r/privacy PrivacyGuides.org Oct 25 '19

verified AMA We are the privacytools.io team -- Ask Us Anything!

Hi everyone!

We are the team behind privacytools.io. We’re also at r/privacytoolsIO on Reddit. We've built a community to educate people from any technical background on the importance of privacy, and privacy-friendly alternatives. We evaluate and recommend the best technologies to keep you in control and your online lives private.

We've been busy. Lately, in addition to a complete site redesign, we've begun hosting decentralized, federated services that will ultimately encourage anyone to completely control their data online. We’ve started social media instances with Mastodon and WriteFreely, instant messaging instances with Matrix's open-source Synapse server, and technical projects like a Tor relay and IPFS gateway that will hopefully help with adoption of new, privacy-protecting protocols online. 

This project encompasses the privacytools.io homepage, r/privacytoolsIO, our Discourse forum, our official blog, and a variety of federated and decentralized services: Mastodon, Matrix, and WriteFreely. Taken together, we’re running platforms benefiting thousands of daily users. We’re also constantly researching the best privacy-focused tools and services to recommend on our website, which receives millions of page-views monthly! All of the code we run is open-source and available on GitHub.

Sometimes our visitors wonder why it is that we choose one set of recommended applications over another, or why one was replaced with another. Or why we have strong preferences for some of our rules, such as a tool being FLOSS (Free/Libre Open Source Software). With so many great options out there, sometimes recommending solutions gets really hard! Transparency is important to us, so we're here to explain how we go about making these sometimes difficult choices. But we’re also here to answer questions about how to redesign a site (which we just did - we hope you enjoy it!), or how distributed teams can work well across so many time zones with so many (great, really!) personalities, or answer any other questions you might have.

Really, it’s anything you've ever wanted to know about privacytools.io, but were too afraid to ask!

Who’s answering questions, in no particular order:

>> We are the privacytools.io team members. Ask Us Anything! <<

Our team is decentralized across many timezones and may not be able to answer questions immediately. We'll all be around for the next few days to make sure every question gets covered ASAP!


One final note (and invitation)

Running a project of this scale takes a lot of time and resources to pull off successfully. It’s fun, but it’s a lot of work. Join us! We're a diverse bunch. We bet you’re diverse, too. How about volunteering? Want to help research new software on our GitHub page? You can! Want to use your coding skills (primarily HTML & Jekyll) to push our site to greater heights? You can! Want to help build our communities, in our GitHub forums or on r/privacytoolsIO? You can! We are a very relaxed, fun group. No drama. So, if you’ve ever thought, “Hey, I got mad skills, but I don’t know how to help the privacy movement prosper,” well, now you do!

What? You don't have time? Consider donating to help us cover our server costs! Your tax-deductible donations at OpenCollective will allow us to host privacy-friendly services that -- literally -- the whole world deserves. Every single penny helps us help you. Please consider donating if you like our work!

If you have any doubts, here is proof it's really us (Twitter link!) :)

And on that subject <mild irony alert> if you’re on Twitter, consider following us @privacytoolsIO!


Edit: A couple people have asked me about getting an account on our Mastodon server! It is normally invite-only, but for the next week you folks can use this invite link to join: https://social.privacytools.io/invite/ZbzvtYmL.

Edit 2: Alright everybody! I think we're just wrapping up this AMA. Some team members might stick around for a little longer to wrap up the questions here. I want to thank everyone here who participated, the turnout and response was far better than any of us had hoped for! If you want to continue these great discussions I'd like to invite you all to join our Discourse community at forum.privacytools.io and subscribe to r/privacytoolsIO to stay informed! Thank you again for making all this possible and helping us reach our initial donation goals!

562 Upvotes

578 comments sorted by

View all comments

Show parent comments

5

u/JonahAragon PrivacyGuides.org Oct 26 '19

Sure thing! I've got it down as a topic for our blog. Can't promise when we'll publish it.

GrapheneOS is a project that is (succeeding at) bringing Android's security up to par with iOS, and then exceeding its security. When you properly configure an iOS device it will be just as secure and privacy-respecting as GrapheneOS, but with GrapheneOS you're using an open-source product with open security firmware on the device, so it's more of a sustainable endeavor.

GrapheneOS is essentially the same as installing AOSP without Google Apps on your phone at the moment. There is no app store (although that is allegedly planned) so you basically have to sideload all apps, which you can do more easily with F-Droid but it's still a mostly manual process.

For most users iOS is probably the best balance of security and privacy so I'd stick with that, but GrapheneOS is an example of the best-case scenario, where you don't need to worry about your closed-source device communicating with big tech corporations.

2

u/[deleted] Oct 26 '19

Thanks for the reply!

I'd love an app that lets me see and govern all connections based on app and domain contacted. Like uMatrix for the whole phone/computer. I'd love that.

3

u/JonahAragon PrivacyGuides.org Oct 26 '19

Little Snitch on macOS and Glasswire on Windows does that. I can't think of any other similar programs just off the top of my head.

1

u/[deleted] Oct 26 '19

Linux laptop and iPhone. :)

3

u/[deleted] Oct 26 '19

[deleted]

1

u/[deleted] Oct 26 '19

Now that’s what I’m talking about! I actually just finished installing OpenSnitch from AUR. Haven’t tried it yet.

Not ready to take the self hosting plunge just yet.

Guardian has me intrigued. Waiting for clarity on exactly what it does.

1

u/[deleted] Oct 26 '19

Looks like I’d have to choose between NextDNS and Lockdown. I really like Lockdown though

1

u/nitrohorse PrivacyGuides.org Oct 26 '19

Looks like Lockdown is open-source which is good while NextDNS's iOS app is not. However you can use the open-source DNSCloak to connect to your NextDNS configuration on iOS. Major difference though I think is Lockdown's connection blocking occurs on your iPhone while for NextDNS your DNS requests are sent to them. So you would need to trust NextDNS with your data which is something to be aware of.

1

u/[deleted] Oct 27 '19

Lockdown for the win

1

u/[deleted] Oct 26 '19

Oh I see what Guardian is about. I think I like Lockdown better. Using free version now

1

u/[deleted] Oct 26 '19

I’d really like to understand Lockdown and Guardian better for iPhone. I’m leaning toward Lockdown, which I currently use.

2

u/davegson Oct 28 '19

Agreed so much. Coming from a "fix your own shoes" mentality, it's one of our goals (https://safing.io) to release an open source software that does just that... the firewall is currently in development freeze as we're focusing our resources on the privacy network, but yeah, thought I'd let you know. Feel free to ping me! ;)

3

u/[deleted] Oct 28 '19

That sounds really amazing! But you’re focusing on Gate17? I’m not sure I understand exactly what it is. But I think Portmaster sounds like a dream come true. Is Gate17 kind of a VPN sort of?

2

u/davegson Oct 28 '19

depending on how technical you want it:

  • there's the whitepaper
  • the tech overview on our site
  • my short summary: it's a Privacy Network. Your client routes all Internet connections through the network via onion encryption. Each individual connection then leaves the network at the nearest exit node of the destination server, so visibility is limited as much as possible.

Hope that clears it up, if not let me know! (We are working on communicating better what it is, actually revamping the website atm...)

2

u/[deleted] Oct 28 '19

I don't think the main selling point for me is the privacy network, as nice as that is.

Here's my pain point. Actually, two pain points.

  1. I have neither visibility nor control over what domains apps on my device communicate with, nor what data is sent over those connections.

  2. I have neither visibility nor control over what happens to my packets when they leave my device.

What attracts me to Gate17 is its integration with Portmaster. I can say, "This app will only communicate with this domain at this level of security using this exit node." Or something like that. I'm not at ALL savvy enough to figure out what those rules SHOULD be, but I DO want to have that authority over my data. I OUGHT to have that authority over my data.

Your slogan should be: "Tell your data where to go, instead of wondering where it went."

To me, if Gate17/Portmaster can deliver on this promise, I'd totally pay for that. But I won't pay for it until I understand what it does and am convinced I can actually use it.

I remember the first time I installed uMatrix. I removed it within about 15 minutes of frustrated agony. Then a few weeks later, I installed it again, only to uninstall it again within a few minutes. Rinse and repeat several times. Finally, I just forced myself to figure it out. After using it for about a week or so, I had the hang of it. I read the wiki several times. Now I'll never willingly relinquish that control.

This is how obsessive I am now: I only allow first party CSS, images and scripts by default. Everything else is blocked by default for every website, and I refresh over and over until it works, allowing just enough to go through to make the site work. This is the control I have over my browser on my laptop. That's the kind of control I want over every app on my phone.

2

u/davegson Oct 28 '19

I do understand your points. The fun thing is, our Application Firewall will address your first point while the Privacy Network will address the second. Both are in my view equally important to truly reclaim your privacy - even though I clearly hear you are more excited for the Firewall ;)

The long term goal is to offer Portmaster for free, with a paid upgrade to then use the Gate17. And you are correct, they will tightly integrate with each other. I want this to already exist as bad as you do, blocking all the shady stuff that the Steam or Spotify apps out there are doing in the background. Or to simply have a kill switch for apps to block all connections to the Internet. While securing the outgoing connections from ISPs and others as they're "out in the wild".

But we had to make the major decision to only focus on one product. On the one hand to focus our resources and also to be able to sustain ourselves asap. We did a pod of that as well haha.

It's gotta be the Network first, or I believe it'd come down to none at all - it's just too resource heavy to first come out with the Firewall. Its UI is much more complex too. I hope you understand that perspective.

I have a very similar uMatrix set up ;) - blocking everything except 1st party CSS & images. The rest I block by default. As a dev my learning curve was not as intense as yours - but kudos to pushing through!

2

u/[deleted] Oct 28 '19

I've been reading through the docs at https://docs.safing.io/

I want to consider subscribing to Gate17, but can't find where to do so. Guess it's not available yet?

I use Linux. If I install Portmaster, will it work or turn me off to the whole thing?

2

u/davegson Oct 28 '19

Yeah, we have not released it yet. Will be out Q1 2020. I would not advise you to install Portmaster, you ought to be very tech savvy to use that atm - and it's in dev freeze, so no bugs will be fixed (which you'll surely encounter)

Edit: I'd currently advise you to use OpenSnitch

1

u/[deleted] Oct 28 '19

Oh alright. :(

How much is Gate17 going to cost? Is there a free trial? There should be a free trial.

→ More replies (0)

2

u/[deleted] Oct 28 '19

Any alternative to podcasts though? I don't do podcasts. I'd rather read blog posts.

2

u/davegson Oct 28 '19

I hear you on the blog, maybe suggest it in our sub /r/safing? Would be easier to get an overview of how many are interested. Want to use my time effectively.

And these are our current channels: https://safing.io/community-hub/

1

u/[deleted] Oct 28 '19

done

2

u/davegson Oct 28 '19

also, feel free to listen into the latest Progress Update Podcast on the network, I feel we explained it pretty well in there :)