Keyboard shortcuts

Press or to navigate between chapters

Press S or / to search in the book

Press ? to show this help

Press Esc to hide this help

Free Your Tech Documentation

Welcome to the official documentation for Free Your Tech. This documentation serves as a guide for understanding our organization’s structure and as a resource for technical guides that align with our mission of promoting digital freedom and independence.

About Free Your Tech

Free Your Tech is an organization dedicated to promoting digital freedom, privacy, and independence through the use of open-source software, open standards, and ethical technology practices.

For more information about our organization, please visit:

What You’ll Find in This Documentation

This documentation is divided into two main sections:

Organization Setup

This section explains how Free Your Tech is structured and operates. It serves both as a reference for current and future members of the organization and as a blueprint for those who wish to create similar organizations. Topics include:

  • Legal structure and governance
  • Financial management practices
  • Tools and services we use

Each topic explains our choices, compares alternatives, and provides guidance.

Technical Guides

This section provides practical guides for individuals and organizations seeking to enhance their digital freedom and privacy. Topics include:

  • Email setup and best practices
  • Secure chat and communication
  • Operating system choices
  • Smartphone privacy and security
  • Web browser configuration
  • Password management

Purpose of This Documentation

This documentation is designed to:

  1. Ensure continuity and knowledge transfer within Free Your Tech
  2. Help others create similar organizations focused on digital freedom
  3. Provide practical guidance for individuals seeking to improve their digital privacy and independence

We believe in sharing our knowledge and experience to empower more communities to take control of their digital lives.

Contributing

This documentation is maintained in a Git repository hosted on Codeberg. We welcome contributions from community members. If you find an error, have a suggestion, or want to add new content, please feel free to open an issue or submit a pull request.

License

Unless otherwise noted, all content in this documentation is licensed under Creative Commons Attribution-ShareAlike 4.0 International License.

Organization Overview

This chapter describes the components of the organisation and everything needed to know to manage it. The purpose of the organisation is to provide a platform for people with a deep technical knowledge to create services in a transparent and ethical fashion, providing alternatives to members of the organisation and the general public. We believe these goals can be best achieved in an organisation, especially one that is cooperative, democratic and invites collaboration.

The task of the organisation is to manage finances, facilitate transparent collaboration and build credibility through community ownership. These goals are difficult to achieve as an individual or a top-down organisation, such as a private company.

Components

Free Your Tech uses a variety of tools and services to operate effectively while staying aligned with our values of freedom, privacy, and transparency. This page provides an overview of the key tools and services we use.

Legal & Governance

  • Recognized legal entity as a danish voluntary association
  • Statutes that codify the governance of the organisation
  • Privacy policy, a basic necessity when handling private data

General Services

ProviderPurpose
NamesiloDomain registration and DNS
PurelymailEmail and calendar hosting
CodebergGit version control, issues, pull requests, projects
Codeberg PagesStatic content hosting
Codeberg CIAutomation and CI
HetznerHome for our servers

Financial Services

ProviderPurpose
WiseBanking and payments
Open CollectiveMembership, donations, expenses
StripeIntegrated card payment processor

Tech Stack

ToolPurpose
Nix & devenvReproducible development environments
GitVersion control for code and other text based content
ZolaStatic site generator for our website
mdBookStatic documentation generator for our wiki

Legal Structure

Free Your Tech Association operates as a “frivillig forening” (voluntary association) based in Copenhagen, Denmark. This page outlines our legal structure, governance framework, and future organizational plans.

Current Structure: Frivillig Forening

Free Your Tech Association is formally established as a Danish voluntary association (“frivillig forening”), registered with the Danish Business Authority (Erhvervsstyrelsen) with CVR number 45369897. The association was registered on virk and its information can be updated there by its representatives after MitID authentication. The association needs to be renewed there every few years.

What is a Frivillig Forening?

A “frivillig forening” is a common legal structure in Denmark for non-profit organizations, associations, and community groups. It is fast and free to register, and the administrative burdern is very low. Key characteristics include:

  • Legal Recognition: Recognized as a legal entity under Danish law
  • Democratic Governance: Governed by members through a general assembly
  • Non-Profit Status: Operates without the purpose of generating profit for members
  • Organizational Autonomy: Free to establish its own rules within legal boundaries
  • Limited Liability: Members are not personally liable for the association’s obligations

Benefits of the Frivillig Forening Structure

This legal structure offers several advantages that align with our mission and values:

  1. Low Administrative Burden: Minimal bureaucracy and reporting requirements, allowing us to focus on our core activities
  2. Flexibility: Adaptable governance structure that can evolve with our organization
  3. Democratic Control: Ensures all members have a voice in the organization’s direction
  4. Tax Benefits: Potential tax exemptions for activities aligned with our non-profit purpose
  5. Credibility: Formal recognition that enhances our ability to partner with other organizations
  6. Low Barrier to Entry: Simple and cost-effective to establish, requiring only statutes and a founding meeting
  7. Banking Access: Ability to open organizational bank accounts and manage collective finances

Governance Framework

As outlined in our statutes, our governance structure includes:

  • General Assembly: The highest authority, where all members can participate in decision-making
  • Board of Directors: Responsible for daily operations and implementing the decisions of the general assembly
  • Transparent Decision-Making: All major decisions are made collectively with member input
  • Financial Accountability: Regular reporting and oversight of the association’s finances

Future Organizational Development

Registration for VAT

Currently we are not registered for VAT but we aim to be in the future.

Why we are not:

  • it is not legally required
  • extra accounting burden: submitting regular VAT reports

Benefits:

  • No VAT on EU expenses
  • VAT reimbursed for danish expenses

Basically we could lower our expenses if someone is willing to do the accounting work voluntarily for free.

Path to Socialøkonomisk Virksomhed Status

We aim to eventually qualify for “socialøkonomisk virksomhed” (social enterprise) status in Denmark. This designation is granted to organizations that:

  • Operate with a social purpose as their primary objective
  • Reinvest profits in the organization’s social mission
  • Operate independently of public authorities
  • Have inclusive and responsible governance
  • Maintain social business practices

Achieving this status would provide:

  • Enhanced credibility and recognition
  • Access to specific funding opportunities
  • Networking with other social enterprises
  • Potential tax benefits

Governance

This page outlines the governance structure of Free Your Tech Association, describing how decisions are made and responsibilities are distributed within the organization.

Free Your Tech Association’s governance is defined by its statutes and legal status as a Danish “frivillig forening” (voluntary association). This framework establishes clear roles and processes while maintaining the flexibility needed for an evolving organization.

General Assembly

The General Assembly serves as the highest democratic forum within the association. Its functions include:

  • Electing the Board of Directors
  • Approving annual reports and financial statements
  • Making changes to the association’s statutes
  • Setting strategic direction for the organization
  • Deciding on major organizational changes

All members have voting rights at the General Assembly, which is held annually with at least two weeks’ notice to members.

Board of Directors

The Board is responsible for:

  • Day-to-day operations and decision-making
  • Implementing decisions made by the General Assembly
  • Financial management and reporting
  • Representing the association externally
  • Ensuring compliance with relevant regulations

The Board consists of at least one member elected by the General Assembly, who may perform all necessary functions including chairperson, treasurer, and secretary roles.

Delegation of Responsibilities

To effectively manage activities and projects, responsibilities can be delegated to:

  • Ad hoc working groups focused on specific initiatives
  • Individual members with relevant expertise
  • External collaborators or consultants when specialized skills are required

This approach allows for flexible and efficient operations while engaging the broader membership in the association’s work.

Financial Management

This page outlines the financial management structure of Free Your Tech Association, describing how we handle funds, process transactions, and maintain financial transparency.

Financial Infrastructure

Free Your Tech Association utilizes a combination of modern financial tools to manage its operations efficiently and transparently:

Open Collective

Open Collective serves as our primary financial platform, handling:

  • Recurring membership fees
  • One-time donations
  • Expense tracking and reimbursements
  • Transparent financial reporting

All financial transactions are publicly visible on our Open Collective page, allowing members and the public to see how funds are being used.

Payment Processing

We use Stripe integration with Open Collective to securely process card payments for:

  • Membership subscriptions
  • Individual donations
  • Other contributions

This integration ensures secure, reliable payment processing while maintaining the transparency of our Open Collective platform.

Banking

Wise serves as our business bank account, providing:

  • Multi-currency capabilities
  • Low-cost international transfers
  • Integration with Open Collective for expense reimbursements
  • Efficient payment processing for operational expenses

Setup

After signing up for account with all 3 services and providing all necessary documentation, both Stripe and Wise must be connected to Open Collective via the integration on the collective settings page, which will allow receiving money and reimbursing expenses transparently through the platform.

Financial Workflows

Income Management

Open Collevtive has so called tiers which are the different ways supporters can pay the association. There is a default tier for custom donations which can happen both through bank transfers or card payments. Memberships can be configured by setting up a tier with a recurring charge that members can sign up to with their payment card.

Card payments are processed by Stripe for a fee and subsequently trasferred to our chosen bank account, which is currently on Wise. All the income is tracked transparently on Open Collective. Donations via bank transfer go to our Wise account directly without any fee.

Expense Management

Contributors submit expenses through Open Collective. This requires an invoice or receipt and a way to get reimbursed, such as a bank account. We also track other expenses paid from the corporate account here.

Expenses are reviewed and approved by the Board and reimbursed through the Open Collective-Wise integration by the treasurer.

Financial Reporting

As a transparent organization, we maintain open financial records:

  • Real-time Transparency: All transactions are visible on Open Collective
  • Annual Reports: Basic financial reports are published annually for members
  • Financial Review: The General Assembly reviews financial statements as part of the annual meeting

Financial Principles

Our financial management adheres to the following principles:

  • All income and expenses are publicly documented
  • Membership fees are set to cover basic operational costs
  • Low-overhead financial tools minimize administrative costs

Tools and Services

This document provides information about the general services used by Free Your Tech for operations. These services, provided by third-party corporations, include web domains, email servers, web hosting, code hosting, automation, and general-purpose cloud computing.

Domains

The association’s web address - freeyourtech.org - is registered through Namesilo. Their DNS servers route visitors to our web address to the correct servers. Currently, the domain name is registered on the chair’s personal account, pending transfer to an organizational account.

The DNS registry contains entries for our website, documentation, email provider, and servers for future self-hosted services.

Billing

Domains are automatically renewed annually with a fee of $9.49 charged to the associated payment card. Invoices are sent via email and subsequently published on Open Collective after manual upload.

Email & Calendar

Professional business email addresses (e.g., mail@freeyourtech.org) are hosted by Purelymail. Purelymail handles sending and receiving emails, providing a reliable service at a low cost. Each account includes contacts, calendar, tasks, and notes synchronization capabilities. The service is privacy-focused and reliable.

The admin panel controls billing options, mail accounts, and mail routing. Currently under the chair’s personal account, it can be transferred to a separate organizational account as needed.

Billing

The service costs a flat $10 annually with moderate usage. Usage-based pricing is available for heavy use. Fees are automatically charged to the associated card with invoices sent via email. Currently, the chair covers costs personally as the account is shared with other email addresses. Billing is managed here.

Users

User accounts can be viewed, modified, or deleted through the admin panel. Account data is stored with password-derived encryption. Without configured recovery options, encryption keys are not stored on the server.

Routing

Email aliases allow a common address for multiple accounts (e.g., mail@). This facilitates multiple people responding to the same emails while maintaining individual accounts. Particularly useful for routing topic-specific aliases to appropriate personnel. More information is available here.

Webmail

The webmail interface uses the open-source Roundcube UI, providing a standard email reading and writing experience. Multiple accounts can be accessed simultaneously via “Switch User.” Sieve filters can be configured for automatic mail sorting or forwarding.

Clients and Apps

Device-specific documentation is available here. Any application supporting standard IMAP and SMTP protocols can be used with proper configuration.

On iOS, the built-in Mail app works with custom server configuration. Android users can use Thunderbird or K-9 Mail, which automatically recognize server addresses based on DNS configuration. Desktop users can use Thunderbird, while Linux desktop users may prefer Gnome Mail (Geary).

Calendar, Contacts and More

Purelymail provides additional features via WebDAV, CalDAV, and CardDAV standards. Compatible applications can synchronize contacts, calendars, tasks, and notes. This works with built-in iOS apps (except Notes, which synchronizes to a mail account Notes folder).

Android requires a separate synchronization client like DAVx5 (open source and free on F-droid). Recommended applications include Fossify apps for contacts and calendar, and jtx Board for notes and tasks.

Code and Collaboration

Code and text-based resources are hosted on Codeberg, a free and open-source non-profit platform with Git version control. The platform includes collaboration features such as issue tracking and pull requests.

Our organization page at codeberg.org/freeyourtech displays our repositories and projects. Issues can be reported on the relevant repository or on the meta repository.

We host source code for our website, documentation, server infrastructure, and other content. Contributors can fork repositories, implement changes, and submit pull requests for review.

Codeberg functions similarly to GitHub. For small changes, the web editor is sufficient. For larger changes, local development with git and a text editor is recommended. All contributions require a Codeberg account.

To correct a typo in this documentation:

  1. Go to the repository’s page
  2. Fork the repository
  3. Create a branch from main
  4. Find and edit the file using the web editor
  5. Commit the change
  6. Create a pull request from your branch to the main branch of the original repository

Project Management

We use Codeberg issues for task tracking and progress monitoring. The organization projects view provides a kanban-style overview categorized by project.

Billing

Codeberg is free to use. We plan to contribute through an annual membership in the future.

Web Hosting

Our website and documentation are static sites requiring only basic content serving (HTML, CSS, JavaScript). Codeberg Pages provides this service at no cost, eliminating maintenance and security concerns.

Static content placed in our Codeberg repositories is automatically displayed when users navigate to our web address. This requires proper DNS configuration according to Codeberg Pages instructions.

Automation

Codeberg CI, built on Woodpecker, automates tasks triggered by repository updates. For example, our documentation is automatically compiled to a static website whenever source files are updated.

Implementation followed the documentation with appropriate access tokens and configuration.

Cloud Computing

Hetzner, a German web hosting company, provides server infrastructure for Free Your Tech. We use Hetzner Cloud for self-managed services, databases, and applications requiring dedicated server resources, balancing performance, reliability, and cost-effectiveness.

Usage

Initial setup may be performed manually through the Hetzner console for expediency. Our goal is to implement Infrastructure-as-Code in our infra repository for transparency and reproducibility.

Essential paid resources include a VPS with dedicated resources, S3 storage, and an IPv4 address. Server configuration uses NixOS for reproducibility. Database and configuration files are regularly backed up to S3 storage (cloned, archived, and encrypted).

Billing

Hetzner resources have fixed monthly pricing, resulting in consistent monthly bills. Charges are automatically applied to the corporate card with invoices sent via email and subsequently published on Open Collective after manual upload.

Tech Tools

This document outlines the technical tools used by Free Your Tech for collaboration and service development. The information is essential for contributors working on the website, documentation, server infrastructure, and other organizational resources.

Most tools are optimally used via Command-Line Interface, so familiarity with your system’s console or terminal is recommended.

Nix & devenv

Nix is a powerful package manager and system configuration tool that enables reproducible, declarative, and reliable environments. Devenv, built on top of Nix, simplifies development environment creation. Free Your Tech uses these tools to ensure consistent development environments across all contributors and to streamline project setup.

Setup

Running NixOS provides the best experience, though it works well on other Linux distributions, macOS, and WSL2 (Windows). Follow the instructions here to install Nix and devenv. To install devenv with Flakes (required), configure Nix beforehand:

mkdir -p ~/.config/nix
echo "experimental-features = nix-command flakes" >> ~/.config/nix/nix.conf

Usage

For a project with existing devenv configuration:

  • Clone the repository
  • Run devenv up in the project directory

This will set up all required dependencies and start any services.

Resources

Git

Git is a distributed version control system used by Free Your Tech to track changes in source code and text-based content. It enables collaborative development, maintains change history, and facilitates code branching and merging.

Setup

Many systems include Git by default. If yours doesn’t, install it using your preferred package manager or with Nix. For those less comfortable with Git’s CLI, consider using one of the available free and open-source GUI clients. VSCode users may benefit from the Git Graph extension.

Usage

At minimum, you need to understand how to clone repositories, create branches, commit changes, and push commits. For external contributions, we follow a forking workflow: create a fork of the repository on Codeberg, apply and push your changes, then create a Pull Request targeting the original repository.

Regular contributors have push access to the original repositories, but the main branch is protected and requires approved pull requests.

Branches and Pull Requests should be short-lived, focused on single tasks, and easy to review.

Commit Message Conventions

  • Subject line should be 50 characters or less
  • Use imperative mood in the subject line (e.g., “Add” not “Added”)
  • Body should explain what and why, not how
  • Reference issues like so: “Resolves freeyourtech/meta#8”

Resources

Zola

Zola is a fast static site generator written in Rust that Free Your Tech uses to build our public-facing website. It transforms Markdown content into a complete HTML website with consistent design. Our website contains information about our association, along with news articles and guides.

A static site contains no user accounts, databases, APIs, or complex servers. All content is defined in source files that are converted to website files. The server simply makes these files available at the specified web address, resulting in a fast, secure site that requires minimal maintenance.

Usage

Content is organized in the content directory, with each page as a Markdown file with front matter. Sections are created using _index.md files. For local development, clone the repository and run the local server with zola serve (or devenv up) to view your changes live.

The site is automatically built and deployed using Codeberg CI after changes are merged to main, as defined in the woodpecker configuration file.

Resources

mdBook

mdBook is a command-line tool for creating modern online books from Markdown files. Free Your Tech uses mdBook to generate our documentation site, providing a clean, navigable interface for our wiki. While similar to Zola, mdBook is specifically designed for documentation.

Usage

For a project with existing mdBook configuration:

  1. Clone the repository
  2. Run mdbook serve (or devenv up) in the project directory

The documentation structure:

  • book.toml: Configuration file for mdBook
  • src/: Directory containing Markdown files
    • SUMMARY.md: Defines the book structure
    • Other .md files: Content pages

To add new content, create a Markdown file in the appropriate directory and add an entry to SUMMARY.md to include it in the navigation.

The site is automatically built and deployed using Codeberg CI after changes are merged to main, as defined in the woodpecker configuration file.

Resources

Technical Guides Overview

With so many options and conflicting information out there, it’s difficult to pick what devices, apps and providers to go with. It takes a lot of time and effort to look into everything and understand all the important concepts. The goal with these technical guides is to provide simple recommendations based on years of accumulated technical knowledge and experience, and back up the recommendations with relevant background knowledge and comparisons to popular alternatives.

It can also be challenging to switch to a different solution if it needs to be configured or used differently than what we’re used to. Commercial solutions often make it intentionally hard to switch to an alternative. These guides are also meant to provide an introduction to using the recommended solutions and help with a smooth transition.

Considerations

When we make recommendations, we consider freedom, privacy, security, transparency, ease-of-use, and public good among other things. We avoid companies with shady and abusive business practices, and an overt centralisation of power.

Some negative examples are:

  • selling data,
  • profiling,
  • manipulating users,
  • ecosystem lock-in.

Positive examples are:

  • zero-knowledge and zero-trust systems,
  • open-source software,
  • using open protocols,
  • distributed power structures.

Email Providers and Applications Guide

Introduction

Email remains essential for personal and professional communication, often serving as the hub for contacts, calendars, tasks, and notes. Choosing the right provider and applications can significantly impact your privacy, convenience, and ability to manage your digital life effectively.

This guide aims to help you navigate the options available and make informed decisions based on your specific needs.

Understanding Email Provider Considerations

When selecting an email provider, consider privacy policies, storage capacity, additional features, and whether they support using your own domain name. Using a custom domain gives you the freedom to change providers without changing your email address, which is particularly valuable for long-term use.

Provider Options

Google Workspace/Gmail

Google offers a comprehensive suite of services with excellent integration. However, their business model relies on collecting user data for advertising purposes, raising significant privacy concerns. While convenient, trusting a single company with all your digital information presents risks, especially given Google’s history of discontinuing services and changing terms.

ProtonMail

Proton offers a suite of services similar to Google while promising better data protection. However, their ethical standing has become increasingly questionable, and their pricing structure is expensive compared to alternatives. The “all eggs in one basket” problem applies here too—if Proton is compromised or changes policies, you’ll face the challenge of migrating all your services again.

Tutanota

Tutanota provides a user-friendly experience with decent features and a security focus. While they emphasize encryption, email’s inherent protocol limitations mean these benefits are somewhat restricted. Their proprietary system requires using their specific apps, limiting your client choices. Pricing is reasonable but not the most economical option available.

Posteo

Posteo offers excellent service with strong privacy practices at an affordable base price. Its main limitation is the lack of custom domain support, which means you’re locked into their email addresses. They also provide limited base storage (2GB) with relatively expensive additional storage options.

Mailbox.org

This German provider delivers comprehensive services with good privacy practices and custom domain support. However, it comes with account and storage limitations, and premium features can become expensive. The interface may be less intuitive than some competitors.

PurelyMail

PurelyMail stands out for its exceptional value, generous storage, and minimal restrictions. It offers excellent standard protocol support at remarkably low prices. The main drawbacks are its US jurisdiction (potential privacy concerns), smaller company size (limited resources), and a setup process that might challenge non-technical users. For those comfortable with a slightly more technical approach, it provides outstanding value and flexibility.

For most users, we recommend:

  1. If technical comfort allows, choose PurelyMail with your own domain for the best combination of value, features, and future flexibility.
  2. If you prefer simplicity over customization, Tutanota offers a good balance of usability, features, and privacy.
  3. For users primarily concerned with privacy who don’t need custom domains, Posteo provides an excellent service at a reasonable price.
  4. Avoid placing all your digital services with a single provider like Google or Proton unless the convenience outweighs the privacy and vendor lock-in concerns for your specific situation.

Email Client Applications

Your choice of email applications depends on your devices and preferences. Here are reliable options that respect your privacy:

Mobile Applications

iOS: The built-in Mail, Calendar, Contacts, and Reminders apps work well with standard email protocols and provide seamless integration.

Android: Consider open-source options like K-9 Mail, Thunderbird or Fossify Email, and DAVx5 for calendar and contacts synchronization.

Desktop Applications

Thunderbird: Available for Windows, macOS, and Linux, Thunderbird offers a comprehensive solution for email, calendar, and contacts with regular updates and strong community support.

OS-Specific Options:

  • macOS: The built-in Mail, Calendar, and Contacts apps provide good integration with standard protocols.
  • Linux: Evolution and the GNOME suite offer solid functionality for email and related services.

Migrating Between Providers

When changing email providers:

  1. Start by setting up your new account and ensuring it works correctly.
  2. Export contacts and calendar data from your old provider and import them to the new one.
  3. Forward important emails from your old account to your new one.
  4. Update your email address with important services gradually.
  5. Maintain access to your old account during the transition period to catch any missed messages.

Why Use Custom Domains

Using a domain name that you own in your email address means that you are not that dependent on your email provider. If you have an email address ending in @gmail.com, it is a massive effort to change to another provider, because you will have a lot of accounts and contacts that will need to switch to your new address. If your email address end with your own domain name, you can just update the domain configuration to point to the new email provider, which makes switching painless in comparison.

Conclusion

There is no perfect email provider that meets all needs. Your choice should balance privacy, features, usability, and cost according to your personal requirements. Using standard protocols and your own domain name provides the most flexibility for the future.

For most users seeking a balance of privacy, value, and features, PurelyMail with a custom domain represents an excellent choice for those comfortable with a slightly more technical setup. For those prioritizing simplicity, Tutanota offers a good alternative despite its limitations.

Chat and Communication

Introduction

Secure and private communication is essential in today’s digital landscape. This guide examines various messaging solutions, their strengths and weaknesses, and provides recommendations based on security, privacy, and usability considerations.

Key Considerations

When selecting a messaging solution, several factors should be evaluated:

Security: End-to-end encryption, code auditability, and vulnerability management are crucial for protecting your communications.

Privacy: Consider how the application handles metadata, whether it requires personal identifiers, and its data collection practices.

Decentralization: Federated or distributed systems offer greater resilience against censorship and single points of failure.

Usability: The best security features are meaningless if the application is too difficult for regular use.

Adoption: A secure messenger has limited utility if your contacts aren’t using it.

Signal

Signal provides a strong balance of security and usability, making it suitable for most users. It features robust end-to-end encryption, minimal metadata collection, and a user-friendly interface.

Strengths:

  • Strong security with the well-audited Signal Protocol
  • Widely adopted with cross-platform support
  • Feature-rich with voice/video calls, group chats, and disappearing messages
  • Open-source client applications

Limitations:

  • Centralized infrastructure
  • Requires phone number for registration
  • Closed development process

Alternative: Molly, a FOSS fork of Signal, removes Google dependencies and uses UnifiedPush for notifications while maintaining compatibility with the Signal network.

SimpleX Chat

For users with heightened privacy concerns, SimpleX Chat offers a more private and resilient communication platform.

Strengths:

  • Distributed architecture where servers function primarily as message relays
  • No user profiles or identifiers required
  • Each conversation can be established via unique links or QR codes
  • Open-source client and server implementations

Limitations:

  • Smaller user base
  • Less mainstream recognition
  • May require more technical understanding

XMPP (with Conversations)

XMPP is a long-established messaging standard with a focus on extensibility and federation.

Strengths:

  • Decentralized, federated network
  • Long history with proven stability
  • Extensive feature set through extensions
  • Multiple client and server implementations

Limitations:

  • Fragmented ecosystem due to optional extensions
  • Requires both parties to use compatible clients and servers
  • More complex setup compared to standalone applications

Conversations is recommended as an XMPP client for Android users, offering a modern interface with support for essential security extensions.

Telegram

Despite its popularity, Telegram has significant security limitations:

  • End-to-end encryption only in “Secret Chats”
  • Proprietary server-side code
  • Unproven encryption protocol

WhatsApp and Facebook Messenger

These platforms cannot be recommended for secure communications due to:

  • Closed-source implementations
  • Connection to Meta’s data collection ecosystem
  • Lack of transparency regarding security implementations

Element/Matrix

While promising as an open standard, Matrix (typically accessed via Element):

  • Functions better as an IRC replacement than a secure messenger
  • Has reliability challenges
  • Offers a more complex user experience

IRC

Traditional IRC lacks modern security features:

  • No built-in encryption
  • No message persistence without additional tools
  • No identity verification mechanisms

Recommendations

For most users: Signal provides the best balance of security, privacy, and usability. Consider the open-source Molly client for enhanced privacy.

For privacy-focused users: SimpleX Chat offers superior privacy protections and resistance to metadata collection.

For users preferring federated systems: XMPP with the Conversations client and the Free Your Tech! server provides a good alternative.

All three options are solid and can coexist at the same time. The difficult part is getting our contacts to switch over as well. We recommend avoiding the other platforms for private conversations.

Operating Systems for PC

Placeholder for a guide about choosing the operating system, installing it, configuring it and using it correctly.

Short answer is Linux. Recommended Linux distribution for beginners is Fedora Workstation. Runner up is Linux Mint, but it is less up-to-date. Device support can be an issue with some laptops, especially Microsoft Surface. There are manufacturers and models specifically targeting Linux users, those are recommended for better device support.

Avoid commercial systems like Windows, MacOS or ChromeOS. Even if you trust the company behind it, they are subjet to government regulations and enable spying on people. They also limit your control over your system greatly.

Explanation coming later.

Smartphones

Placeholder for a guide about choosing the right smartphone and setting it up correctly.

Recommendation is any of the relatively new Google Pixel smartphones supported by GrapheneOS, such as the Pixel 9.

Pixel 9a support is expected to come a couple weeks after the device is released. Replace stock system with GrapheneOS to get the privacy and freedom benefits.

Alternative recommendation for highly technical and curious, seasoned Linux users only is the Furi FLX1.

Any system controlled by Apple - meaning all iPhones - or Google - meaning basically all Android phones with the default OS is discouraged. Most aftermarket Android derivatives don’t follow good security practices. From what I’ve seen GrapheneOS is the best and CalyxOS is decent. The reason that GrapheneOS is only available on Pixel devices is that most other Android devices have atrocious hardware security or driver support.

To get open-source apps use Droid-ify. If you need proprietary apps, you should download it from the Google Play Store, which GrapheneOS let’s you install in a contained environment where it doesn’t have access to all your data. This is a decent compromise, which lets you use almost every app that you normally use, but doesn’t give anyone control over your device.

More explanation coming later.

Web Browsers

Placeholder for a guide about choosing the right web browser.

Short answer is use Brave. It’s full featured, open-source, free and includes a lot of extra protection. Comes with a lot of extra features that are unnecessary for most people. Turn off ads and Brave rewards.

For people who prefer a Firefox based browser, use LibreWolf. For people who prefer a Chromium based browser and don’t trust Brave, consider Cromite or Ungoogled Chromium. Gnome Web on Linux and Vanadium on GrapheneOS are also decent but lack a lot of features.

Avoid Edge, Chrome, Firefox or similar browsers with tracking and ecosystem lock-in.

Explanation coming later.

Password Management

Placeholder for a guide about choosing the right password manager and using it correctly.

Short answer is use Bitwarden. It’s full featured, free, open-source, end-to-end encrypted, cross-platform, and synchronises your data between your devices.

Alternative recommendation for technical and paranoid people is KeePass and its variants. It’s an offline password manager that can be extended with some external sync solution depending on which apps you use.

Explanation coming later.