OSS Privacy Applications

About this list

We know we can never be complete with an overview of OSS privacy applications. Good privacy solution building blocks are not wide spread available. This is due to the fact that the old fashioned business model of tracking users and user activity should never ever be possible. So for communication there is Tor or create your own decentralized device and encrypted protocol. You can find a lot of tools that make it real simple to build a real private communication channel.

Note:An up-to-date list is always online.

Criteria used for products mentioned in this chapter are equal as for security solutions:

  • The products must have a valid OSS license;
  • The project must be active and must meet a certain quality level;
  • The product must be in use somewhere (*)

(*) Unfortunately we can and never will expose information where products are in use, however many mature products have solid references on their website, along with active user groups.

Amiunique

Amiunique has shares some goals with panoticlick, but it provides a number of novelties:

  • amiunique implements the most recent techniques for fingerprinting, including webGL and canvas
  • amiunique provides more information to the users, including global statistics, as well as a concise summary of the main characteristics of a browser

created and maintained by a team of researchers, who investigates the software monocultures and software diversity on the web. The research team is financially supported by the DIVERSIFY European project and by a grant from the INSA-Rennes school.

SBB License GNU General Public License (GPL) 2.0
Core Technology Java
Project URL https://amiunique.org/
Source Location https://github.com/DIVERSIFY-project/amiunique
Tag(s) fingerprinting, Privacy

Blockstack

Blockstack is a new decentralized internet where users own their data and apps run locally. A browser portal is all that’s needed to get started.

With Blockstack, users control their data and apps run on their devices. There are no middlemen, no passwords, no massive data silos to breach, and no services tracking us around the internet.

The applications on blockstack are server-less and decentralized. Developers start by building a single-page application in Javascript, Then, instead of plugging the frontend into a centralized API, they plug into an API run by the user. Developers install a library called ‘blockstack.js’ and don’t have to worry about running servers, maintaining databases, or building out user management systems.

SBB License GNU General Public License (GPL) 3.0
Core Technology Python + Javascript
Project URL https://blockstack.org
Source Location https://github.com/blockstack
Tag(s) Privacy

BRIAR

Secure messaging, anywhere:

  • Peer-to-peer encrypted messaging and forums
  • Messages are stored securely on your device, not in the cloud
  • Connect directly with nearby contacts – no Internet access required
  • Free and open source software
SBB License GNU General Public License (GPL) 3.0
Core Technology Java
Project URL https://briarproject.org/index.html
Source Location https://code.briarproject.org/akwizgran/briar/tree/master
Tag(s) Messaging, Privacy

ChatSecure

ChatSecure is a free and open source messaging app that features OTR encryption over XMPP. You can connect to your existing accounts on Facebook or Google, create new accounts on public XMPP servers (including via Tor), or even connect to your own server for extra security.

SBB License Mozilla Public License (MPL) 1.1
Core Technology Objective C
Project URL https://chatsecure.org
Source Location https://github.com/ChatSecure
Tag(s) Chat, Privacy

Diaspora

A privacy-aware, distributed, open source social network.

SBB License GNU Affero General Public License Version 3
Core Technology Ruby
Project URL https://diasporafoundation.org/
Source Location https://github.com/diaspora/diaspora
Tag(s) communication, Privacy

Fingerprintjs2

Modern & flexible browser fingerprinting library. Also used as demo on EFF.org site.

SBB License GNU General Public License (GPL) 2.0
Core Technology Javascript
Project URL http://valve.github.io/fingerprintjs2/
Source Location https://github.com/Valve/fingerprintjs2
Tag(s) fingerprinting, Privacy

FreedomBox

FreedomBox is a 100% free software self-hosting web server to deploy social applications on small machines. It provides online communication tools respecting your privacy and data ownership. You can use FreedomBox at home to replace services provided by third-parties mining your life and using your content. Thanks to a very friendly interface, you will be able to deploy on demand applications focusing on confidentiality such as file sharing, shared calendaring, instant messaging, secure voice conference calling, blog and wiki. FreedomBox is a free software stack, a subset of the Debian universal operating system, that can be installed in many flavors of inexpensive and power-efficient Open Source hardware, called single board computers (SBC). Once installed on the hardware of your choice, the simplicity of setting up and operating a FreedomBox is similar to that of a smart phone.

SBB License GNU General Public License (GPL) 2.0
Core Technology C
Project URL https://wiki.debian.org/FreedomBox
Source Location https://wiki.debian.org/FreedomBox/Contribute/Code
Tag(s) communication, Privacy, VPN

GNUnet

GNUnet is a mesh routing layer for end-to-end encrypted networking and a framework for distributed applications designed to replace the old insecure Internet protocol stack.

In other words, GNUnet provides a strong foundation of free software for a global, distributed network that provides security and privacy. Along with an application for secure publication of files, it has grown to include all kinds of basic applications for the foundation of a GNU internet.

GNUnet is an official GNU package.

The foremost goal of the GNUnet project is to become a widely used, reliable, open, non-discriminating, egalitarian, unfettered and censorship-resistant system of free information exchange. We value free speech above state secrets, law-enforcement or intellectual property. GNUnet is supposed to be an anarchistic network, where the only limitation for peers is that they must contribute enough back to the network such that their resource consumption does not have a significant impact on other users. GNUnet should be more than just another file-sharing network. The plan is to offer many other services and in particular to serve as a development platform for the next generation of decentralized Internet protocols.

SBB License GNU General Public License (GPL) 2.0
Core Technology C
Project URL https://gnunet.org/
Source Location https://gnunet.org/svn/
Tag(s) Privacy, Security

IRMA

IRMA offers a privacy-friendly, flexible and secure solution to many authentication problems, putting the user in full control over his/her data.

IRMA contains an app (also OSS), a server and providers. See the site https://privacybydesign.foundation/irma-start/ for more information

The IRMA app manages the user’s IRMA attributes: receiving new attributes, selectively disclosing them to others, and attaching them to signed statements. These attributes can be relevant properties, such as: “I am over 18”, “my name is …” and “I am entitled to access ….”. They are only stored on the user’s device and nowhere else.

SBB License Apache License 2.0
Core Technology Java
Project URL https://privacybydesign.foundation/irma-start/
Source Location https://github.com/privacybydesign/irma_api_server
Tag(s) Privacy

Jami

Jami stores your secrets (private keys for encryption and identity) only on the device which executes it, which belongs to you. Your device is therefore the sole holder of your information.

SBB License GNU General Public License (GPL) 3.0
Core Technology CPP
Project URL https://jami.net/
Source Location https://git.ring.cx/savoirfairelinux/ring-project
Tag(s) communication, Privacy

MAT: Metadata Anonymisation Toolkit

MAT is a toolbox composed of a GUI application, a CLI application and a library, to anonymize/remove metadata.

Metadata within a file can tell a lot about you. Cameras record data about when and where a picture was taken and what camera was used. Office documents like pdf or Office automatically add author and company information to documents and spreadsheets. Maybe you don’t want to disclose this information on the web.

Mat only removes metadata from your files, it does not anonymise their content, nor handle watermarking, steganography, or any overly customized metadata field/system. Also please not that MAT does its best to scrub as much metadata as possible, it’s not really efficient at scrubbing embedded media inside complex formats. For examples, images embedded inside PDF may not be cleaned!

SBB License GNU General Public License (GPL) 3.0
Core Technology Python
Project URL https://mat.boum.org/
Source Location https://gitweb.torproject.org/user/jvoisin/mat.git
Tag(s) Privacy

Matrix

Matrix is an ambitious new ecosystem for open federated Instant Messaging and VoIP. The basics you need to know to get up and running are:

  • Everything in Matrix happens in a room. Rooms are distributed and do not exist on any single server. Rooms can be located using convenience aliases like #matrix:matrix.org or #test:localhost:8448.
  • Matrix user IDs look like @matthew:matrix.org (although in the future you will normally refer to yourself and others using a third party identifier (3PID): email address, phone number, etc rather than manipulating Matrix user IDs)

The overall architecture is:

client <----> homeserver <=====================> homeserver <----> client
       https://somewhere.org/_matrix      https://elsewhere.net/_matrix
SBB License Apache License 2.0
Core Technology Python
Project URL https://matrix.org/blog/home/
Source Location https://github.com/matrix-org/synapse
Tag(s) communication, Privacy

Mitmproxy

An interactive SSL-capable intercepting HTTP proxy for penetration testers and software developers. Console program that allows traffic flows to be intercepted, inspected, modified and replayed.

Part of mitmproxy is mitmdump is the command-line companion to mitmproxy. It provides tcpdump-like functionality to let you view, record, and programmatically transform HTTP traffic. See the --help flag output for complete documentation.

SBB License MIT License
Core Technology Python
Project URL https://mitmproxy.org
Source Location https://github.com/mitmproxy/mitmproxy
Tag(s) HTTP Proxy, Privacy, Security, Sniffer

Open Whisper (Signal)

Signal is a messaging app for simple private communication with friends. Signal uses your phone’s data connection (WiFi/3G/4G) to communicate securely, optionally supports plain SMS/MMS to function as a unified messenger, and can also encrypt the stored messages on your phone.

A private messenger for Android and IOS. Used by Clinton team nowadays.

Private messaging For iPhone and Android. Features:

  • Say Anything – Send high-quality group, text, picture, and video messages, all without SMS and MMS fees.
  • Be Yourself – Use your existing phone number and address book. There are no separate logins, usernames, passwords, or PINs to manage or lose.
  • Stay Private – We cannot read your messages, and no one else can either. Everything is always end-to-end encrypted and painstakingly engineered in order to keep your communication safe.
  • Pay Nothing – The development team is supported by community donations and grants. There are no advertisements, and it doesn’t cost anything to use.

Note: Some famous hackers have serious doubt on the privacy and especially NSA involvement with Signal. There alternatives like Matrix or Tox that are distributed and can never be compromised!

SBB License GNU General Public License (GPL) 3.0
Core Technology Objective C
Project URL https://whispersystems.org/
Source Location https://github.com/whispersystems?page=1
Tag(s) communication, Privacy

PrivacyScore

PrivacyScore is a platform for investigating security and privacy issues on websites. It is inspired by tools like the Qualys SSL test and Webbkoll, but aims to be more comprehensive and offer additional features like

  • Comparing and ranking whole lists of sites
  • Checking for embedded third parties that are known trackers
  • Periodically rescanning each website and checking how the results change over time
  • Be completely open source (GPLv3) and easily extendable
SBB License GNU General Public License (GPL) 3.0
Core Technology Python
Project URL https://privacyscore.org/
Source Location https://github.com/PrivacyScore/PrivacyScore
Tag(s) Privacy

Searx

Search without being tracked. Searx is a free internet metasearch engine which aggregates results from more than 70 search services. Users are neither tracked nor profiled. Additionally, searx can be used over Tor for online anonymity.

Features:

  • Self hosted
  • No user tracking
  • No user profiling
  • About 70 supported search engines
  • Easy integration with any search engine
  • Cookies are not used by default
  • Secure, encrypted connections (HTTPS/SSL)
SBB License GNU Affero General Public License Version 3
Core Technology Python
Project URL https://asciimoo.github.io/searx/
Source Location https://github.com/asciimoo/searx
Tag(s) Privacy, Search

Steghide

Steghide is a steganography program that is able to hide data in various kinds of image- and audio-files. The color- respectivly sample-frequencies are not changed thus making the embedding resistant against first-order statistical tests.
Features:
  • compression of embedded data
  • encryption of embedded data
  • embedding of a checksum to verify the integrity of the extraced data
  • support for JPEG, BMP, WAV and AU files

Steganography literally means covered writing. Its goal is to hide the fact that communication is taking place. This is often achieved by using a (rather large) cover file and embedding the (rather short) secret message into this file. The result is a innocuous looking file (the stego file) that contains the secret message.

SBB License GNU General Public License (GPL) 2.0
Core Technology CPP
Project URL https://github.com/StefanoDeVuono/steghide
Source Location https://github.com/StefanoDeVuono/steghide
Tag(s) Privacy

Streisand

Streisand is software for setting up secure connections with your friends. A bit like TOR.

Streisand  is open source software that sets up a communication server that can run:

  • WireGuard
  • OpenConnect
  • OpenSSH
  • OpenVPN
  • Shadowsocks
  • SSHLH
  • Stunnel,  or a
  • Tor bridge.

After configuration Streisand generates custom instructions to use the communication service chosen. At the end of the run you are given an HTML file with instructions that can be shared with friends, family members, and fellow activists.  Setting up Streisand requires still some good Unix knowledge for installation and configuration. So it is a bit of a hassle. (status 2018)

Using Streisand reduces the barrier of entry to running a VPN/censorship-bypass server for friends and family and makes secure communication available to more people.

SBB License GNU General Public License (GPL) 3.0
Core Technology Python
Project URL https://github.com/jlund/streisand
Source Location https://github.com/jlund/streisand
Tag(s) communication, Privacy, Security

Tails

Tails is a (Debian based) operating system, that you can start on almost any computer from a DVD, USB stick, or SD card. It aims at preserving your privacy and anonymity, and helps you to:

  • use the Internet anonymously and circumvent censorship;
  • all connections to the Internet are forced to go through the Tor network;
  • leave no trace on the computer you are using unless you ask it explicitly;
  • use state-of-the-art cryptographic tools to encrypt your files, emails and instant messaging.
SBB License GNU General Public License (GPL) 2.0
Core Technology C
Project URL https://tails.boum.org
Source Location https://git-tails.immerda.ch/tails/
Tag(s) Operating System, Privacy

Tor

Tor is free software and an open network that helps you defend against traffic analysis, a form of network surveillance that threatens personal freedom and privacy, confidential business activities and relationships, and state security. Creating your own Tor network is easy with this software, or use existing Tor nodes.

Individuals use Tor to keep websites from tracking them and their family members, or to connect to news sites, instant messaging services, or the like when these are blocked by their local Internet providers. Using Tor protects you against a common form of Internet surveillance known as “traffic analysis.” Traffic analysis can be used to infer who is talking to whom over a public network. Knowing the source and destination of your Internet traffic allows others to track your behavior and interests.

Tor is by far the most secure way to enter the internet without giving away your privacy. Thank you Roger Dingledine!

SBB License GNU General Public License (GPL) 2.0
Core Technology  
Project URL https://www.torproject.org
Source Location https://www.torproject.org/dist/
Tag(s) Cryptography, Privacy, Security

Tox

Whether it’s corporations or governments, digital surveillance today is widespread. Tox is easy-to-use software that connects you with friends and family without anyone else listening in. While other big-name services require you to pay for features, Tox is completely free and comes without advertising — forever.

Tox is a peer to peer (serverless) instant messenger aimed at making security and privacy easy to obtain for regular users. It uses NaCl for its encryption and authentication.

SBB License GNU General Public License (GPL) 3.0
Core Technology C
Project URL https://tox.chat/
Source Location https://github.com/TokTok/c-toxcore
Tag(s) communication, Privacy

Tribler

Privacy enhanced BitTorrent client with P2P content discovery.

The aim of Tribler is giving anonymous access to online (streaming) videos. We are trying to make privacy, strong cryptography and authentication the Internet norm.

Tribler currently offers a Youtube-style service. For instance, Bittorrent-compatible streaming, fast search, thumbnail previews and comments. For the past 9 years we have been building a very robust Peer-to-Peer system. Today Tribler is robust: “the only way to take Tribler down is to take The Internet down” (but a single software bug could end everything).

Over 2 million people have used Tribler over the years. The Tribler project was started in 2005 at Delft University of Technology and over 100+ developers contributed code to it.

SBB License GNU General Public License (GPL) 3.0
Core Technology Python
Project URL https://www.tribler.org/
Source Location https://github.com/Tribler/tribler
Tag(s) communication, Network, Privacy

WireGuard

WireGuard is an extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography. It aims to be faster, simpler, leaner, and more useful than IPSec, while avoiding the massive headache. It intends to be considerably more performant than OpenVPN. WireGuard is designed as a general purpose VPN for running on embedded interfaces and super computers alike, fit for many different circumstances. Initially released for the Linux kernel, it plans to be cross-platform and widely deployable. It is currently under heavy development, but already it might be regarded as the most secure, easiest to use, and simplest VPN solution in the industry.

SBB License GNU General Public License (GPL) 2.0
Core Technology C
Project URL https://www.wireguard.com/
Source Location https://git.zx2c4.com/WireGuard/
Tag(s) Privacy, Security, VPN

XPIR

XPIR: Private Information Retrieval for Everyone

XPIR allows a user to privately download an element from a database. This means that the database server knows that she has sent a database element to the user but does not know which one. The scientific term for the underlying protocol is Private Information Retrieval (PIR). This library is described and studied in the paper:

Carlos Aguilar-Melchor, Joris Barrier, Laurent Fousse, Marc-Olivier Killijian, “XPIR: Private Information Retrieval for Everyone”, Proceedings on Privacy Enhancing Technologies. Volume 2016, Issue 2, Pages 155–174, ISSN (Online) 2299-0984, DOI: 10.1515/popets-2016-0010, December 2015.

SBB License GNU General Public License (GPL) 3.0
Core Technology C
Project URL ` <>`__
Source Location https://github.com/XPIR-team/XPIR
Tag(s) Network, Privacy

End of SBB list