Privacy & Security

This is some guides, tips, etc. to improve your online privacy and security.

This page is still under construction - more to come.

VPNs

Let's get this straight now: VPN's do NOT intrinsically increase your online privacy or security. Think about it this way:
Instead of your traffic going from point A (your device) to B (destination server), it goes from point A, to the VPN server (point C), to point B. So all your traffic runs through that vpn server which could theoretically track everything you do and be far worse than not using one at all.
So which VPN should I use? There's a comparison here by thatoneprivacyguy.
One rule of thumb for VPNs and most other services: if it's free, you're the product. But the real answer is:
host it yourself. Because who else can you truely trust? So how do you go about this process?

  1. Find a VPS (virtual private server) provider. There are tons of providers including some shady ones so do you research. Digital Ocean and Vultr are two well-known ones that come to mind. I use Shock Hosting for some myself and although they don't have the nice GUI that some larger companies do, everything's worked great with 0 downtime and excellent customer support (#notsponsored).
    • What plan you need depends on your usage. You don't need much for storage, 30gb SSD is more than enough. Same goes for ram, 1-2gb is fine.
    • The more important things to look for is network speeds, bandwidth limits, and physical location. You'll want speeds above your home network speeds and bandwidth based off your usage. Physical location is based off of what you want, you want one close to home for regular use or at the target country for circumventing georestrictions
    • Price is obviously a factor too. I pay less for my own VPS instance than I would with a paid VPN service
  2. Choose an Operating System. Some popular ones include Debian, Ubuntu, and Cent OS among others. I use debian myself as it's more stable than ubuntu. Cent OS is now EOL so I wouldn't recommend starting on it.
  3. Choose a VPN protocol. Some of the big ones are OpenVPN (most common), IPSec, and Wireguard. I use/prefer wireguard myself
  4. Do your research on setting it up, some are more difficult than others
  5. Install it! I have a guide for setting up one with Debian and wireguard here. See the readme there for more details on the ins and outs of setting up a solid VPN.

DNSCrypt Server

DNSCrypt is a protocol that helps secure and lock down your DNS requests. See the official site here for more details.
You can use existing servers and/or create your own. The easiest way is listed here (note the other methods in the side bar). I made an install script for it to make it even easier here. It installs the docker img, changes your ssh port (you can change this at the top of the script, you also may need to change the server_ip6 variable), configures the firewall, and sets it to auto-update.

Searx

Searx is a metasearch engine and a great way to search the web without being tracked. Installation instructions can be found here.
The android app is out of date and so I forked and updated it here.
However, I wrote a new app that uses webview since many searx instances don't work with the above app here.