/priv/ - Privacy & Anonymity

"the internet never forgets, so stop feeding it"
[ Home ] [ VPNs ] [ Browsers ] [ Operating Systems ] [ Country Restrictions ]
Thread: Operating Systems  •  5 posts  •  last verified against sources Jul 2026

Operating Systems Thread

three different philosophies: forget everything, isolate everything, or just don't phone home. know which one you actually need.
>pick by your actual situation, not vibes
> general privacy from corporate tracking → a hardened mainstream OS is probably enough
> activist / journalist / handles sensitive sources → specialized privacy OS, seriously consider it
> dissident / target of state-level surveillance → maximum-security OS, real operational security discipline required
> the heaviest, most locked-down system is the one you're most likely to abandon after a week. match the tool to the actual risk, not the coolest option

Tails (The Amnesic Incognito Live System)

★★★★★
  • How it runs: boots entirely from a USB stick, leaves nothing on the host computer's internal drive when you shut down
  • Network: routes all traffic through Tor by default, resets its MAC address on every boot to confuse network-level logging
  • Persistence: optional encrypted partition if you want to keep select files between sessions - everything else still reverts to fresh on reboot
  • Pre-installed: Tor Browser, KeePassXC, OnionShare, Thunderbird - the essentials already configured to leak as little as possible
  • Not for: daily driving, heavy workloads, or a machine you actually own and trust - it's built for machines you don't

The right call for a single high-risk session on a computer that isn't yours - a library, an internet café, a borrowed laptop. Not a replacement for your everyday OS.

Sources: expressvpn.com, linuxlap.com (May 2026), stateofsurveillance.org - cross-checked View Website »

Qubes OS

★★★★★
  • Core idea: every task runs in its own isolated virtual machine ("qube") - a compromise in one doesn't reach the rest of the system
  • Built on: the Xen hypervisor, so "work," "personal," and "sensitive" can be fully separated qubes that never touch each other
  • Pairs with: Whonix qubes for Tor-routed work directly inside the compartmentalized setup
  • Trade-off: resource-intensive (realistically wants 16GB RAM and an SSD), steep learning curve, not a casual weekend project
  • Best for: people who need to keep genuinely separate contexts from ever leaking into each other - lawyers, security researchers, journalists with multiple sources

Widely considered the most secure desktop OS that exists, and that reputation is earned. The cost is real complexity - this is the "seriously consider it" option, not the default.

Sources: expressvpn.com (May 2026), dasroot.net, linuxlap.com - cross-checked View Website »

Whonix

★★★★☆
  • Architecture: two virtual machines - a Gateway that routes all traffic through Tor, and a Workstation where you actually work, fully isolated from each other
  • Why it matters: even if malware compromises the Workstation, it still can't discover your real IP, because the Workstation never talks to the network directly
  • Vs. Tails: persistent rather than amnesic - you can save work and maintain state, unlike Tails' fresh-every-boot model
  • Runs on: VirtualBox, KVM, or as qubes inside Qubes OS itself

The pick if you want Tor-level anonymity but also need a working environment that doesn't reset itself every time you shut down. More setup than Tails, more persistence in return.

Sources: expressvpn.com, stateofsurveillance.org, dasroot.net - cross-checked View Website »

GrapheneOS (mobile, Pixel devices)

★★★★★
  • What it removes: Google Play Services and telemetry stripped out entirely by default
  • Hardening: hardened memory allocator, strict app sandboxing, kernel-level mitigations beyond stock Android
  • Hardware tie-in: uses the Pixel's Titan security chip for Verified Boot with user-controlled keys - tamper resistance stock Android doesn't offer
  • App compatibility: can run Google Play apps in an optional sandbox if needed, without giving Play Services system-level access
  • Limitation: only supported on Pixel hardware - no Samsung, no iPhone equivalent

The de-facto standard for a genuinely hardened phone in 2026. If mobile privacy matters to you, this is what security researchers and journalists' security teams actually recommend.

Sources: factually.co, secureblitz.com (Mar 2026), digitalescapetools.com - cross-checked View Website »

>what about just hardened Windows/macOS?
> workable if you want everyday privacy from corporate tracking, not from a real adversary. Windows 11 collects telemetry that can't be fully disabled through settings alone. macOS ties activity to your Apple ID by design
> if that's genuinely your whole threat model, a de-Googled Android via CalyxOS or a hardened Linux distro like Fedora is a reasonable middle ground - not everyone needs Qubes
>honest bottom line
> there is no single "most private OS." there's the one that matches what you're actually protecting against and that you'll still be using in a month
/priv/ - a static reference board. no logs kept because there's no server-side anything to keep them in.
Not affiliated with any project listed here.
Combine with disk encryption, a strong passphrase, and 2FA regardless of which OS you pick.