Free Libre and Open Source Software Applications that are safe and useful for unionists, labour and social justice activists:
There’s no need to fear if you’re worried about keeping your online activities private. Tools and tactics are available to help anyone — be they journalists, activists and human rights defenders or just individuals concerned about online privacy — secure their online activities and control the information they share.
No technology tool or resource is perfect, nor can they guarantee you 100% privacy or information security online. You should only use tools which fit your own personal security needs so think about what information you want to keep private before committing to a tool.
We recommend using Free and open-source software tools, because their security credentials and weaknesses can be independently verified and using them can make surveillance or invasion of privacy much more difficult.
The following is a quick list of alternative tools and platforms that will help secure your private information . We’ve also provided links to step-by-step hands-on guides for their installation and use, where possible.
If you’d like to learn more, you should take a look at:
Mozilla Firefox – Secure web browser
Some popular browsers, such as Safari, or Internet Explorer, are not open source, meaning that their code cannot be analysed and the security they claim to offer can’t be independently verified by the community. Others browsers are partially open source, such as Google Chrome, could still be used to gather information about your activities by linking them to your Google account.
Mozilla Firefox is a free, open-source web browser which was developed by a non-profit organisation which has a commitment to protecting user privacy. Furthermore, its privacy features can be enhanced through a number of add-ons.
Tor Browser Bundle – Anonymous and secure web browser
Whenever you visit a website or communicate (such as via email) through a web browser, traces of your activities are left behind in the form of your IP address, which is like the postal address of your computer, as well as through other means such as the cookies that may be sent to your browser. This means that many websites can track your visit and build a profile of you based on your activities.
If you want your browsing activities and location to be anonymised, we recommend you use Tor Browser. Tor is designed to increase the anonymity of your activities on the Internet. It disguises your identity and protects your on-line activities from many forms of Internet surveillance, by directing your internet traffic through a network of proxies. Tor can also be used to bypass Internet filters.
Many popular web search engines, such as Google or Bing, collect and aggregate data about your web searches and may pass them on to third parties. They may also link them to any other services you use from the same provider, such as your Google Mail, Google Plus, Microsoft Outlook or Skype accounts, creating a detailed profile of your online activities.
Duck Duck Go is a web search engine which does not pass on search requests to third parties, or store any information about users.
Many commercial email providers, such as Google or Yahoo, collect a huge amount of user information which can be handed over to third parties from advertising companies to governments. Furthermore, some do not offer users an encrypted connection (known as HTTPS or SSL) by default, meaning that emails are sent in ‘plain text’ and readable by malicious hackers, Internet Service Providers, and others with access to the networks as they travel between users’ devices and the email provider’s servers.
Riseup is a collective organization dedicated to providing private and secure email and hosting services for individuals and organisations committed to political and social justice.
Although Riseup is a secure email service managed by trustworthy advocates of Internet privacy and security, an unusual email service may attract unwarranted attention. It might make more sense in some situations, to blend in by using a popular email service in your country. The goal is to make this decision without compromising your minimum security requirements.
Mozilla Thunderbird with Enigmail and GPG
Mozilla Thunderbird is a free and open source email client for receiving, sending and storing emails. You can manage multiple email accounts through a single program. Enigmail and GnuPG will give you access to authentication, digital signing and encryption to ensure the privacy and security of your email communication.
Social networking sites and online collaboration platforms such as those provided by Facebook and Google are major sources of information for governments or other individual engaging in large- or small-scale surveillance and intelligence gathering, which may invade your privacy.
Crabgrass is an online platform designed for social networking, group collaboration and network organizing. Its group collaboration tools include private wikis, task lists, file repository, and decision making tools.
Some voice and video chat services, store logs of your calls and chats and may hand them over to third parties from advertising companies to governments. In the case of Microsoft’s Skype, this has been a relatively regular practice.
Jitsi is a free, open source software tool which allows for encrypted text chats with OTR form XMPP, Google Talk, Facebook. Yahoo, AIM, ICQ and many other accounts. Furthermore, it facilitates encrypted voice and video calls when used voice and video call accounts, such as Google Talk.
Adium and OTR
Adium is a free and open source client that lets you organize and manage your different Instant Messaging (IM) accounts using a single interface. The Off-the-Record (OTR) plug-in designed for use with Pidgin ensures authenticated and secure communications between users that also use Off-the-Record plugins.
Pidgin and OTR
Many instant messaging service providers, such as Google (Gtalk), Facebook (Facebook Chat), Yahoo (Y! Messenger), and others, store logs of your conversations with your contacts and could hand them over to third parties from advertising companies to governments. It’s recommendable to use these chat accounts with an IM client which allows you to encrypt your chats, so that they can only be read by their intended recipients.
Pidgin is a free and open source client that lets you organize and manage your different Instant Messaging (IM) accounts using a single interface. The Off-the-Record (OTR) plug-in designed for use with Pidgin ensures authenticated and secure communications between users that also use Off-the-Record plugins.
Private Chat – Mobile
Gibberbot is a free and open source application for Android devices, created by the Guardian Project, that lets you organize and manage your different Instant Messaging (IM) accounts using a single interface. It uses Off-the-Record (OTR) software which ensures authenticated and secure communications between clients including Gibberbot, ChatSecure, Jitsi, and Pidgin. Gibberbot can also add a layer of anonymity and protect your communications from many forms of Internet surveillance by connecting through Orbot, which allows your smartphone’s internet traffic to be routed through the Tor network.
ChatSecure is a free open source messaging application for iOs devices that allows users to exchange messages using the Off-the-Record encryption protocol. It is compatible with XMPP (Gtalk, Jabber) and AIM accounts.
Private Call – Mobile
Specifically targeted groups, such as human rights defenders, journalists, and activits, may be subjected to ‘tapping’ of their calls by adversaries with direct or indirect access to the celular phone network.
RedPhone is a Free and Open-Source Software application that encrypts voice communication data sent between two devices that run this application. However it also becomes easier to analyze the traffic it produces and trace it back to you, through your mobile number. RedPhone uses a central server, which is a point of centralization and thus puts RedPhone in a powerful position (of having control over some of this data).
Open Secure Telephony Network (OSTN) and the server provided by the Guardian project, ostel.co, when used with the CSipSimple app, currently offers one of the most secure means to communicate via voice. When using CSipSimple, you never directly communicate with your communication partner, instead all your data is routed through the Ostel server. This makes it much harder to trace your data and find out who you are talking to. Additionally, Ostel doesn’t retain any of this data, except the account data that you need to log in.
Private SMS – Mobile
SMS messages are sent in ‘plain text’ on the mobile network, meaning they are readable by anyone with access to the network such as the service provider or any entity, such as a government, with the power to contol or influence them.
TextSecure is an Android-platform mobile phone application to encrypt text messages (SMS) as they are sent, or while they reside on your phone.
Private Browsing – Mobile
Orbot and Orweb – Anonymous browsing on Android devices
Orbot is an Android-platform mobile phone application created by the Guardian Project, that is designed to increase the anonymity of your activities on the Internet.
Orweb is an free Android-platform mobile phone application, created by the Guardian Project for browsing the internet anonymously in conjunction with Orbot.
The onion browser is an open-source iOS app which routes your browsing traffic through the Tor Network.