckDuckGo is a software-as-a-service (SaaS) hosted around the world that provides you with anonymous search results from these sources. DDG open source components are available here.

There is also a DuckDuckGo hidden service at 3g2upl4pq6kufc4m.onion for Tor users.

MetaGer is a SaaS by the German non-profit SUMA e.V. that provides you with anonymous meta search results.

Startpage is a SaaS hosted in the USA and the Netherlands that provides you with anonymous Google search and image results through a free proxy.

Ixquick (run by the same company as Startpage) is a meta search engine that returns combined results from nearly 100 sources - excluding Google.

Seeks acts as a personalizing Web server or proxy between you and your data feeds. Connect most search engines, RSS/ATOM feeds, Twitter/Identica, Youtube/Dailymotion, wikis, and basically any source of data, and Seeks will produce a fused personalized stream of results to your queries. See list of Web Seeks nodes.

Tor users may use Seeks hidden service at 5plvrsgydwy2sgce.onion.

YaCy is a promising project that offers fully decentralized peer-to-peer search. The more people who start using it, the better the results will become.

vlasnički*
Google Search
Yahoo Search
Microsoft Bing
Yandex Search