privacy-toolkit/README.md

🛡️ Privacy Toolkit

A curated collection of privacy-focused tools with automated installation scripts

🎯 Mission

Provide easy-to-install, well-documented privacy tools that protect against common threats:

• Surveillance and tracking
• Data breaches and leaks
• Malicious documents and files
• Metadata exposure
• Network monitoring

🚀 Quick Start

# Clone the repository
git clone https://github.com/rpriven/privacy-toolkit.git
cd privacy-toolkit

# Install a specific tool
./tools/dangerzone/install.sh

# Or use the master installer (coming soon)
./install.sh

📦 Available Tools

🎯 Priority Tools (Install First)

1. Dangerzone - Document sanitization ✅
2. LibreWolf - Privacy-focused Firefox fork ✅
3. mat2 - Metadata removal (via apt-tools)
4. Signal Desktop - Secure messaging (coming soon)
5. Tor Browser - Anonymous browsing (coming soon)
6. BleachBit - Secure deletion (via apt-tools)
7. firejail - App sandboxing (via apt-tools)

See TOOLS-LIST.md for the complete list of planned tools.

🗂️ Categories

• Document Sanitization: Remove malware and tracking from files
• Encryption & Storage: Protect data at rest
• Secure Communication: Private messaging and calls
• Anonymity & Network: Browse and communicate anonymously
• Metadata Removal: Strip identifying information
• Secure Deletion: Permanently erase sensitive data
• Password Management: Secure credential storage
• Email Privacy: Encrypted email communication
• System Hardening: Lock down your system
• DNS Privacy: Prevent DNS surveillance

🔧 Installation Script Features

Each tool installation script includes:

• ✅ Distro detection (Debian/Ubuntu/Fedora/Arch)
• ✅ GPG key verification
• ✅ Dependency checking
• ✅ Post-install verification
• ✅ Usage examples
• ✅ Security best practices

📖 Documentation

Each tool includes:

• README.md: What it does and why you need it
• install.sh: Automated installation
• Threat model: What attacks it protects against
• Usage examples: How to use it effectively

🤝 Contributing

Privacy tools to suggest? Found a bug? Contributions welcome!

1. Fork the repository
2. Create a feature branch
3. Follow the tool template structure
4. Submit a pull request

🔒 Security Principles

• FOSS First: Open source tools are auditable
• Official Sources: Install from official repositories when possible
• Signature Verification: Always verify GPG signatures
• Minimal Trust: Reduce trust in third parties
• Defense in Depth: Layer multiple tools for comprehensive protection

📚 Learning Resources

• Threat Modeling Guide (coming soon)
• Privacy Best Practices (coming soon)
• Tool Verification Guide (coming soon)

⚖️ License

MIT License - See LICENSE for details

🙏 Acknowledgments

• Freedom of the Press Foundation (Dangerzone)
• The Tor Project
• Signal Foundation
• All FOSS privacy tool developers

---

Status: 🚧 Work in Progress Tools Completed: 8/30+ Last Updated: 2025-12-21

💡 Remember: Privacy is a process, not a product. These tools help, but conscious behavior matters more.

🔐 Security Best Practices

Always Verify Signatures and Checksums!

Before installing ANY security software:

1. Download signature files (.asc, .sig)
2. Import developer's GPG key
3. Verify fingerprint against official website
4. Check SHA256 checksum
5. Verify GPG signature

Example verification workflow documented in tool directories (see tools/cryptomator/VERIFICATION.md).

Red flags - DO NOT INSTALL:

• ❌ No signature file available
• ❌ Fingerprint mismatch
• ❌ "BAD signature" from GPG
• ❌ Checksum mismatch
• ❌ Download from unofficial source