👨‍💻 Berkan's Blog

Anonymity Tools for Privacy Paranoid People

Published by Berkan K. on March 8, 2024 (Updated on February 9, 2026)

book 6 min read

The data is from privacyguides.org and is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License. This blogpost simplifies, summarized and wraps the original content in a new format. The original content is available at privacyguides.org. You can find al the criterias and best practices for each choice in the original content. While the final decision and contens is made by Privacy Guides, i’ve also included some other external sources to provide a more comprehensive view for some of the tools, along with my own personal experience and opinions.

Table of contents

Tor and anonymity tools

Tor routes your traffic through thousands of volunteer relays, which helps hide where you are and what you’re doing from basic network surveillance and traffic analysis.

Tor Browser

Use this when you need anonymity, not just “less tracking”.


Good for:

  • sensitive research
  • OSINT-ish browsing where you don’t want to be identified
  • “I don’t want my ISP/government/uni network to know” vibes

Important:

  • Don’t install extra extensions
  • Don’t tweak about:config Both can make you stand out and wreck the whole point.

Orbot (Android)

Routes traffic from apps through Tor. Handy if you want more than just browser traffic going through Tor.

Onion Browser (iOS)

Solid Tor browser for iOS, open-source and endorsed by the Tor Project.

Snowflake

Snowflake lets you donate bandwidth (easy mode), and it helps censored users reach the Tor network.


Tip:

  • Use the Snowflake page in a tab and toggle it on
  • Avoid installing it as a browser extension if you care about minimizing weird fingerprinting risks

Browsers

Mullvad Browser

Basically Tor Browser without Tor. It’s built to fight fingerprinting by making you look like everyone else using it.


Rules of thumb:

  • Best paired with a VPN
  • Don’t mess with the bundled extensions or settings
  • You trade flexibility for “blend in” privacy

Security levels: Standard, Safer, Safest (same idea as Tor Browser).


Leta (search):

  • Nice privacy idea, but it requires an active Mullvad VPN subscription.

Firefox

Firefox can be great, but it needs some tuning. If you want “set and forget”, Firefox takes more effort than Chromium-based browsers.


My recommended quick settings checklist:

  • Disable search suggestions
  • Enable Strict Enhanced Tracking Protection
  • Disable telemetry
  • Enable HTTPS-Only mode
  • Use DNS over HTTPS (if it fits your situation)
  • Turn on “delete cookies and site data on close” (and whitelist the sites you actually need)

Sync:

  • Firefox Sync is end-to-end encrypted for your data, but it’s still a cloud service so treat it like one.

Brave

Brave is a pretty good “default privacy browser” if you configure it right.


Do this:

  • Shields on globally
  • Aggressive tracker blocking
  • Strict HTTPS upgrades
  • Clear cookies/site data on close (add exceptions for sites you want to stay logged into)
  • Disable WebRTC “non-proxied UDP” to reduce leak risk
  • Turn off analytics/diagnostic reporting and anything that phones home
  • Disable stuff you don’t use (WebTorrent, social integrations)
  • If you don’t care about crypto features: disable Rewards, Wallet, IPFS, and set default wallets to none

Extensions

  • uBlock Origin: best general-purpose blocker
  • uBlock Origin Lite: useful for Manifest V3-only browsers, lighter permissions and often more efficient, but not as powerful

Mobile browsers

Android

  • Brave is the easiest strong pick (use the same config ideas as desktop)
  • Firefox is fine, but Chromium-based browsers usually have stronger sandboxing

iOS

On iPhone, every browser uses WebKit, so switching browsers does not change the engine.


Safari is already strong:

  • Intelligent Tracking Prevention
  • privacy report
  • solid private browsing isolation
  • iCloud Private Relay (if you use it)
  • some anti-fingerprinting behavior

If you really want a third-party browser anyway, Brave is fine. Just don’t expect it to magically become “desktop Chromium”.

Cloud storage

Proton Drive

End-to-end encryption focus. Proton’s web apps have been audited, but newer mobile clients have had less public third-party audit attention historically, so just keep that in mind depending on how paranoid you are.

Tresorit

Very mature “secure cloud storage” option with a long audit and certification trail (ISO 27001 etc.). If you want a boring, enterprise-y secure pick, this is it.

Nextcloud

Great if you self-host and know what you’re doing.

Caveat:

  • I would not rely on typical third-party Nextcloud providers for sensitive data just because “it says E2EE”. The home-user E2EE experience has tradeoffs and sharp edges. If it’s sensitive, either self-host properly or use a service designed around E2EE from day one.

DNS resolvers

Encrypted DNS is not invisibility. It mainly helps against basic DNS snooping and DNS-based blocking. Your browsing activity is still visible to other parts of the chain.


Options with different tradeoffs:

  • AdGuard DNS (lots of protocols, some logging, configurable filtering)
  • Cloudflare 1.1.1.1 (popular, DoH/DoT, some logging)
  • ControlD (very configurable, optional logging)
  • Mullvad DNS (no logging, simpler)
  • NextDNS (highly configurable, optional logging)
  • Quad9 (malware blocking by default, some logging)

Email providers

Proton Mail

Good for a privacy-first inbox, easy encryption within Proton ecosystem, supports modern 2FA (including security keys).


Note:

  • Not everything is encrypted the same way. Some contact fields are not encrypted, but Proton makes this pretty visible in the UI.

Mailbox.org

Strong privacy posture, runs in Germany, supports encryption features, but some parts (like calendar/address book) are not encrypted by default in the same way people assume.

VPNs (what they’re good for)

A VPN can help:

  • Against ISP snooping
  • On sketchy Wi-Fi
  • With torrenting
  • With region blocks (not privacy, but still)

A VPN does not:

  • Make you anonymous by default
  • Fix bad browser privacy
  • Protect you if you log into personal accounts everywhere

Solid picks with different tradeoffs:

  • Proton VPN
  • IVPN
  • Mullvad VPN

Encryption and file sharing

Encrypt files

  • Cryptomator: encrypt files before putting them in cloud storage
  • PicoCrypt: simple file encryption tool
  • VeraCrypt: full disk/volume encryption option
  • BitLocker (Windows): good for boot drive encryption because TPM integration matters
  • FileVault (macOS): strong default choice on Apple silicon / T2 Macs

Share files

  • Send (Firefox Send fork): quick encrypted link sharing, also has CLI
  • OnionShare: share files over Tor for anonymity

Password managers

  • Bitwarden: best all-rounder, open source, strong ecosystem
  • Proton Pass: nice if you’re in Proton world, also has email aliasing via SimpleLogin
  • 1Password: my “it just works” pick, great UX and native clients, but closed source

Messaging

Signal

If you want secure messaging without turning it into a hobby, use Signal.


Do this:

  • Set a username
  • Set “Who can see my number” to Nobody
  • Consider “Who can find me by number” to Nobody too

It’s one of the few mainstream apps that does privacy and security seriously without constant compromises.

Notes

  • Standard Notes: simple, encrypted, reliable
  • Notesnook: good, but local encryption features can depend on plan
  • Joplin: powerful, supports E2EE sync, not great if you want app-level locking everywhere
  • Cryptee: neat web-based encrypted docs/photos, light signup requirements

Photo management

  • Ente: E2EE photos, audited (Cure53, March 2023), supports mobile backups
  • Stingle: encrypted gallery + backup, can self-host
  • PhotoPrism: self-hosted, powerful features like tagging and search (less “privacy-first”, more “self-hosted power user”)

Metadata removal

  • MAT2 (Linux)

  • ExifEraser (Android)

  • Metapho (iOS)

  • ExifTool (all platforms, power user tool) Example:

    exiftool -all= *.file_extension

Operating systems

Android

If you care about privacy and security, OS choice matters more than most apps.

  • GrapheneOS: best “security-first Android” option on supported Pixels
  • DivestOS: privacy-focused Lineage-based option, broader device support depending on model

Avoid used phones if your threat model includes tampering.

Desktop

  • Fedora Workstation: best beginner-friendly secure Linux pick
  • Arch Linux: great if you like building your own setup (and accept the responsibility)
  • Tails: anonymity-focused live OS
  • Qubes OS: security through strong isolation, but you’re signing up for complexity

Resources

  • Tor network size: metrics.torproject.org/networksize.html
  • Original recommendations: privacyguides.org
Author
profile
Hello, I'm a 25-year-old Software Engineer based in Denmark, specializing in Cybersecurity and
Fullstack Development.

Beyond programming, I enjoy sharing my journey and insights through writing, aiming to contribute to the tech community and inspire like-minded professionals.

Post Details Category