Look what fell off a truck in Base64.

Out of curiosity, if you’re on a Pixel, why not choose GrapheneOS?

Raivo is “source available” actually. No real way to verify if it actually running the code available either. There is also no legal way to fork it from my understanding.

For the moment I’ve settled on 2FAS as the best iOS replacement. I’ve used Tofu, but its inability to export is a dealbreaker, and the lack of updates is troubling.

So I tend to agree with the PrivacyGuides.org Team on this one. I’ll break it down slightly differently though. Brave isn’t BAD per se, but I strongly prefer not using a Chromium based browser unless it’s 100% necessary.

Most private and secure but frustrating to use: Tor Browser

Private and secure, still frustrating for daily use: Mullvad Browser

Able to be private and secure, defaults aren’t perfect. Firefox + uBlock Origin

Private and secure by default, potentially slowly updates and a smaller team might impact security. LibreWolf

Chromium Based Browser with good Security and Privacy, defaults aren’t perfect: Brave

Chromium based browser with good privacy, but potentially slow updates and a smaller team. Ungoogled Chromium + uBlock Origin

Happy to have introduced you! 🙂 Hope you find it as helpful as I have.

I don’t feel like leaving the PG community at the moment, but here are a few suggestions that come to mind after reading your list.

Search: SearXNG

MacOS Firewall: Lulu

DNS: NextDNS

Email Alias: AnonAddy

2FA: 2 FAS, iOS and Android

2FA: Remove Ravio (sold to sketchy app maker MobiMe). I consider this compromised until proven otherwise.

YT Proxies: Yattee (iOS App)

File Encryption: Cryptomator (File encryption app, optimized for the cloud)

Notes: Joplin

Podcast: Podverse

Graphics: Digikam ente

Oh for sure. The manual down ranking of Russian search results didn’t really bother me, but the undisclosed inability to block Microsoft tracking in their browser was enough to have me avoid it going forward. Not a good look, especially when there are already better options in the space.

Any reason for not just using PrivacyGuides.org instead? I like seeing a lot of variety, but PrivacyGuides seems like the cream of the crop in my opinion.

I find Brave’s dependence on Chromium (and therefore Google) to be troubling. They don’t have the engineering team to keep up with Google as they continue backtracking on the “Don’t Be Evil” motto.

For the same reason, I prefer Brave Search over DuckDuckGo. DDG relies almost entirely on Bing for its results. In comparison, Brave Search has a completely independent search index and does its own web crawling.

I realize there are exceptions to this, and you might fall into that category, but…

Most of the time when websites say they require a particular app, they actually don’t. Like if a website says to use Google Authenticator, you can actually use any TOTP app. There is even a workaround for using Steam’s TOTP without their app.

Don’t be scared to just try importing the QR or text based code into another app when you are signing up for a service. A functioning website won’t let you progress to the next screen without having the proper code in your app.

Edit: After digging into 2FAS, I think it is now my top choice. Seems like more of a drop in replacement for Raivo. https://2fas.com/

My second choice is (as of this edit) Owky. I’ve not seen anyone talking about it, but it’s FOSS and has the ability to export your TOTP codes.

Im a little worried about it not being maintained though, since it’s a single developer.

https://apps.apple.com/us/app/owky-two-factor-authenticator/id1602245257

Other options I’ve considered:

Tofu Authenticator. Unfortunately it’s basic though and lacks the ability to export.

ente Authenticator. Account required, and I’m a little undecided on the company. Might be a serious option though.

Range is an issue, but Bluetooth can reach up-to 100 meters. It depends on a lot of factors.

If you have a lot of people with it installed, I believe it also has the ability to bounce from one device to another (like Briar).

Just a few reasons off the top of my head:

Service disruptions, protest communications, censorship resistance, and emergency service communication in areas without cell service (ocean, wilderness, etc).

Yeah, I’m not huge on the web3 stuff and P2P has some drawbacks in terms of function, but having the ability to message cross-platform over Bluetooth is amazing.

That being said, I’m not planning to switch over from Signal anytime soon for my primary communications.

For iOS:

Fully FOSS:

• Organic Maps - Offline Maps
• Yattee - YouTube Frontend
• BookPlayer - Audiobook Reader
• NetNewsWire - RSS Reader
• Signal - Encrypted Messaging
• Element - Matrix Client
• OrBot - Tor VPN Alternative
• Swiftfin - Jellyfin Client
• VLC - Media Player
• Metapho - Remove EXIF Data
• Privacy Blur - Blurring Photos
• Raivo - 2FA
• Firefox Focus - Web Browser
• Mastodon - Official Mastodon Client
• PixelFed - Official PixelFed Client
• Sync - Reddit App (RIP?)
• Mlem - Lemmy App (currently testing)
• KDE Connect - Airdrop Alternative
• Berty - Encrypted Messenger with Offline Capabilities

FOSS, but with a paid tier:

• KeePassium: Offline Password Manager
• Slide for Reddit - Reddit App (RIP)
• AdGuard - Content Blocker
• Bitwarden - Password Manager
• Joplin - Note App
• Podverse - Podcast App
• NextDNS - DNS Filtering
• Invoice Ninja - Invoicing Software
• SimpleLogin - Email Aliasing
• ProtonMail - Encrypted Email
• ProtonCalendar - Encrypted Calendar
• Proton Drive - Encrypted Cloud Storage (Testflight is Full)
• ProtonVPN - VPN
• Standard Notes - Encrypted Notes
• Notesnook - Encrypted Notes
• Tutanota - Encrypted Email & Calendar

Paid Only, but Open Source:

• Cryptomator - File Encryption
• ente Photos - Encrypted Photo Backup
• Mullvad VPN - VPN
• IVPN - VPN

Privacy Friendly, but not FOSS apps:

• QuickScan - Document Scanner
• Hello Weather - Weather App
• MySudo - Phone Number Aliasing
• Mobius Sync - Syncthing Client
• Privacy.com - Virtual Credit Cards

Edit: Added ente Photos, Mullvad, IVPN, Tutanota, Standard Notes, Notesnook, and Berty

I mean, they most certainly have the technical ability to hack anyone. If you think they don’t strategically stockpile and use zero-days, you aren’t paying attention.