Privacy Questions and Answers

After reading the knowledge base and recommended tools sections, these were the questions I was unable to answer, I think answering them could help a lot of people:

• When is it advisable to use **Tor**? Having three browsers (Firefox, Mullvad and Tor) seems redundant.
  A: To be answered.

• When should a VPN be used, exactly? PG says: it is useful when anonymity is needed, but when is anonymity needed in the first place?
  A (the following are my assumptions): A VPN is used to prevent websites from learning your IP address, which can approximate your location. A VPN provides security and privacy by encrypting your internet connection, which shields your activities from external observers like hackers and ISPs (though these parties may indirectly be able to obtain this data anyway. E.g., if the website you were visiting knew your real IP, it could potentially sell it to other parties), and to a smaller degree the websites you visit. The reason that security and especially privacy are harder to achieve from the websites themselves are because (1) you may willingly or obligatorily provide these websites with your information, (2) they may obtain data from your device using technologies only available to them, and not outside parties, e.g., cookies, (3) assuming they have the ability to do so, they may use other information that you may have provided them, and check for this information across other external sites, which could have your real IP tied to this information, or (4) lastly and most importantly, they will in most cases still be able to obtain your real IP address, even if you used a VPN on such sites, because this encryption is only effective if you’ve consistently used the VPN on those sites and have enabled a kill switch—a feature that cuts off your internet if the VPN disconnects, preventing data leak. Otherwise, websites that log multiple IP addresses could potentially identify your real IP by recognising and excluding common VPN server IPs. However, I assume that a paid VPN with servers within your geographic region (e.g., America) can make it harder for websites to differentiate your real IP from the VPN-assigned ones, since your IP address could be any of those within America for example. However, these website can also log how often each IP is used and when they are used to notice obvious patterns. Although a VPN’s usefulness is reduced if a website already knows your IP, it still offers protection against cross-site tracking. This is because if entities can track your IP across sites, they can link your activities and information, and create a profile on you. A VPN prevents future websites from obtaining your IP. The verdict is use a VPN wherever you can, except for where doing so is impractical (e.g., in circumstances when performance is needed, such as an online academic test) or if having your information available to your ISP, hackers (only applicable to public networks), and websites you do and don’t visit is not a worry, i.e., not apart of your threat model, or unsafe (illegal).
  @PrivacyAintReal was the one to highlight the caveats of using a VPN.

• How should people handle their personal information for online orders? Is it recommended to use their real name or a fake name or initials?
  A: Use fake names where legal, I give online shopping websites my real first name and then provide an initial as my last name for online orders. You may be able to get away with faking your name entirely. I might start giving them my name using characters from other countires, although I am not sure this is allowed.

• How can people avoid receiving unencrypted order confirmation emails that contain their personal data?
  A: Don’t give them your personal info in the first place, or reduce the amount of personal info you give them, or opt out of email and allow them to message you in other ways.

• Is it recommended to use a VPN when purchasing online, even when using a real-life identity? PG says: ‘Using a VPN in cases where you’re using your real-life or well-known identity online is unlikely be useful,’ and ‘When purchasing online, ideally you should do so over Tor.’ However, PG also suggests using a VPN before connecting to Tor. This seems contradictory, and may require further clarification.
  A: Yes to prevent cross-site tracking (I think), even if the site now knows your address. Use Tor when purchasing items online!

• What are some good Firefox extensions to enhance privacy and security?
  A: Just use uBlock Origin, it does a lot.

• Is it better to use Bitwarden’s extension or web vault? The trade off here seems to be between fingerprintability and convenience + phishing protection. Is addy.io more effective as a website or a browser extension?
  A: Just use Duck Duck Go email aliases (or the other aliasing services Bitwarden supports) and link them to Bitwarden, which will generate aliases for you, you are knocking out two birds with one stone.

• Is it a good practice to register all online accounts to a single Proton Mail account using aliases, or should different email addresses be used?
  A: Compartmentalising your activities with different email address is pointless due to the existence of email aliases (I think)!

• What are some ways that people can deanonymize themselves online? PG says: 'We know people can quite easily deanonymise themselves in a number of ways, e.g.: Reusing personal information (e.g., email accounts, unique pseudonyms, etc.) that they accessed without anonymity software (Tor, VPN , etc.).' What does this mean, and how can it be prevented?
  A: It means that if someone has access to your info across sites, and you use this same email on two or more these sites, even with anonymity software, they will know who you are, by tying info about you from another site that you may have accessed without anonymity.
  @wojciechxtx also provided this example: By mistakenly attaching EXIF data for example.

• Is **Orbot** recommended as a VPN on iOS, the problem is it is unusably slow, so shouldProtonVPN be used?
  A: I and others think you can use either, except for when you are connecting to the iOS Tor Browser, which itself suggests you use Orbot.

• What is the best alternative for multi-factor authentication (MFA) if physical keys are not convenient? Is TOTP the next best option?
  A: Pretty sure its TOTP (time-based one-time passwords are generated securely and expire after 30 seconds).

• Is Thunderbird hardening recommended? Is this a one-time process or does it require regular updates?
  A: It’s a pain to do (instruction are here), but I haven’t had to update it since.

• Which iOS email client is more suitable for a non-Proton email account: Apple Mail or Canary? Is Canary’s encryption worth paying for?

• What is the purpose and benefit of OpenPGP and how can it be used?
  A: its purpose is email encryption, it is built into Thunderbird. For all other cases these are used.

• What is Mailvelope (still not entirely sure) and why is it listed in the email clients section?
  A: a browser extension for email encryption using OpenPGP. No idea why it is not in the encryption software section.

• What is the *best* way emails can be encrypted from sender to receiver, even if one or both parties don’t use a privacy-oriented email service provider or OpenPGP encryption software?
  A: Don’t think this is possible, just use Signal.

• Can Thunderbird (an email client) enhance the privacy of email addresses that don’t support encryption by default?
  A:

• Should sending emails and registering accounts be limited to personal computers, or can this be done equally safely on mobile devices? E.g., is it safer to use Proton mail + SimpleLogin on a PC rather than on an iPhone?
  A: Does not matter, in fact mobile phones tend to have better sandboxing (security) and privacy (allegedly). Use Duck Duck Go email aliases on Bitwarden app!

• Are Picocrypt and VeraCrypt redundant if BitLocker is already used on Windows 11?
  A: From my understanding, Picocrypt (used for encrypting single files) is not redundant, since full-disk encryption slows down some actions in the computer, such as file organisation.
  From @overdrawn98901: the benefit of single file encryption is that it can be used as essentially an extra layer of protection. For example, even if a hacker stole your full encrypted computer, by knowing your computer password, the single file encryption is used with a different password, so that is a whole separate issue to crack it. You can also pass around the encrypted file anywhere, e.g., email, copy it on an unencrypted drive - the works, and it’ll be secure so long as your password is secure.

• What is the use case for Cryptomator?
  A: designed for privately saving files to any cloud provider. It allows you to create vaults that are stored on a virtual drive, the contents of which are encrypted and synced with your cloud storage provider.

• Is it possible to encrypt files using any other method and then upload them to Proton Drive? Doesn't this make Cryptomator redundant?
  A: To be answered.

• How can passwords in Bitwarden be backed up securely? Is it better to export, encrypt, and save them on Proton Drive using Cryptomator, or on a separate encrypted hard drive using BitLocker?
  A: either encyrpt the backup and save it to the cloud using Cryptomator or encrypt the backup and save it to a hard drive (Picocrypt can be used here).

• Can changing settings within a search engine like DuckDuckGo affect fingerprintability?
  A: Yes apparently.

• What is self-hosting, and what are its pros and cons?
  A: From my understanding, web servers are used to provide people with services when people make requests for them, self-hosting is the act of using a private web server. This means you don’t risk others taking your information from your requests.

• What is the role of the “Router Firmware” page? Is it necessary to install such firmware? What does this software do? Does it allow changing the DNS settings on a wireless router?
  A: Changes how the hardware works, potentially improving privacy, security and performance (I think). ISP firmware could be up to no good.

• I have moved my questions regarding DNS here.

• In general, some PG tool recommendations are vague or incomplete, e.g., the function of the tools and whether they are essential or optional for most users, needs to be explained more clearly.

@aspirin6993 feel free to chime in, if you want.

A lot of these questions can be answered by doing a simple search in the forum or via any search engine, or reading the docs of any of the mentioned tools. For example “What is self-hosting, and is it worth it?” can easily be searched. I recommend doing your homework before asking questions that have been already answered here and in other places. Alternatively, looking at your previous post, consider hiring a consultant or doing your homework first and then ask when you hit a dead end. I don’t believe that we should be spoon-feeding people, it’s a bad habit.

I agree whole heartedly, however, I would like to point out that I have done my research, and read through the entire website, most of these questions have led me to dead ends. This is exacerbated due to my lack of technical knowledge. However, you are right there are some questions that I can answer myself, thus, I have refined the post accordingly.

Most importantly, I think most of these questions reflect what is missing in the Privacy Guides knowledge base and tool recommendations. I think addressing these questions would not only help me, but I think this could help many others in my position.

I think what was especially problematic was my wording, my post was worded as if I needed personal advice for me and me only, I think the opposite is true, so I have amended the wording in my post.

You can have as many browsers as you wish. It doesnt matter. What matters is how (what for) you use internet as each browser has (slightly) different characteristics (strenghts vs. weaknesses).
When should you use Tor? Again, depends on your usage. Same with VPN.

Depends. For things like finances, e-commerce use real data; for everything else: use fake one.

Unless you are server admin, no, not much can be done.

Definitely yes.

Depends on your specific usage.

I’d use none of them TBH. Bitwarden is not very privacy-friendly. Although its very convenient.

Highly recommend it.

Nothing wrong with it.

By mistakenly attaching EXIF data for example.

I use ProtonVPN everywhere and Im good.

You pretty much answered your own question. Id go with MFA.

Id not use Thunderbird in the first place. As of hardening: yes, updates are mandatory.

Again, depenmds on your usage.

Encryption will give you nothing if mail server wasnt configured to support it. Regardless what client you will use.

No idea if there is an app in AppStore.

Openpgp is for encryption.

No idea. Never used Windows 11.

You need to do nothing as passwords are encrypted as soon as you save them/create them in webvault…

Yes.

Self-hosting is state when you host app yourself. You need a VPS/physical server for this. As well as some tech knowlege. Is it worth hassle? Definitely yes.

Shame that the Arkenfox wiki is extremely tedious to read and follow for someone who is a lay person when it comes to technology, I wish the wiki was laid out more simply and using a straightfoward, clear approach.

It is recommended by PG, what do you use/what would you suggest?

Thanks a lot for your effort, all the other answers make sense.

Thats desirable, I agree

Not every recommendation on PG should be strictly followed. PG is not definitive source. There are instances where PG is simply wrong.

Well, there are plenty mail clients available; you have to test one-by-one and see what suits your likes/needs.
For personal use (on my private laptop) I use Proton Mail web interface (dann well architected both UI and UX wise). On business computer I have no other option but to use Apple Mail.

No problem at all

Ok, thanks a lot! My main question is, since I am using Proton Mail for my main account, I do not need an app client, I can use a web client, however, for my University email account the web client is outlook, would it be better to use thunderbird as a client? Hence, why I asked whether using a client that is not ‘native’ to the email address provider, could provide improved privacy compared to ‘native’ client.

If your university provided you with pre-configured web-accessible Outlook, than you can also configure any client thats available out there. Either manually or by providing so called mail profile file; this way there is no need for you to fill all the data (smtp and so on) that Outlook (or any other client) uses to connect with mail-server.

@Sprout3425 just out of curiosity, on what Proton plan are you? Free or paid one?

Free one. Thanks for your previous response btw.

If you don’t live in a country where using Tor puts a target on you, as much as you can.

Always

Depends on where you live. In some countries the orders will never arrive with a fake name.

You can’t.

The extension.

It’s only fingerprintable on Chromium browsers. Simply use a separate browser profile for logins.

Aliases. Never give away your real email.

There are a zillion ways.

TOTP is not great, because it doesn’t provide protection against phishing or evilginx. Security keys or passkeys are the way to go.

Yes

Android and iOS are much safer against malware than your personal computer.

No. But it’s recommended to not have persistent data in your browser, so your settings are gone on next start anyway.

I’d love for everyone who believe VPN should always be used to back up their claims.

Lets say I have a Gmail, or Facebook account. The second I log on a VPN they still know who I am.

For VPN to obscure your privacy you’d need to restart your entire online life…

The only reason to go all in VPN is if you live somewhere where your ISP is less trustworthy than the myriad of VPNs out there.

IP is an important data point and VPNs have barely any usability disadvantages.

Sure, but they might not be able to track you cross-site with the help of your IP, because you share the VPN IP with many others

…such as?

Lots of good answers, so I’ll also throw in my two cents as well.

I think what you are having difficulty with is assessing a threat model for yourself. In short, how much privacy is good enough for you? I don’t think there is such a thing as 100% privacy, even in the real world. With this, you’ll want to understand the implications of what choices to make or what not to make. This also comes with understanding the technology, which can be overwhelming to newcomers.

With this, here is a great article to read on MDN which should answer a lot of questions for you about the tech. And remember Security is not the same as Privacy, you can achieve both independently, sometimes together.

Lastly, a lot of these questions are about not fully understanding the technologies. This is definitely hard for newcomers, and I don’t have a solution to this.

When is it advisable to use Tor? Having three browsers (Firefox, Mullvad and Tor) seems redundant.

Different browsers for different purposes. Tor Browser is maximum privacy, but a lot of websites will block you. To get around that, you’ll need a backup browser if there are sites you wish to interact with (Firefox or Mullvad Browser generally). Firefox is less unique than Mullvad Browser (fingerprinting is slightly harder), but doesn’t have as good of privacy configurations out of the box. Honestly any option is better than chrome imo.

When should a VPN be used, exactly? PG says: it is useful when anonymity is needed, but when is anonymity needed in the first place?

You’ll have to answer this yourself. In general, if you are accessing sites using HTTPS (HTTP Secure, or encrypted), then most of your web traffic is encrypted to and from the website. However, its decrypted on the website, and all of the metadata of the request can be read from the site. Even then, sites can give you JavaScript which can pull even more information about your device and location. The VPN’s paid for your use case (there are different use cases for VPNs) will route all of your traffic through a different computer essentially, obscuring your location. This doesn’t necessarily protect your from other tracking methods like cookies.

Personally, VPNs don’t have to be your first step in privacy, and are slightly overhyped in my opinion. Great for security on unsecure networks like public WiFi, but there better first free options to anonymizing yourself. I’d say pay for a VPN once you understand the use case for it.

How should people handle their personal information for online orders? Is it recommended to use their real name or a fake name or initials?

You’ll want to read up on data laws regarding how people can store their information. In general, the worst case in these scenarios (I believe) are the following:

1. Merchant sells your data. Bigger concern for big companies like Amazon, not as concerning for small business. They may use some sort of analytics, but its often just reporting.
2. Data breaches. Largest concern in my opinion, and the worst is getting leaking metadata on your name, phones, e-mails, and password hashes. Definitely annoying, and I had to shut down one of my e-mails as too many websites have been associated with breaches.

If your online threat model doesn’t allow then, then you should be going to stores and paying in cash. Keep in mind Credit Card companies probably sell every ounce of metadata you are worth, but its a price of convenience.

How can people avoid receiving unencrypted order confirmation emails that contain their personal data?

Pretty much impossible. But again, whats your threat model? Are you worried someone has breached our e-mail secretly and is monitoring all of your e-mails? That some high class level attacks (if you’ve secured your accounts), you probably don’t need to worry about that. Worried that Gmail is analyzing your emails or something? Switch to a paid e-mail provider, there are suggestions in the guide.

Is it recommended to use a VPN when purchasing online, even when using a real-life identity? PG says: ‘Using a VPN in cases where you’re using your real-life or well-known identity online is unlikely be useful,’ and ‘When purchasing online, ideally you should do so over Tor.’ However, PG also suggests using a VPN before connecting to Tor. This seems contradictory, and may require further clarification.

This is confusing and should be clarified. I think understanding how Tor and VPN works will give you a better idea. In general, they recommend a VPN before Tor, so that if someone traces your entry Tor Node, its the VPN. This isn’t about identity, its about security.

I think the “Using Tor when purchasing online” should be explained further.

What are some good Firefox extensions to enhance privacy and security? uBlock Origin on ‘medium mode’ and Skip Redirect are recommended by uBlock and Arkenfox, as extensions.

Security <> Privacy. More extensions, the more unique your fingerprint, but the more likely you can block malicious content. uBlock Origin is the only one you need in my opinion as the best bang-for-buck for privacy + security.

Is it better to use Bitwarden’s extension or web vault? The trade off here seems to be between fingerprintability, and convenience + phishing protection. Is addy.io more effective as a website or a browser extension?

Its a tradeoff. I go for convenience, and have the web extension.

Is it a good practice to register all online accounts to a single Proton Mail account using aliases, or should different email addresses be used?

Depends on your threat model. This usually goes back to if companies will sell your data, how much of that you want tied back to specific IP address if used, and so on so forth. Using aliases is likely the best bet.

What are some ways that people can deanonymize themselves online? PG says: ‘We know people can quite easily deanonymise themselves in a number of ways, e.g.: Reusing personal information (e.g., email accounts, unique pseudonyms, etc.) that they accessed without anonymity software (Tor, VPN , etc.).’ What does this mean, and how can it be prevented?

Deanonymize means to no longer be anonymous. There are cases where even if you use all the privacy respecting tech, proclaiming your name is John Doe living at 123 Street is gonna ruin the purpose of that.

Is Orbot recommended as a VPN on iOS, the problem is it is unusably slow, so shouldProtonVPN be used?

I haven’t used Orbot. I generally don’t like to trust free VPNs (whats in it for them?), so I pay for mine. Don’t use free VPNs.

What is the best alternative for multi-factor authentication (MFA) if physical keys are not convenient? Is TOTP the next best option?

Depends on your threat model. I have a specific system and redundancy (backup options so I don’t get locked out).

• I have Raivo TOTP on my phone. Only used for Bitwarden.
• I have a backup physical key to unlock Bitwarden in case my phone explodes.
• All other TOTP is in Bitwarden.

Is Thunderbird hardening recommended? Is this a one-time process or does it require regular updates?

One time process, so I’d just recommend doing it. Feel free to double check its still configured after major updates though.

Which iOS email client is more suitable for a non-Proton email account: Apple Mail or Canary? Is Canary’s encryption worth paying for?

I use Apple Mail, as I don’t use non-Proton email for anything I don’t want leaked.

What is the purpose and benefit of OpenPGP (answer: email encryption), and how can it be used? What is Mailvelope (still not entirely sure) and why is it listed in the email clients section?

Email is sent in plaintext and is the “HTTP” of email. OpenPGP is like the HTTPS of e-mail. Problem is, most people don’t use it. This goes down to your threat model - is it a problem that your e-mails are unencrypted? What are you specifically worried about?

What is the best way emails can be encrypted from sender to receiver, even if one or both parties don’t use a privacy-oriented email service provider? Can Thunderbird (an email client) enhance the privacy of email addresses that don’t support encryption by default?

Encrypted e-mails using OpenPGP is the point - even the email service provider can’t read it. You can technically manually encrypt/decrypt emails, so the email provider isn’t the problem. Again, its the threat model - what are you specifically trying to prevent in this scenario?

Should sending emails and registering accounts be limited to personal computers, or can this be done equally safely on mobile devices? E.g., is it safer to use Proton mail + SimpleLogin on a PC rather than on an iPhone?

Depends on your threat model. This is more a security question. If you are looking for privacy, then I’d say iPhone is probably better than Windows, but its still proprietary.

Are Picocrypt and VeraCrypt redundant if BitLocker is already used on Windows 11? From my understanding, Picocrypt (used for encrypting single files) is not redundant, since full-disk encryption slows down some actions in the computer, such as file organisation. What is the use case for Cryptomator? Is it possible to encrypt files using any other method and then upload them to Proton Drive?

This is more-so a security issue. Single file encryption != full drive encryption. Single file encryption has different use cases than full drive encryption. Full drive encryption is useful is someone steals your computer, than cannot arbitrarily read everything you have stored (i’ve recovered data easily from computers that were unencrypted); however, if your computer is left unlocked or a hacker has the password, they can read everything. Single file encryption is just that - even if a hacker stole your computer, knows your computer password, the single file encryption is used with a different password, so that is a whole separate issue to crack it. You can also pass around the encrypted file anywhere - email, copy it on an enencrypted drive - the works, and it’ll be secure so long as your password is secure.

How can passwords in Bitwarden be backed up securely? Is it better to export, encrypt, and save them on Proton Drive using Cryptomator, or on a separate encrypted hard drive using BitLocker?

This is more-so security. Bitwarden will export plaintext in some form. You definitely should encrypt the information in some manner. This depends on your threat model - if you upload to Proton Drive in plain text (which is encrypted on their server), how paranoid are you that someone is going to breach your Proton Drive? Encrypting the file then uploading to Proton Drive is extremely secure, just don’t lose the password to the backup file.

• Can changing settings within a search engine like DuckDuckGo affect fingerprintability?

This goes to understanding how Cookies work. I’d recommend reading up on then. Might not be an issue. If this is an issue, use a privacy respecting search engine like SearXNG.

What is self-hosting, and what are its pros and cons? From my understanding, web servers are used to provide people with services when people make requests for them, self-hosting is the act of using a private web server.

In short, I have a computer (server) running in my closet with Linux installed that runs services through a VPN. I own the computer, I know exactly what it does (ignoring the rabbit hole of Intel ME or LibreBoot stuff). I own it. If I want to use the same service hosted by another entity, its running on their computers doing whatever it is they do. How do I know they aren’t tracking me? Again, this comes down to threat model - typically, most people are fine with renting out a VPS from someone else to do their hosting, and its perfectly acceptable. As the saying goes: There is no cloud, just someone else's computer.

Is it worth the hassle? Depends… if you aren’t interested in setting up and maintaining a server, its going to become quite the side project. But its very rewarding once you get it working.

What is the role of the “Router Firmware” page? Is it necessary to install such firmware? What does this software do? Does it allow changing the DNS settings on a wireless router?

Depends on your threat model. Do you trust the router firmware running is not doing anything malicious? In general, I’d recommend ditching whatever your ISP gives you, and buy your own router. Then,

In general**, some PG tool recommendations are vague or incomplete, e.g., the function of the tools and whether they are essential or optional for most users, needs to be explained more clearly.

This is a hard issue for newcomers, and I think privacy guides could improve in this - explaining the tech and pros/cons a bit more. Its a hard transition to wanting to gain privacy and also learning how basic networking works.

As always, feel free to correct me.

This is true. Well to give you some context, the idea behind the recommendations specifically is that they’re for people who are already looking for a specific tool, like “I know I really need a notebook, but I don’t know which one,” and then they can read Notebooks - Privacy Guides.

It’s not meant to be read like “Privacy Guides has a notebook section, so I guess I need to start using this notebook software now!”

So with that in mind… really none of the tools are “essential.” Except perhaps tools that are recommended in the Knowledge Base section, but in that case we do explain why we generally consider them to be essential, like when we say you should almost certainly use a VPN and have a whole page about why.

TL;DR: if a tool isn’t mentioned in the knowledge base it is not essential.

All this being said… we definitely can still improve on this problem anyways, probably something I’ll work on this year.

Third party cookies won’t give a shit if you’re at your home address one day and VPN the other day.

VPN is only effective if you wipe out your online existence and never accidentally connect without it again - on an account linked to your identity prior.

I’m sorry youtubers have made everyone think VPN is a necessity.

If you’re serious about privacy to the point of exclaiming VPN is a must have - connect to TOR and never leave.

But we all have to find a middle ground right? Concealing your online identity is a full time job. Especially if you’re not already well versed about how everything works. Paying for services that claim to protect you often come with pitfalls.

Which private browser doesn’t block or partition third-party cookies?

I provided an MDN link that has some basic info on security and privacy. I’m thinking a beginners guide (single page with a link on the home page) to technology, like that MDN link, and explain what it does and impact would be great. As a power user, I prefer the quick recommendations as a jumping off point, but without pre requisite knowledge, it definitely feels like deep waters.

I’d warn about suggesting the knowledge base being the single source of truth as the only essential tools - not that liability is a concern, but everyone should do additional research for their own use case, as technology, privacy, and security are a moving target.