In today’s digital world, protecting personal data can feel overwhelming. Our mission is to simplify online privacy for everyone—beginners to experts.
What We Offer
Clear guides on privacy basics, advanced tools, and actionable steps to secure your online presence. Learn to safeguard social media, choose private software, or master encryption.
Our Inspiration
Inspired by platforms like PrivacyTools and PrivacyGuides, we take a distinct, non-tool-centric approach. Instead of overwhelming beginners with complex software or systems, we focus on foundational knowledge and practical habits to build privacy first. Tools come later—once you’ve mastered the basics.
Find Us Here
While Beginner Privacy has accounts on various social media platforms to reach new users. This is not an endorsement of these platforms, and we generally discourage their use.
In the digital age, an increasing amount of personal data is being collected about us. This data is collected by various entities for various purposes, but the potential consequences of having so much personal information exposed can be significant. From identity theft to government surveillance, it is crucial for everybody to take steps to protect their personal information and maintain their privacy.
Privacy vs Anonymity vs Security
Privacy is controlling who has access to your personal information.
Anonymity means being unidentifiable, allowing actions without revealing your identity.
Security involves protecting your data from unauthorized access.
“I have nothing to hide. Why should I care about my privacy?”
Just because you have nothing to hide, it doesn’t mean you don’t have anything to protect. Privacy is not just about hiding something, it’s about having control over your personal information and who has access to it. Even if you think you have nothing to hide, your personal information can be used for malicious purposes such as identity theft, phishing scams, and targeted advertising.
“I don’t have time to worry about my privacy”
Protecting your privacy doesn’t have to be time-consuming. There are simple steps you can take to improve your privacy such as using a VPN and being mindful of the personal information you share online.
Unpredictability Of The Future
The unpredictability of the future is a reason to care about your privacy, as personal information can be used in ways that you never imagined. Today, both corporations and governments are already using personal data for various purposes. As technology advances, the unpredictable uses of personal information will only increase. Protecting your personal information now can help ensure it’s not used against you in the future.
Creating a threat model is an important step in your journey toward better privacy and security. It’s all about figuring out who or what you need to protect yourself from and what you’re willing to do to keep your information safe. But here’s the catch: the more privacy and security you want, the more inconvenient things can get. You might find yourself juggling extra steps, using complex tools, or changing your habits. It’s a balancing act—finding the right mix of security that keeps you safe without making your life too complicated.
Developing Your Threat Model
To create a threat model, you can take our threat model assessment.
How sensitive is your typical online activity?
What's your biggest privacy concern?
What lengths are you willing to go to protect your privacy?
Your Threat Model:
You can also do it manually by asking yourself the following questions:
1. What do I want to protect?
Identify the assets that are most important to you. This could include personal data, financial information, intellectual property, or even your online reputation.
2. Who do I want to protect it from?
Consider the potential adversaries. Are you concerned about cybercriminals, government surveillance, insider threats, or even unintentional breaches by friends or family?
3. How likely is it that I will need to protect it?
Assess the likelihood of encountering these threats. Are you a high-profile individual, or do you engage in activities that might attract unwanted attention?
4. How severe are the consequences if I fail?
Evaluate the potential impact of a security breach. Would it result in financial loss, reputational damage, or legal repercussions? Understanding the stakes can help prioritize your efforts.
5. What lengths am I willing to go to prevent potential consequences?
Determine your comfort level with various security measures. Are you willing to invest in advanced security tools, adopt strict privacy practices, or change your online behavior?
I have a threat model. Now what?
Now that you have your threat model, it’s time to decide how far you want to go on the Beginner Privacy roadmap. Here are a few profiles to help guide your choice:
The Casual User: If your main concern is simply hiding your personal information from big corporations and mass surveillance, the Basic roadmap is all you need.
The Privacy-Conscious Individual: If you want to take your privacy more seriously and go beyond the basics to shield yourself from potential threats, you should continue to the Medium roadmap after completing the Basic roadmap.
The Activist or High-Risk Individual: If you’re an activist, a journalist, or someone who is wanted by the government, or if you simply want to ensure the highest level of privacy, you should follow the Advanced roadmap after completing both the Basic and Medium roadmaps.
Regularly Updating Your Threat Model
Your threat model isn’t a one-and-done task; it’s something that should evolve as your life and circumstances change. To keep it relevant, consider setting a schedule to review your threat model regularly. This is especially important after significant life events, such as starting a new job, moving to a different location, or making changes to your online presence.
The Basic Roadmap is designed to provide you with foundational knowledge and practical skills to enhance your online security and privacy. This section covers essential practices that everyone should adopt to protect their personal information and maintain a secure digital presence.
In this roadmap, you will learn about the importance of creating strong passwords, implementing Two-Factor Authentication (2FA), and limiting the information you share online. Additionally, you will explore browser, mobile, and desktop privacy settings, as well as the benefits of using a Virtual Private Network (VPN) for secure internet access. The section also addresses email privacy, the use of privacy-focused search engines, and secure communication methods.
We recommend that you gradually implement these practices into your daily routine, allowing you to become comfortable with each step before moving on to the next. This approach will help you build a solid foundation for your online security without feeling overwhelmed.
Did you know that the most commonly used password is “123456”? This highlights the importance of using strong, unique passwords for each of your online accounts. In this post, we’ll go over the best practices for generating and storing strong passwords.
Common Password Security Mistakes:
Using personal information in your passwords
Using the same password for multiple accounts
Storing passwords in plaintext or in easily accessible locations
How Do I Make Strong Passwords?
A strong password is a password that is difficult to guess or crack. It should be completely random and at least 16 characters long (preferably longer) and include a combination of uppercase and lowercase letters, numbers, and special characters.
To get a strong password you can use a free online password generator:
Password managers are great to use because they allow you to store long and complex passwords, and then simply copy and paste them when needed. It works by setting a master password, which is used to encrypt all of your other passwords. This means that all of your passwords are stored securely and can only be accessed with the master password.
Imagine this: You’ve used the same password for years. Then, an email says someone logged into your bank account from another country.
Passwords alone aren’t enough. Hackers steal them via phishing, leaks, or brute forcing attacks. Two-Factor Authentication (2FA) adds a second layer to stop them.
How Does 2FA Work?
Enter your password.
Verify with a second factor
A one-time code (app / SMS / email).
Biometrics (fingerprint / face scan).
A physical security key.
Even with your password, hackers can’t access your account without the second factor.
Types of 2FA: Which Should You Use?
Not all 2FA methods are equally secure.
Security Keys: Best, physical devices (like YubiKey) that plug into your phone or computer.
Authenticator Apps: Great, these apps allow you to scan a QR code and then generate time-sensitive codes completely offline.
SMS / Email Codes: Convenient, but hackers can intercept these via SIM-swapping or phishing.
Biometrics: Good, fingerprint or face scans are secure but only work on devices you own.
How to Enable 2FA on Your Accounts
Most platforms make it easy. Here’s how to do it on some platforms:
Google: Security → 2-Step Verification → Get Started.
Apple ID: Settings → [Your Name] → Password & Security.
Facebook: Settings → Security and Login → Two-Factor Authentication.
Other: Usually the same steps as the platforms above.
Recommended Authenticator Apps
Here are the authenticator apps we recommend for storing your 2FA codes. Many password managers can also store 2FA codes.
Ente Auth
Local (Codes can optionally be stored in the cloud), open-source
Are you tired of endless spam emails, robocalls, or discovering your personal data was sold to shady data brokers? Every time you hand over your real name, email, or phone number to a random app or website, you’re gambling with your privacy. To avoid this you’ll have to provide fake information.
When Not To Use Fake Information
It’s important to know when you should use fake information and when you should not, as it can quickly backfire.
Long Term Use Accounts: Don’t use a temporary email when signing up for accounts that you plan to use more than 1 time.
Buying things online: You should provide a real address if you’re getting your package delivered to your house. If you are picking up a package at a post office, you should consider using your real name, as they sometime require you to show ID.
Other: Please consider the following two things each time before you provide fake information:
Is this service or account important to my life?
Will I get in trouble if I provide fake information?
Fake Information
Not every website or form deserves your honesty. For non-critical accounts, use fabricated details:
Fake names: Use a pseudonym like “Alex Smith” instead of your real name.
Fake birthdays: Pick a random date (e.g., January 1, 1985).
Fake addresses: Use a random address (e.g., a library or coffee shop).
Temporary Email
Why risk getting spammed on your primary email? Use a burner email for one-time signups or sketchy downloads.
Having a privacy-respecting browser helps protect you from websites that collect more data than they should. It reduces tracking, safeguards your personal information, and minimizes your digital footprint while you browse.
Difference Between Browser And Search Engine
To understand the importance of a private browser, it’s essential to differentiate between a browser and a search engine. A browser is a software application that allows users to access and view websites on the internet, while a search engine is a tool that helps users find specific information by searching through indexed web content based on keywords or phrases. In essence, the browser is the interface for navigating the web, and the search engine is a resource for discovering web content.
What Does Websites Know About You
Websites can gather a lot of information from your browser, which is why using a privacy-focused browser is essential for protecting your personal data. When you visit a website, it can track various details, including:
IP Address: This can reveal your approximate location.
Browser Type and Version: Websites can identify the browser you are using, which can be used to tailor content or track user behavior.
Operating System: Information about your device can be collected, which can also be used for tracking.
Cookies: These small files store information about your preferences and browsing history, allowing websites to recognize you on future visits.
Tracking Scripts: Many websites use third-party scripts to track user behavior across the web.
To see what other information websites can see about you, you can use websites like Webkay, BrowserLeaks, or whoareyou.
The Main Types Of Browsers
When it comes to choosing a browser, the two main options are Chromium and Firefox. Both are open-source projects, meaning their source code is publicly available for anyone to inspect and contribute to. Most modern browsers are built on either Chromium or Firefox, which means they share similar underlying technologies.
Chromium: This is the open-source project behind Google Chrome and many other browsers. While Chromium itself is privacy-friendly, many browsers built on it may include tracking features or data collection practices. However, there are privacy-focused browsers based on Chromium, such as Brave.
Firefox: Developed by Mozilla, a nonprofit organization dedicated to an open and private internet, Firefox is known for its strong commitment to user privacy.
Having a private browser is not enough, you also need to use a private search engine. Fortunately for you it’s very easy to switch to a privacy focused search engine.
How Does A Search Engine Work?
1. Crawlers Scout the Web
Think of these bots as digital librarians, constantly scanning and cataloging websites.
2. Indexing the Internet
All crawled pages get stored in a massive database (the “index”), like a library’s card catalog for the web.
3. Matching Your Query
When you search, the engine scours its index for pages matching your keywords, then ranks them.
Search engines like Google show paid “Sponsored” websites at the top. These ads are bought by companies to appear first—they’re not organic results.
Why Bother?
Traditional search engines like Google or Bing:
Track your queries to build a profile of your interests.
Sell your data to advertisers or use it to personalize results.
Privacy-focused search engines, however:
Don’t store your searches and tie them to your identity.
Serve unbiased results without filtering based on your history.
How To Switch Your Search Engine
Chrome/Edge/Brave:
Click the three-dot menu → Settings → Search Engine → Choose your new default.
Firefox:
Click the three-dot menu → Settings → Search → Select from the dropdown.
Safari:
Open Safari Settings → Search → Pick your engine.
You’ve probably encountered countless VPN ads on platforms like YouTube. But how do they actually work, and more importantly, should you use one?
How Does a VPN Work?
A Virtual Private Network (VPN) creates a secure connection between your device and the internet by routing your traffic through a private server. This process encrypts your data, making it impossible for your Internet Service Provider (ISP) to see your online activities.
What Does a VPN Protect You From?
While a VPN is effective at hiding your IP address, accessing geo-restricted content, and preventing ISP surveillance, it does not protect you from hackers, phishing emails, or other threats. Authorities can still request information from the VPN company, which may have a no-logging policy regarding your internet activity but could still retain personal information like your email, phone number, and real name.
If you’re considering engaging in more serious activities that require enhanced anonymity, we recommend reading our article about Tor for a more secure option.
How To Choose a Good VPN
When searching for a reliable VPN, trustworthiness is crucial since the service will have access to your online activities. Here are key factors to consider when evaluating a VPN:
Open Source: Look for VPNs with open-source code, allowing for transparency and community audits.
Minimal Personal Information Required: Choose services that don’t require sensitive information like your name, phone number, or email.
Strict No-Logging Policy: Ensure the VPN has a verified no-logging policy, meaning they do not store your browsing history.
Strong Encryption Protocols: Opt for VPNs that use modern encryption standards, such as OpenVPN or WireGuard, to protect your data.
Our smartphones are the biggest data collectors, soaking up all kinds of information about us—our locations, fingerprints, app usage, and so much more. That’s why it’s important to take control and limit what they know about us.
Which Is More Private? Android or iOS
Both Android and iOS collect similar data, such as location, app usage, and personal preferences. The main difference is in how they handle that data: Apple keeps it for its own use, while Google sells it for advertising purposes.
From a security standpoint, both platforms are relatively equal. However, Android is a more permissive operating system, giving users greater control over what they can do, while iOS tends to be more restrictive.
Privacy Settings
Note: The steps to access these settings may vary depending on your device’s version and manufacturer.
Restrict App Permissions
Android:
Navigate to Settings > Security and privacy > Permission manager.
Choose a specific permission (e.g., location, camera) and select an app that shouldn’t have access to the permission.
Tap “Don’t allow” to revoke access.
iOS:
Go to Settings > Privacy & Security.
Select the permission type (e.g., Location Services, Contacts) and choose the app you want to limit.
Toggle the switch to disable access.
Disable Location
Android:
Open Settings > Location and toggle the switch to off.
iOS:
Go to Settings > Privacy & Security > Location Services and toggle the switch to off.
Disable Notifications Preview
Android:
Head to Settings > Notifications > Lock screen notifications and select “Hide content”.
iOS:
Navigate to Settings > Notifications > Show Previews and select “Never”.
Disable Telemetry
Android:
Go to Settings > Security and privacy > More privacy settings. Turn off “Send diagnostic data” and “Android personalization service.”
Then, navigate to Ads > Ads privacy and disable all options.
Finally, return to Ads and select “Delete advertising ID,” and go back to More privacy settings > Usage and diagnostics and disable it.
iOS:
Open Settings > Privacy & Security > Analytics & Improvements and toggle off options like “Share iPhone Analytics” and “Share with App Developers.”
The desktop collects all kinds of information about us. That’s why it’s important to take control and limit what it knows about us.
Which Operating System Is More Private? Windows, Linux, or MacOS
Linux is the most privacy-respecting option. While Windows and MacOS dominate the market, they don’t prioritize user privacy as much as Linux (which is also open source).
Privacy Settings
Linux
Disable Telemetry
Some distributions may send diagnostic data, usually off by default. You can search for how to disable it for your specific distribution.
Windows
Restrict App Permissions
Navigate to Settings > Privacy & security.
Scroll down to the App permissions section and adjust the following settings:
Location: Turn off “Location services”.
Camera: Turn off “Camera access”.
Microphone: Turn off “Microphone access”.
Disable Telemetry
Go to Settings > Privacy & security > Diagnostics & feedback.
Disable “Send optional diagnostic data”.
Additionally, turn off:
“Improve inking and typing”
“Tailored experiences”
“View diagnostic data”
Disable Ad Tracking
Access Settings > Privacy & security > General.
Turn off “Let apps show me personalized ads by using my advertising ID”.
MacOS
Restrict App Permissions
Navigate to System Preferences > Security & Privacy > Privacy Tab. In the following categories, turn off access if you don’t want any apps to use it, or allow it only for specific apps:
Location Services
Contacts
Calendars
Photos
Microphone
Camera
Files
Folders
Disable Telemetry
Go to System Preferences > Security & Privacy > Privacy Tab > Analytics and turn off “Share Mac Analytics” and “Share with App Developers”.
Disable Ad Tracking
Access System Preferences > Security & Privacy > Privacy Tab > Advertising and check the box “Limit Ad Tracking”.
Disable Siri
Siri collects and sends a ton of information to Apple about you. Disable it by going to System Preferences > Siri and turn off “Enable Ask Siri”.
Popular email providers like Gmail, Outlook, and Yahoo can leave you vulnerable to various privacy risks and security threats, as their business models are heavily dependent on the collection and monetization of user data.
The Importance of Email Privacy
Using mainstream email services often means compromising your privacy. Providers like Gmail and Yahoo engage in practices that can expose your personal information, such as:
Data Monetization: These companies frequently sell your data to advertisers, which can lead to targeted ads based on your email content and behavior.
Invasive Scanning: Your inbox may be scanned for keywords to serve personalized ads, raising concerns about who has access to your private conversations.
Data Breaches: High-profile breaches have shown that these services can be vulnerable, putting your sensitive information at risk.
Lack of Encryption: Most mainstream providers do not offer end-to-end encryption by default, meaning your emails could be accessed by the provider or intercepted by others.
What a Privacy Focused Email Does
Anonymous Sign-Up: You can register without giving away personal info, keeping your identity unknown.
End-to-End Encryption: Your emails are secured so only you and the person you’re sending to can read them. The email provider can’t peek.
Open Source Transparency: They share their source code publicly, so anyone can check if they’re really secure and private.
The importance of secure communication cannot be overstated, and that’s why you should ditch traditional SMS, as it puts your privacy at risk.
Why You Should Ditch SMS
SMS, short for Short Message Service, was invented in 1984 and has seen little evolution since then. Here are some key reasons to move away:
Lack of Encryption: SMS messages are not encrypted, meaning they can be intercepted and read by anyone, including telecom companies.
Data Profiling: Telecom companies can profile users by analyzing their messages and logs, often selling this data to third parties without your consent.
Limited Features: SMS lacks many features that modern messaging apps offer, such as group chats, multimedia sharing, and voice or video calls.
RCS: A Step Forward from SMS
Rich Communication Services (RCS) is often touted as the next evolution of SMS, designed to address many of the limitations of traditional messaging. Here are some reasons why RCS is a better option than standard SMS:
Enhanced Features: RCS supports rich media sharing, including high-resolution images, videos, and audio messages. It also allows for group chats and read receipts, making conversations more interactive and engaging.
Improved Security: While RCS does not provide end-to-end encryption by default, it offers better security features than SMS. Some carriers and messaging apps are implementing encryption for RCS messages, which can help protect your conversations from interception.
Why Choose Privacy-Focused Apps Over RCS
While RCS improves upon SMS, it still falls short in terms of privacy and security compared to dedicated messaging apps like Signal. Here’s why using a privacy-focused communication app is a better choice:
End-to-End Encryption: Signal offers robust end-to-end encryption for all messages and calls, ensuring that only the sender and recipient can read the content. In contrast, proprietary messaging apps from Google and Apple may not provide the same level of security, as they can access user data and messages.
No Data Collection: Signal is designed with privacy in mind and does not collect user data or metadata. Unlike proprietary messaging apps, which may track user behavior and store data for advertising purposes, Signal operates on a minimal data retention policy, ensuring your conversations remain private.
Open Source: Signal is open-source, meaning its code is publicly available for review. This transparency allows security experts to audit the app for vulnerabilities, fostering trust among users. Proprietary apps, on the other hand, do not offer the same level of scrutiny.
Recommended Communication Methods
When considering alternatives to SMS, here are some highly recommended secure communication methods:
Transitioning to a secure communication method is only effective if your contacts are on board. Here are some strategies to encourage others to ditch SMS:
Educate Your Contacts: Share information about the risks associated with SMS and the benefits of secure messaging apps.
Lead by Example: Start using secure communication methods yourself and invite others to join you. Demonstrating the ease and advantages of these apps can motivate your contacts to make the switch.
Offer Assistance: Help your contacts download and set up secure messaging apps. Sometimes, the technical barrier can deter people from making the change.
Create Group Chats: Initiate group conversations on secure platforms to showcase their functionality. This can help others see the benefits firsthand and encourage them to participate.
The Medium Roadmap builds upon the foundational knowledge established in the Basic Roadmap, guiding you toward more advanced practices for enhancing your online security and privacy. This section introduces tools and strategies that empower you to take greater control over your digital footprint and safeguard your personal information.
In this roadmap, you will learn about the benefits of switching to Linux, an operating system known for its security and privacy features. You will also explore the world of Free and Open Source Software (FOSS), which offers alternatives to proprietary applications that may compromise your privacy.
Finally, you will be introduced to the concept of Operational Security (OpSec), which focuses on protecting your sensitive information and minimizing risks in your online activities.
As you progress through this roadmap, we recommend taking your time to implement these practices gradually. This will allow you to adapt to new tools and concepts while reinforcing your understanding of online security.
Using FOSS is an important step in your privacy journey and also a superior choice to proprietary software.
What is FOSS?
FOSS stands for Free and Open Source Software. This means that the software’s source code is accessible to the public, allowing anyone to view, modify, and distribute it. This openness fosters collaboration and innovation within the software community.
Why Is FOSS Better Than Proprietary Software?
FOSS offers several advantages over proprietary software:
Transparency: Users can inspect the source code to understand how the software works, ensuring there are no hidden malicious features or data collecting going on.
Security: With the ability to build software from source, users can avoid downloading potentially harmful versions that may contain malware, such as Trojan Horses.
Community Support: FOSS often has a vibrant community that contributes to its development, providing support and updates.
How Do I Find FOSS Alternatives?
Finding FOSS alternatives is easier than ever, thanks to dedicated websites that list various options. Here are some recommended resources:
OpenSourceAlternative.to
A comprehensive directory of open source alternatives.
Linux isn’t just for tech wizards—it’s a powerful, open-source operating system that prioritizes privacy, customization, and stability. Unlike Windows or macOS, Linux doesn’t track your activity or force you into proprietary ecosystems. It’s free to use, modify, and share, backed by a global community of developers. Whether you’re a privacy-conscious user, a tinkerer, or someone tired of bloated software, Linux offers a refreshing alternative.
Choosing Your Linux Distribution
With hundreds of distributions (or “distros”) available, picking the right one can feel overwhelming. Here’s a quick breakdown:
Debian-based distros (e.g., Ubuntu, Linux Mint) are ideal for beginners due to their stability and extensive software libraries.
Arch-based distros (e.g., Manjaro) cater to users who want bleeding-edge software and deeper customization.
Fedora or openSUSE strike a balance between innovation and reliability.
ℹ️
If you’re unsure which distro to choose, visit the Distrochooser website.
For most newcomers, we recommend Debian—the rock-solid foundation for many popular distros, as you can see on the chart below. Once you’ve chosen a distro, decide on a desktop environment:
GNOME: Sleek, modern, and intuitive (similar to macOS).
KDE Plasma: Highly customizable with a Windows-like feel.
XFCE or LXQt: Lightweight options for older hardware.
Getting Comfortable with Linux
Before wiping your hard drive, test Linux risk-free in a virtual machine (VM). Tools like VirtualBox let you run Linux alongside your current OS. Here’s how:
Download a Linux ISO (e.g., Debian or Ubuntu).
Install VirtualBox and create a new VM, allocating resources like RAM and storage.
Boot the VM from the ISO and install it through the “Graphical Install” option.
VirtualBox
A free, open-source tool for running OSes in a VM.
Many fear Linux is all about typing commands in a terminal. While the terminal is powerful, modern distros offer user-friendly Graphical User Interfaces (GUI) for everyday tasks like browsing, editing files, or installing software.
Dual Booting: The Best of Both Worlds
Need Windows or macOS for specific apps or work? Dual booting lets you keep both Operating Systems on one machine.
Single-drive setup: Partition your drive to allocate space for Linux.
Multi-drive setup: Install Linux on a separate drive for easier management.
⚠️
Back up your data first! Partitioning carries risks, and mistakes can lead to data loss.
Wait for the process to complete, then eject the USB drive:
diskutil eject /dev/diskN
Step 3: Boot from the USB
Restart your computer and press the BIOS/UEFI key (commonly F2, F12, Del, or Esc).
In the boot menu, prioritize the USB drive.
Save changes and exit to launch the Debian installer.
Step 4: Install Debian
Select Graphical Install for a guided setup.
Follow prompts for language, location, and user account creation.
When it prompts you about Partitioning you have the following options:
Guided - use entire disk:
Erases the entire disk and installs Debian as the sole operating system. Ideal for new users or dedicated Linux setups.
Guided - use entire disk and set up encrypted LVM:
Installs Debian as the sole OS while enabling full-disk encryption via LVM (Logical Volume Manager). Perfect for securing sensitive data.
Manual:
For advanced users: Create, resize, or retain partitions (e.g., dual-boot with Windows). Requires familiarity with disk layouts.
When it prompts you about Software Selection: Choose the desktop environment you want (GNOME or KDE Plasma) and optional tools (e.g., SSH server, print server).
Complete the installation and reboot.
Linux isn’t just an OS—it’s a gateway to learning, creativity, and control. Happy exploring! 🐧
The importance of using an encrypted DNS cannot be overstated. While many people are aware of the need for secure browsers and VPNs, the role of DNS encryption often flies under the radar.
What is DNS?
At its core, the Domain Name System (DNS) is the internet’s phone book. It translates user-friendly domain names—like www.example.com—into the numerical IP addresses that computers use to communicate with each other. This process is essential for navigating the web, as it allows your browser to locate and connect to the websites you want to visit.
Types of DNS
Standard DNS: This is the traditional DNS that most users rely on. When you enter a website address, your request is sent to a DNS server, which resolves the domain name into an IP address. However, this process is typically unencrypted, meaning that anyone monitoring your network traffic can see which websites you are visiting.
Encrypted DNS: This type of DNS adds a layer of security by encrypting your DNS queries. There are two main protocols for encrypted DNS:
DNS over HTTPS (DoH): This protocol sends DNS queries over HTTPS, which means your requests are encrypted and secure from eavesdropping. It also helps prevent DNS spoofing, where attackers redirect you to malicious sites.
DNS over TLS (DoT): Similar to DoH, DoT encrypts DNS queries but uses a different method (TLS) to secure the connection. Both protocols aim to enhance privacy and security.
Why Use Encrypted DNS?
DNS Query Privacy: Encrypted DNS specifically protects your DNS queries from being monitored. This means that your ISP or any other third party cannot see which websites you are trying to access.
Prevention of DNS Spoofing: Encrypted DNS helps prevent attacks where malicious actors redirect your DNS queries to fraudulent websites. This is crucial for ensuring that you reach the intended site without interference.
Reduced Tracking: By using encrypted DNS, you limit the amount of data that advertisers and data brokers can collect about your browsing habits, as they rely on DNS queries to build user profiles.
Recommended Encrypted DNS Providers
ℹ️
Each of these providers offers guides to help you set up their DNS on your device.
Social media platforms are major data collectors that gather a lot of information about you. While many people may want to leave social media behind, it’s not always practical or appealing. Instead, we recommend using a frontend, which allows you to engage with content and connect with others while protecting your privacy.
What is a Frontend?
A frontend is an interface that lets you interact with online services, including social media, without being tracked. It can be a website or an app designed for easy use, helping you access content and connect with others while protecting your privacy.
Why Use a Frontend?
Choosing a frontend over social media has several benefits:
Less Data Collection: Frontends limit the personal information they gather, helping protect your privacy.
Customizable Experience: You can often personalize how you interact with content, choosing the features that matter most to you.
Focused Engagement: Frontends help you connect with content that truly interests you, free from the distractions of social media.
Same Content: Instead of switching to a less popular platform like Odysee, you can use a frontend to access the same YouTube videos you enjoy, all while protecting your privacy.
Data brokers collect and compile vast amounts of personal information about you from a variety of sources to create detailed profiles. These profiles can be used for targeted marketing, advertising, and may even affect your credit or insurance rates—often without your direct knowledge or consent.
Removing Yourself From Data Brokers
Regaining control over your personal data involves a few key steps, from identifying where your data lives to submitting removal requests. Here’s how to approach it:
1. Identify Where Your Information is Stored
Begin by discovering which data brokers have your personal information. You can explore two methods to find your data across these brokers:
Manual Search
Visit each data broker’s website to locate their opt-out or privacy page. Many of these sites offer searchable databases that allow you to verify whether your information is listed.
We recommend prioritizing your search with the data brokers marked with a 💐 (crucial) or ☠ (high priority) in the Big Ass Data Broker Opt-Out List.
Automated Tools
There are privacy-focused services and tools that scan multiple data brokers simultaneously for your personal information. These can streamline the discovery process, helping you identify where your data is listed quickly and efficiently.
Using a combination of manual checks and automated services ensures a thorough search.
2. Submit Removal Requests
Once you know which brokers hold your data, submit opt-out requests to have your information removed. There are several ways to do this:
Manual Submission (Recommended)
Follow each broker’s instructions on their website to request removal. This often includes filling out opt-out forms and verifying your identity to prevent fraudulent requests.
We suggest starting with the data brokers that have your information and are marked with a 💐 (crucial) or ☠ (high priority) in the Big Ass Data Broker Opt-Out List.
Automated Services
Some privacy companies offer tools that can automatically submit removal requests to multiple data brokers, saving you time and ensuring thoroughness. However, be careful—these services can sometimes do more harm than good. They may share all the information you provide with many brokers, including sensitive details that were previously unknown. To learn more about the risks of using data removal services, read here.
Tor, short for “The Onion Router,” is a free and open-source software that enables anonymous communication over the internet. It achieves this by routing your internet traffic through a network of volunteer-operated servers, known as nodes or relays. Each relay only knows the location of the previous and next relay, which helps obscure the user’s original IP address. This layered encryption process resembles the layers of an onion, hence the name. Tor is widely used by individuals seeking to protect their privacy online, including journalists, activists, and everyday users who want to browse the web without being tracked.
Why Use Tor?
There are several compelling reasons to use Tor, as well as some drawbacks to consider:
Benefits of Using Tor
Anonymity: Tor helps protect your identity by masking your IP address, making it difficult for websites, advertisers, and even governments to track your online activities.
Circumventing Censorship: In countries with strict internet censorship, Tor can help users access blocked websites and communicate freely.
Privacy Protection: Tor encrypts your internet traffic, providing an additional layer of security against eavesdropping and surveillance.
Access to the Dark Web: Tor allows users to access .onion sites, which are not indexed by traditional search engines and can provide unique content and services.
Drawbacks of Using Tor
Slow Speed: Because Tor routes your internet traffic through multiple relays, it can significantly slow down your browsing experience compared to standard internet connections.
Not Ideal for Casual Use: For everyday browsing, Tor is generally not recommended due to its slower speeds and the potential for websites to block Tor traffic.
I2P: An Alternative for Tor
It’s worth mentioning I2P (Invisible Internet Project); it’s another network designed for anonymous communication. Unlike Tor, which focuses on accessing the regular internet anonymously, I2P is primarily designed for peer-to-peer communication and hosting services within its own network. I2P is fully decentralized, enhancing its resilience against censorship, and all traffic within I2P is encrypted, providing a high level of privacy. For more information, you can visit the I2P Wikipedia article.
Installing Tor Browser
Installing the Tor Browser is a straightforward process. Here’s how to do it:
Download the Tor Browser:
Visit the official Tor Project website at torproject.org.
Scroll down and click on the download button for your operating system (Windows, macOS, Linux, or Android).
Install the Tor Browser:
Once the download is complete, open the installer and follow the on-screen instructions to install the Tor Browser on your device.
Launch the Tor Browser:
After installation, open the Tor Browser. You will be greeted with a welcome screen that provides information about how Tor works.
Connect to the Tor Network:
Click the “Connect” button to establish a connection to the Tor network. This may take a few seconds.
Start Browsing:
Once connected, you can start browsing the internet anonymously.
Using Tor Safely
While Tor provides a significant level of anonymity, it’s essential to use it correct to maximize your privacy. Here are some best practices:
Disable JavaScript: You have to fully disable JavaScript because then websites can’t get your information. This may break the functionality of some websites.
Don’t Log In Into Accounts: Avoid logging into accounts that can be linked to your real identity (e.g., social media) while using Tor.
Don’t Use Plugins or Extensions: Do not install additional plugins or extensions in the Tor Browser, as they can compromise your anonymity.
Don’t Reveal Personal Information: Never share personal information while using Tor, as it can be used to identify you.
Don’t Use a VPN With Tor: Mixing a VPN together with Tor is not recommended, as it centralizes your connection and undermines Tor’s decentralization. It also adds a layer of trust in the VPN provider, who may log your activities.
The Advanced Roadmap is for those ready to make a significant lifestyle change in their approach to online security and privacy. This section emphasizes the importance of adopting a comprehensive mindset where privacy is prioritized over convenience.
You will learn about secure operating systems like Qubes OS and also about Tor and I2P. These tools enhance your anonymity but require a commitment to avoiding proprietary software and embracing free and open-source alternatives. Additionally, you will explore self-hosting your own services, because the only person you can truly trust is yourself—everyone else poses a potential threat.
Additionally, you will explore cryptocurrency, including secure acquisition and management practices, and the critical importance of encrypting your data to protect your communications and files. Operational Security (OpSec) will also be a key focus, as it is essential for minimizing risks in your online activities.
Expected Time to Complete: 1 month for completing the roadmap, but you must maintain good OpSec and continuously adapt your practices; it’s not simply about installing tools and operating systems and then being done.
Today, high-risk individuals—such as journalists, activists, and whistleblowers—face significant threats to their privacy and security. Traditional operating systems like Windows, macOS, and standard Linux distributions often lack the robust security features necessary to protect sensitive information from sophisticated cyber threats and surveillance. These mainstream OS options are typically designed for convenience and usability, which can inadvertently expose users to vulnerabilities.
Recommended Desktop OS for High-Risk Individuals
Qubes OS
Qubes OS is a security-focused operating system that uses virtualization to create isolated environments for different applications. Each application runs in its own virtual machine, ensuring that a compromise in one does not affect the others. Qubes OS is for maximum security and privacy; people like Edward Snowden use it.
Tails is a live operating system designed for anonymity and privacy. It runs from a USB stick or DVD, leaving no trace on the host computer. By routing all internet traffic through the Tor network, Tails is perfect for someone on the run or for those who don’t want to carry around a laptop.
Whonix is a privacy-centric operating system that emphasizes anonymity through the use of Tor. It consists of two virtual machines: one for running applications and another for routing traffic through Tor. Whonix is for people who just want to be anonymous without the isolation in Qubes OS.
In the world of smartphones, using popular operating systems like Android and iOS can compromise user privacy. Both platforms are known for extensive data collection practices, which can lead to significant privacy risks. Android’s open ecosystem allows for greater flexibility but also increases vulnerability to malware. Meanwhile, iOS, despite it’s more controlled environment, has faced criticism for it’s lack of transparency regarding data collection. Both systems prioritize user convenience, often at the expense of privacy.
Recommended Private Mobile OS
ℹ️
Please note that some applications, including certain Google apps, may not be supported on these operating systems.
GrapheneOS
GrapheneOS is a privacy and security-focused mobile operating system based on Android. It enhances security through hardening techniques, sandboxing, and secure app permissions, making it a robust choice for privacy-conscious users. However, it may have limited app availability and a steeper learning curve due to it’s focus on security.
CalyxOS is another privacy-centric mobile operating system based on Android, designed for user-friendliness while incorporating privacy features like a built-in VPN and support for secure messaging apps. While it offers a balance of usability and privacy, it may still rely on some Google services.
LineageOS is a popular open-source operating system that provides a customizable Android experience with a focus on user privacy. It allows users to remove unwanted bloatware and receive regular security updates, but installation may require some technical knowledge.
In an age where data breaches and privacy concerns dominate headlines, self-hosting has emerged as a compelling solution for individuals and organizations seeking greater control over their digital lives.
What is Self-Hosting?
Self-hosting refers to the practice of running applications, services, or websites on your own hardware rather than relying on third-party providers. This can involve anything from hosting a personal blog on a Raspberry Pi to managing a full-fledged cloud storage solution on a dedicated server. The core idea is to take ownership of your digital environment, allowing you to dictate how your data is stored, accessed, and managed.
Why Should You Start Self-Hosting?
There are numerous compelling reasons to self-host:
Independence: You are not dependent on third-party services that may alter their terms, raise prices, or even discontinue their offerings.
Control: Self-hosting provides you with complete control over the services you utilize and your data, including who has access to your information.
Cost Savings: Although there may be initial setup costs, self-hosting can be more cost-effective in the long run, particularly if you are currently subscribed to multiple cloud services.
Privacy: Your data remains on your own hardware, significantly reducing the risk of unauthorized access by third parties.
Customization: You have the flexibility to tailor your system to meet your specific needs, allowing you to install and configure software exactly as you desire.
Types of Self-Hosting
1. Home Server Setups
Home server setups are one of the most accessible forms of self-hosting. With relatively low-cost hardware, such as a Raspberry Pi or an old laptop, you can create a personal server to host applications like file storage, media streaming, or even a personal website. Home servers are ideal for individuals looking to dip their toes into self-hosting without a significant investment.
2. Virtual Private Servers (VPS)
For those seeking more power and flexibility, Virtual Private Servers (VPS) offer a robust alternative. A VPS is a virtualized server that runs on physical hardware, providing dedicated resources and greater control over the environment. This option is particularly popular among developers and small businesses that require reliable performance and scalability.
What Services Can You Self-Host?
ℹ️
This is just a brief overview; for a more extensive list of services you can self-host, be sure to check out awesome-selfhosted.
Service
Benefits
Solutions
File Storage and Synchronization
Full control over files, no storage limits except hardware
Given that our financial transactions can reveal so much about us, the demand for privacy and anonymity in these transactions has never been more critical. Cryptocurrency emerges as a compelling solution, empowering individuals to make purchases discreetly and without leaving a trace.
What Is Cryptocurrency?
Cryptocurrency is a type of digital or virtual currency that employs cryptography for security. Unlike traditional currencies issued by governments (known as fiat currencies), cryptocurrencies function on decentralized networks powered by blockchain technology. The first and most recognized cryptocurrency, Bitcoin, was introduced in 2009 by an anonymous entity known as Satoshi Nakamoto.
Key characteristics of cryptocurrencies include:
Decentralization: No single authority governs the currency, rendering it resistant to government interference or manipulation.
Security: Cryptographic methods safeguard the integrity and security of transactions.
Anonymity: Depending on the cryptocurrency, users can conduct transactions without disclosing their identities.
How Does It Work?
Cryptocurrencies operate on a technology called blockchain, which serves as a distributed ledger that records all transactions across a network of computers. Here’s a simplified overview of the process:
Transaction Initiation: A user initiates a transaction by sending cryptocurrency to another user’s wallet address.
Verification: The transaction is broadcast to the network, where it is verified by nodes (computers) that maintain the blockchain.
Mining: Miners compete to solve complex mathematical problems to validate the transaction and add it to the blockchain. This process, known as mining, rewards them with newly created cryptocurrency.
Completion: Once verified, the transaction is permanently recorded on the blockchain, ensuring its immutability.
This decentralized framework guarantees that no single entity controls the currency, thereby enhancing both security and privacy.
The Best Privacy-Focused Cryptocurrency
While many cryptocurrencies offer a high level of anonymity, they often lack a strong emphasis on privacy. For instance, Bitcoin transactions are recorded on a public ledger, making it possible for anyone to trace the flow of funds and identify users through their wallet addresses.
In contrast, Monero (XMR) is designed specifically to enhance privacy. It uses advanced techniques to obscure transaction details, such as the sender, receiver, and transaction amount. This means that Monero transactions are nearly impossible to trace, providing users with a much higher level of privacy compared to Bitcoin.
Monero Wallets
To maintain the highest level of privacy when using Monero, it’s important to choose a self-custody wallet. A self-custody wallet keeps your “view key” on your device, which means only you can access your funds and see your transaction history.
In contrast, custodial wallets are managed by third-party providers, which means they can monitor your transactions and activities. Recommended self-custody wallets that keep the view key on your device include:
For maximum privacy, consider running your own Monero node over I2P or Tor. Using someone else’s node can expose certain information, such as your IP address, wallet sync timestamps, and transaction details. Alternatively, you can connect to another Monero node via Tor, I2P, or a VPN for added privacy.
Acquiring Monero
You can buy and sell Monero on various centralized exchanges (CEX) and peer-to-peer (P2P) marketplaces. While some platforms may require identification (KYC) for compliance, Monero’s privacy features ensure that sellers only know you purchased it, without insight into your holdings or spending.
Here are some reputable options:
Kraken: A popular CEX that requires registration and KYC. It accepts card payments and bank transfers. Remember to withdraw your Monero to a self-custody wallet right after purchase, as availability may vary by jurisdiction.
Cake Wallet: A self-custody wallet for Monero and other cryptocurrencies. You can buy Monero directly in the app using card payments or bank transfers (via providers like Guardarian or DFX). KYC is usually not required, but this can depend on your location and purchase amount. If direct purchases aren’t available, you can buy another cryptocurrency (like Bitcoin) and exchange it for Monero.
Monero.com: A website where you can buy Monero without needing to download an app. Funds are sent directly to your wallet.
RetoSwap: A decentralized P2P exchange based on the Haveno project. It allows for private buying and selling of Monero, with most trades not requiring KYC. You can purchase Monero via bank transfer, PayPal, or cash (in-person or by mail). Be cautious when sharing sensitive information.
Buying Things With Monero
Once you’ve acquired your Monero, it’s time to spend it. Numerous dark web marketplaces and non-KYC websites accept Monero. You can find non-KYC services at KYCnot.me.
However, if you wish to make purchases from mainstream retailers like Amazon, which do not accept Monero, gift cards can be a viable alternative. You can find reliable sellers of gift cards for cryptocurrencies on Cryptwerk.
Physical security refers to the measures taken to protect physical assets, including personal belongings, devices, and living spaces, from unauthorized access, damage, or interference. While many individuals invest time and resources into digital privacy and cybersecurity, physical security is often overlooked. However, it is equally important in safeguarding your overall security posture.
Why You Need Better Physical Security
Even if you have a strong digital security framework—such as using complex passwords, two-factor authentication, and encrypted communications—your physical security can still be a vulnerability. Consider this: what is the point of having a strong 20-character unique password for your laptop if you have it written down on a sticky note sitting on your laptop? This scenario underscores the necessity of robust physical security measures.
Here are several reasons why enhancing your physical security is essential:
Sensitive Information: Laptops, smartphones, and tablets often hold sensitive data. If stolen or accessed without password protection and encryption, you risk identity theft or blackmail.
Deterrence of Criminal Activity: A well-secured environment can deter potential intruders or thieves, reducing the likelihood of becoming a target.
Peace of Mind: Knowing that your physical space is secure allows you to focus on your digital security without the constant worry of physical threats.
Getting Better Physical Security
To enhance your physical security, consider implementing the following things:
ℹ️
Remember to regularly review your physical security measures to identify any weaknesses.
Devices
Encrypt Your Devices: Ensure that all your devices, including smartphones and laptops, are encrypted. This protects sensitive data from unauthorized access, especially if a device is lost or stolen.
Utilize Privacy Screens: To prevent shoulder surfing in public spaces, use privacy screens on your devices. These screens limit the viewing angle, making it difficult for others to see your screen while you work or browse in crowded areas.
Disable Cameras and Microphones: To prevent unauthorized video recording, use a simple webcam cover, tape, or even remove the camera entirely. And for the microphone, consider using headphones with a non-functional microphone or removing your device’s microphone.
Public Spaces
Be Mindful of Your Surroundings: Practice situational awareness by paying attention to who is around you. Be cautious about sharing personal information in public spaces and consider your threat model—understanding the specific risks you face can help you make informed decisions about your security practices.
Self-Defense Preparedness: Consider carrying self-defense tools, such as pepper spray or a gun, to protect yourself in threatening situations. However, remember to always check the legality of these tools in your country or state. Additionally, it’s essential to be trained in hand-to-hand combat, to effectively use these tools if necessary.
Threat intelligence is the collection and analysis of information regarding current and emerging threats that can impact your digital security. This encompasses knowledge about various cyber threats, including malware, phishing attacks, and data breaches. The primary aim of threat intelligence is to provide individuals with insights that help them understand the risks they face online and take appropriate measures to protect themselves.
How to Do Threat Intelligence
To effectively leverage threat intelligence, consider the following steps:
1. Set Up an RSS Feed
To streamline your information gathering, consider setting up an RSS feed. This allows you to receive updates from multiple sources in one place without having to visit each website manually. Here are some recommended open-source readers:
Stay informed about laws that affect your privacy and security. Websites like the Electronic Frontier Foundation (EFF) provide insights into digital rights and privacy legislation. Following legal updates can help you understand how changes in the law may impact your online activities.
Your privacy is essential for your safety and dignity. Just as you close the bathroom door for personal space, protecting your personal information is vital. The idea of "I have nothing to hide" overlooks the fact that privacy is a fundamental right, not just for those with secrets. Safeguarding your data helps prevent identity theft and unwanted surveillance.
"It's too late now"
The best time to start protecting your privacy is today! It's crucial to take action now, as companies may already have access to your data. By being proactive about your privacy settings and data sharing, you can significantly reduce your digital footprint and keep your personal information safe.
"What should I do?"
Trying to improve your privacy can feel overwhelming; that's why we created Beginner Privacy, to make it as easy as possible.
Beginner Privacy is 100% free and will always remain so! However, it relies on contributors and the community to thrive. Here are some ways you can help:
Why You Should Ditch Social Media and Use a Frontend
Social media platforms are major data collectors that gather a lot of information about you. While many people may want to leave social media behind, it’s not always practical or appealing. Instead, we recommend using a frontend, which allows you to engage with content and connect with others while protecting your privacy.
What is a Frontend?
A frontend is an interface that lets you interact with online services, including social media, without being tracked. It can be a website or an app designed for easy use, helping you access content and connect with others while protecting your privacy.
Why Use a Frontend?
Choosing a frontend over social media has several benefits:
Less Data Collection: Frontends limit the personal information they gather, helping protect your privacy.
Customizable Experience: You can often personalize how you interact with content, choosing the features that matter most to you.
Focused Engagement: Frontends help you connect with content that truly interests you, free from the distractions of social media.
Same Content: Instead of switching to a less popular platform like Odysee, you can use a frontend to access the same YouTube videos you enjoy, all while protecting your privacy.
Recommended Frontends
YouTube
FreeTube
LibreTube
NewPipe
Yattee
Spotify
Spotube
𝕏 / Twitter
Nitter
Reddit
Redlib
Medium
Scribe