- Mobian (Supported Devices) - A Debian derivative for mobile devices
- Ubuntu-Touch (Supported Devices) - We are building privacy and freedom focussed mobile software
- GraphenoOS (Supported Devices) - Security and privacy focused mobile OS
- CopperheadOS (Supported Devices) - Security and privacy focused mobile OS
- postmarketOS (Supported Devices) - A real Linux distribution for phones
- CalyxOS (Supported Devices) - Private by Design
- DivestOS (Supported Devices) - A mobile operating system divested from the norm
- LineageOS (Supported Devices) - A free and open-source operating system for various devices
- Project Elixir (Supported Devices) - Unleash Innovation
- Replicant (Supported Devices) - A fully free Android distribution running on several devices
- Kali Mobile (Supported Devices) - Kali NetHunter is a free & Open-source Mobile Penetration Testing Platform
- Nitro Phone - The most secure Android on the planet.
- Liberty Phone - The Freedom and Privacy plus Made in the USA Electronics with a Secure Supply Chain.
- PiPhone - A DIY cellphone based on Raspberry Pi
- AICP (Android Ice Cold Project) - A feature-packed custom ROM for various Android devices.
- AOSiP (Android Open Source illusion Project) - Custom ROM based on AOSP with rich features.
- AOSP Extended - Based on AOSP with added features and customizations.
- ArrowOS - A lightweight ROM focused on performance and efficiency.
- BlissROMs - A ROM that combines stability, features, and customization.
- crDroid - A custom ROM focused on speed, stability, and customization.
- Derpfest - A feature-packed custom ROM with a focus on user experience.
- Dirty Unicorns - A customizable ROM built on AOSP.
- Droid On Time (DOT OS) - A custom Android ROM that focuses on performance and stability.
- /e/ OS - A privacy-focused custom ROM based on Android.
- Evolution X - A ROM based on AOSP with additional enhancements.
- AOSP Extended - AOSP-based ROM with additional features and customization.
- Pixel Experience - A custom ROM that provides a clean and stock Pixel experience.
- ResurrectionRemix - Combines features from various ROMs.
- Havoc-OS - A custom ROM with a ton of features and tweaks for enhanced user experience.
- LineageOS - A popular and open-source custom ROM built on Android.
- OmniROM - A community-driven custom ROM offering many features.
- Paranoid Android - A custom ROM focusing on minimalism and efficiency.
- Pixel Experience Plus - An extended version of Pixel Experience with additional features.
- Resurrection Remix - A popular ROM combining features from many other ROMs.
- SamMobile - Offers firmware for Samsung devices, useful for custom ROM installations.
- Corvus OS - A gaming-centric custom ROM with tweaks for performance.
- Havoc OS - A feature-rich ROM with extensive customization.
- Project Sakura - A custom ROM that focuses on simplicity and stability.
- RevengeOS - A simple and stable custom ROM.
- Superior OS - Lightweight and optimized for performance.
- Syberia OS - An AOSP-based ROM offering balance between features and stability.
- TheUnlockr: Android ROMs - A collection of various Android custom ROMs.
- Xiaomi Firmware Updater - Offers firmware updates for Xiaomi devices.
👷🛠️UNDER CONSTRUCTION🚧🏗
Technology | Decentralization | Anonymity | Resilience | Accessibility | Speed | Challenges |
---|---|---|---|---|---|---|
GSM (Traditional Mobile Networks) | Low | Low | Low (easily surveilled, controlled) | High (widely accessible) | High | Susceptible to government surveillance and control, requires centralized infrastructure. |
Private GSM Networks | Medium | Medium | Medium (localized, difficult to monitor) | Low (requires setup and maintenance) | High | Limited range, regulatory challenges, expensive setup. |
Satellite Phones | Medium | Medium | Medium (can bypass local networks but still traceable) | Low (expensive, regulatory restrictions in some areas) | Medium | High cost, signal blockage issues, legal restrictions in certain countries. |
LoRa Networks | High | Medium | High (independent of traditional infrastructure) | Low (requires specific hardware) | Low | Limited bandwidth, short range without mesh network, specialized hardware needed. |
Mesh Networks | High | Medium | High (difficult to censor/control) | Low to Medium (dependent on community adoption) | Medium | Requires widespread adoption, potential for limited range without sufficient nodes. |
Tor (The Onion Router) | High | High | Medium (can bypass censorship but still dependent on the Internet) | Medium (requires technical knowledge) | Medium | Weak end point, slow speeds, requires Internet access, subject to state attempts at blocking. |
Amateur Radio (Ham Radio) | High | Low to Medium | High (operates independently of state networks) | Low (requires license, specialized equipment) | Low to Medium | Requires technical knowledge, legal restrictions, potential for interference. |
"Reticulum is the cryptography-based networking stack for building local and wide-area networks with readily available hardware. Reticulum can continue to operate even in adverse conditions with very high latency and extremely low bandwidth.
The vision of Reticulum is to allow anyone to operate their own sovereign communication networks, and to make it cheap and easy to cover vast areas with a myriad of independent, interconnectable and autonomous networks. Reticulum is Unstoppable Networks for The People."
- Reticulum Network - A complete networking stack.
Mobile (In)security: To enhance privacy, avoid using mobile devices or consider placing them in a Faraday bag. The GSM network is highly traceable, and even turning off your cell phone may not protect you from tracking.
As well as considering that the phone isn't really switched off, the fact that it has been switched off can already raise suspicions from a “time, place and manner” point of view (geofence context). It seems a good option to leave the phone on at home or to have two phones.
A Faraday bag is a simple, portable enclosure that blocks electromagnetic fields, preventing electronic devices inside from sending or receiving signals. It's useful for protecting your devices from tracking, hacking, or unwanted communication. Below is a step-by-step guide to making your own Faraday bag.
- Aluminum foil (heavy-duty preferred)
- Alternative: Copper or nickel mesh, which offers enhanced shielding and durability.
- Alternative: Conductive metallic fabric or Faraday fabric for a more durable and flexible bag.
- Plastic Ziploc bag or other durable, sealable plastic bag
- Alternative: Mylar bag or any other airtight, non-conductive pouch for better sealing.
- Duct tape or conductive tape (for reinforcement and sealing edges)
- Alternative: Aluminum or copper tape for a more secure, conductive seal.
- Scissors (for cutting foil or fabric)
- Optional: Velcro strips or zip ties (for creating a reusable closure)
👷🛠️UNDER CONSTRUCTION🚧🏗
For intermediate security, it's no military-grade security.
- Consider using a Faraday Bag.
- Be aware of the physical security of your device; if it's seized, immediate access may be possible with Cellebrite despite all protections.
- Keep your device's operating system and apps up to date to mitigate known vulnerabilities.
- Use full-disk encryption to protect data at rest. Both iOS and Android offer this feature.
- Enable a strong, alphanumeric password rather than a simple PIN or pattern.
- Consider using a secondary device for sensitive communication that you do not use for other activities.
- Consider using encrypted messaging apps like Simplex, Session or Signal, which offer end-to-end encryption.
- Use a VPN (Virtual Private Network) to obscure your online activities from ISPs and other intermediaries. Your data could be collect by data brokers and selled to government.
- Disable Wi-Fi, Bluetooth, and GPS when not in use to reduce tracking risks.
- Regularly check app permissions to ensure no unauthorized access to your location or microphe.
👷🛠️UNDER CONSTRUCTION🚧🏗
The GSM network is highly traceable, even a turned-off cell phone is no longer safe.
- Avoid Reusing SIM Cards or Devices:
- Always use a new SIM card and a new device for each communication session. This prevents the possibility of linking different activities together through the same hardware or SIM.
- Avoid Carrying Different Devices Together:
- Never carry your burner phone along with your primary phone or other devices. If you do, the devices can be correlated through proximity tracking or geolocation data.
- Avoid Creating Physical Associations Between Different Devices:
- Use different locations when using different devices. Do not use a burner phone in places you frequently visit or where your primary phone is usually active. This prevents linking the burner to your personal identity.
- Avoid Calling or Being Called by the Same Contacts on Different Devices:
- Make sure that your burner phone is used to contact individuals who do not have your primary phone number. This helps avoid linking different devices through shared contacts.
- Use Cash or Anonymous Payment Methods:
- Purchase burner phones and SIM cards with cash or through anonymous payment methods. Avoid using credit cards or any payment method that can be traced back to you.
- Buy Devices Far from Home:
- Purchase your burner phone and SIM card from locations far from where you live or frequently visit. Avoid places with surveillance cameras that could capture your purchase.
- Disable GPS and Location Services:
- Turn off all location services, GPS, and Wi-Fi on the burner phone to reduce the risk of location tracking. If possible, disable or remove the GPS hardware entirely.
- Avoid Storing Personal Information:
- Do not store any personal information, contacts, or messages on the burner phone. Use it strictly for the intended temporary purpose and dispose of it afterward.
- Use Encrypted Communication Apps:
- When communicating through a burner phone, use encrypted messaging apps like Signal, Session, SimpleX, or Telegram. Be cautious as some apps may still leak metadata.
- Be Aware of IMSI Catchers:
- Avoid areas known to have heavy surveillance or where IMSI catchers (devices that mimic cell towers to intercept communications) might be deployed. These can be used to track and intercept burner phone communications.
- Practice Good Operational Security (OpSec):
- Develop and maintain strict OpSec habits, such as only turning on the burner phone when necessary, and never using it at home or work. Dispose of the phone after use in a secure manner, such as by dismantling and destroying it.
- Remove or Disable Microphones and Cameras:
- Consider physically removing or disabling the phone’s microphones and cameras to prevent audio and video surveillance. Many phones have multiple microphones, often one near the speaker and one near the bottom of the device. These components can be removed or disabled, but doing so may affect the phone's functionality.
- Dispose of the Phone Securely:
- After the phone has served its purpose, dispose of it in a way that ensures it cannot be traced back to you. This may involve physically destroying the device or disposing of it in a location far from where you live or work.
Additional References:
- How to Buy a Burner Phone by LifeHacker
- The Next Generation of Cell-Site Simulators is Here. Here’s What We Know by EFF.
- Schneier on Security - Tag Phones
- Whonix - VoIP
- The WIRED Guide to Protecting Yourself From Government Surveillance
Cryptophones are specialized mobile devices designed to provide secure communication through encryption. One notable example is the Encrochat case, where criminals used highly encrypted phones.
https://www.vice.com/en/tag/encrypted-phones/
Tips and Recommendations:
- Choose cryptophones that have been vetted by reputable cybersecurity experts for potential backdoors or vulnerabilities.
- Be cautious of the supply chain when purchasing a cryptophone; only buy from trusted vendors.
- Regularly update the cryptophone's software to protect against newly discovered vulnerabilities.
- Consider using separate devices for sensitive communication and daily tasks to minimize exposure.
- Always assume that encrypted communication could eventually be decrypted, so limit the sharing of highly sensitive information.
References:
- Encrochat Case - Criminals Building Their Own Communication System
- Vice - Encrochat Hack and Police Arrests
- Forbes - Encrochat Hack Shows Police Reach into the Criminal Web
- Schneier on Security - UFED Phone Hack
- Kaspersky - Forensics and Bypassing Device Encryption
- Citizen Lab - The Theft of Encrypted Smartphones via Government Hacking
Cellebrite's UFED (Universal Forensic Extraction Device) is a powerful tool used by governments to extract data from mobile devices bypassing security features. Understanding the vulnerabilities it exploits can help in securing your devices against such intrusions.
👷🛠️UNDER CONSTRUCTION🚧🏗
Your cell phone is a walking spy. Below is the comparison, when using a burner phone and geofence database, between Internet Tracking (using mobile data with a unique phone ID) and GSM Tracking (SIM/Chip-based with cell tower data).
Aspect | Internet Tracking (Burner Phone with Mobile Data) | GSM Tracking (Burner Phone with SIM/Cell Tower Data) |
---|---|---|
Tracking Method | Burner phone connects to the internet, sending location data through mobile data, with a unique phone ID (IMEI or device ID). | Burner phone connects to cell towers, and its IMSI/IMEI is logged by telecom providers when the phone is used (calls, texts, or mobile data). No internet is needed, or mobile data can be deactivated. |
Location Tracking | Precise location data (IP address, GPS) can pinpoint exact locations. | Location is tracked via the proximity to cell towers. In urban areas, more towers provide a general location, but not pinpoint accuracy. |
Scenario Example | If the burner phone uses mobile data for a call, it can be identified and tracked using its unique ID (IMEI), retroactively correlated with a database (how to call this secret database?). | If the burner phone uses GSM to make a call, its general location can be tracked when it connects to cell towers, retroactively the IMSI/IMEI is logged by telecom providers. Even turning the phone off doesn't reduce traceability, because of the correlation between the area and the time the phone was off. |
Geofence Database Usage | Geofence can be used to collect location data of all devices in a certain area within a specific time frame. This can result in tracking of burner phones in area. | Geofence can also be applied in GSM tracking, collecting location data from all burner phones in a specific area. Telecom providers log IMSI/IMEI, which can link the burner phone to an area. |
• XDA Forums - The largest and most popular Android development community.
• RootzWiki Forums - Community forums for Android rooting and custom ROMs.
• Android Central Forums - General Android discussions, including root.
• Android Forums - Dedicated sections for rooting various Android devices.
• Reddit: r/androidroot - A Reddit community for Android rooting topics.
• Magisk - The leading tool for Android root, offering a systemless rooting method.
• TWRP (Team Win Recovery Project) - A custom recovery solution that enables flashing custom ROMs and other modifications.
• Android Debloater - A tool to remove bloatware from your Android device without root.
• PHONEDB - A database of ROMs and updates for Android devices.
• Pixel Experience - A custom ROM that provides a clean and stock Pixel experience.
• Droid On Time (DOT OS) - A custom Android ROM that focuses on performance and stability.
• TheUnlockr: Android ROMs - A collection of various Android custom ROMs.
• SamMobile - Offers firmware for Samsung devices, useful for custom ROM installations.
• XDA: Samsung Phones - Dedicated sub-forums for Samsung devices on XDA.
• Odin for Samsung - Odin is a tool used to flash firmware onto Samsung devices.
• Frija - A Samsung firmware download tool that simplifies the process of downloading official firmware.
• SamFirm - A legacy tool used to download Samsung stock firmware.
• XDA: Xiaomi/MIUI Devices - XDA sub-forum for Xiaomi and MIUI devices.
• Xiaomi.eu Community - A community for Xiaomi users, known for custom MIUI ROMs.
• MIUI Globe ROM - Custom MIUI ROMs with additional features and optimizations.
• MIUI ROM - A platform providing MIUI ROMs, themes, and updates.
• XDA: Realme Devices - Dedicated sub-forum for Realme devices on XDA.
• Realme Community - Official Realme forums for discussions, troubleshooting, and updates.
• Realme Firmware - A website offering official Realme firmware for various devices.
• GetDroidTips: Realme - Tutorials, firmware, and rooting guides for Realme devices.
• Realme Bootloader Unlock Guide (XDA) - Guide to unlocking the bootloader on Realme devices.
• Realme Official Bootloader Unlock Instructions - Official bootloader unlocking procedure from Realme.
• Realme Software Update Page - Official Realme support page for software updates.
• CyanogenMods: Realme - Custom ROMs and mods for Realme devices.
• XDA: Motorola Phones - Sub-forum for Motorola devices on XDA.
• Motorola Firmware Center - A repository for Motorola stock firmware.
• Motorola Bootloader Unlocking Guide (XDA) - Guide for unlocking Motorola bootloaders.
• Motorola Official Bootloader Unlock - Motorola’s official guide to unlocking the bootloader.
https://xdaforums.com/c/lg.12042/
- F-Droid - A trusted repository for open-source Android apps.
- IzzyOnDroid - An additional F-Droid repository with curated apps.
- DivestOS - A privacy-focused mobile operating system with its own F-Droid repository.
- Aurora Store - A privacy-respecting alternative to the Google Play Store.
Note: For more on secure Android app stores, see Privacy Guides.
For intermediate security, it's not military-grade security, but it adds important layers of protection.
- Shelter - An app for isolating and running apps in a separate sandbox.
- Insular - A fork of Shelter, providing a way to isolate apps from accessing sensitive data.
- Wasted - Send distress signals when you’re in danger.
- Ripple - A distress signal app for activists and journalists.
- Find My Device (FMD) - Locate your Android device in case of theft or loss.
- Extirpater - Securely wipe sensitive data from your device.
- RandomFileMaker - Create random files to overwrite and sanitize data.
- WipeFiles - A file-shredding tool for securely deleting files.
- Exodus - Scan apps for embedded trackers and privacy threats.
- Rethink-App - Firewall and DNS-over-HTTPS protection to block trackers.
- KeePassDX - A powerful password manager supporting KeePass databases.
- Proton Pass - A secure password manager from the makers of ProtonMail.
- FreeOTP - A two-factor authentication application for systems utilizing one-time password protocols.
- Aegis - A 2FA (two-factor authentication) manager for securing logins.
- Yubico - Secure authentication for YubiKey users.
- Encrypt your Android phone - A guide on how and why to encrypt your device.
- Cryptomator - Securely encrypt your cloud storage data.
- Cryptonite (TrueCrypt) - An Android version of the TrueCrypt encryption software.
- OpenKeychain (OpenPGP) - Manage your PGP keys and encrypt/decrypt messages.
- EDS Lite - Encrypt file containers on Android, similar to TrueCrypt.
- Hash Checker - A tool to verify file integrity with hash functions.
- Hash Easily - Generate hashes (MD5, SHA) for files and strings.
- InviZible - An all-in-one tool that combines Tor, DNSCrypt, and I2P for anonymous browsing.
- Orbot - Use Tor to browse the web anonymously on your Android device.
- Orfox - A privacy-focused web browser for use with Orbot, based on Tor Browser.
- orWall Project - Put your apps behind Orbot and block all unwanted traffic in one go.
- Florisboard (Beta) - A fast, open-source keyboard with modern features.
- AnySoftKeyboard - A privacy-focused, customizable keyboard with multiple language support.
- Simple Keyboard - Simply keyboard and nothing more.
- Hackers Keyboard - A full 5-row keyboard for terminal use, coding, and more.
- EtchDroid - Create bootable USB drives from your Android device.
- Android Faker - Spoof device information for testing and anonymity.
- Free implementation of Play Services - microG: A free and open-source implementation of Google Play Services.
- Phones Reference - GSMArena - Comprehensive phone specifications and reviews.
- Phones Reference - PhoneScoop - Phone specs, comparisons, and analysis.
- AndroidQF - A tool to extract Android app metadata.
👷🛠️UNDER CONSTRUCTION🚧🏗
Instant Messaging Communication
Communicate with friends and family as if you're in a war room.
- Session Desktop
- Session Android
- Session Group List
- Session Paper
- Session and Australia’s Laws to Circumvent Secure Communications
- 404 Media - Encrypted Chat App ‘Session’ Leaves Australia After Visit From Police
Feature | Session | SimpleX | Signal | Telegram |
---|---|---|---|---|
Protocol Type | LibP2P | Custom (Double Ratchet) | Signal Protocol (Double Ratchet) | MTProto |
Primary Use Case | Anonymous, decentralized messaging | Privacy-focused messaging | Privacy-focused messaging | General messaging, media sharing |
Encryption | End-to-end encryption (default) | End-to-end encryption (default) | End-to-end encryption (default) | Client-server encryption (default), End-to-end encryption (Secret Chats) |
Decentralization | Fully decentralized (no central servers) | Decentralized communication nodes | Centralized servers | Centralized servers |
Identity Management | Anonymous (no phone number or email required) | Username-based (no phone number required) | Phone number-based | Phone number-based |
Message Persistence | Client-side only (no cloud storage) | Client-side only (no cloud storage) | Client-side only (optional backup) | Cloud storage (optional local storage) |
Group Chats | Supported | Supported | Up to 1,000 members | Up to 200,000 members |
File Sharing | Limited to client-side capacity | Limited to client-side capacity | Supports files up to 100MB | Supports large files (up to 2GB) |
Metadata Protection | Strong (no central server metadata storage) | Strong (no central server metadata storage) | Strong (minimizes metadata collection) | Limited (metadata stored on servers) |
Open Source | Fully open-source | Fully open-source | Fully open-source | Partially (client is open-source, server is proprietary) |
Cross-Platform Availability | iOS, Android, Windows, macOS, Linux | iOS, Android, Linux, Web | iOS, Android, Windows, macOS, Linux | iOS, Android, Windows, macOS, Linux, Web |
License | GPLv3 | AGPLv3 | GPLv3 | Custom (Telegram license) |
- Anonymous Chat, IRC, XMPP in Whonix: whonix.org/wiki/Chat
- XMPP vs Matrix vs MQTT: rst.software/blog
Protocol | Protocol Type | Primary Use Case | Architecture | Scalability | Message Format | Security Features | Offline Support | Quality of Service | Supported Clients | Extensibility | License |
---|---|---|---|---|---|---|---|---|---|---|---|
Matrix | Decentralized Messaging | Real-time Messaging | Decentralized | High | JSON | End-to-End Encryption (E2EE), Cross-device Sync | Yes | Medium (depends on network quality) | Web, Mobile, Desktop | Highly Extensible | Apache License 2.0 |
Signal Protocol | Secure Messaging | Private Communication | Centralized | Medium | Protobuf | Forward Secrecy, Deniable Authentication, E2EE | Yes (for queued messages) | High | Mobile, Desktop | Limited Extensibility | GPLv3 |
XMPP with OMEMO | Instant Messaging | Messaging and Presence | Decentralized | High | XML | End-to-End Encryption (OMEMO), Multi-device Support | Yes | Medium | Web, Mobile, Desktop | Moderate Extensibility | GPL |
MQTT with TLS | Lightweight Messaging | IoT Messaging | Centralized | High | Binary | TLS for data encryption | No | High (QoS levels 0, 1, 2) | IoT Devices, Mobile, Desktop | Extensible | OASIS Standard |
CoAP with DTLS | IoT Protocol | Resource-Constrained Devices | Centralized | Medium | Binary (CBOR) | DTLS for secure communication | No | Medium | IoT Devices | Moderate Extensibility | IETF Standard |
AMQP with TLS | Message-Oriented Middleware | Reliable Messaging | Decentralized | High | Binary | TLS for secure message transmission | No | High | Web, Mobile, IoT | Extensible | Apache License 2.0 |
LwM2M with DTLS | Device Management | IoT Device Management | Centralized | Medium | TLV, JSON, CBOR | DTLS for secure device communication | No | Medium | IoT Devices | Moderate Extensibility | OMA License |
RTP with SRTP | Real-Time Media | Audio/Video Streaming | Centralized | High | RTP | SRTP for media encryption and authentication | No | Real-time | Web, Mobile | Low Extensibility | IETF Standard |
SIP with SIPS | Session Initiation Protocol | VoIP Communication | Centralized | Medium | Text-based | SIPS (TLS) for secure signaling | No | Medium | Web, Mobile, Desktop | Moderate Extensibility | Various (RFC) |
WebRTC | Peer-to-Peer Communication | Audio/Video Communication | P2P | High | RTP/RTCP | DTLS for data, SRTP for media encryption | No | Real-time | Web, Mobile | Low Extensibility | Various (BSD, MIT) |
- BurnerApp - Disposable Cell Numbers
- Textverified - Disposable Cell Numbers
- SilentLink - Instant eSIM
- MySudo - Talk, text, email, browse and pay privately all-in-one app.
- hs3x.com
- smsget.net
- sms-online.co
- catchsms.com
- sms-receive.net
- sms.sellaite.com
- receivefreesms.net
- receive-a-sms.com
- receivesmsonline.in
- receivefreesms.com
- receivesmsonline.me
- smsreceivefree.com
- smsreceiveonline.com
- receive-sms-online.com
- receivesmsonline.net
- temp-mails.com
- freeonlinephone.org
- getfreesmsnumber.com
Telegram
Be cautious of impersonators. Always verify Telegram bios as scammers may leave their own nickname blank. Beware of fake notifications about logins, phishing links, and fake bots that may DM you first. Check official Telegram news and tips channels.
“No regular Telegram chats (1:1 or group) are end-to-end encrypted. Only secret chats are E2E encrypted.”
- Phone Number → Who can see my phone number: Nobody
- Phone Number → Who can find me by my number: My Contacts
- Last Seen and Online → Who can see my timestamp: Nobody
- Profile Photo → Who can see my profile photo: My Contacts
- Calls → Who can call me: My Contacts (or Nobody)
- Calls → Peer-to-peer: My Contacts (or Nobody to avoid exposing your IP)
- When starting a call, verify the emojis at the top-right corner with the other person to prevent MitM attacks.
- Forwarded Messages → Who can add a link to my account: My Contacts
- Groups and Channels → Who can add me: My Contacts
- Disable sticker loop animations. Animated stickers are a security risk.
- Disable auto-downloading (Wi-Fi and cellular): Privacy and Security → Data Settings
- Set up 2FA (cloud password)
- Disable P2P calls and secret chats if you don’t want to expose your IP address.
- Disable link and image previews in secret chats: Privacy and Security settings
- Disable autoplay GIFs: Learn more
- Never activate or DM any Telegram bot. Only use public chat bots via commands.
- When opening PDFs (e.g., CVs), use Dangerzone or Google Drive's preview mode.
- Monitor active sessions and terminate inactive ones. Be wary of session stealers.
- If you receive a login alert, verify it through the official Telegram notification and news channels. Scammers may impersonate these to steal your account.
- Check out this Telegram security guide.
- Learn more about Telegram limitations: GitHub Project | Crowdin Translation
Discord
- Use a randomly generated password. Use password managers like KeePassXC or BitWarden to generate and store your passwords. Learn more.
- Enable two-factor authentication (2FA) in User Settings. Discord supports apps like Aegis or Authy (disable multi-device for better security).
- Configure privacy settings under Privacy and Safety. Choose whether to allow direct messages from server members. Note: some servers with Captcha or verification bots may require DMs to be open.
- In Privacy and Safety, set who can add you as a friend. For higher security, you can restrict friend requests to only server members or no one.
- Use a VPN. Alternatively, rent a VPS and set up your own open-source VPN server. Learn more.
- A scammer selects a victim from a Discord channel.
- The scammer creates a fake account impersonating the target.
- He begins causing trouble in the channel, leading to a ban.
- Using Discord Nitro tricks, the scammer fools moderators into banning the real target's account.
- After the ban, the scammer creates a fake discussion image showing the moderators banning the target.
- Pretending to be a moderator, the scammer contacts the target via DM, offering to help reverse the ban.
- The scammer creates urgency and asks the target to prove innocence by joining a Discord call.
- He instructs the target to open Discord Developer Tools and reveal their Discord token, giving full access to the account.
- The scammer then takes control of the target’s account, potentially causing damage to the victim or their organization.
- Simple Dialer
- Simple Contacts Pro SE
- Simple Contacts
- Simple SMS-Messenger
- Simple Clock
- Simple Calendar
- Simple Calculator
- Simple Launcher
- Simple Music Player
- Simple File-Manager
- Simple Notes
- Neo-Launcher
- Lawnchair 2 - Continuation of Lawnchair 1; Pixel features; fork of Launcher3.
- Lawndesk - Fork of Lawnchair V2; app-drawer-free launcher.
- Librechair - Degoogled; fork of Lawnchair V2 & Launcher3.
- LawnChair 12 - Continuation of LawnChair V2 with support for QuickSwitch and more. Includes simple design, themed icons, and wallpaper-based theming.
- NewPipe - Lightweight Google-free YouTube client.
- LibreTube - An alternative YouTube front-end for Android.
- Collabora Office
- CryptPad - Alternative to Google Docs.
- AdAway - Ad blocker for Android using the hosts file (root permission recommended).
- Blokada - Ad blocker for Android using the VPN API.
- DNSfilter - Ad blocker for Android using a VPN, supports hosts files.
- DNS66 - Blocks advertisements by intercepting DNS requests using the VPN layer.
- NetGuard - Simple and advanced ways to block internet access (no root required).
- RethinkDNS + Firewall - DNS over HTTPS/Tor/DNSCrypt client, firewall, and connection tracker.
- Lemmy - Alternative to Reddit
- Kbin - Alternative to Reddit
- Saidit.net - Alternative to Reddit.
- Mastodon - Alternative to Twitter
- Nitter - Alternative front-end to Twitter.
- Diaspora - Alternative to Facebook.
- Pixelfed - Alternative to Instagram.
- Nostr - Open protocol for decentralized social media and communication.