a.k.a. Anti-Virus, Anti-Spyware, Anti-Adware, etc.

Windows Defender is built into Windows 10 and provides Malware protection by default; just run your UPDATES
Most devices include Anti-Malware protection as part of their UPDATES
It is generally more important to UPDATE than to add additional layers of protection.
Multiple Anti-Malware software that is designed to work alone may even conflict and attempt to detect and remove each other!

Sophos Home Free for macOS


Backblaze - The 3-2-1 Backup Strategy
A 3-2-1 strategy means having at least 3 total copies of your data, 2 of which are local but on different mediums (read: devices), and at least 1 copy offsite.

2 of which are local but on different mediums:

at least 1 copy offsite:

  • Device(s) stored in different physical location(s) far enough apart to avoid simultaneous loss/theft
  • Other Cloud Storage Providers (Amazon, Google, Microsoft, etc.)
  • Backblaze – Paid service: Never lose a file again. Get unlimited cloud backup for your Mac or PC.

Other Backups

Make sure these backups are either in your 3-2-1 Backup Strategy or an equal/better solution.

  • Spinbackup for Individual use – Automatic Cloud-to-Cloud Backup & Recovery
    for Personal Google Accounts: Gmail, Calendar, Contacts, Drive, and Photos. FREE up to 4GB, then 50GB for $48/year.
  • Cake – Free End of Life Planning



Password Managers


  • EFF Surveillance Self-Defense – Surveillance Self-Defense: TIPS, TOOLS AND HOW-TOS FOR SAFER ONLINE COMMUNICATIONS
  • The Coalition Against Stalkerware – convened in 2019 in order to facilitate communication between those organizations working to combat domestic violence and the security community.
  • Security Checklist – An open source checklist of resources designed to improve your online privacy and security.
  • ThinkPrivacy – It’s your data. It’s time you take control of it.
  • Restore Privacy – Your online privacy and security resource center. Giving you the tools and information you need to restore your privacy, secure your devices, and stay safe online.
  • – Provides knowledge and tools to protect your privacy against global mass surveillance.
  • Prism Break – Opt out of global data surveillance programs like PRISM, XKeyscore and Tempora. Stop governments from spying on you by encrypting your communications and ending your reliance on proprietary services.
  • Plain Text Project - Tools – This is an ever-expanding list of tools that can help you work and live more efficiently in plain text.
  • Opensource.Builders – Find open-source alternatives for your favorite apps
  • Two-Factor Authentication - What Is It and Why You Should Use It

Secure Messaging

How to: Avoid Phishing Attacks
How to Choose the Right Messenger

  • Signal – Fast, simple, secure. Privacy that fits in your pocket.
  • ProtonMail – Secure Encrypted Email Based in Switzerland.
  • Keybase – Secure groups, files, and chat for everyone! 250 gigabytes free!
  • Element (formerly Riot) – All-in-one secure chat app for teams, friends and organizations. Keeps conversations in your control, safe from data-mining and ads. Talk to everyone through the open global Matrix network, protected by proper end-to-end encryption.
  • Briar – Tor/Bluetooth Secure messaging, anywhere. (Android only)

Secure File Storage / Sharing

  • Keybase – Secure groups, files, and chat for everyone! 250 gigabytes free!
  • Cryptomator – Free client-side encryption for your cloud files. Open source software: No backdoors, no registration.
  • Boxcryptor – Allows you to create and use local device-only encrypted vaults without requiring an account.
  • Syncthing – Syncthing replaces proprietary sync and cloud services with something open, trustworthy and decentralized.
  • VeraCrypt – VeraCrypt is a free open source disk encryption software for Windows, Mac OSX and Linux.

Security Plan (Threat Modeling)


  • Abine Blur – Simply better passwords, payments, & privacy.
  • Android Find My Device – If you’ve added a Google Account to your device, Find My Device is automatically turned on.
  • Apple iCloud Find My – One place to find your (Apple) devices and friends.
  • CryptPad – CryptPad is a private-by-design alternative to popular office tools and cloud services. All the content stored on CryptPad is encrypted before being sent, which means nobody can access your data unless you give them the keys (not even us).
  • Internet Archive – Internet Archive is a non-profit library of millions of free books, movies, software, music, websites, and more.
  • JotForm – Great alternative to Google Forms and features Encrypted Forms!
  • NeverSSL – This website is for when you try to open Facebook, Google, Amazon, etc on a wifi network, and nothing happens. Type “” into your browser’s url bar, and you’ll be able to log on.
  • RiseUp – Provides online communication tools for people and groups working on liberatory social change.
  • RiseUp Pad – Real-time group collaboration of text documents. Riseup does not store IP addresses, we require https, and pads are automatically destroyed after 30 days of inactivity.
  • Spinbackup for Individual use – Automatic Cloud-to-Cloud Backup & Recovery
    for Personal Google Accounts: Gmail, Calendar, Contacts, Drive, and Photos. FREE up to 4GB, then 50GB for $48/year.


  • Abine DeleteMe – Because it’s too easy for anyone to find you.
  • iVerify – iVerify monitors your device security, notifies you when an issue is detected, and provides actionable steps to take to mitigate any risks. Paid App: $2.99, iOS Only


  • KeePassXC – KeePassXC allows me to store my TOTP secrets. Doesn’t this alleviate any advantage of two-factor authentication?
  • FreeOTP – Free and Open Source Software (FOSS) App for TOTP (Google Authenticator) and HOTP One-Time Passcodes (OTP)
  • Two Factor Auth (2FA) – List of websites and whether or not they support 2FA.
    NOTE: The previous owner of left the project and sold it to a third-party. New Domain is:
  • USB Dongle Authentication – List of websites and whether or not they support One Time Passwords (OTP) or Universal 2nd Factor (U2F).


Remember to run a BACKUP before Updates to avoid potential data loss!

UEFI / BIOS / Firmware / Driver Updates

Apple, Microsoft Surface, and Google Chromebooks perform these updates through their built-in regular update applications.
Note that you may need to check with the vendor of any custom/specific devices (SuperMicro, system76, Purism, PINE64, etc.)

If a device or program have become Unsupported / End of Life / Obsolete you should fully upgrade/replace ASAP.


  • EFF - Choosing the VPN that’s right for you
  • ProtonVPN – High-speed Swiss VPN that safeguards your privacy.
  • RiseupVPN – Personal VPN service for censorship circumvention, location anonymization and traffic encryption.
  • Mozilla VPN – Security you can rely on. A name you can trust. A VPN from the trusted pioneer in internet privacy.
  • Mullvad VPN – In a society increasingly determined to erode that right, a fast, trustworthy and easy-to-use VPN is a good first step toward reclaiming it.

Web Browsing

How to: Avoid Phishing Attacks

  • Firefox – Firefox is made by Mozilla, the non-profit champions of a healthy internet.
  • Firefox Focus – A dedicated privacy browser with tracking protection and content blocking for your smartphone (iOS & Android)
  • DuckDuckGo – The search engine that doesn’t track you.

Web Browser Extensions / Add-ons

Web Browsing: Anonymous

  • Tor Browser Bundle – Tor Browser contains everything you need to safely browse the Internet.
  • OnionShare – Open source tool that lets you securely and anonymously share a file of any size.
  • Tails – Tails is a live operating system, that you can start on almost any computer from a DVD, USB stick, or SD card. It aims at preserving your privacy and anonymity.
  • Whonix – Whonix is a desktop operating system designed for advanced security and privacy.