Opt out of PRISM, the NSA’s global data surveillance program. Stop the American government from spying on you by encrypting your communications and ending your reliance on proprietary services.

Web browser

Proprietary

  • Apple Safari
  • Google Chrome
  • Microsoft Internet Explorer

Notes

Use a combination of Tor Browser and another free browser to surf the web. Try to use Tor for everything. Browsing the web may be a bit slower, but it's far more secure.

Note that using Tor Browser to log into PayPal or a banking website may trip the website's fraud protection software.

Users of Tor Browser should also be aware that logging into HTTP (instead of HTTPS) websites may result in your credentials being captured by a malicious exit node.

Note that Firefox uses Google search by default. Google search should be replaced by more private alternatives.

Why are Chromium, SRWare Iron, et al. not recommended on PRISM Break? More info here.

Web browser add-ons

 

Notes

Safeguard your privacy and stop websites from tracking you by installing Adblock Edge, Disconnect, and HTTPS Everywhere in your web browser.

Ghostery is a proprietary alternative to Disconnect. While the code is closed source, Ghostery’s database of tracking sites is more thorough and openly available, unlike Disconnect.

Why not Adblock Plus? Adblock Plus shows “acceptable ads”.

Maps

Proprietary

  • Apple Maps
  • Google Maps
  • Microsoft Bing Maps

Notes

“If you spend time contributing to OpenStreetMap you are helping a good cause, and building a geographic database of the world which is free and open for all and forever.”

OpenStreetMap Wiki

Instant messaging

Proprietary

  • AOL Instant Messenger
  • Google Talk
  • OS X Messages
  • WhatsApp Messenger
  • Yahoo! Messenger
  • Viber Messenger

Notes

“Off-the-Record Messaging, commonly referred to as OTR, is a cryptographic protocol that provides strong encryption for instant messaging conversations. OTR uses a combination of the AES symmetric-key algorithm, the Diffie–Hellman key exchange, and the SHA-1 hash function. In addition to authentication and encryption, OTR provides perfect forward secrecy and malleable encryption.

The primary motivation behind the protocol was providing deniability for the conversation participants while keeping conversations confidential, like a private conversation in real life, or off the record in journalism sourcing.”

Wikipedia

Note that Pidgin stores your IM account passwords in plain text. You can avoid this either by never saving your password in Pidgin, or encrypting your file system with software like TrueCrypt.

TorChat is not related to nor sponsored by the official Tor Project.

Video conferencing & VoIP

Proprietary

  • FaceTime
  • Google+ Hangouts
  • Google Talk
  • Skype

Notes

Jitsi is a drop-in, encrypted replacement for almost all the tasks Skype is used for. Please not that that Jitsi may request non-secure information during encrypted chat if you paste a link into it.

Also, if Jitsi is set up to use Tor, it may leak DNS information by not using Tor for DNS resolution.

Mumble an open source voice chat client in the style of Ventrilo and TeamSpeak.

CSIPSimple and Linphone currently have unresolved security weaknesses.

WebRTC is an upcoming, promising browser to browser communications API.

Cloud storage

Proprietary

  • Apple iCloud
  • Dropbox
  • Google Drive
  • Microsoft SkyDrive

Notes

Why not BitTorrent Sync? While the BitTorrent protocol is free, BitTorrent Sync is currently proprietary software.

Why not MEGA? While MEGA is free as in beer, the software is proprietary.

Why not SpiderOak? SpiderOak is proprietary software.

Why not Tarsnap? Tarsnap is partially proprietary and hosts your data on Amazon Web Services.

Document collaboration

Proprietary

  • Google Docs
  • Microsoft Office Web Apps
  • Zoho Office Suite

Notes

--

Media publishing

Proprietary

  • Flickr
  • Instagram
  • Picasa
  • Tumblr
  • YouTube

Notes

Self-hosting your media is important for privacy and security. Hosting your blog on WordPress.com is no better for your data security than Blogger or Tumblr.

Warning: Using avatars in WordPress will activate Gravatar, which which will send your email address to gravatar.com. Avatars are activated by default and can be turned off under “Settings > Discussion > Avatars”.

Email services

Proprietary

  • Google Gmail
  • Microsoft Exchange
  • Microsoft Outlook.com
  • Yahoo! Mail

Notes

Bitmessage is a promising alternative to email, but it’s is not ready for daily usage. Use at your own risk.

MyKolab is hosted in Switzerland and benefits from the strong Swiss privacy laws. It is run with free software and lets you export all your data.

Riseup is hosted in the USA. It’s also beginning to offer VPN, chat, and etherpad services.

Why not Hushmail? See 'compromises to email privacy'.

The only way to have full control over your email is to run your own mail server (e.g. with Kolab). This is not for everyone though, as it requires considerable time investment and technical knowledge.

While not complete yet, the FreedomBox project is aiming at creating a turnkey solution for encrypted communications.

Email encryption

 

Notes

“Pretty Good Privacy (PGP) is a data encryption and decryption computer program that provides cryptographic privacy and authentication for data communication. PGP is often used for signing, encrypting and decrypting texts, e-mails, files, directories and whole disk partitions to increase the security of e-mail communications.”

Wikipedia

S/MIME is an another email encryption scheme that may be of interest. It’s supported by default in many email clients (Thunderbird, Outlook, iOS Mail) and arguably easier to use than PGP.

Online transactions

Proprietary

  • PayPal
  • Google Wallet

Notes

The Bitcoin blockchain is a decentralized, public ledger of all transactions in the Bitcoin network.

“It may be the TCP/IP of money.” —Paul Buchheit

Web analytics

Proprietary

  • Google Analytics

Notes

Piwik analytics powers this site. It‘s set up to anonymize the last two bits (255.255.???.???) of visitor IPs. Check out the live data here: prism-break.org/analytics and view our privacy policy.

DNS provider

Proprietary

  • Google Public DNS

Notes

Google Public DNS permanently logs your ISP and location information for analysis. Your IP address is also stored for 24 hours.

OpenNIC has not adopted an official policy concerning log query privacy/anonymization. You may choose anonymous DNS servers on this page.

Darknet

 

Notes

“A darknet is an anonymizing network where connections are made only between trusted peers.

Darknets are distinct from other distributed P2P networks as sharing is anonymous, and therefore users can communicate with little fear of governmental or corporate interference.“

Wikipedia

Meshnet

 

Notes

A meshnet is a decentralized peer-to-peer network, with user-controlled physical links that are usually wireless.

“Mesh networking (topology) is a type of networking where each node must not only capture and disseminate its own data, but also serve as a relay for other nodes, that is, it must collaborate to propagate the data in the network.”

Wikipedia

Android

Proprietary

  • Google Android
  • Google Play

Notes

CyanogenMod licensing: “CyanogenMod does still include various hardware-specific code, which is also slowly being open-sourced anyway.” —Wikipedia

F-Droid is a free alternative to the Google Play app store.

iOS

Proprietary

  • Apple iOS

Notes

iOS is a proprietary operating system whose source code is not available for auditing by third parties. You should entrust neither your communications nor your data to a closed source device.

Operating system

Proprietary

  • Apple OS X
  • Google Chrome OS
  • Microsoft Windows

Notes

Apple, Google, and Microsoft are allegedly a part of PRISM. Their proprietary operating systems cannot be trusted to safeguard your personal information from the NSA.

This leaves us with two free alternatives: GNU/Linux and BSD.

GNU/Linux has a much larger community to help you with the transition. It’s recommended that you begin your explorations by looking for a GNU/Linux distribution that suits your needs.

Linux Mint is probably the easiest-to-use distribution for people migrating from Microsft Windows. We recommend the no-codecs edition, as the others are encumbered with software patents. More info.

Canonical’s Ubuntu is not recommended by PRISM Break because it contains Amazon ads and data leaks by default.

XMPP Server

Proprietary

Notes

“Extensible Messaging and Presence Protocol (XMPP) is a communications protocol for message-oriented middleware based on XML (Extensible Markup Language). The protocol was originally named Jabber, and was developed by the Jabber open-source community in 1999 for near real-time, instant messaging (IM), presence information, and contact list maintenance. Designed to be extensible, the protocol has also been used for publish-subscribe systems, signalling for VoIP, video, file transfer, gaming, Internet of Things applications such as the smart grid, and social networking services.”

Wikipedia

SIP Server

Proprietary

Notes

“The Session Initiation Protocol (SIP) is a signaling communications protocol, widely used for controlling multimedia communication sessions such as voice and video calls over Internet Protocol (IP) networks.”

Wikipedia

What is “free software”?

“Free software” means software that respects users’ freedom and community. Roughly, the users have the freedom to run, copy, distribute, study, change and improve the software. With these freedoms, the users (both individually and collectively) control the program and what it does for them. (more …)

The Free Software Foundation

Take action against PRISM.

MASSIVE SURVEILLANCE EXPOSED

Recent reports by the Guardian and the Washington Post confirm secret spying programs on phone records and Internet activity. It‘s time for a full accounting of America’s secret spying programs—and an end to unconstitutional surveillance. (more …)

The Electronic Frontier Foundation

Mentioned by the media.

Catalan

German

English

Spanish

French

Italian

Dutch

Polish

Portuguese

Russian

Swedish

Chinese (Simplified)