<?xml version="1.0"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
	<id>https://wiki.n216.dedyn.io/api.php?action=feedcontributions&amp;feedformat=atom&amp;user=Admin</id>
	<title>Copper9 Wiki - User contributions [en]</title>
	<link rel="self" type="application/atom+xml" href="https://wiki.n216.dedyn.io/api.php?action=feedcontributions&amp;feedformat=atom&amp;user=Admin"/>
	<link rel="alternate" type="text/html" href="https://wiki.n216.dedyn.io/index.php/Special:Contributions/Admin"/>
	<updated>2026-07-07T22:59:02Z</updated>
	<subtitle>User contributions</subtitle>
	<generator>MediaWiki 1.45.4</generator>
	<entry>
		<id>https://wiki.n216.dedyn.io/index.php?title=How_to_bypass_ISP_censorship&amp;diff=79</id>
		<title>How to bypass ISP censorship</title>
		<link rel="alternate" type="text/html" href="https://wiki.n216.dedyn.io/index.php?title=How_to_bypass_ISP_censorship&amp;diff=79"/>
		<updated>2026-06-06T10:44:33Z</updated>

		<summary type="html">&lt;p&gt;Admin: /* V2Ray */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&#039;&#039;A curated list of tools, protocols, and technologies for bypassing internet blocks, inspired by [https://github.com/danoctavian/awesome-anti-censorship this] project.&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
This list focuses on tools and strategies designed to defeat active network-level filtering, such as Deep Packet Inspection (DPI), DNS blocking, and protocol-level blacklisting.&lt;br /&gt;
&lt;br /&gt;
__TOC__&lt;br /&gt;
&lt;br /&gt;
= How Online Content is Blocked =&lt;br /&gt;
Internet blocks are multi-layered systems and not simple on/off switches. Bypassing them is similar to a cat-and-mouse game.&lt;br /&gt;
&lt;br /&gt;
Filtering mechanisms primarily include:&lt;br /&gt;
&lt;br /&gt;
; DNS Filtering / Poisoning / Hijacking&lt;br /&gt;
: The censor intercepts requests to resolve a domain name and either returns no answer or a false IP address. This is the simplest and most common form of blocking, but also the easiest to bypass in some cases. To bypass it, a third party (not from your ISP) DNS server should be used with a DNS protocol supporting encryption like DNS over HTTPS. If blocks are still in place, your ISP may be using DPI.&lt;br /&gt;
; Deep Packet Inspection (DPI)&lt;br /&gt;
: This is a more advanced method. State-level “middle boxes” (like Russia&#039;s TSPU or China&#039;s Great Firewall (GFW)) actively inspect the content of unencrypted (or encrypted for their own certificate authority) traffic. For encrypted traffic, they inspect the “metadata,” such as the Server Name Indication (SNI) in a TLS handshake. The SNI field, which states the domain you are visiting, is unencrypted and provides a simple way for censors to identify and block HTTPS connections. However, even when SNI is encrypted or absent, advanced middle boxes can infer your destination through non-SNI leaks. They achieve this by analyzing TLS fingerprints (like JA4 signatures), monitoring packet sizes and timing patterns to profile websites. Even if a client successfully hides the destination domain during the initial handshake (for instance, by omitting the SNI), censors can simply look at the plaintext certificate returned by the server in some cases. In standard TLS connections below version 1.3, the server sends its X.509 certificate completely unencrypted. Censors intercepting this packet instantly know exactly which website you are communicating with. Bypassing DPI requires specialized programs. If blocks are still in place, your ISP may be using IP blacklisting.&lt;br /&gt;
; IP Blacklisting&lt;br /&gt;
: The censor blocks all network traffic to and from known IP addresses associated with a “forbidden” service (e.g., a VPN provider&#039;s servers or a specific website). Bypassing this is harder and requires connecting to a proxy/VPN server that doesn&#039;t have these restrictions. This can create a chicken-and-egg problem, like a proxy/VPN service being IP blocked but needing a proxy/VPN to bypass it.&lt;br /&gt;
; Protocol Filtering&lt;br /&gt;
: The DPI system is configured to identify and block the “fingerprints” of circumvention protocols themselves. Standard OpenVPN and WireGuard traffic is easily identifiable and is a primary target for blocking. Ports of commonly used protocols can be blocked too (e.g., port 51820 can be blocked to prevent a WireGuard connection if there are no alternative ports).&lt;br /&gt;
&lt;br /&gt;
The tools in this list are all solutions to one or more of these methods. They either:&lt;br /&gt;
# Manipulate packets at a low level to confuse the DPI,&lt;br /&gt;
# Obfuscate (disguise) traffic to look like something benign and unblockable (like standard web traffic), or&lt;br /&gt;
# Decentralize content, so there is no single server to block.&lt;br /&gt;
&lt;br /&gt;
= Censorship Measurement Tools =&lt;br /&gt;
This is a “meta” category. Before you can bypass censorship, you must prove it is happening and understand how. These tools are not for circumvention, but for detection. They are critical for activists, journalists, and researchers.&lt;br /&gt;
&lt;br /&gt;
== [https://ooni.org/ OONI Probe] ==&lt;br /&gt;
The Open Observatory of Network Interference. A free, open-source software and global network for measuring internet censorship. A project born out of The Tor Project, now an independent non-profit. Volunteers run the OONI Probe app on their mobile devices or computers from within 241 countries. The results are aggregated and published on the public OONI Explorer website. It is used to increase transparency, document censorship events globally, and provide hard, verifiable evidence of network interference and blocking.&lt;br /&gt;
&lt;br /&gt;
The app runs a series of tests to check for censorship:&lt;br /&gt;
* &#039;&#039;&#039;Web Connectivity:&#039;&#039;&#039; It tries to access a list of websites (including globally and locally sensitive ones) from the user&#039;s network and from a control network, then compares the results.&lt;br /&gt;
* &#039;&#039;&#039;App Blocking:&#039;&#039;&#039; It tests for blocks on specific apps like WhatsApp, Telegram, and Signal.&lt;br /&gt;
* &#039;&#039;&#039;Circumvention Tool Blocking:&#039;&#039;&#039; It tests if circumvention tools themselves (like Tor, Psiphon, and Lantern) are reachable.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Provides Hard Evidence:&#039;&#039;&#039;&amp;lt;/span&amp;gt; It is the best tool for scientifically proving how and what is being censored on a specific network.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Global &amp;amp; Open Data:&#039;&#039;&#039;&amp;lt;/span&amp;gt; All data is publicly available for analysis, which is an invaluable resource for researchers, journalists, and human rights organizations.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Easy to Use:&#039;&#039;&#039;&amp;lt;/span&amp;gt; The mobile app is simple for non-technical volunteers to run.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Potential Risk to User:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Running OONI Probe is not anonymous. Your ISP and any network monitor can see that you are running it. While OONI states the risk is “theoretical” and no user has faced consequences, this is a real risk in high-stakes environments.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Provocative Tests:&#039;&#039;&#039;&amp;lt;/span&amp;gt; The app intentionally tests “provocative or objectionable sites (e.g., pornography)”, which might be illegal to even attempt to access in some countries, regardless of intent.&lt;br /&gt;
&lt;br /&gt;
= TLDR: I need a tool now! What should I use? =&lt;br /&gt;
&#039;&#039;If you are in a risky situation, please do your research and do not trust any single source (including this one). These quick recommendations are for people with less sensitive threat models.&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
{| class=&amp;quot;wikitable&amp;quot;&lt;br /&gt;
|-&lt;br /&gt;
! Level !! Recommendation&lt;br /&gt;
|-&lt;br /&gt;
| &#039;&#039;&#039;Level 1&#039;&#039;&#039; || DNS over HTTPS (DNS over TLS can be blocked but it may be an easier solution if you use Android &amp;gt;9 since it is built-in) + Encrypted Client Hello (supported by most modern browsers)&lt;br /&gt;
|-&lt;br /&gt;
| &#039;&#039;&#039;Level 2&#039;&#039;&#039; || Level 1 + DPI bypassing (Zapret/GoodbyeDPI/gecit/DPI Tunnel v2/PowerTunnel)&lt;br /&gt;
|-&lt;br /&gt;
| &#039;&#039;&#039;Level 3&#039;&#039;&#039; || Level 2 + WireGuard (preferably with AmneziaWG protocol)&lt;br /&gt;
|-&lt;br /&gt;
| &#039;&#039;&#039;Level 4&#039;&#039;&#039; || Level 3 + tools similar to V2Ray or DNS tunneling (slow)&lt;br /&gt;
|-&lt;br /&gt;
| &#039;&#039;&#039;Level 5&#039;&#039;&#039; || &#039;&#039;&#039;Do Your Own Research If You Still Can&#039;t Connect to Websites&#039;&#039;&#039;&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
= Local DPI Bypass Tools =&lt;br /&gt;
This category of tools is fundamentally different from VPNs. They allow access to specific blocked services without the disruptive side effects of a VPN, such as changing your IP address. They also don&#039;t bypass IP blacklisting. &lt;br /&gt;
&lt;br /&gt;
These tools work by “desynchronizing” the censor&#039;s view of the network connection from the server&#039;s, causing the inspection to fail while allowing the real connection to proceed. They provide no extra encryption or anonymity; your ISP can still see what sites you are visiting, but their automated blocking mechanism is fooled.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/bol-van/zapret Zapret] ==&lt;br /&gt;
A stand-alone, high-performance DPI circumvention tool designed to “desynchronize” DPI systems by manipulating network packets at a low level. Zapret was created primarily to target the “Sovereign Internet” (RuNet) blocking system in Russia.&lt;br /&gt;
&lt;br /&gt;
Zapret is designed to run on a Linux-based gateway, such as a home router running OpenWrt or directly on a user&#039;s Linux desktop.&lt;br /&gt;
&lt;br /&gt;
Zapret uses low-level packet manipulation via components like &amp;lt;code&amp;gt;nfqws&amp;lt;/code&amp;gt; and &amp;lt;code&amp;gt;tpws&amp;lt;/code&amp;gt;. It employs a variety of “DPI desync” techniques, which can be configured by the user. These include sending fake packets (e.g., with the &amp;lt;code&amp;gt;--dpi-desync=fake&amp;lt;/code&amp;gt; parameter), fragmenting packets (&amp;lt;code&amp;gt;--dpi-desync=fakedsplit&amp;lt;/code&amp;gt;), and modifying packet checksums or TTLs to “fool” the inspection system (&amp;lt;code&amp;gt;--dpi-desync-fooling=badsum&amp;lt;/code&amp;gt;). The tool includes a &amp;lt;code&amp;gt;blockcheck.sh&amp;lt;/code&amp;gt; script that a user can run to test and identify the most effective desync parameters for their specific ISP.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;High Performance:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Adds negligible latency. Because it typically only manipulates the first few packets of a connection to break the DPI&#039;s state, it is significantly faster than a full tunnel.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;No IP Change:&#039;&#039;&#039;&amp;lt;/span&amp;gt; This is its most significant advantage. It does not change your public IP address, making it ideal for accessing local, geo-restricted services (like banking, streaming, or city services) that would be broken by a VPN. It also does not need to trust any third party servers.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Transparent:&#039;&#039;&#039;&amp;lt;/span&amp;gt; When installed on a router, it works transparently for all devices on the network (phones, computers, consoles) with no client-side software required.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Adaptive:&#039;&#039;&#039;&amp;lt;/span&amp;gt; It is highly configurable to adapt to the specific, evolving DPI strategies used by different ISPs and nation-states.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;No Extra Privacy or Anonymity:&#039;&#039;&#039;&amp;lt;/span&amp;gt; This is important to know. Zapret does not provide extra privacy or anonymity. Your ISP can still see which sites you are visiting; the tool just prevents the automated block to provide access.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Specific Use Case:&#039;&#039;&#039;&amp;lt;/span&amp;gt; It only defeats DPI. It does not bypass DNS-level blocking (it must be paired with an encrypted DNS service like DoH/DoT) or IP-address-level bans.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/ValdikSS/GoodbyeDPI Goodbye DPI] ==&lt;br /&gt;
A user-friendly DPI circumvention utility designed specifically for the Windows operating system. It runs on a user&#039;s local Windows PC (versions 7 through 11 are supported). It works by installing a Windows filter driver to intercept and modify packets as they leave the machine. It employs multiple methods simultaneously to be effective against a wide range of DPI systems. These methods include: TCP-level fragmentation, HTTP header manipulation (e.g., replacing Host with hoSt, or removing spaces), and sending fake packets with low TTLs to “poison” the DPI&#039;s state and cause it to fail. It also includes modes to redirect DNS requests to non-standard ports to bypass simple DNS poisoning.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Easy to Use:&#039;&#039;&#039;&amp;lt;/span&amp;gt; This is its primary advantage. It is ideal for non-technical Windows users. The most common use case involves just running a single &amp;lt;code&amp;gt;.cmd&amp;lt;/code&amp;gt; script.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;No IP Change:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Shares the same benefits as Zapret; it does not interfere with local, geo-restricted services. Also, no third party to trust.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Effective:&#039;&#039;&#039;&amp;lt;/span&amp;gt; It is designed to actively bypass both “Passive DPI” (which tries to “race” the real server with a fake reset packet) and “Active DPI” (which sits in-line and modifies traffic).&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;No Extra Privacy or Anonymity:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Like Zapret, this provides no extra encryption and is not a privacy tool. It is for access only.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/boratanrikulu/gecit Gecit] ==&lt;br /&gt;
A DPI circumvention utility designed to use eBPF on Linux devices. The advantage of using eBPF is that the program can modify packets faster and at kernel level. It sends fake packets with low TTLs to “poison” the DPI&#039;s state and cause it to fail. It also includes modes to use DNS over HTTPS to bypass simple DNS poisoning.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Easy to Use:&#039;&#039;&#039;&amp;lt;/span&amp;gt; It is ideal for non-technical users too. The most common use case involves just running a single script which installs the tool automatically.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;No IP Change:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Shares the same benefits as Zapret; it does not interfere with local, geo-restricted services. Also, no third party to trust.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;No Extra Privacy or Anonymity:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Like Zapret, this provides no extra encryption and is not a privacy tool. It is for access only.&lt;br /&gt;
&lt;br /&gt;
== Mobile DPI Bypass Tools ==&lt;br /&gt;
Stand-alone, open-source DPI circumvention tools exists on mobile devices too. They are mostly inspired by Zapret. The catch being not being capable as tools designed for computers. They mostly rely on 3 ways to see the packets. Having root, giving the VPN slot to the app, setting up a proxy inside your phone. You will usually have to set the bypass rules manually. Most popular ones are “DPI Tunnel v2”, “Bye DPI”, “Power Tunnel”. They don&#039;t increase battery usage that much compared to VPNs.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;High Performance:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Adds negligible latency. It is significantly faster than a full tunnel. &lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;No IP Change:&#039;&#039;&#039;&amp;lt;/span&amp;gt; It does not change your public IP address, making it ideal for accessing local, geo-restricted services (like banking, streaming, or city services) that would be broken by a VPN. It also does not need to trust any third party servers.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Easy to Use:&#039;&#039;&#039;&amp;lt;/span&amp;gt; After initial configuration, enabling or disabling is only one press.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;No Extra Privacy or Anonymity:&#039;&#039;&#039;&amp;lt;/span&amp;gt; These tools don&#039;t provide extra privacy or anonymity. Your ISP/GSM can still see which sites you are visiting; the tool just prevents the automated block to provide access.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Needs either root or a VPN slot:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Android only allows one active VPN slot at a time. If you are running a DPI bypass app, you cannot simultaneously run a standard VPN or a system-wide ad blocker without root.&lt;br /&gt;
&lt;br /&gt;
= Standard (Non-Obfuscated) Protocols =&lt;br /&gt;
This category includes the standard, “baseline” protocols for proxies and VPNs. These tools are not designed for censorship circumvention and are the primary targets for blocking. Their distinct protocol “fingerprints” make them easy for DPI systems to identify and filter. They are included here as a baseline to illustrate why the more advanced, obfuscated tools in the next section are necessary.&lt;br /&gt;
&lt;br /&gt;
== [https://www.wireguard.com/ WireGuard] ==&lt;br /&gt;
An extremely simple, fast, and modern VPN (Virtual Private Network) protocol. A modern protocol (initial release 2015) that is now part of the Linux kernel. Runs on client and server machines, supported natively or via apps on all major operating systems. It uses state-of-the-art cryptography and has a very small, auditable code base (under 4,000 lines of code). It operates over UDP.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Extremely Fast:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Significantly higher performance and lower latency compared to OpenVPN, due to its lightweight code and modern encryption.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Simple &amp;amp; Secure:&#039;&#039;&#039;&amp;lt;/span&amp;gt; A small code base makes it easier to audit and less susceptible to attack.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Quick Reconnects:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Connects and reconnects almost instantly, making it ideal for mobile devices switching between Wi-Fi and cellular data.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Easily Blocked:&#039;&#039;&#039;&amp;lt;/span&amp;gt; This is its key weakness for censorship. It has a distinct, recognizable protocol fingerprint. It is not designed to bypass DPI and is actively blocked in countries like China and Russia. Protocols like AmneziaWG (modified version of WireGuard designed to prevent DPI) should be used when possible.&lt;br /&gt;
&lt;br /&gt;
== [https://openvpn.net/ OpenVPN] ==&lt;br /&gt;
A mature, open-source, and highly configurable VPN protocol. First released in 2001, it has been the industry standard for over two decades. It uses a custom security protocol based on SSL/TLS. It can run over either TCP or UDP, which makes it flexible.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Mature:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Battle-tested and thoroughly audited for decades.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Flexible:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Can be configured to run over any port and use either TCP or UDP.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Easily Blocked:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Like WireGuard, its handshake is very distinct and easily identified and blocked by DPI systems.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Slow:&#039;&#039;&#039;&amp;lt;/span&amp;gt; It is much slower and has higher latency than WireGuard. Its code base is big (400,000+ lines).&lt;br /&gt;
&lt;br /&gt;
== [https://en.wikipedia.org/wiki/IKEv2 IKEv2/IPsec] ==&lt;br /&gt;
A secure, standards-based VPN protocol (Internet Key Exchange version 2). Developed by Microsoft and Cisco, and standardized by the IETF. Native to most modern operating systems. It is often used in self-hosted setups (like Algo).&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Native Support:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Supported “out of the box” by Windows, Android, macOS, and iOS.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Stable:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Very good at re-establishing a connection quickly when a network drops.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Easily Blocked:&#039;&#039;&#039;&amp;lt;/span&amp;gt; It is not a circumvention tool and is easily detected and blocked by DPI.&lt;br /&gt;
&lt;br /&gt;
== [https://en.wikipedia.org/wiki/SOCKS SOCKS] ==&lt;br /&gt;
A low-level proxy protocol that can route virtually any type of network traffic from any application (SOCKS5 since 1996). A client application sends traffic to a SOCKS5 server, which then forwards it to the final destination. It operates at Layer 5 (the Session Layer).&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Extremely Versatile:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Can handle any type of traffic, including web, P2P, gaming, and email.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not Encrypted:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Provides zero encryption by itself. All traffic is sent in the clear and is fully visible to an ISP.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Trivially Blocked:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Unencrypted, identifiable traffic is extremely easy for any DPI system to inspect and block.&lt;br /&gt;
&lt;br /&gt;
== [https://en.wikipedia.org/wiki/Proxy_server HTTP(S) Proxies / Web Proxies] ==&lt;br /&gt;
A basic, high-level proxy protocol designed exclusively for web (HTTP and HTTPS) traffic. Primarily used by web browsers. It operates at Layer 7 (the Application Layer).&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Simple:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Easy to set up and widely supported by all browsers.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Extremely Limited:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Only works for web traffic.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not Encrypted:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Provides no encryption for your connection to the proxy (when no HTTPS).&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not Anonymous:&#039;&#039;&#039;&amp;lt;/span&amp;gt; HTTP proxies typically add headers (like X-Forwarded-For) that identify the original user&#039;s IP address.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Trivially Blocked:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Very easy to detect and block.&lt;br /&gt;
&lt;br /&gt;
= Obfuscated Proxy Protocols &amp;amp; Platforms =&lt;br /&gt;
This category represents the “engine” for most modern, robust circumvention. The development of these protocols illustrates the “cat-and-mouse” arms race.&lt;br /&gt;
&lt;br /&gt;
# &#039;&#039;&#039;Phase 1 (Encrypt):&#039;&#039;&#039; Standard VPNs (OpenVPN, WireGuard) are encrypted but have obvious “fingerprints”.&lt;br /&gt;
# &#039;&#039;&#039;Phase 2 (Scramble):&#039;&#039;&#039; Tools like Shadowsocks and obfs4 encrypt and “scramble” traffic to look like “random” data.&lt;br /&gt;
# &#039;&#039;&#039;Phase 3 (Mimic):&#039;&#039;&#039; Tools like V2Ray and Trojan are designed to mimic standard, benign HTTPS traffic.&lt;br /&gt;
# &#039;&#039;&#039;Phase 4 (Be Indistinguishable):&#039;&#039;&#039; Tools like Naïve Proxy reuse the actual network stack from a real browser (Chrome) to be bit-for-bit indistinguishable.&lt;br /&gt;
&lt;br /&gt;
== [https://shadowsocks.org/ Shadow Socks] ==&lt;br /&gt;
A fast, encrypted SOCKS5 proxy. It is not a full VPN. Originally created in 2012 by “clowwindy” specifically to bypass the Great Firewall (GFW) of China. Its strength is its simplicity and its use of modern AEAD ciphers. It “disguises” traffic to look like HTTPS but does not explicitly mimic another protocol.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Fast and Lightweight:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Generally faster than full VPNs and complex multi-layered tools.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Selective:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Easy to configure which traffic goes through it (e.g., using a PAC file).&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Detectable by Advanced DPI:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Advanced DPI can detect Shadowsocks traffic through traffic analysis and active probing.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not a Full VPN:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Does not tunnel all system traffic by default, it is your job to be sure everything uses it.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/v2fly/v2ray-core V2Ray] ==&lt;br /&gt;
A platform or framework for building proxies. It is not a single protocol, but a “box” that can manage multiple inbound and outbound protocols, transports, and advanced routing rules. By wrapping its proxy traffic inside Web Socket and TLS for example, it makes the traffic appear as standard, indistinguishable web traffic.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Extremely Flexible:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Can be configured to mimic HTTPS, run over Web Sockets, use QUIC, etc.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Resilient:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Its multiprotocol nature means it can be reconfigured if one method is blocked.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Advanced Routing:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Can selectively route traffic based on domain or IP.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Complex:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Requires understanding of its complex concepts of inbounds, outbounds, and transports.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Performance Overhead:&#039;&#039;&#039;&amp;lt;/span&amp;gt; In some methods layered encryption adds latency.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;VMess is Detectable:&#039;&#039;&#039;&amp;lt;/span&amp;gt; The original VMess protocol is now considered detectable by advanced GFW packet sniffing.&lt;br /&gt;
&lt;br /&gt;
=== V2Ray Protocols: VMess vs. VLESS ===&lt;br /&gt;
* &#039;&#039;&#039;VMess:&#039;&#039;&#039; The original, feature-rich protocol for V2Ray. It has its own built-in encryption and authentication methods. It is considered more “heavy” and less safe against modern GFW probing.&lt;br /&gt;
* &#039;&#039;&#039;VLESS:&#039;&#039;&#039; A newer, lightweight protocol. It removes VMess&#039;s built-in encryption layer and delegates security to the underlying transport layer, such as TLS. This simplifies the handshake, improves speed, and makes it more indistinguishable from a standard HTTPS website.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/XTLS/Xray-core X-ray] ==&lt;br /&gt;
A high-performance, open-source proxy platform and a fork of V2Ray. Developed by the XTLS community. Xray-core supports all of V2Ray&#039;s protocols and adds its own protocols. X-ray has a “direct encryption” technology that avoids the performance-draining “TLS-in-TLS” problem, resulting in lower latency and higher speeds.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Faster:&#039;&#039;&#039;&amp;lt;/span&amp;gt; X-ray with its new protocols is generally considered faster and more efficient.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Backward Compatible:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Acts as a drop-in, enhanced replacement for V2Ray-core.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Advanced Protocols:&#039;&#039;&#039;&amp;lt;/span&amp;gt; It is highly effective at mimicking standard web traffic.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Complexity:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Inherits all of V2Ray&#039;s complexity.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Less Documentation:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Newer technology with poorer documentation than established setups.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/trojan-gfw/trojan Trojan] ==&lt;br /&gt;
A proxy protocol that is specifically designed to perfectly imitate a real HTTPS server. It runs on a server, binds to port 443, and simultaneously serves a real, working website. This makes it highly resistant to the “active probing” techniques.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Extremely Stealthy:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Mimics HTTPS perfectly and serves a real website as a disguise.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;High Performance:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Simpler protocol that uses TLS directly.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Requires a Domain Name:&#039;&#039;&#039;&amp;lt;/span&amp;gt; You must have a registered domain name and a valid SSL/TLS certificate.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Vulnerable to TLS-in-TLS Detection:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Censors have started detecting the “TLS-in-TLS” pattern.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/klzgrad/naiveproxy Naïve Proxy] ==&lt;br /&gt;
A proxy that re-uses the network stack from the Chromium browser to camouflage its traffic. A “Phase 4” tool. It uses HTTP/2 multiplexing, HTTP/2 traffic padding, and the exact TLS handshake of a real Chrome browser.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;The “Most” Stealthy:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Arguably the most advanced tool for defeating traffic analysis and fingerprinting.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;High Performance:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Leverages Chrome&#039;s high-performance HTTP/2 stack.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Complex:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Requires a Caddy server with a specific plugin, domain name, and TLS cert.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Still a Proxy:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Not a full system-wide VPN.&lt;br /&gt;
&lt;br /&gt;
= Self-Hosted VPN/Proxy Suites =&lt;br /&gt;
Instead of trusting a commercial VPN, these scripts automate the setup of a private server on a cloud provider.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/trailofbits/algo Algo] ==&lt;br /&gt;
A set of Ansible scripts that automates the deployment of a minimalist, secure personal VPN. Created by Trail of Bits. It installs WireGuard and IKEv2/IPsec, deliberately excluding obfuscation tools.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Secure by Default:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Uses modern, strong protocols with secure ciphers.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Minimalist:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Includes only the minimal software you need.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Clientless (IKEv2):&#039;&#039;&#039;&amp;lt;/span&amp;gt; Supported natively by most OS.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not for Censorship Bypass:&#039;&#039;&#039;&amp;lt;/span&amp;gt; WireGuard and IKEv2 are easily detected and blocked by DPI.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Security Vulnerabilities:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Theoretical risk of MitM if the VPS is compromised due to self-signed certs.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/StreisandEffect/streisand Streisand] ==&lt;br /&gt;
Automates the deployment of a full suite of anti-censorship tools (“kitchen sink” approach). Installs WireGuard, OpenVPN, Shadowsocks, Trojan, Tor bridges, and more.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Extremely Versatile:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Gives the user many options to try if one is blocked.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Designed for Censorship:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Specifically designed for circumvention.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;“Kitchen Sink” Risk:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Dramatically increases the potential attack surface.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Less Secure Defaults:&#039;&#039;&#039;&amp;lt;/span&amp;gt; More permissive defaults than Algo.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Outdated:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Did not get updated for a long time.&lt;br /&gt;
&lt;br /&gt;
= Anonymity Networks &amp;amp; Pluggable Transports =&lt;br /&gt;
Designed for anonymity. However, to be anonymous, you first must be able to connect.&lt;br /&gt;
&lt;br /&gt;
== [https://www.torproject.org/ Tor Project] ==&lt;br /&gt;
A free, open-source network and browser that provides anonymity by routing traffic through a three-layer “onion” of volunteer-run relays.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Strong Anonymity:&#039;&#039;&#039;&amp;lt;/span&amp;gt; The most-studied tool for public-internet anonymity.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Pluggable Transports:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Built-in system to bypass blocking.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Easy to Use:&#039;&#039;&#039;&amp;lt;/span&amp;gt; The Tor Browser is a simple, all-in-one application.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Slow:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Sometimes impractical for streaming or large downloads.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Blocked by Default:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Relay lists are public and easily blocked.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Stigma:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Can attract suspicion from ISPs or law enforcement.&lt;br /&gt;
&lt;br /&gt;
=== Tor Pluggable Transports (PTs) ===&lt;br /&gt;
; obfs4&lt;br /&gt;
: The modern “scrambler” (Phase 2). Makes Tor traffic “look random, like nothing”. Can be blocked by whitelists.&lt;br /&gt;
; meek&lt;br /&gt;
: The “domain fronting” transport (Phase 3). Makes Tor traffic look like it&#039;s going to a major CDN. Very slow and fragile; major providers blocked it.&lt;br /&gt;
; Web Tunnel&lt;br /&gt;
: A newer transport that masks Tor traffic as a standard HTTPS connection.&lt;br /&gt;
; Snowflake&lt;br /&gt;
: A peer-to-peer transport. Connects to ephemeral proxies run by volunteers in their web browsers.&lt;br /&gt;
&lt;br /&gt;
== I2P (Invisible Internet Project) ==&lt;br /&gt;
A decentralized, anonymous network layer. Uses “Garlic Routing” which bundles multiple messages together and sends them through unidirectional tunnels.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Excellent for Hidden Services:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Optimized for “eepsites”.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Decentralized &amp;amp; Resilient:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Distributed and P2P-friendly.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Harder Analysis:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Unidirectional tunnels make traffic analysis harder.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not for Public Web Access:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Relies on volunteer-run “out proxies” which are few and slow.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Slow:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Complex P2P routing.&lt;br /&gt;
&lt;br /&gt;
= Decentralized &amp;amp; Federated &amp;amp; P2P Networks =&lt;br /&gt;
Censorship-resistance-by-design. If there is no single server, there is no single point to block.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/HelloZeroNet/ZeroNet Zero Net] ==&lt;br /&gt;
A decentralized, peer-to-peer web-like network. Uses Bitcoin cryptography for identity and BitTorrent to distribute content.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Extremely Censorship-Resistant:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Cannot be taken down by DMCA or government order.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Zero Hosting Cost:&#039;&#039;&#039;&amp;lt;/span&amp;gt; The audience provides the infrastructure.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Works Offline:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Browse “seeded” sites without internet.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not Anonymous by Default:&#039;&#039;&#039;&amp;lt;/span&amp;gt; IP is visible to peers.&lt;br /&gt;
&lt;br /&gt;
== [[wikipedia:Hyphanet|Hypha net (formerly Freenet)]] ==&lt;br /&gt;
A decentralized, P2P network where all users contribute disk space and bandwidth. Content is retrieved by a key, not a location. Nodes do not know what content they are storing.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Anonymous by Design:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Anonymity built-in for publishers and consumers.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Deniable Storage:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Plausible deniability for hosts.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;“Forgets” Content:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Unpopular data is eventually dropped.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Static Content Only:&#039;&#039;&#039;&amp;lt;/span&amp;gt; No dynamic sites.&lt;br /&gt;
&lt;br /&gt;
== [https://ipfs.tech/ IPFS] ==&lt;br /&gt;
A decentralized, peer-to-peer protocol. Uses content-based addressing (CID) instead of location-based addressing.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Highly Censorship-Resistant:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Content itself cannot be blocked.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Data Integrity:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Cryptographic CIDs guarantee the exact file.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not Anonymous by Default:&#039;&#039;&#039;&amp;lt;/span&amp;gt; IP is visible.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Content is Not Permanent:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Files disappear if not “pinned”.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Censorable at the Gateway:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Public gateways can filter content.&lt;br /&gt;
&lt;br /&gt;
== Torrenting ==&lt;br /&gt;
Files are distributed across thousands of users&#039; computers. Extremely resilient against takedowns.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Distributed &amp;amp; Fast:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Speeds up as more people host.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;No Central Logs:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Makes surveillance resource-intensive.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not Anonymous by Default:&#039;&#039;&#039;&amp;lt;/span&amp;gt; IPs are public.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Stigma:&#039;&#039;&#039;&amp;lt;/span&amp;gt; ISPs actively throttle or block torrents.&lt;br /&gt;
&lt;br /&gt;
= Emerging Privacy Protocols (DNS/TLS) =&lt;br /&gt;
&lt;br /&gt;
== DNS-over-HTTPS (DoH) / DNS-over-TLS (DoT) / DNS Crypt ==&lt;br /&gt;
Protocols that encrypt DNS queries to prevent tracking and poisoning.&lt;br /&gt;
* &#039;&#039;&#039;DoT:&#039;&#039;&#039; Dedicated port 853.&lt;br /&gt;
* &#039;&#039;&#039;DoH:&#039;&#039;&#039; Uses port 443 (standard web traffic).&lt;br /&gt;
* &#039;&#039;&#039;DNS Crypt:&#039;&#039;&#039; Encrypts payloads using public keys.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Bypasses DNS Filtering:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Primary benefit.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Stealthy (DoH):&#039;&#039;&#039;&amp;lt;/span&amp;gt; Indistinguishable from HTTPS.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;DoT is Easily Blocked:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Port 853 can be blocked.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Does Not Bypass DPI:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Useless if SNI or IP is blocked.&lt;br /&gt;
&lt;br /&gt;
== Encrypted Client Hello (ECH) ==&lt;br /&gt;
A TLS 1.3 extension that encrypts the SNI, closing the metadata leak in HTTPS.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Defeats SNI-Based DPI:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Makes this class of censorship obsolete.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Proactive &amp;amp; Native:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Protects all users by default when adopted.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not Yet Standard:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Not universally deployed.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Already Being Blocked:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Russia blocks ECH directly; China blocks encrypted DNS to prevent ECH.&lt;br /&gt;
&lt;br /&gt;
= Other Workarounds =&lt;br /&gt;
; Privacy Frontends&lt;br /&gt;
: Proxy traffic to upstream services. Upstream doesn&#039;t see your IP, but usually limited to specific websites and can be unstable.&lt;br /&gt;
; Website Mirrors&lt;br /&gt;
: Viewing alternative hosted versions of sites. Only some content has mirrors.&lt;br /&gt;
; Federated Services&lt;br /&gt;
: Distributed alternatives to centralized platforms. Can leak metadata.&lt;br /&gt;
&lt;br /&gt;
= Do you need a VPN? =&lt;br /&gt;
If one or more of these are true, a VPN may be necessary:&lt;br /&gt;
* Connecting to untrusted hotspots.&lt;br /&gt;
* Untrusted websites (IP loggers).&lt;br /&gt;
* Geo-blocked regularly.&lt;br /&gt;
* ISP blocks content.&lt;br /&gt;
* Lack of trust in ISP.&lt;br /&gt;
* Need servers in specific countries.&lt;br /&gt;
* ISP throttling.&lt;br /&gt;
&lt;br /&gt;
= Inclusion Criteria =&lt;br /&gt;
* &#039;&#039;&#039;Source Availability:&#039;&#039;&#039; Open-source projects preferred.&lt;br /&gt;
* &#039;&#039;&#039;Security:&#039;&#039;&#039; Strong security practices, audited code.&lt;br /&gt;
* &#039;&#039;&#039;Community Support:&#039;&#039;&#039; Active forums and issue trackers.&lt;br /&gt;
* &#039;&#039;&#039;Cost-Effectiveness:&#039;&#039;&#039; Fits budget requirements.&lt;br /&gt;
* &#039;&#039;&#039;No Walled Gardens:&#039;&#039;&#039; Prefer self-hosted or alternative client capable software.&lt;br /&gt;
* &#039;&#039;&#039;Proven Track Record:&#039;&#039;&#039; Mature projects.&lt;br /&gt;
&lt;br /&gt;
= Tor vs. I2P Comparison =&lt;br /&gt;
&#039;&#039;This part of the guide is taken from the [https://geti2p.net/en/comparison/tor i2p projects comparison page].&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
{| class=&amp;quot;wikitable&amp;quot; style=&amp;quot;width:100%; vertical-align:top;&amp;quot;&lt;br /&gt;
|-&lt;br /&gt;
! Benefits of Tor over I2P !! Benefits of I2P over Tor&lt;br /&gt;
|- style=&amp;quot;vertical-align:top;&amp;quot;&lt;br /&gt;
|&lt;br /&gt;
* Much bigger user base; highly visible academic and hacker community support.&lt;br /&gt;
* Solved scaling issues I2P hasn&#039;t addressed.&lt;br /&gt;
* Significant funding and funded developers.&lt;br /&gt;
* More resistant to state-level blocking due to TLS transport layer and bridges.&lt;br /&gt;
* Designed and optimized for exit traffic (large number of exit nodes).&lt;br /&gt;
* Better documentation, formal papers, and translations.&lt;br /&gt;
* More efficient memory usage.&lt;br /&gt;
* Low bandwidth overhead for client nodes.&lt;br /&gt;
* Centralized control efficiently addresses Sybil attacks.&lt;br /&gt;
* High capacity core nodes provide higher throughput and lower latency.&lt;br /&gt;
* Written in C.&lt;br /&gt;
|&lt;br /&gt;
* Designed and optimized for hidden services, which are much faster than in Tor.&lt;br /&gt;
* Fully distributed and self-organizing.&lt;br /&gt;
* Peers selected by continuous profiling rather than trusted claims.&lt;br /&gt;
* Floodfill peers (&amp;quot;directory servers&amp;quot;) are untrusted and vary.&lt;br /&gt;
* Small enough that it hasn&#039;t been blocked or DOSed much.&lt;br /&gt;
* Peer-to-peer friendly.&lt;br /&gt;
* Packet switched instead of circuit switched (transparent load balancing, resilience via parallel tunnels).&lt;br /&gt;
* Unidirectional tunnels instead of bidirectional circuits (doubles nodes an attacker must compromise).&lt;br /&gt;
* Short-lived tunnels decrease active attack vectors compared to Tor circuits.&lt;br /&gt;
* Essentially all peers participate in routing.&lt;br /&gt;
* Written in Java.&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
= See also (Resources) =&lt;br /&gt;
* [[wikipedia:Internet_censorship_circumvention|Internet censorship circumvention: Wikipedia]]&lt;br /&gt;
* [https://github.com/bol-van/zapret Zapret Documentation]&lt;br /&gt;
* [https://github.com/ValdikSS/GoodbyeDPI Goodbye DPI GitHub]&lt;br /&gt;
* [https://shadowsocks.org/ Shadowsocks Official]&lt;br /&gt;
* [https://github.com/v2fly/v2ray-core V2Ray Core]&lt;br /&gt;
* [https://github.com/XTLS/Xray-core X-ray Core]&lt;br /&gt;
* [https://tb-manual.torproject.org/circumvention/ Tor Circumvention Manual]&lt;br /&gt;
* [https://geti2p.net/ I2P Anonymous Network]&lt;br /&gt;
* [https://ooni.org/ OONI Open Observatory of Network Interference]&lt;br /&gt;
&lt;br /&gt;
[[Category:Internet Censorship]]&lt;br /&gt;
[[Category:Privacy Software]]&lt;br /&gt;
[[Category:Circumvention]]&lt;/div&gt;</summary>
		<author><name>Admin</name></author>
	</entry>
	<entry>
		<id>https://wiki.n216.dedyn.io/index.php?title=How_to_bypass_ISP_censorship&amp;diff=78</id>
		<title>How to bypass ISP censorship</title>
		<link rel="alternate" type="text/html" href="https://wiki.n216.dedyn.io/index.php?title=How_to_bypass_ISP_censorship&amp;diff=78"/>
		<updated>2026-06-05T14:49:56Z</updated>

		<summary type="html">&lt;p&gt;Admin: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&#039;&#039;A curated list of tools, protocols, and technologies for bypassing internet blocks, inspired by [https://github.com/danoctavian/awesome-anti-censorship this] project.&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
This list focuses on tools and strategies designed to defeat active network-level filtering, such as Deep Packet Inspection (DPI), DNS blocking, and protocol-level blacklisting.&lt;br /&gt;
&lt;br /&gt;
__TOC__&lt;br /&gt;
&lt;br /&gt;
= How Online Content is Blocked =&lt;br /&gt;
Internet blocks are multi-layered systems and not simple on/off switches. Bypassing them is similar to a cat-and-mouse game.&lt;br /&gt;
&lt;br /&gt;
Filtering mechanisms primarily include:&lt;br /&gt;
&lt;br /&gt;
; DNS Filtering / Poisoning / Hijacking&lt;br /&gt;
: The censor intercepts requests to resolve a domain name and either returns no answer or a false IP address. This is the simplest and most common form of blocking, but also the easiest to bypass in some cases. To bypass it, a third party (not from your ISP) DNS server should be used with a DNS protocol supporting encryption like DNS over HTTPS. If blocks are still in place, your ISP may be using DPI.&lt;br /&gt;
; Deep Packet Inspection (DPI)&lt;br /&gt;
: This is a more advanced method. State-level “middle boxes” (like Russia&#039;s TSPU or China&#039;s Great Firewall (GFW)) actively inspect the content of unencrypted (or encrypted for their own certificate authority) traffic. For encrypted traffic, they inspect the “metadata,” such as the Server Name Indication (SNI) in a TLS handshake. The SNI field, which states the domain you are visiting, is unencrypted and provides a simple way for censors to identify and block HTTPS connections. However, even when SNI is encrypted or absent, advanced middle boxes can infer your destination through non-SNI leaks. They achieve this by analyzing TLS fingerprints (like JA4 signatures), monitoring packet sizes and timing patterns to profile websites. Even if a client successfully hides the destination domain during the initial handshake (for instance, by omitting the SNI), censors can simply look at the plaintext certificate returned by the server in some cases. In standard TLS connections below version 1.3, the server sends its X.509 certificate completely unencrypted. Censors intercepting this packet instantly know exactly which website you are communicating with. Bypassing DPI requires specialized programs. If blocks are still in place, your ISP may be using IP blacklisting.&lt;br /&gt;
; IP Blacklisting&lt;br /&gt;
: The censor blocks all network traffic to and from known IP addresses associated with a “forbidden” service (e.g., a VPN provider&#039;s servers or a specific website). Bypassing this is harder and requires connecting to a proxy/VPN server that doesn&#039;t have these restrictions. This can create a chicken-and-egg problem, like a proxy/VPN service being IP blocked but needing a proxy/VPN to bypass it.&lt;br /&gt;
; Protocol Filtering&lt;br /&gt;
: The DPI system is configured to identify and block the “fingerprints” of circumvention protocols themselves. Standard OpenVPN and WireGuard traffic is easily identifiable and is a primary target for blocking. Ports of commonly used protocols can be blocked too (e.g., port 51820 can be blocked to prevent a WireGuard connection if there are no alternative ports).&lt;br /&gt;
&lt;br /&gt;
The tools in this list are all solutions to one or more of these methods. They either:&lt;br /&gt;
# Manipulate packets at a low level to confuse the DPI,&lt;br /&gt;
# Obfuscate (disguise) traffic to look like something benign and unblockable (like standard web traffic), or&lt;br /&gt;
# Decentralize content, so there is no single server to block.&lt;br /&gt;
&lt;br /&gt;
= Censorship Measurement Tools =&lt;br /&gt;
This is a “meta” category. Before you can bypass censorship, you must prove it is happening and understand how. These tools are not for circumvention, but for detection. They are critical for activists, journalists, and researchers.&lt;br /&gt;
&lt;br /&gt;
== [https://ooni.org/ OONI Probe] ==&lt;br /&gt;
The Open Observatory of Network Interference. A free, open-source software and global network for measuring internet censorship. A project born out of The Tor Project, now an independent non-profit. Volunteers run the OONI Probe app on their mobile devices or computers from within 241 countries. The results are aggregated and published on the public OONI Explorer website. It is used to increase transparency, document censorship events globally, and provide hard, verifiable evidence of network interference and blocking.&lt;br /&gt;
&lt;br /&gt;
The app runs a series of tests to check for censorship:&lt;br /&gt;
* &#039;&#039;&#039;Web Connectivity:&#039;&#039;&#039; It tries to access a list of websites (including globally and locally sensitive ones) from the user&#039;s network and from a control network, then compares the results.&lt;br /&gt;
* &#039;&#039;&#039;App Blocking:&#039;&#039;&#039; It tests for blocks on specific apps like WhatsApp, Telegram, and Signal.&lt;br /&gt;
* &#039;&#039;&#039;Circumvention Tool Blocking:&#039;&#039;&#039; It tests if circumvention tools themselves (like Tor, Psiphon, and Lantern) are reachable.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Provides Hard Evidence:&#039;&#039;&#039;&amp;lt;/span&amp;gt; It is the best tool for scientifically proving how and what is being censored on a specific network.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Global &amp;amp; Open Data:&#039;&#039;&#039;&amp;lt;/span&amp;gt; All data is publicly available for analysis, which is an invaluable resource for researchers, journalists, and human rights organizations.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Easy to Use:&#039;&#039;&#039;&amp;lt;/span&amp;gt; The mobile app is simple for non-technical volunteers to run.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Potential Risk to User:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Running OONI Probe is not anonymous. Your ISP and any network monitor can see that you are running it. While OONI states the risk is “theoretical” and no user has faced consequences, this is a real risk in high-stakes environments.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Provocative Tests:&#039;&#039;&#039;&amp;lt;/span&amp;gt; The app intentionally tests “provocative or objectionable sites (e.g., pornography)”, which might be illegal to even attempt to access in some countries, regardless of intent.&lt;br /&gt;
&lt;br /&gt;
= TLDR: I need a tool now! What should I use? =&lt;br /&gt;
&#039;&#039;If you are in a risky situation, please do your research and do not trust any single source (including this one). These quick recommendations are for people with less sensitive threat models.&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
{| class=&amp;quot;wikitable&amp;quot;&lt;br /&gt;
|-&lt;br /&gt;
! Level !! Recommendation&lt;br /&gt;
|-&lt;br /&gt;
| &#039;&#039;&#039;Level 1&#039;&#039;&#039; || DNS over HTTPS (DNS over TLS can be blocked but it may be an easier solution if you use Android &amp;gt;9 since it is built-in) + Encrypted Client Hello (supported by most modern browsers)&lt;br /&gt;
|-&lt;br /&gt;
| &#039;&#039;&#039;Level 2&#039;&#039;&#039; || Level 1 + DPI bypassing (Zapret/GoodbyeDPI/gecit/DPI Tunnel v2/PowerTunnel)&lt;br /&gt;
|-&lt;br /&gt;
| &#039;&#039;&#039;Level 3&#039;&#039;&#039; || Level 2 + WireGuard (preferably with AmneziaWG protocol)&lt;br /&gt;
|-&lt;br /&gt;
| &#039;&#039;&#039;Level 4&#039;&#039;&#039; || Level 3 + tools similar to V2Ray or DNS tunneling (slow)&lt;br /&gt;
|-&lt;br /&gt;
| &#039;&#039;&#039;Level 5&#039;&#039;&#039; || &#039;&#039;&#039;Do Your Own Research If You Still Can&#039;t Connect to Websites&#039;&#039;&#039;&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
= Local DPI Bypass Tools =&lt;br /&gt;
This category of tools is fundamentally different from VPNs. They allow access to specific blocked services without the disruptive side effects of a VPN, such as changing your IP address. They also don&#039;t bypass IP blacklisting. &lt;br /&gt;
&lt;br /&gt;
These tools work by “desynchronizing” the censor&#039;s view of the network connection from the server&#039;s, causing the inspection to fail while allowing the real connection to proceed. They provide no extra encryption or anonymity; your ISP can still see what sites you are visiting, but their automated blocking mechanism is fooled.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/bol-van/zapret Zapret] ==&lt;br /&gt;
A stand-alone, high-performance DPI circumvention tool designed to “desynchronize” DPI systems by manipulating network packets at a low level. Zapret was created primarily to target the “Sovereign Internet” (RuNet) blocking system in Russia.&lt;br /&gt;
&lt;br /&gt;
Zapret is designed to run on a Linux-based gateway, such as a home router running OpenWrt or directly on a user&#039;s Linux desktop.&lt;br /&gt;
&lt;br /&gt;
Zapret uses low-level packet manipulation via components like &amp;lt;code&amp;gt;nfqws&amp;lt;/code&amp;gt; and &amp;lt;code&amp;gt;tpws&amp;lt;/code&amp;gt;. It employs a variety of “DPI desync” techniques, which can be configured by the user. These include sending fake packets (e.g., with the &amp;lt;code&amp;gt;--dpi-desync=fake&amp;lt;/code&amp;gt; parameter), fragmenting packets (&amp;lt;code&amp;gt;--dpi-desync=fakedsplit&amp;lt;/code&amp;gt;), and modifying packet checksums or TTLs to “fool” the inspection system (&amp;lt;code&amp;gt;--dpi-desync-fooling=badsum&amp;lt;/code&amp;gt;). The tool includes a &amp;lt;code&amp;gt;blockcheck.sh&amp;lt;/code&amp;gt; script that a user can run to test and identify the most effective desync parameters for their specific ISP.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;High Performance:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Adds negligible latency. Because it typically only manipulates the first few packets of a connection to break the DPI&#039;s state, it is significantly faster than a full tunnel.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;No IP Change:&#039;&#039;&#039;&amp;lt;/span&amp;gt; This is its most significant advantage. It does not change your public IP address, making it ideal for accessing local, geo-restricted services (like banking, streaming, or city services) that would be broken by a VPN. It also does not need to trust any third party servers.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Transparent:&#039;&#039;&#039;&amp;lt;/span&amp;gt; When installed on a router, it works transparently for all devices on the network (phones, computers, consoles) with no client-side software required.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Adaptive:&#039;&#039;&#039;&amp;lt;/span&amp;gt; It is highly configurable to adapt to the specific, evolving DPI strategies used by different ISPs and nation-states.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;No Extra Privacy or Anonymity:&#039;&#039;&#039;&amp;lt;/span&amp;gt; This is important to know. Zapret does not provide extra privacy or anonymity. Your ISP can still see which sites you are visiting; the tool just prevents the automated block to provide access.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Specific Use Case:&#039;&#039;&#039;&amp;lt;/span&amp;gt; It only defeats DPI. It does not bypass DNS-level blocking (it must be paired with an encrypted DNS service like DoH/DoT) or IP-address-level bans.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/ValdikSS/GoodbyeDPI Goodbye DPI] ==&lt;br /&gt;
A user-friendly DPI circumvention utility designed specifically for the Windows operating system. It runs on a user&#039;s local Windows PC (versions 7 through 11 are supported). It works by installing a Windows filter driver to intercept and modify packets as they leave the machine. It employs multiple methods simultaneously to be effective against a wide range of DPI systems. These methods include: TCP-level fragmentation, HTTP header manipulation (e.g., replacing Host with hoSt, or removing spaces), and sending fake packets with low TTLs to “poison” the DPI&#039;s state and cause it to fail. It also includes modes to redirect DNS requests to non-standard ports to bypass simple DNS poisoning.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Easy to Use:&#039;&#039;&#039;&amp;lt;/span&amp;gt; This is its primary advantage. It is ideal for non-technical Windows users. The most common use case involves just running a single &amp;lt;code&amp;gt;.cmd&amp;lt;/code&amp;gt; script.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;No IP Change:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Shares the same benefits as Zapret; it does not interfere with local, geo-restricted services. Also, no third party to trust.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Effective:&#039;&#039;&#039;&amp;lt;/span&amp;gt; It is designed to actively bypass both “Passive DPI” (which tries to “race” the real server with a fake reset packet) and “Active DPI” (which sits in-line and modifies traffic).&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;No Extra Privacy or Anonymity:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Like Zapret, this provides no extra encryption and is not a privacy tool. It is for access only.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/boratanrikulu/gecit Gecit] ==&lt;br /&gt;
A DPI circumvention utility designed to use eBPF on Linux devices. The advantage of using eBPF is that the program can modify packets faster and at kernel level. It sends fake packets with low TTLs to “poison” the DPI&#039;s state and cause it to fail. It also includes modes to use DNS over HTTPS to bypass simple DNS poisoning.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Easy to Use:&#039;&#039;&#039;&amp;lt;/span&amp;gt; It is ideal for non-technical users too. The most common use case involves just running a single script which installs the tool automatically.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;No IP Change:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Shares the same benefits as Zapret; it does not interfere with local, geo-restricted services. Also, no third party to trust.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;No Extra Privacy or Anonymity:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Like Zapret, this provides no extra encryption and is not a privacy tool. It is for access only.&lt;br /&gt;
&lt;br /&gt;
== Mobile DPI Bypass Tools ==&lt;br /&gt;
Stand-alone, open-source DPI circumvention tools exists on mobile devices too. They are mostly inspired by Zapret. The catch being not being capable as tools designed for computers. They mostly rely on 3 ways to see the packets. Having root, giving the VPN slot to the app, setting up a proxy inside your phone. You will usually have to set the bypass rules manually. Most popular ones are “DPI Tunnel v2”, “Bye DPI”, “Power Tunnel”. They don&#039;t increase battery usage that much compared to VPNs.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;High Performance:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Adds negligible latency. It is significantly faster than a full tunnel. &lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;No IP Change:&#039;&#039;&#039;&amp;lt;/span&amp;gt; It does not change your public IP address, making it ideal for accessing local, geo-restricted services (like banking, streaming, or city services) that would be broken by a VPN. It also does not need to trust any third party servers.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Easy to Use:&#039;&#039;&#039;&amp;lt;/span&amp;gt; After initial configuration, enabling or disabling is only one press.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;No Extra Privacy or Anonymity:&#039;&#039;&#039;&amp;lt;/span&amp;gt; These tools don&#039;t provide extra privacy or anonymity. Your ISP/GSM can still see which sites you are visiting; the tool just prevents the automated block to provide access.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Needs either root or a VPN slot:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Android only allows one active VPN slot at a time. If you are running a DPI bypass app, you cannot simultaneously run a standard VPN or a system-wide ad blocker without root.&lt;br /&gt;
&lt;br /&gt;
= Standard (Non-Obfuscated) Protocols =&lt;br /&gt;
This category includes the standard, “baseline” protocols for proxies and VPNs. These tools are not designed for censorship circumvention and are the primary targets for blocking. Their distinct protocol “fingerprints” make them easy for DPI systems to identify and filter. They are included here as a baseline to illustrate why the more advanced, obfuscated tools in the next section are necessary.&lt;br /&gt;
&lt;br /&gt;
== [https://www.wireguard.com/ WireGuard] ==&lt;br /&gt;
An extremely simple, fast, and modern VPN (Virtual Private Network) protocol. A modern protocol (initial release 2015) that is now part of the Linux kernel. Runs on client and server machines, supported natively or via apps on all major operating systems. It uses state-of-the-art cryptography and has a very small, auditable code base (under 4,000 lines of code). It operates over UDP.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Extremely Fast:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Significantly higher performance and lower latency compared to OpenVPN, due to its lightweight code and modern encryption.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Simple &amp;amp; Secure:&#039;&#039;&#039;&amp;lt;/span&amp;gt; A small code base makes it easier to audit and less susceptible to attack.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Quick Reconnects:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Connects and reconnects almost instantly, making it ideal for mobile devices switching between Wi-Fi and cellular data.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Easily Blocked:&#039;&#039;&#039;&amp;lt;/span&amp;gt; This is its key weakness for censorship. It has a distinct, recognizable protocol fingerprint. It is not designed to bypass DPI and is actively blocked in countries like China and Russia. Protocols like AmneziaWG (modified version of WireGuard designed to prevent DPI) should be used when possible.&lt;br /&gt;
&lt;br /&gt;
== [https://openvpn.net/ OpenVPN] ==&lt;br /&gt;
A mature, open-source, and highly configurable VPN protocol. First released in 2001, it has been the industry standard for over two decades. It uses a custom security protocol based on SSL/TLS. It can run over either TCP or UDP, which makes it flexible.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Mature:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Battle-tested and thoroughly audited for decades.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Flexible:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Can be configured to run over any port and use either TCP or UDP.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Easily Blocked:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Like WireGuard, its handshake is very distinct and easily identified and blocked by DPI systems.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Slow:&#039;&#039;&#039;&amp;lt;/span&amp;gt; It is much slower and has higher latency than WireGuard. Its code base is big (400,000+ lines).&lt;br /&gt;
&lt;br /&gt;
== [https://en.wikipedia.org/wiki/IKEv2 IKEv2/IPsec] ==&lt;br /&gt;
A secure, standards-based VPN protocol (Internet Key Exchange version 2). Developed by Microsoft and Cisco, and standardized by the IETF. Native to most modern operating systems. It is often used in self-hosted setups (like Algo).&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Native Support:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Supported “out of the box” by Windows, Android, macOS, and iOS.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Stable:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Very good at re-establishing a connection quickly when a network drops.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Easily Blocked:&#039;&#039;&#039;&amp;lt;/span&amp;gt; It is not a circumvention tool and is easily detected and blocked by DPI.&lt;br /&gt;
&lt;br /&gt;
== [https://en.wikipedia.org/wiki/SOCKS SOCKS] ==&lt;br /&gt;
A low-level proxy protocol that can route virtually any type of network traffic from any application (SOCKS5 since 1996). A client application sends traffic to a SOCKS5 server, which then forwards it to the final destination. It operates at Layer 5 (the Session Layer).&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Extremely Versatile:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Can handle any type of traffic, including web, P2P, gaming, and email.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not Encrypted:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Provides zero encryption by itself. All traffic is sent in the clear and is fully visible to an ISP.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Trivially Blocked:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Unencrypted, identifiable traffic is extremely easy for any DPI system to inspect and block.&lt;br /&gt;
&lt;br /&gt;
== [https://en.wikipedia.org/wiki/Proxy_server HTTP(S) Proxies / Web Proxies] ==&lt;br /&gt;
A basic, high-level proxy protocol designed exclusively for web (HTTP and HTTPS) traffic. Primarily used by web browsers. It operates at Layer 7 (the Application Layer).&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Simple:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Easy to set up and widely supported by all browsers.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Extremely Limited:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Only works for web traffic.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not Encrypted:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Provides no encryption for your connection to the proxy (when no HTTPS).&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not Anonymous:&#039;&#039;&#039;&amp;lt;/span&amp;gt; HTTP proxies typically add headers (like X-Forwarded-For) that identify the original user&#039;s IP address.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Trivially Blocked:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Very easy to detect and block.&lt;br /&gt;
&lt;br /&gt;
= Obfuscated Proxy Protocols &amp;amp; Platforms =&lt;br /&gt;
This category represents the “engine” for most modern, robust circumvention. The development of these protocols illustrates the “cat-and-mouse” arms race.&lt;br /&gt;
&lt;br /&gt;
# &#039;&#039;&#039;Phase 1 (Encrypt):&#039;&#039;&#039; Standard VPNs (OpenVPN, WireGuard) are encrypted but have obvious “fingerprints”.&lt;br /&gt;
# &#039;&#039;&#039;Phase 2 (Scramble):&#039;&#039;&#039; Tools like Shadowsocks and obfs4 encrypt and “scramble” traffic to look like “random” data.&lt;br /&gt;
# &#039;&#039;&#039;Phase 3 (Mimic):&#039;&#039;&#039; Tools like V2Ray and Trojan are designed to mimic standard, benign HTTPS traffic.&lt;br /&gt;
# &#039;&#039;&#039;Phase 4 (Be Indistinguishable):&#039;&#039;&#039; Tools like Naïve Proxy reuse the actual network stack from a real browser (Chrome) to be bit-for-bit indistinguishable.&lt;br /&gt;
&lt;br /&gt;
== [https://shadowsocks.org/ Shadow Socks] ==&lt;br /&gt;
A fast, encrypted SOCKS5 proxy. It is not a full VPN. Originally created in 2012 by “clowwindy” specifically to bypass the Great Firewall (GFW) of China. Its strength is its simplicity and its use of modern AEAD ciphers. It “disguises” traffic to look like HTTPS but does not explicitly mimic another protocol.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Fast and Lightweight:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Generally faster than full VPNs and complex multi-layered tools.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Selective:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Easy to configure which traffic goes through it (e.g., using a PAC file).&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Detectable by Advanced DPI:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Advanced DPI can detect Shadowsocks traffic through traffic analysis and active probing.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not a Full VPN:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Does not tunnel all system traffic by default, it is your job to be sure everything uses it.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/v2fly/v2ray-core V2Ray] ==&lt;br /&gt;
A platform or framework for building proxies. It is not a single protocol, but a “box” that can manage multiple inbound and outbound protocols, transports, and advanced routing rules. By wrapping its proxy traffic inside Web Socket and TLS for example, it makes the traffic appear as standard, indistinguishable HTTPS traffic.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Extremely Flexible:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Can be configured to mimic HTTPS, run over Web Sockets, use QUIC, etc.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Resilient:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Its multiprotocol nature means it can be reconfigured if one method is blocked.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Advanced Routing:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Can selectively route traffic based on domain or IP.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Complex:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Requires understanding of its complex concepts of inbounds, outbounds, and transports.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Performance Overhead:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Layered encryption adds significant latency.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;VMess is Detectable:&#039;&#039;&#039;&amp;lt;/span&amp;gt; The original VMess protocol is now considered detectable by advanced GFW packet sniffing.&lt;br /&gt;
&lt;br /&gt;
=== V2Ray Protocols: VMess vs. VLESS ===&lt;br /&gt;
* &#039;&#039;&#039;VMess:&#039;&#039;&#039; The original, feature-rich protocol for V2Ray. It has its own built-in encryption and authentication methods. It is considered more “heavy” and less safe against modern GFW probing.&lt;br /&gt;
* &#039;&#039;&#039;VLESS:&#039;&#039;&#039; A newer, lightweight protocol. It removes VMess&#039;s built-in encryption layer and delegates security to the underlying transport layer, such as TLS. This simplifies the handshake, improves speed, and makes it more indistinguishable from a standard HTTPS website.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/XTLS/Xray-core X-ray] ==&lt;br /&gt;
A high-performance, open-source proxy platform and a fork of V2Ray. Developed by the XTLS community. Xray-core supports all of V2Ray&#039;s protocols and adds XTLS. XTLS is a “direct encryption” technology that avoids the performance-draining “TLS-in-TLS” problem, resulting in lower latency and higher speeds than most VLESS configurations.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Faster:&#039;&#039;&#039;&amp;lt;/span&amp;gt; X-ray with its XTLS protocol is generally considered faster and more efficient.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Backward Compatible:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Acts as a drop-in, enhanced replacement for V2Ray-core.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Advanced Protocols:&#039;&#039;&#039;&amp;lt;/span&amp;gt; VLESS and XTLS are highly effective at mimicking standard web traffic.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Complexity:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Inherits all of V2Ray&#039;s complexity.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Less Documentation:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Newer technology with poorer documentation than established setups.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/trojan-gfw/trojan Trojan] ==&lt;br /&gt;
A proxy protocol that is specifically designed to perfectly imitate a real HTTPS server. It runs on a server, binds to port 443, and simultaneously serves a real, working website. This makes it highly resistant to the “active probing” techniques.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Extremely Stealthy:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Mimics HTTPS perfectly and serves a real website as a disguise.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;High Performance:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Simpler protocol that uses TLS directly.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Requires a Domain Name:&#039;&#039;&#039;&amp;lt;/span&amp;gt; You must have a registered domain name and a valid SSL/TLS certificate.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Vulnerable to TLS-in-TLS Detection:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Censors have started detecting the “TLS-in-TLS” pattern.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/klzgrad/naiveproxy Naïve Proxy] ==&lt;br /&gt;
A proxy that re-uses the network stack from the Chromium browser to camouflage its traffic. A “Phase 4” tool. It uses HTTP/2 multiplexing, HTTP/2 traffic padding, and the exact TLS handshake of a real Chrome browser.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;The “Most” Stealthy:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Arguably the most advanced tool for defeating traffic analysis and fingerprinting.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;High Performance:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Leverages Chrome&#039;s high-performance HTTP/2 stack.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Complex:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Requires a Caddy server with a specific plugin, domain name, and TLS cert.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Still a Proxy:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Not a full system-wide VPN.&lt;br /&gt;
&lt;br /&gt;
= Self-Hosted VPN/Proxy Suites =&lt;br /&gt;
Instead of trusting a commercial VPN, these scripts automate the setup of a private server on a cloud provider.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/trailofbits/algo Algo] ==&lt;br /&gt;
A set of Ansible scripts that automates the deployment of a minimalist, secure personal VPN. Created by Trail of Bits. It installs WireGuard and IKEv2/IPsec, deliberately excluding obfuscation tools.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Secure by Default:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Uses modern, strong protocols with secure ciphers.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Minimalist:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Includes only the minimal software you need.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Clientless (IKEv2):&#039;&#039;&#039;&amp;lt;/span&amp;gt; Supported natively by most OS.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not for Censorship Bypass:&#039;&#039;&#039;&amp;lt;/span&amp;gt; WireGuard and IKEv2 are easily detected and blocked by DPI.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Security Vulnerabilities:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Theoretical risk of MitM if the VPS is compromised due to self-signed certs.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/StreisandEffect/streisand Streisand] ==&lt;br /&gt;
Automates the deployment of a full suite of anti-censorship tools (“kitchen sink” approach). Installs WireGuard, OpenVPN, Shadowsocks, Trojan, Tor bridges, and more.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Extremely Versatile:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Gives the user many options to try if one is blocked.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Designed for Censorship:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Specifically designed for circumvention.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;“Kitchen Sink” Risk:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Dramatically increases the potential attack surface.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Less Secure Defaults:&#039;&#039;&#039;&amp;lt;/span&amp;gt; More permissive defaults than Algo.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Outdated:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Did not get updated for a long time.&lt;br /&gt;
&lt;br /&gt;
= Anonymity Networks &amp;amp; Pluggable Transports =&lt;br /&gt;
Designed for anonymity. However, to be anonymous, you first must be able to connect.&lt;br /&gt;
&lt;br /&gt;
== [https://www.torproject.org/ Tor Project] ==&lt;br /&gt;
A free, open-source network and browser that provides anonymity by routing traffic through a three-layer “onion” of volunteer-run relays.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Strong Anonymity:&#039;&#039;&#039;&amp;lt;/span&amp;gt; The most-studied tool for public-internet anonymity.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Pluggable Transports:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Built-in system to bypass blocking.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Easy to Use:&#039;&#039;&#039;&amp;lt;/span&amp;gt; The Tor Browser is a simple, all-in-one application.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Slow:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Sometimes impractical for streaming or large downloads.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Blocked by Default:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Relay lists are public and easily blocked.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Stigma:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Can attract suspicion from ISPs or law enforcement.&lt;br /&gt;
&lt;br /&gt;
=== Tor Pluggable Transports (PTs) ===&lt;br /&gt;
; obfs4&lt;br /&gt;
: The modern “scrambler” (Phase 2). Makes Tor traffic “look random, like nothing”. Can be blocked by whitelists.&lt;br /&gt;
; meek&lt;br /&gt;
: The “domain fronting” transport (Phase 3). Makes Tor traffic look like it&#039;s going to a major CDN. Very slow and fragile; major providers blocked it.&lt;br /&gt;
; Web Tunnel&lt;br /&gt;
: A newer transport that masks Tor traffic as a standard HTTPS connection.&lt;br /&gt;
; Snowflake&lt;br /&gt;
: A peer-to-peer transport. Connects to ephemeral proxies run by volunteers in their web browsers.&lt;br /&gt;
&lt;br /&gt;
== I2P (Invisible Internet Project) ==&lt;br /&gt;
A decentralized, anonymous network layer. Uses “Garlic Routing” which bundles multiple messages together and sends them through unidirectional tunnels.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Excellent for Hidden Services:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Optimized for “eepsites”.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Decentralized &amp;amp; Resilient:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Distributed and P2P-friendly.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Harder Analysis:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Unidirectional tunnels make traffic analysis harder.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not for Public Web Access:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Relies on volunteer-run “out proxies” which are few and slow.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Slow:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Complex P2P routing.&lt;br /&gt;
&lt;br /&gt;
= Decentralized &amp;amp; Federated &amp;amp; P2P Networks =&lt;br /&gt;
Censorship-resistance-by-design. If there is no single server, there is no single point to block.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/HelloZeroNet/ZeroNet Zero Net] ==&lt;br /&gt;
A decentralized, peer-to-peer web-like network. Uses Bitcoin cryptography for identity and BitTorrent to distribute content.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Extremely Censorship-Resistant:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Cannot be taken down by DMCA or government order.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Zero Hosting Cost:&#039;&#039;&#039;&amp;lt;/span&amp;gt; The audience provides the infrastructure.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Works Offline:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Browse “seeded” sites without internet.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not Anonymous by Default:&#039;&#039;&#039;&amp;lt;/span&amp;gt; IP is visible to peers.&lt;br /&gt;
&lt;br /&gt;
== [[wikipedia:Hyphanet|Hypha net (formerly Freenet)]] ==&lt;br /&gt;
A decentralized, P2P network where all users contribute disk space and bandwidth. Content is retrieved by a key, not a location. Nodes do not know what content they are storing.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Anonymous by Design:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Anonymity built-in for publishers and consumers.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Deniable Storage:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Plausible deniability for hosts.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;“Forgets” Content:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Unpopular data is eventually dropped.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Static Content Only:&#039;&#039;&#039;&amp;lt;/span&amp;gt; No dynamic sites.&lt;br /&gt;
&lt;br /&gt;
== [https://ipfs.tech/ IPFS] ==&lt;br /&gt;
A decentralized, peer-to-peer protocol. Uses content-based addressing (CID) instead of location-based addressing.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Highly Censorship-Resistant:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Content itself cannot be blocked.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Data Integrity:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Cryptographic CIDs guarantee the exact file.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not Anonymous by Default:&#039;&#039;&#039;&amp;lt;/span&amp;gt; IP is visible.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Content is Not Permanent:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Files disappear if not “pinned”.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Censorable at the Gateway:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Public gateways can filter content.&lt;br /&gt;
&lt;br /&gt;
== Torrenting ==&lt;br /&gt;
Files are distributed across thousands of users&#039; computers. Extremely resilient against takedowns.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Distributed &amp;amp; Fast:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Speeds up as more people host.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;No Central Logs:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Makes surveillance resource-intensive.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not Anonymous by Default:&#039;&#039;&#039;&amp;lt;/span&amp;gt; IPs are public.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Stigma:&#039;&#039;&#039;&amp;lt;/span&amp;gt; ISPs actively throttle or block torrents.&lt;br /&gt;
&lt;br /&gt;
= Emerging Privacy Protocols (DNS/TLS) =&lt;br /&gt;
&lt;br /&gt;
== DNS-over-HTTPS (DoH) / DNS-over-TLS (DoT) / DNS Crypt ==&lt;br /&gt;
Protocols that encrypt DNS queries to prevent tracking and poisoning.&lt;br /&gt;
* &#039;&#039;&#039;DoT:&#039;&#039;&#039; Dedicated port 853.&lt;br /&gt;
* &#039;&#039;&#039;DoH:&#039;&#039;&#039; Uses port 443 (standard web traffic).&lt;br /&gt;
* &#039;&#039;&#039;DNS Crypt:&#039;&#039;&#039; Encrypts payloads using public keys.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Bypasses DNS Filtering:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Primary benefit.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Stealthy (DoH):&#039;&#039;&#039;&amp;lt;/span&amp;gt; Indistinguishable from HTTPS.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;DoT is Easily Blocked:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Port 853 can be blocked.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Does Not Bypass DPI:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Useless if SNI or IP is blocked.&lt;br /&gt;
&lt;br /&gt;
== Encrypted Client Hello (ECH) ==&lt;br /&gt;
A TLS 1.3 extension that encrypts the SNI, closing the metadata leak in HTTPS.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Defeats SNI-Based DPI:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Makes this class of censorship obsolete.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Proactive &amp;amp; Native:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Protects all users by default when adopted.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not Yet Standard:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Not universally deployed.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Already Being Blocked:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Russia blocks ECH directly; China blocks encrypted DNS to prevent ECH.&lt;br /&gt;
&lt;br /&gt;
= Other Workarounds =&lt;br /&gt;
; Privacy Frontends&lt;br /&gt;
: Proxy traffic to upstream services. Upstream doesn&#039;t see your IP, but usually limited to specific websites and can be unstable.&lt;br /&gt;
; Website Mirrors&lt;br /&gt;
: Viewing alternative hosted versions of sites. Only some content has mirrors.&lt;br /&gt;
; Federated Services&lt;br /&gt;
: Distributed alternatives to centralized platforms. Can leak metadata.&lt;br /&gt;
&lt;br /&gt;
= Do you need a VPN? =&lt;br /&gt;
If one or more of these are true, a VPN may be necessary:&lt;br /&gt;
* Connecting to untrusted hotspots.&lt;br /&gt;
* Untrusted websites (IP loggers).&lt;br /&gt;
* Geo-blocked regularly.&lt;br /&gt;
* ISP blocks content.&lt;br /&gt;
* Lack of trust in ISP.&lt;br /&gt;
* Need servers in specific countries.&lt;br /&gt;
* ISP throttling.&lt;br /&gt;
&lt;br /&gt;
= Inclusion Criteria =&lt;br /&gt;
* &#039;&#039;&#039;Source Availability:&#039;&#039;&#039; Open-source projects preferred.&lt;br /&gt;
* &#039;&#039;&#039;Security:&#039;&#039;&#039; Strong security practices, audited code.&lt;br /&gt;
* &#039;&#039;&#039;Community Support:&#039;&#039;&#039; Active forums and issue trackers.&lt;br /&gt;
* &#039;&#039;&#039;Cost-Effectiveness:&#039;&#039;&#039; Fits budget requirements.&lt;br /&gt;
* &#039;&#039;&#039;No Walled Gardens:&#039;&#039;&#039; Prefer self-hosted or alternative client capable software.&lt;br /&gt;
* &#039;&#039;&#039;Proven Track Record:&#039;&#039;&#039; Mature projects.&lt;br /&gt;
&lt;br /&gt;
= Tor vs. I2P Comparison =&lt;br /&gt;
&#039;&#039;This part of the guide is taken from the [https://geti2p.net/en/comparison/tor i2p projects comparison page].&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
{| class=&amp;quot;wikitable&amp;quot; style=&amp;quot;width:100%; vertical-align:top;&amp;quot;&lt;br /&gt;
|-&lt;br /&gt;
! Benefits of Tor over I2P !! Benefits of I2P over Tor&lt;br /&gt;
|- style=&amp;quot;vertical-align:top;&amp;quot;&lt;br /&gt;
|&lt;br /&gt;
* Much bigger user base; highly visible academic and hacker community support.&lt;br /&gt;
* Solved scaling issues I2P hasn&#039;t addressed.&lt;br /&gt;
* Significant funding and funded developers.&lt;br /&gt;
* More resistant to state-level blocking due to TLS transport layer and bridges.&lt;br /&gt;
* Designed and optimized for exit traffic (large number of exit nodes).&lt;br /&gt;
* Better documentation, formal papers, and translations.&lt;br /&gt;
* More efficient memory usage.&lt;br /&gt;
* Low bandwidth overhead for client nodes.&lt;br /&gt;
* Centralized control efficiently addresses Sybil attacks.&lt;br /&gt;
* High capacity core nodes provide higher throughput and lower latency.&lt;br /&gt;
* Written in C.&lt;br /&gt;
|&lt;br /&gt;
* Designed and optimized for hidden services, which are much faster than in Tor.&lt;br /&gt;
* Fully distributed and self-organizing.&lt;br /&gt;
* Peers selected by continuous profiling rather than trusted claims.&lt;br /&gt;
* Floodfill peers (&amp;quot;directory servers&amp;quot;) are untrusted and vary.&lt;br /&gt;
* Small enough that it hasn&#039;t been blocked or DOSed much.&lt;br /&gt;
* Peer-to-peer friendly.&lt;br /&gt;
* Packet switched instead of circuit switched (transparent load balancing, resilience via parallel tunnels).&lt;br /&gt;
* Unidirectional tunnels instead of bidirectional circuits (doubles nodes an attacker must compromise).&lt;br /&gt;
* Short-lived tunnels decrease active attack vectors compared to Tor circuits.&lt;br /&gt;
* Essentially all peers participate in routing.&lt;br /&gt;
* Written in Java.&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
= See also (Resources) =&lt;br /&gt;
* [[wikipedia:Internet_censorship_circumvention|Internet censorship circumvention: Wikipedia]]&lt;br /&gt;
* [https://github.com/bol-van/zapret Zapret Documentation]&lt;br /&gt;
* [https://github.com/ValdikSS/GoodbyeDPI Goodbye DPI GitHub]&lt;br /&gt;
* [https://shadowsocks.org/ Shadowsocks Official]&lt;br /&gt;
* [https://github.com/v2fly/v2ray-core V2Ray Core]&lt;br /&gt;
* [https://github.com/XTLS/Xray-core X-ray Core]&lt;br /&gt;
* [https://tb-manual.torproject.org/circumvention/ Tor Circumvention Manual]&lt;br /&gt;
* [https://geti2p.net/ I2P Anonymous Network]&lt;br /&gt;
* [https://ooni.org/ OONI Open Observatory of Network Interference]&lt;br /&gt;
&lt;br /&gt;
[[Category:Internet Censorship]]&lt;br /&gt;
[[Category:Privacy Software]]&lt;br /&gt;
[[Category:Circumvention]]&lt;/div&gt;</summary>
		<author><name>Admin</name></author>
	</entry>
	<entry>
		<id>https://wiki.n216.dedyn.io/index.php?title=How_to_bypass_ISP_censorship&amp;diff=77</id>
		<title>How to bypass ISP censorship</title>
		<link rel="alternate" type="text/html" href="https://wiki.n216.dedyn.io/index.php?title=How_to_bypass_ISP_censorship&amp;diff=77"/>
		<updated>2026-06-05T13:07:11Z</updated>

		<summary type="html">&lt;p&gt;Admin: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&#039;&#039;A curated list of tools, protocols, and technologies for bypassing internet blocks, inspired by [https://github.com/danoctavian/awesome-anti-censorship this] project.&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
This list focuses on tools and strategies designed to defeat active network-level filtering, such as Deep Packet Inspection (DPI), DNS blocking, and protocol-level blacklisting.&lt;br /&gt;
&lt;br /&gt;
__TOC__&lt;br /&gt;
&lt;br /&gt;
= How Online Content is Blocked =&lt;br /&gt;
Internet blocks are multi-layered systems and not simple on/off switches. Bypassing them is similar to a cat-and-mouse game.&lt;br /&gt;
&lt;br /&gt;
Filtering mechanisms primarily include:&lt;br /&gt;
&lt;br /&gt;
; DNS Filtering / Poisoning / Hijacking&lt;br /&gt;
: The censor intercepts requests to resolve a domain name and either returns no answer or a false IP address. This is the simplest and most common form of blocking, but also the easiest to bypass in some cases. To bypass it, a third party (not from your ISP) DNS server should be used with a DNS protocol supporting encryption like DNS over HTTPS. If blocks are still in place, your ISP may be using DPI.&lt;br /&gt;
; Deep Packet Inspection (DPI)&lt;br /&gt;
: This is a more advanced method. State-level “middle boxes” (like Russia&#039;s TSPU or China&#039;s Great Firewall (GFW)) actively inspect the content of unencrypted (or encrypted for their own certificate authority) traffic. For encrypted traffic, they inspect the “metadata,” such as the Server Name Indication (SNI) in a TLS handshake. The SNI field, which states the domain you are visiting, is unencrypted and provides a simple way for censors to identify and block HTTPS connections. However, even when SNI is encrypted or absent, advanced middle boxes can infer your destination through non-SNI leaks. They achieve this by analyzing TLS fingerprints (like JA4 signatures), monitoring packet sizes and timing patterns to profile websites. Even if a client successfully hides the destination domain during the initial handshake (for instance, by omitting the SNI), censors can simply look at the plaintext certificate returned by the server in some cases. In standard TLS connections below version 1.3, the server sends its X.509 certificate completely unencrypted. Censors intercepting this packet instantly know exactly which website you are communicating with. Bypassing DPI requires specialized programs. If blocks are still in place, your ISP may be using IP blacklisting.&lt;br /&gt;
; IP Blacklisting&lt;br /&gt;
: The censor blocks all network traffic to and from known IP addresses associated with a “forbidden” service (e.g., a VPN provider&#039;s servers or a specific website). Bypassing this is harder and requires connecting to a proxy/VPN server that doesn&#039;t have these restrictions. This can create a chicken-and-egg problem, like a proxy/VPN service being IP blocked but needing a proxy/VPN to bypass it.&lt;br /&gt;
; Protocol Filtering&lt;br /&gt;
: The DPI system is configured to identify and block the “fingerprints” of circumvention protocols themselves. Standard OpenVPN and WireGuard traffic is easily identifiable and is a primary target for blocking. Ports of commonly used protocols can be blocked too (e.g., port 51820 can be blocked to prevent a WireGuard connection if there are no alternative ports).&lt;br /&gt;
&lt;br /&gt;
The tools in this list are all solutions to one or more of these methods. They either:&lt;br /&gt;
# Manipulate packets at a low level to confuse the DPI,&lt;br /&gt;
# Obfuscate (disguise) traffic to look like something benign and unblockable (like standard web traffic), or&lt;br /&gt;
# Decentralize content, so there is no single server to block.&lt;br /&gt;
&lt;br /&gt;
= Censorship Measurement Tools =&lt;br /&gt;
This is a “meta” category. Before you can bypass censorship, you must prove it is happening and understand how. These tools are not for circumvention, but for detection. They are critical for activists, journalists, and researchers.&lt;br /&gt;
&lt;br /&gt;
== [https://ooni.org/ OONI Probe] ==&lt;br /&gt;
The Open Observatory of Network Interference. A free, open-source software and global network for measuring internet censorship. A project born out of The Tor Project, now an independent non-profit. Volunteers run the OONI Probe app on their mobile devices or computers from within 241 countries. The results are aggregated and published on the public OONI Explorer website. It is used to increase transparency, document censorship events globally, and provide hard, verifiable evidence of network interference and blocking.&lt;br /&gt;
&lt;br /&gt;
The app runs a series of tests to check for censorship:&lt;br /&gt;
* &#039;&#039;&#039;Web Connectivity:&#039;&#039;&#039; It tries to access a list of websites (including globally and locally sensitive ones) from the user&#039;s network and from a control network, then compares the results.&lt;br /&gt;
* &#039;&#039;&#039;App Blocking:&#039;&#039;&#039; It tests for blocks on specific apps like WhatsApp, Telegram, and Signal.&lt;br /&gt;
* &#039;&#039;&#039;Circumvention Tool Blocking:&#039;&#039;&#039; It tests if circumvention tools themselves (like Tor, Psiphon, and Lantern) are reachable.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Provides Hard Evidence:&#039;&#039;&#039;&amp;lt;/span&amp;gt; It is the best tool for scientifically proving how and what is being censored on a specific network.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Global &amp;amp; Open Data:&#039;&#039;&#039;&amp;lt;/span&amp;gt; All data is publicly available for analysis, which is an invaluable resource for researchers, journalists, and human rights organizations.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Easy to Use:&#039;&#039;&#039;&amp;lt;/span&amp;gt; The mobile app is simple for non-technical volunteers to run.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Potential Risk to User:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Running OONI Probe is not anonymous. Your ISP and any network monitor can see that you are running it. While OONI states the risk is “theoretical” and no user has faced consequences, this is a real risk in high-stakes environments.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Provocative Tests:&#039;&#039;&#039;&amp;lt;/span&amp;gt; The app intentionally tests “provocative or objectionable sites (e.g., pornography)”, which might be illegal to even attempt to access in some countries, regardless of intent.&lt;br /&gt;
&lt;br /&gt;
= TLDR: I need a tool now! What should I use? =&lt;br /&gt;
&#039;&#039;If you are in a risky situation, please do your research and do not trust any single source (including this one). These quick recommendations are for people with less sensitive threat models.&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
{| class=&amp;quot;wikitable&amp;quot;&lt;br /&gt;
|-&lt;br /&gt;
! Level !! Recommendation&lt;br /&gt;
|-&lt;br /&gt;
| &#039;&#039;&#039;Level 1&#039;&#039;&#039; || DNS over HTTPS (DNS over TLS can be blocked but it may be an easier solution if you use Android &amp;gt;9 since it is built-in) + Encrypted Client Hello (supported by most modern browsers)&lt;br /&gt;
|-&lt;br /&gt;
| &#039;&#039;&#039;Level 2&#039;&#039;&#039; || Level 1 + DPI bypassing (Zapret/GoodbyeDPI/gecit/DPI Tunnel v2/PowerTunnel)&lt;br /&gt;
|-&lt;br /&gt;
| &#039;&#039;&#039;Level 3&#039;&#039;&#039; || Level 2 + WireGuard (preferably with AmneziaWG protocol)&lt;br /&gt;
|-&lt;br /&gt;
| &#039;&#039;&#039;Level 4&#039;&#039;&#039; || Level 3 + tools similar to V2Ray or DNS tunneling (slow)&lt;br /&gt;
|-&lt;br /&gt;
| &#039;&#039;&#039;Level 5&#039;&#039;&#039; || &#039;&#039;&#039;Do Your Own Research If You Still Can&#039;t Connect to Websites&#039;&#039;&#039;&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
= Local DPI Bypass Tools =&lt;br /&gt;
This category of tools is fundamentally different from VPNs. They allow access to specific blocked services without the disruptive side effects of a VPN, such as changing your IP address. They also don&#039;t bypass IP blacklisting. &lt;br /&gt;
&lt;br /&gt;
These tools work by “desynchronizing” the censor&#039;s view of the network connection from the server&#039;s, causing the inspection to fail while allowing the real connection to proceed. They provide no extra encryption or anonymity; your ISP can still see what sites you are visiting, but their automated blocking mechanism is fooled.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/bol-van/zapret Zapret] ==&lt;br /&gt;
A stand-alone, high-performance DPI circumvention tool designed to “desynchronize” DPI systems by manipulating network packets at a low level. Zapret was created primarily to target the “Sovereign Internet” (RuNet) blocking system in Russia.&lt;br /&gt;
&lt;br /&gt;
Zapret is designed to run on a Linux-based gateway, such as a home router running OpenWrt or directly on a user&#039;s Linux desktop.&lt;br /&gt;
&lt;br /&gt;
Zapret uses low-level packet manipulation via components like &amp;lt;code&amp;gt;nfqws&amp;lt;/code&amp;gt; and &amp;lt;code&amp;gt;tpws&amp;lt;/code&amp;gt;. It employs a variety of “DPI desync” techniques, which can be configured by the user. These include sending fake packets (e.g., with the &amp;lt;code&amp;gt;--dpi-desync=fake&amp;lt;/code&amp;gt; parameter), fragmenting packets (&amp;lt;code&amp;gt;--dpi-desync=fakedsplit&amp;lt;/code&amp;gt;), and modifying packet checksums or TTLs to “fool” the inspection system (&amp;lt;code&amp;gt;--dpi-desync-fooling=badsum&amp;lt;/code&amp;gt;). The tool includes a &amp;lt;code&amp;gt;blockcheck.sh&amp;lt;/code&amp;gt; script that a user can run to test and identify the most effective desync parameters for their specific ISP.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;High Performance:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Adds negligible latency. Because it typically only manipulates the first few packets of a connection to break the DPI&#039;s state, it is significantly faster than a full tunnel.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;No IP Change:&#039;&#039;&#039;&amp;lt;/span&amp;gt; This is its most significant advantage. It does not change your public IP address, making it ideal for accessing local, geo-restricted services (like banking, streaming, or city services) that would be broken by a VPN. It also does not need to trust any third party servers.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Transparent:&#039;&#039;&#039;&amp;lt;/span&amp;gt; When installed on a router, it works transparently for all devices on the network (phones, computers, consoles) with no client-side software required.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Adaptive:&#039;&#039;&#039;&amp;lt;/span&amp;gt; It is highly configurable to adapt to the specific, evolving DPI strategies used by different ISPs and nation-states.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;No Extra Privacy or Anonymity:&#039;&#039;&#039;&amp;lt;/span&amp;gt; This is important to know. Zapret does not provide extra privacy or anonymity. Your ISP can still see which sites you are visiting; the tool just prevents the automated block to provide access.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Specific Use Case:&#039;&#039;&#039;&amp;lt;/span&amp;gt; It only defeats DPI. It does not bypass DNS-level blocking (it must be paired with an encrypted DNS service like DoH/DoT) or IP-address-level bans.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/ValdikSS/GoodbyeDPI Goodbye DPI] ==&lt;br /&gt;
A user-friendly DPI circumvention utility designed specifically for the Windows operating system. It runs on a user&#039;s local Windows PC (versions 7 through 11 are supported). It works by installing a Windows filter driver to intercept and modify packets as they leave the machine. It employs multiple methods simultaneously to be effective against a wide range of DPI systems. These methods include: TCP-level fragmentation, HTTP header manipulation (e.g., replacing Host with hoSt, or removing spaces), and sending fake packets with low TTLs to “poison” the DPI&#039;s state and cause it to fail. It also includes modes to redirect DNS requests to non-standard ports to bypass simple DNS poisoning.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Easy to Use:&#039;&#039;&#039;&amp;lt;/span&amp;gt; This is its primary advantage. It is ideal for non-technical Windows users. The most common use case involves just running a single &amp;lt;code&amp;gt;.cmd&amp;lt;/code&amp;gt; script.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;No IP Change:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Shares the same benefits as Zapret; it does not interfere with local, geo-restricted services. Also, no third party to trust.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Effective:&#039;&#039;&#039;&amp;lt;/span&amp;gt; It is designed to actively bypass both “Passive DPI” (which tries to “race” the real server with a fake reset packet) and “Active DPI” (which sits in-line and modifies traffic).&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;No Extra Privacy or Anonymity:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Like Zapret, this provides no extra encryption and is not a privacy tool. It is for access only.&lt;br /&gt;
&lt;br /&gt;
== Mobile DPI Bypass Tools ==&lt;br /&gt;
Stand-alone, open-source DPI circumvention tools exists on mobile devices too. They are mostly inspired by Zapret. The catch being not being capable as tools designed for computers. They mostly rely on 3 ways to see the packets. Having root, giving the VPN slot to the app, setting up a proxy inside your phone. You will usually have to set the bypass rules manually. Most popular ones are “DPI Tunnel v2”, “Bye DPI”, “Power Tunnel”. They don&#039;t increase battery usage that much compared to VPNs.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;High Performance:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Adds negligible latency. It is significantly faster than a full tunnel. &lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;No IP Change:&#039;&#039;&#039;&amp;lt;/span&amp;gt; It does not change your public IP address, making it ideal for accessing local, geo-restricted services (like banking, streaming, or city services) that would be broken by a VPN. It also does not need to trust any third party servers.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Easy to Use:&#039;&#039;&#039;&amp;lt;/span&amp;gt; After initial configuration, enabling or disabling is only one press.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;No Extra Privacy or Anonymity:&#039;&#039;&#039;&amp;lt;/span&amp;gt; These tools don&#039;t provide extra privacy or anonymity. Your ISP/GSM can still see which sites you are visiting; the tool just prevents the automated block to provide access.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Needs either root or a VPN slot:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Android only allows one active VPN slot at a time. If you are running a DPI bypass app, you cannot simultaneously run a standard VPN or a system-wide ad blocker without root.&lt;br /&gt;
&lt;br /&gt;
= Standard (Non-Obfuscated) Protocols =&lt;br /&gt;
This category includes the standard, “baseline” protocols for proxies and VPNs. These tools are not designed for censorship circumvention and are the primary targets for blocking. Their distinct protocol “fingerprints” make them easy for DPI systems to identify and filter. They are included here as a baseline to illustrate why the more advanced, obfuscated tools in the next section are necessary.&lt;br /&gt;
&lt;br /&gt;
== [https://www.wireguard.com/ WireGuard] ==&lt;br /&gt;
An extremely simple, fast, and modern VPN (Virtual Private Network) protocol. A modern protocol (initial release 2015) that is now part of the Linux kernel. Runs on client and server machines, supported natively or via apps on all major operating systems. It uses state-of-the-art cryptography and has a very small, auditable code base (under 4,000 lines of code). It operates over UDP.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Extremely Fast:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Significantly higher performance and lower latency compared to OpenVPN, due to its lightweight code and modern encryption.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Simple &amp;amp; Secure:&#039;&#039;&#039;&amp;lt;/span&amp;gt; A small code base makes it easier to audit and less susceptible to attack.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Quick Reconnects:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Connects and reconnects almost instantly, making it ideal for mobile devices switching between Wi-Fi and cellular data.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Easily Blocked:&#039;&#039;&#039;&amp;lt;/span&amp;gt; This is its key weakness for censorship. It has a distinct, recognizable protocol fingerprint. It is not designed to bypass DPI and is actively blocked in countries like China and Russia. Protocols like AmneziaWG (modified version of WireGuard designed to prevent DPI) should be used when possible.&lt;br /&gt;
&lt;br /&gt;
== [https://openvpn.net/ OpenVPN] ==&lt;br /&gt;
A mature, open-source, and highly configurable VPN protocol. First released in 2001, it has been the industry standard for over two decades. It uses a custom security protocol based on SSL/TLS. It can run over either TCP or UDP, which makes it flexible.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Mature:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Battle-tested and thoroughly audited for decades.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Flexible:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Can be configured to run over any port and use either TCP or UDP.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Easily Blocked:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Like WireGuard, its handshake is very distinct and easily identified and blocked by DPI systems.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Slow:&#039;&#039;&#039;&amp;lt;/span&amp;gt; It is much slower and has higher latency than WireGuard. Its code base is big (400,000+ lines).&lt;br /&gt;
&lt;br /&gt;
== [https://en.wikipedia.org/wiki/IKEv2 IKEv2/IPsec] ==&lt;br /&gt;
A secure, standards-based VPN protocol (Internet Key Exchange version 2). Developed by Microsoft and Cisco, and standardized by the IETF. Native to most modern operating systems. It is often used in self-hosted setups (like Algo).&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Native Support:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Supported “out of the box” by Windows, Android, macOS, and iOS.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Stable:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Very good at re-establishing a connection quickly when a network drops.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Easily Blocked:&#039;&#039;&#039;&amp;lt;/span&amp;gt; It is not a circumvention tool and is easily detected and blocked by DPI.&lt;br /&gt;
&lt;br /&gt;
== [https://en.wikipedia.org/wiki/SOCKS SOCKS] ==&lt;br /&gt;
A low-level proxy protocol that can route virtually any type of network traffic from any application (SOCKS5 since 1996). A client application sends traffic to a SOCKS5 server, which then forwards it to the final destination. It operates at Layer 5 (the Session Layer).&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Extremely Versatile:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Can handle any type of traffic, including web, P2P, gaming, and email.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not Encrypted:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Provides zero encryption by itself. All traffic is sent in the clear and is fully visible to an ISP.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Trivially Blocked:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Unencrypted, identifiable traffic is extremely easy for any DPI system to inspect and block.&lt;br /&gt;
&lt;br /&gt;
== [https://en.wikipedia.org/wiki/Proxy_server HTTP(S) Proxies / Web Proxies] ==&lt;br /&gt;
A basic, high-level proxy protocol designed exclusively for web (HTTP and HTTPS) traffic. Primarily used by web browsers. It operates at Layer 7 (the Application Layer).&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Simple:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Easy to set up and widely supported by all browsers.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Extremely Limited:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Only works for web traffic.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not Encrypted:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Provides no encryption for your connection to the proxy (when no HTTPS).&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not Anonymous:&#039;&#039;&#039;&amp;lt;/span&amp;gt; HTTP proxies typically add headers (like X-Forwarded-For) that identify the original user&#039;s IP address.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Trivially Blocked:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Very easy to detect and block.&lt;br /&gt;
&lt;br /&gt;
= Obfuscated Proxy Protocols &amp;amp; Platforms =&lt;br /&gt;
This category represents the “engine” for most modern, robust circumvention. The development of these protocols illustrates the “cat-and-mouse” arms race.&lt;br /&gt;
&lt;br /&gt;
# &#039;&#039;&#039;Phase 1 (Encrypt):&#039;&#039;&#039; Standard VPNs (OpenVPN, WireGuard) are encrypted but have obvious “fingerprints”.&lt;br /&gt;
# &#039;&#039;&#039;Phase 2 (Scramble):&#039;&#039;&#039; Tools like Shadowsocks and obfs4 encrypt and “scramble” traffic to look like “random” data.&lt;br /&gt;
# &#039;&#039;&#039;Phase 3 (Mimic):&#039;&#039;&#039; Tools like V2Ray and Trojan are designed to mimic standard, benign HTTPS traffic.&lt;br /&gt;
# &#039;&#039;&#039;Phase 4 (Be Indistinguishable):&#039;&#039;&#039; Tools like Naïve Proxy reuse the actual network stack from a real browser (Chrome) to be bit-for-bit indistinguishable.&lt;br /&gt;
&lt;br /&gt;
== [https://shadowsocks.org/ Shadow Socks] ==&lt;br /&gt;
A fast, encrypted SOCKS5 proxy. It is not a full VPN. Originally created in 2012 by “clowwindy” specifically to bypass the Great Firewall (GFW) of China. Its strength is its simplicity and its use of modern AEAD ciphers. It “disguises” traffic to look like HTTPS but does not explicitly mimic another protocol.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Fast and Lightweight:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Generally faster than full VPNs and complex multi-layered tools.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Selective:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Easy to configure which traffic goes through it (e.g., using a PAC file).&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Detectable by Advanced DPI:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Advanced DPI can detect Shadowsocks traffic through traffic analysis and active probing.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not a Full VPN:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Does not tunnel all system traffic by default, it is your job to be sure everything uses it.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/v2fly/v2ray-core V2Ray] ==&lt;br /&gt;
A platform or framework for building proxies. It is not a single protocol, but a “box” that can manage multiple inbound and outbound protocols, transports, and advanced routing rules. By wrapping its proxy traffic inside Web Socket and TLS for example, it makes the traffic appear as standard, indistinguishable HTTPS traffic.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Extremely Flexible:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Can be configured to mimic HTTPS, run over Web Sockets, use QUIC, etc.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Resilient:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Its multiprotocol nature means it can be reconfigured if one method is blocked.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Advanced Routing:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Can selectively route traffic based on domain or IP.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Complex:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Requires understanding of its complex concepts of inbounds, outbounds, and transports.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Performance Overhead:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Layered encryption adds significant latency.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;VMess is Detectable:&#039;&#039;&#039;&amp;lt;/span&amp;gt; The original VMess protocol is now considered detectable by advanced GFW packet sniffing.&lt;br /&gt;
&lt;br /&gt;
=== V2Ray Protocols: VMess vs. VLESS ===&lt;br /&gt;
* &#039;&#039;&#039;VMess:&#039;&#039;&#039; The original, feature-rich protocol for V2Ray. It has its own built-in encryption and authentication methods. It is considered more “heavy” and less safe against modern GFW probing.&lt;br /&gt;
* &#039;&#039;&#039;VLESS:&#039;&#039;&#039; A newer, lightweight protocol. It removes VMess&#039;s built-in encryption layer and delegates security to the underlying transport layer, such as TLS. This simplifies the handshake, improves speed, and makes it more indistinguishable from a standard HTTPS website.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/XTLS/Xray-core X-ray] ==&lt;br /&gt;
A high-performance, open-source proxy platform and a fork of V2Ray. Developed by the XTLS community. Xray-core supports all of V2Ray&#039;s protocols and adds XTLS. XTLS is a “direct encryption” technology that avoids the performance-draining “TLS-in-TLS” problem, resulting in lower latency and higher speeds than most VLESS configurations.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Faster:&#039;&#039;&#039;&amp;lt;/span&amp;gt; X-ray with its XTLS protocol is generally considered faster and more efficient.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Backward Compatible:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Acts as a drop-in, enhanced replacement for V2Ray-core.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Advanced Protocols:&#039;&#039;&#039;&amp;lt;/span&amp;gt; VLESS and XTLS are highly effective at mimicking standard web traffic.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Complexity:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Inherits all of V2Ray&#039;s complexity.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Less Documentation:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Newer technology with poorer documentation than established setups.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/trojan-gfw/trojan Trojan] ==&lt;br /&gt;
A proxy protocol that is specifically designed to perfectly imitate a real HTTPS server. It runs on a server, binds to port 443, and simultaneously serves a real, working website. This makes it highly resistant to the “active probing” techniques.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Extremely Stealthy:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Mimics HTTPS perfectly and serves a real website as a disguise.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;High Performance:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Simpler protocol that uses TLS directly.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Requires a Domain Name:&#039;&#039;&#039;&amp;lt;/span&amp;gt; You must have a registered domain name and a valid SSL/TLS certificate.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Vulnerable to TLS-in-TLS Detection:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Censors have started detecting the “TLS-in-TLS” pattern.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/klzgrad/naiveproxy Naïve Proxy] ==&lt;br /&gt;
A proxy that re-uses the network stack from the Chromium browser to camouflage its traffic. A “Phase 4” tool. It uses HTTP/2 multiplexing, HTTP/2 traffic padding, and the exact TLS handshake of a real Chrome browser.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;The “Most” Stealthy:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Arguably the most advanced tool for defeating traffic analysis and fingerprinting.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;High Performance:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Leverages Chrome&#039;s high-performance HTTP/2 stack.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Complex:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Requires a Caddy server with a specific plugin, domain name, and TLS cert.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Still a Proxy:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Not a full system-wide VPN.&lt;br /&gt;
&lt;br /&gt;
= Self-Hosted VPN/Proxy Suites =&lt;br /&gt;
Instead of trusting a commercial VPN, these scripts automate the setup of a private server on a cloud provider.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/trailofbits/algo Algo] ==&lt;br /&gt;
A set of Ansible scripts that automates the deployment of a minimalist, secure personal VPN. Created by Trail of Bits. It installs WireGuard and IKEv2/IPsec, deliberately excluding obfuscation tools.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Secure by Default:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Uses modern, strong protocols with secure ciphers.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Minimalist:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Includes only the minimal software you need.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Clientless (IKEv2):&#039;&#039;&#039;&amp;lt;/span&amp;gt; Supported natively by most OS.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not for Censorship Bypass:&#039;&#039;&#039;&amp;lt;/span&amp;gt; WireGuard and IKEv2 are easily detected and blocked by DPI.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Security Vulnerabilities:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Theoretical risk of MitM if the VPS is compromised due to self-signed certs.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/StreisandEffect/streisand Streisand] ==&lt;br /&gt;
Automates the deployment of a full suite of anti-censorship tools (“kitchen sink” approach). Installs WireGuard, OpenVPN, Shadowsocks, Trojan, Tor bridges, and more.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Extremely Versatile:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Gives the user many options to try if one is blocked.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Designed for Censorship:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Specifically designed for circumvention.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;“Kitchen Sink” Risk:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Dramatically increases the potential attack surface.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Less Secure Defaults:&#039;&#039;&#039;&amp;lt;/span&amp;gt; More permissive defaults than Algo.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Outdated:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Did not get updated for a long time.&lt;br /&gt;
&lt;br /&gt;
= Anonymity Networks &amp;amp; Pluggable Transports =&lt;br /&gt;
Designed for anonymity. However, to be anonymous, you first must be able to connect.&lt;br /&gt;
&lt;br /&gt;
== [https://www.torproject.org/ Tor Project] ==&lt;br /&gt;
A free, open-source network and browser that provides anonymity by routing traffic through a three-layer “onion” of volunteer-run relays.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Strong Anonymity:&#039;&#039;&#039;&amp;lt;/span&amp;gt; The most-studied tool for public-internet anonymity.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Pluggable Transports:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Built-in system to bypass blocking.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Easy to Use:&#039;&#039;&#039;&amp;lt;/span&amp;gt; The Tor Browser is a simple, all-in-one application.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Slow:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Sometimes impractical for streaming or large downloads.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Blocked by Default:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Relay lists are public and easily blocked.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Stigma:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Can attract suspicion from ISPs or law enforcement.&lt;br /&gt;
&lt;br /&gt;
=== Tor Pluggable Transports (PTs) ===&lt;br /&gt;
; obfs4&lt;br /&gt;
: The modern “scrambler” (Phase 2). Makes Tor traffic “look random, like nothing”. Can be blocked by whitelists.&lt;br /&gt;
; meek&lt;br /&gt;
: The “domain fronting” transport (Phase 3). Makes Tor traffic look like it&#039;s going to a major CDN. Very slow and fragile; major providers blocked it.&lt;br /&gt;
; Web Tunnel&lt;br /&gt;
: A newer transport that masks Tor traffic as a standard HTTPS connection.&lt;br /&gt;
; Snowflake&lt;br /&gt;
: A peer-to-peer transport. Connects to ephemeral proxies run by volunteers in their web browsers.&lt;br /&gt;
&lt;br /&gt;
== I2P (Invisible Internet Project) ==&lt;br /&gt;
A decentralized, anonymous network layer. Uses “Garlic Routing” which bundles multiple messages together and sends them through unidirectional tunnels.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Excellent for Hidden Services:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Optimized for “eepsites”.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Decentralized &amp;amp; Resilient:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Distributed and P2P-friendly.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Harder Analysis:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Unidirectional tunnels make traffic analysis harder.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not for Public Web Access:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Relies on volunteer-run “out proxies” which are few and slow.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Slow:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Complex P2P routing.&lt;br /&gt;
&lt;br /&gt;
= Decentralized &amp;amp; Federated &amp;amp; P2P Networks =&lt;br /&gt;
Censorship-resistance-by-design. If there is no single server, there is no single point to block.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/HelloZeroNet/ZeroNet Zero Net] ==&lt;br /&gt;
A decentralized, peer-to-peer web-like network. Uses Bitcoin cryptography for identity and BitTorrent to distribute content.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Extremely Censorship-Resistant:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Cannot be taken down by DMCA or government order.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Zero Hosting Cost:&#039;&#039;&#039;&amp;lt;/span&amp;gt; The audience provides the infrastructure.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Works Offline:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Browse “seeded” sites without internet.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not Anonymous by Default:&#039;&#039;&#039;&amp;lt;/span&amp;gt; IP is visible to peers.&lt;br /&gt;
&lt;br /&gt;
== [[wikipedia:Hyphanet|Hypha net (formerly Freenet)]] ==&lt;br /&gt;
A decentralized, P2P network where all users contribute disk space and bandwidth. Content is retrieved by a key, not a location. Nodes do not know what content they are storing.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Anonymous by Design:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Anonymity built-in for publishers and consumers.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Deniable Storage:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Plausible deniability for hosts.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;“Forgets” Content:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Unpopular data is eventually dropped.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Static Content Only:&#039;&#039;&#039;&amp;lt;/span&amp;gt; No dynamic sites.&lt;br /&gt;
&lt;br /&gt;
== [https://ipfs.tech/ IPFS] ==&lt;br /&gt;
A decentralized, peer-to-peer protocol. Uses content-based addressing (CID) instead of location-based addressing.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Highly Censorship-Resistant:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Content itself cannot be blocked.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Data Integrity:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Cryptographic CIDs guarantee the exact file.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not Anonymous by Default:&#039;&#039;&#039;&amp;lt;/span&amp;gt; IP is visible.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Content is Not Permanent:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Files disappear if not “pinned”.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Censorable at the Gateway:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Public gateways can filter content.&lt;br /&gt;
&lt;br /&gt;
== Torrenting ==&lt;br /&gt;
Files are distributed across thousands of users&#039; computers. Extremely resilient against takedowns.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Distributed &amp;amp; Fast:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Speeds up as more people host.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;No Central Logs:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Makes surveillance resource-intensive.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not Anonymous by Default:&#039;&#039;&#039;&amp;lt;/span&amp;gt; IPs are public.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Stigma:&#039;&#039;&#039;&amp;lt;/span&amp;gt; ISPs actively throttle or block torrents.&lt;br /&gt;
&lt;br /&gt;
= Emerging Privacy Protocols (DNS/TLS) =&lt;br /&gt;
&lt;br /&gt;
== DNS-over-HTTPS (DoH) / DNS-over-TLS (DoT) / DNS Crypt ==&lt;br /&gt;
Protocols that encrypt DNS queries to prevent tracking and poisoning.&lt;br /&gt;
* &#039;&#039;&#039;DoT:&#039;&#039;&#039; Dedicated port 853.&lt;br /&gt;
* &#039;&#039;&#039;DoH:&#039;&#039;&#039; Uses port 443 (standard web traffic).&lt;br /&gt;
* &#039;&#039;&#039;DNS Crypt:&#039;&#039;&#039; Encrypts payloads using public keys.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Bypasses DNS Filtering:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Primary benefit.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Stealthy (DoH):&#039;&#039;&#039;&amp;lt;/span&amp;gt; Indistinguishable from HTTPS.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;DoT is Easily Blocked:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Port 853 can be blocked.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Does Not Bypass DPI:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Useless if SNI or IP is blocked.&lt;br /&gt;
&lt;br /&gt;
== Encrypted Client Hello (ECH) ==&lt;br /&gt;
A TLS 1.3 extension that encrypts the SNI, closing the metadata leak in HTTPS.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Defeats SNI-Based DPI:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Makes this class of censorship obsolete.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Proactive &amp;amp; Native:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Protects all users by default when adopted.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not Yet Standard:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Not universally deployed.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Already Being Blocked:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Russia blocks ECH directly; China blocks encrypted DNS to prevent ECH.&lt;br /&gt;
&lt;br /&gt;
= Other Workarounds =&lt;br /&gt;
; Privacy Frontends&lt;br /&gt;
: Proxy traffic to upstream services. Upstream doesn&#039;t see your IP, but usually limited to specific websites and can be unstable.&lt;br /&gt;
; Website Mirrors&lt;br /&gt;
: Viewing alternative hosted versions of sites. Only some content has mirrors.&lt;br /&gt;
; Federated Services&lt;br /&gt;
: Distributed alternatives to centralized platforms. Can leak metadata.&lt;br /&gt;
&lt;br /&gt;
= Do you need a VPN? =&lt;br /&gt;
If one or more of these are true, a VPN may be necessary:&lt;br /&gt;
* Connecting to untrusted hotspots.&lt;br /&gt;
* Untrusted websites (IP loggers).&lt;br /&gt;
* Geo-blocked regularly.&lt;br /&gt;
* ISP blocks content.&lt;br /&gt;
* Lack of trust in ISP.&lt;br /&gt;
* Need servers in specific countries.&lt;br /&gt;
* ISP throttling.&lt;br /&gt;
&lt;br /&gt;
= Inclusion Criteria =&lt;br /&gt;
* &#039;&#039;&#039;Source Availability:&#039;&#039;&#039; Open-source projects preferred.&lt;br /&gt;
* &#039;&#039;&#039;Security:&#039;&#039;&#039; Strong security practices, audited code.&lt;br /&gt;
* &#039;&#039;&#039;Community Support:&#039;&#039;&#039; Active forums and issue trackers.&lt;br /&gt;
* &#039;&#039;&#039;Cost-Effectiveness:&#039;&#039;&#039; Fits budget requirements.&lt;br /&gt;
* &#039;&#039;&#039;No Walled Gardens:&#039;&#039;&#039; Prefer self-hosted or alternative client capable software.&lt;br /&gt;
* &#039;&#039;&#039;Proven Track Record:&#039;&#039;&#039; Mature projects.&lt;br /&gt;
&lt;br /&gt;
= Tor vs. I2P Comparison =&lt;br /&gt;
&#039;&#039;This part of the guide is taken from the [https://geti2p.net/en/comparison/tor i2p projects comparison page].&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
{| class=&amp;quot;wikitable&amp;quot; style=&amp;quot;width:100%; vertical-align:top;&amp;quot;&lt;br /&gt;
|-&lt;br /&gt;
! Benefits of Tor over I2P !! Benefits of I2P over Tor&lt;br /&gt;
|- style=&amp;quot;vertical-align:top;&amp;quot;&lt;br /&gt;
|&lt;br /&gt;
* Much bigger user base; highly visible academic and hacker community support.&lt;br /&gt;
* Solved scaling issues I2P hasn&#039;t addressed.&lt;br /&gt;
* Significant funding and funded developers.&lt;br /&gt;
* More resistant to state-level blocking due to TLS transport layer and bridges.&lt;br /&gt;
* Designed and optimized for exit traffic (large number of exit nodes).&lt;br /&gt;
* Better documentation, formal papers, and translations.&lt;br /&gt;
* More efficient memory usage.&lt;br /&gt;
* Low bandwidth overhead for client nodes.&lt;br /&gt;
* Centralized control efficiently addresses Sybil attacks.&lt;br /&gt;
* High capacity core nodes provide higher throughput and lower latency.&lt;br /&gt;
* Written in C.&lt;br /&gt;
|&lt;br /&gt;
* Designed and optimized for hidden services, which are much faster than in Tor.&lt;br /&gt;
* Fully distributed and self-organizing.&lt;br /&gt;
* Peers selected by continuous profiling rather than trusted claims.&lt;br /&gt;
* Floodfill peers (&amp;quot;directory servers&amp;quot;) are untrusted and vary.&lt;br /&gt;
* Small enough that it hasn&#039;t been blocked or DOSed much.&lt;br /&gt;
* Peer-to-peer friendly.&lt;br /&gt;
* Packet switched instead of circuit switched (transparent load balancing, resilience via parallel tunnels).&lt;br /&gt;
* Unidirectional tunnels instead of bidirectional circuits (doubles nodes an attacker must compromise).&lt;br /&gt;
* Short-lived tunnels decrease active attack vectors compared to Tor circuits.&lt;br /&gt;
* Essentially all peers participate in routing.&lt;br /&gt;
* Written in Java.&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
= See also (Resources) =&lt;br /&gt;
* [[wikipedia:Internet_censorship_circumvention|Internet censorship circumvention: Wikipedia]]&lt;br /&gt;
* [https://github.com/bol-van/zapret Zapret Documentation]&lt;br /&gt;
* [https://github.com/ValdikSS/GoodbyeDPI Goodbye DPI GitHub]&lt;br /&gt;
* [https://shadowsocks.org/ Shadowsocks Official]&lt;br /&gt;
* [https://github.com/v2fly/v2ray-core V2Ray Core]&lt;br /&gt;
* [https://github.com/XTLS/Xray-core X-ray Core]&lt;br /&gt;
* [https://tb-manual.torproject.org/circumvention/ Tor Circumvention Manual]&lt;br /&gt;
* [https://geti2p.net/ I2P Anonymous Network]&lt;br /&gt;
* [https://ooni.org/ OONI Open Observatory of Network Interference]&lt;br /&gt;
&lt;br /&gt;
[[Category:Internet Censorship]]&lt;br /&gt;
[[Category:Privacy Software]]&lt;br /&gt;
[[Category:Circumvention]]&lt;/div&gt;</summary>
		<author><name>Admin</name></author>
	</entry>
	<entry>
		<id>https://wiki.n216.dedyn.io/index.php?title=How_to_bypass_ISP_censorship&amp;diff=76</id>
		<title>How to bypass ISP censorship</title>
		<link rel="alternate" type="text/html" href="https://wiki.n216.dedyn.io/index.php?title=How_to_bypass_ISP_censorship&amp;diff=76"/>
		<updated>2026-05-31T21:11:24Z</updated>

		<summary type="html">&lt;p&gt;Admin: /* Tor Project */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&#039;&#039;A curated list of tools, protocols, and technologies for bypassing internet blocks, inspired by [https://github.com/danoctavian/awesome-anti-censorship this] project.&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
This list focuses on tools and strategies designed to defeat active network-level filtering, such as Deep Packet Inspection (DPI), DNS blocking, and protocol-level blacklisting.&lt;br /&gt;
&lt;br /&gt;
__TOC__&lt;br /&gt;
&lt;br /&gt;
= How Online Content is Blocked =&lt;br /&gt;
Internet blocks are multi-layered systems and not simple on/off switches. Bypassing them is similar to a cat-and-mouse game.&lt;br /&gt;
&lt;br /&gt;
Filtering mechanisms primarily include:&lt;br /&gt;
&lt;br /&gt;
; DNS Filtering / Poisoning / Hijacking&lt;br /&gt;
: The censor intercepts requests to resolve a domain name and either returns no answer or a false IP address. This is the simplest and most common form of blocking, but also the easiest to bypass in some cases. To bypass it, a third party (not from your ISP) DNS server should be used with a DNS protocol supporting encryption like DNS over HTTPS. If blocks are still in place, your ISP may be using DPI.&lt;br /&gt;
; Deep Packet Inspection (DPI)&lt;br /&gt;
: This is a more advanced method. State-level “middle boxes” (like Russia&#039;s TSPU or China&#039;s Great Firewall (GFW)) actively inspect the content of unencrypted (or encrypted for their own certificate authority) traffic. For encrypted traffic, they inspect the “metadata,” such as the Server Name Indication (SNI) in a TLS handshake. The SNI field, which states the domain you are visiting, is unencrypted and provides a simple way for censors to identify and block HTTPS connections. However, even when SNI is encrypted or absent, advanced middle boxes can infer your destination through non-SNI leaks. They achieve this by analyzing TLS fingerprints (like JA4 signatures), monitoring packet sizes and timing patterns to profile websites. Even if a client successfully hides the destination domain during the initial handshake (for instance, by omitting the SNI), censors can simply look at the plaintext certificate returned by the server in some cases. In standard TLS connections below version 1.3, the server sends its X.509 certificate completely unencrypted. Censors intercepting this packet instantly know exactly which website you are communicating with. Bypassing DPI requires specialized programs. If blocks are still in place, your ISP may be using IP blacklisting.&lt;br /&gt;
; IP Blacklisting&lt;br /&gt;
: The censor blocks all network traffic to and from known IP addresses associated with a “forbidden” service (e.g., a VPN provider&#039;s servers or a specific website). Bypassing this is harder and requires connecting to a proxy/VPN server that doesn&#039;t have these restrictions. This can create a chicken-and-egg problem, like a proxy/VPN service being IP blocked but needing a proxy/VPN to bypass it.&lt;br /&gt;
; Protocol Filtering&lt;br /&gt;
: The DPI system is configured to identify and block the “fingerprints” of circumvention protocols themselves. Standard OpenVPN and WireGuard traffic is easily identifiable and is a primary target for blocking. Ports of commonly used protocols can be blocked too (e.g., port 51820 can be blocked to prevent a WireGuard connection if there are no alternative ports).&lt;br /&gt;
&lt;br /&gt;
The tools in this list are all solutions to one or more of these methods. They either:&lt;br /&gt;
# Manipulate packets at a low level to confuse the DPI,&lt;br /&gt;
# Obfuscate (disguise) traffic to look like something benign and unblockable (like standard web traffic), or&lt;br /&gt;
# Decentralize content, so there is no single server to block.&lt;br /&gt;
&lt;br /&gt;
= Censorship Measurement Tools =&lt;br /&gt;
This is a “meta” category. Before you can bypass censorship, you must prove it is happening and understand how. These tools are not for circumvention, but for detection. They are critical for activists, journalists, and researchers.&lt;br /&gt;
&lt;br /&gt;
== [https://ooni.org/ OONI Probe] ==&lt;br /&gt;
The Open Observatory of Network Interference. A free, open-source software and global network for measuring internet censorship. A project born out of The Tor Project, now an independent non-profit. Volunteers run the OONI Probe app on their mobile devices or computers from within 241 countries. The results are aggregated and published on the public OONI Explorer website. It is used to increase transparency, document censorship events globally, and provide hard, verifiable evidence of network interference and blocking.&lt;br /&gt;
&lt;br /&gt;
The app runs a series of tests to check for censorship:&lt;br /&gt;
* &#039;&#039;&#039;Web Connectivity:&#039;&#039;&#039; It tries to access a list of websites (including globally and locally sensitive ones) from the user&#039;s network and from a control network, then compares the results.&lt;br /&gt;
* &#039;&#039;&#039;App Blocking:&#039;&#039;&#039; It tests for blocks on specific apps like WhatsApp, Telegram, and Signal.&lt;br /&gt;
* &#039;&#039;&#039;Circumvention Tool Blocking:&#039;&#039;&#039; It tests if circumvention tools themselves (like Tor, Psiphon, and Lantern) are reachable.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Provides Hard Evidence:&#039;&#039;&#039;&amp;lt;/span&amp;gt; It is the best tool for scientifically proving how and what is being censored on a specific network.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Global &amp;amp; Open Data:&#039;&#039;&#039;&amp;lt;/span&amp;gt; All data is publicly available for analysis, which is an invaluable resource for researchers, journalists, and human rights organizations.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Easy to Use:&#039;&#039;&#039;&amp;lt;/span&amp;gt; The mobile app is simple for non-technical volunteers to run.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Potential Risk to User:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Running OONI Probe is not anonymous. Your ISP and any network monitor can see that you are running it. While OONI states the risk is “theoretical” and no user has faced consequences, this is a real risk in high-stakes environments.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Provocative Tests:&#039;&#039;&#039;&amp;lt;/span&amp;gt; The app intentionally tests “provocative or objectionable sites (e.g., pornography)”, which might be illegal to even attempt to access in some countries, regardless of intent.&lt;br /&gt;
&lt;br /&gt;
= TLDR: I need a tool now! What should I use? =&lt;br /&gt;
&#039;&#039;If you are in a risky situation, please do your research and do not trust any single source (including this one). These quick recommendations are for people with less sensitive threat models.&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
{| class=&amp;quot;wikitable&amp;quot;&lt;br /&gt;
|-&lt;br /&gt;
! Level !! Recommendation&lt;br /&gt;
|-&lt;br /&gt;
| &#039;&#039;&#039;Level 1&#039;&#039;&#039; || DNS over HTTPS (DNS over TLS can be blocked but it may be an easier solution if you use Android &amp;gt;9 since it is built-in) + Encrypted Client Hello (supported by most modern browsers)&lt;br /&gt;
|-&lt;br /&gt;
| &#039;&#039;&#039;Level 2&#039;&#039;&#039; || Level 1 + DPI bypassing (Zapret/GoodbyeDPI/DPI Tunnel v2/PowerTunnel)&lt;br /&gt;
|-&lt;br /&gt;
| &#039;&#039;&#039;Level 3&#039;&#039;&#039; || Level 2 + WireGuard (preferably with AmneziaWG protocol)&lt;br /&gt;
|-&lt;br /&gt;
| &#039;&#039;&#039;Level 4&#039;&#039;&#039; || Level 3 + tools similar to V2Ray or DNS tunneling (slow)&lt;br /&gt;
|-&lt;br /&gt;
| &#039;&#039;&#039;Level 5&#039;&#039;&#039; || &#039;&#039;&#039;Do Your Own Research If You Still Can&#039;t Connect to Websites&#039;&#039;&#039;&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
= Local DPI Bypass Tools =&lt;br /&gt;
This category of tools is fundamentally different from VPNs. They allow access to specific blocked services without the disruptive side effects of a VPN, such as changing your IP address. They also don&#039;t bypass IP blacklisting. &lt;br /&gt;
&lt;br /&gt;
These tools work by “desynchronizing” the censor&#039;s view of the network connection from the server&#039;s, causing the inspection to fail while allowing the real connection to proceed. They provide no extra encryption or anonymity; your ISP can still see what sites you are visiting, but their automated blocking mechanism is fooled.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/bol-van/zapret Zapret] ==&lt;br /&gt;
A stand-alone, high-performance DPI circumvention tool designed to “desynchronize” DPI systems by manipulating network packets at a low level. Zapret was created primarily to target the “Sovereign Internet” (RuNet) blocking system in Russia.&lt;br /&gt;
&lt;br /&gt;
Zapret is designed to run on a Linux-based gateway, such as a home router running OpenWrt or directly on a user&#039;s Linux desktop.&lt;br /&gt;
&lt;br /&gt;
Zapret uses low-level packet manipulation via components like &amp;lt;code&amp;gt;nfqws&amp;lt;/code&amp;gt; and &amp;lt;code&amp;gt;tpws&amp;lt;/code&amp;gt;. It employs a variety of “DPI desync” techniques, which can be configured by the user. These include sending fake packets (e.g., with the &amp;lt;code&amp;gt;--dpi-desync=fake&amp;lt;/code&amp;gt; parameter), fragmenting packets (&amp;lt;code&amp;gt;--dpi-desync=fakedsplit&amp;lt;/code&amp;gt;), and modifying packet checksums or TTLs to “fool” the inspection system (&amp;lt;code&amp;gt;--dpi-desync-fooling=badsum&amp;lt;/code&amp;gt;). The tool includes a &amp;lt;code&amp;gt;blockcheck.sh&amp;lt;/code&amp;gt; script that a user can run to test and identify the most effective desync parameters for their specific ISP.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;High Performance:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Adds negligible latency. Because it typically only manipulates the first few packets of a connection to break the DPI&#039;s state, it is significantly faster than a full tunnel.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;No IP Change:&#039;&#039;&#039;&amp;lt;/span&amp;gt; This is its most significant advantage. It does not change your public IP address, making it ideal for accessing local, geo-restricted services (like banking, streaming, or city services) that would be broken by a VPN. It also does not need to trust any third party servers.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Transparent:&#039;&#039;&#039;&amp;lt;/span&amp;gt; When installed on a router, it works transparently for all devices on the network (phones, computers, consoles) with no client-side software required.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Adaptive:&#039;&#039;&#039;&amp;lt;/span&amp;gt; It is highly configurable to adapt to the specific, evolving DPI strategies used by different ISPs and nation-states.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;No Extra Privacy or Anonymity:&#039;&#039;&#039;&amp;lt;/span&amp;gt; This is important to know. Zapret does not provide extra privacy or anonymity. Your ISP can still see which sites you are visiting; the tool just prevents the automated block to provide access.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Specific Use Case:&#039;&#039;&#039;&amp;lt;/span&amp;gt; It only defeats DPI. It does not bypass DNS-level blocking (it must be paired with an encrypted DNS service like DoH/DoT) or IP-address-level bans.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/ValdikSS/GoodbyeDPI Goodbye DPI] ==&lt;br /&gt;
A user-friendly DPI circumvention utility designed specifically for the Windows operating system. It runs on a user&#039;s local Windows PC (versions 7 through 11 are supported). It works by installing a Windows filter driver to intercept and modify packets as they leave the machine. It employs multiple methods simultaneously to be effective against a wide range of DPI systems. These methods include: TCP-level fragmentation, HTTP header manipulation (e.g., replacing Host with hoSt, or removing spaces), and sending fake packets with low TTLs to “poison” the DPI&#039;s state and cause it to fail. It also includes modes to redirect DNS requests to non-standard ports to bypass simple DNS poisoning.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Easy to Use:&#039;&#039;&#039;&amp;lt;/span&amp;gt; This is its primary advantage. It is ideal for non-technical Windows users. The most common use case involves just running a single &amp;lt;code&amp;gt;.cmd&amp;lt;/code&amp;gt; script.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;No IP Change:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Shares the same benefits as Zapret; it does not interfere with local, geo-restricted services. Also, no third party to trust.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Effective:&#039;&#039;&#039;&amp;lt;/span&amp;gt; It is designed to actively bypass both “Passive DPI” (which tries to “race” the real server with a fake reset packet) and “Active DPI” (which sits in-line and modifies traffic).&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;No Extra Privacy or Anonymity:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Like Zapret, this provides no extra encryption and is not a privacy tool. It is for access only.&lt;br /&gt;
&lt;br /&gt;
== Mobile DPI Bypass Tools ==&lt;br /&gt;
Stand-alone, open-source DPI circumvention tools exists on mobile devices too. They are mostly inspired by Zapret. The catch being not being capable as tools designed for computers. They mostly rely on 3 ways to see the packets. Having root, giving the VPN slot to the app, setting up a proxy inside your phone. You will usually have to set the bypass rules manually. Most popular ones are “DPI Tunnel v2”, “Bye DPI”, “Power Tunnel”. They don&#039;t increase battery usage that much compared to VPNs.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;High Performance:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Adds negligible latency. It is significantly faster than a full tunnel. &lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;No IP Change:&#039;&#039;&#039;&amp;lt;/span&amp;gt; It does not change your public IP address, making it ideal for accessing local, geo-restricted services (like banking, streaming, or city services) that would be broken by a VPN. It also does not need to trust any third party servers.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Easy to Use:&#039;&#039;&#039;&amp;lt;/span&amp;gt; After initial configuration, enabling or disabling is only one press.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;No Extra Privacy or Anonymity:&#039;&#039;&#039;&amp;lt;/span&amp;gt; These tools don&#039;t provide extra privacy or anonymity. Your ISP/GSM can still see which sites you are visiting; the tool just prevents the automated block to provide access.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Needs either root or a VPN slot:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Android only allows one active VPN slot at a time. If you are running a DPI bypass app, you cannot simultaneously run a standard VPN or a system-wide ad blocker without root.&lt;br /&gt;
&lt;br /&gt;
= Standard (Non-Obfuscated) Protocols =&lt;br /&gt;
This category includes the standard, “baseline” protocols for proxies and VPNs. These tools are not designed for censorship circumvention and are the primary targets for blocking. Their distinct protocol “fingerprints” make them easy for DPI systems to identify and filter. They are included here as a baseline to illustrate why the more advanced, obfuscated tools in the next section are necessary.&lt;br /&gt;
&lt;br /&gt;
== [https://www.wireguard.com/ WireGuard] ==&lt;br /&gt;
An extremely simple, fast, and modern VPN (Virtual Private Network) protocol. A modern protocol (initial release 2015) that is now part of the Linux kernel. Runs on client and server machines, supported natively or via apps on all major operating systems. It uses state-of-the-art cryptography and has a very small, auditable code base (under 4,000 lines of code). It operates over UDP.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Extremely Fast:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Significantly higher performance and lower latency compared to OpenVPN, due to its lightweight code and modern encryption.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Simple &amp;amp; Secure:&#039;&#039;&#039;&amp;lt;/span&amp;gt; A small code base makes it easier to audit and less susceptible to attack.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Quick Reconnects:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Connects and reconnects almost instantly, making it ideal for mobile devices switching between Wi-Fi and cellular data.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Easily Blocked:&#039;&#039;&#039;&amp;lt;/span&amp;gt; This is its key weakness for censorship. It has a distinct, recognizable protocol fingerprint. It is not designed to bypass DPI and is actively blocked in countries like China and Russia. Protocols like AmneziaWG (modified version of WireGuard designed to prevent DPI) should be used when possible.&lt;br /&gt;
&lt;br /&gt;
== [https://openvpn.net/ OpenVPN] ==&lt;br /&gt;
A mature, open-source, and highly configurable VPN protocol. First released in 2001, it has been the industry standard for over two decades. It uses a custom security protocol based on SSL/TLS. It can run over either TCP or UDP, which makes it flexible.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Mature:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Battle-tested and thoroughly audited for decades.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Flexible:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Can be configured to run over any port and use either TCP or UDP.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Easily Blocked:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Like WireGuard, its handshake is very distinct and easily identified and blocked by DPI systems.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Slow:&#039;&#039;&#039;&amp;lt;/span&amp;gt; It is much slower and has higher latency than WireGuard. Its code base is big (400,000+ lines).&lt;br /&gt;
&lt;br /&gt;
== [https://en.wikipedia.org/wiki/IKEv2 IKEv2/IPsec] ==&lt;br /&gt;
A secure, standards-based VPN protocol (Internet Key Exchange version 2). Developed by Microsoft and Cisco, and standardized by the IETF. Native to most modern operating systems. It is often used in self-hosted setups (like Algo).&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Native Support:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Supported “out of the box” by Windows, Android, macOS, and iOS.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Stable:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Very good at re-establishing a connection quickly when a network drops.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Easily Blocked:&#039;&#039;&#039;&amp;lt;/span&amp;gt; It is not a circumvention tool and is easily detected and blocked by DPI.&lt;br /&gt;
&lt;br /&gt;
== [https://en.wikipedia.org/wiki/SOCKS SOCKS] ==&lt;br /&gt;
A low-level proxy protocol that can route virtually any type of network traffic from any application (SOCKS5 since 1996). A client application sends traffic to a SOCKS5 server, which then forwards it to the final destination. It operates at Layer 5 (the Session Layer).&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Extremely Versatile:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Can handle any type of traffic, including web, P2P, gaming, and email.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not Encrypted:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Provides zero encryption by itself. All traffic is sent in the clear and is fully visible to an ISP.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Trivially Blocked:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Unencrypted, identifiable traffic is extremely easy for any DPI system to inspect and block.&lt;br /&gt;
&lt;br /&gt;
== [https://en.wikipedia.org/wiki/Proxy_server HTTP(S) Proxies / Web Proxies] ==&lt;br /&gt;
A basic, high-level proxy protocol designed exclusively for web (HTTP and HTTPS) traffic. Primarily used by web browsers. It operates at Layer 7 (the Application Layer).&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Simple:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Easy to set up and widely supported by all browsers.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Extremely Limited:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Only works for web traffic.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not Encrypted:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Provides no encryption for your connection to the proxy (when no HTTPS).&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not Anonymous:&#039;&#039;&#039;&amp;lt;/span&amp;gt; HTTP proxies typically add headers (like X-Forwarded-For) that identify the original user&#039;s IP address.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Trivially Blocked:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Very easy to detect and block.&lt;br /&gt;
&lt;br /&gt;
= Obfuscated Proxy Protocols &amp;amp; Platforms =&lt;br /&gt;
This category represents the “engine” for most modern, robust circumvention. The development of these protocols illustrates the “cat-and-mouse” arms race.&lt;br /&gt;
&lt;br /&gt;
# &#039;&#039;&#039;Phase 1 (Encrypt):&#039;&#039;&#039; Standard VPNs (OpenVPN, WireGuard) are encrypted but have obvious “fingerprints”.&lt;br /&gt;
# &#039;&#039;&#039;Phase 2 (Scramble):&#039;&#039;&#039; Tools like Shadowsocks and obfs4 encrypt and “scramble” traffic to look like “random” data.&lt;br /&gt;
# &#039;&#039;&#039;Phase 3 (Mimic):&#039;&#039;&#039; Tools like V2Ray and Trojan are designed to mimic standard, benign HTTPS traffic.&lt;br /&gt;
# &#039;&#039;&#039;Phase 4 (Be Indistinguishable):&#039;&#039;&#039; Tools like Naïve Proxy reuse the actual network stack from a real browser (Chrome) to be bit-for-bit indistinguishable.&lt;br /&gt;
&lt;br /&gt;
== [https://shadowsocks.org/ Shadow Socks] ==&lt;br /&gt;
A fast, encrypted SOCKS5 proxy. It is not a full VPN. Originally created in 2012 by “clowwindy” specifically to bypass the Great Firewall (GFW) of China. Its strength is its simplicity and its use of modern AEAD ciphers. It “disguises” traffic to look like HTTPS but does not explicitly mimic another protocol.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Fast and Lightweight:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Generally faster than full VPNs and complex multi-layered tools.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Selective:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Easy to configure which traffic goes through it (e.g., using a PAC file).&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Detectable by Advanced DPI:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Advanced DPI can detect Shadowsocks traffic through traffic analysis and active probing.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not a Full VPN:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Does not tunnel all system traffic by default, it is your job to be sure everything uses it.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/v2fly/v2ray-core V2Ray] ==&lt;br /&gt;
A platform or framework for building proxies. It is not a single protocol, but a “box” that can manage multiple inbound and outbound protocols, transports, and advanced routing rules. By wrapping its proxy traffic inside Web Socket and TLS for example, it makes the traffic appear as standard, indistinguishable HTTPS traffic.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Extremely Flexible:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Can be configured to mimic HTTPS, run over Web Sockets, use QUIC, etc.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Resilient:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Its multiprotocol nature means it can be reconfigured if one method is blocked.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Advanced Routing:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Can selectively route traffic based on domain or IP.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Complex:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Requires understanding of its complex concepts of inbounds, outbounds, and transports.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Performance Overhead:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Layered encryption adds significant latency.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;VMess is Detectable:&#039;&#039;&#039;&amp;lt;/span&amp;gt; The original VMess protocol is now considered detectable by advanced GFW packet sniffing.&lt;br /&gt;
&lt;br /&gt;
=== V2Ray Protocols: VMess vs. VLESS ===&lt;br /&gt;
* &#039;&#039;&#039;VMess:&#039;&#039;&#039; The original, feature-rich protocol for V2Ray. It has its own built-in encryption and authentication methods. It is considered more “heavy” and less safe against modern GFW probing.&lt;br /&gt;
* &#039;&#039;&#039;VLESS:&#039;&#039;&#039; A newer, lightweight protocol. It removes VMess&#039;s built-in encryption layer and delegates security to the underlying transport layer, such as TLS. This simplifies the handshake, improves speed, and makes it more indistinguishable from a standard HTTPS website.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/XTLS/Xray-core X-ray] ==&lt;br /&gt;
A high-performance, open-source proxy platform and a fork of V2Ray. Developed by the XTLS community. Xray-core supports all of V2Ray&#039;s protocols and adds XTLS. XTLS is a “direct encryption” technology that avoids the performance-draining “TLS-in-TLS” problem, resulting in lower latency and higher speeds than most VLESS configurations.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Faster:&#039;&#039;&#039;&amp;lt;/span&amp;gt; X-ray with its XTLS protocol is generally considered faster and more efficient.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Backward Compatible:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Acts as a drop-in, enhanced replacement for V2Ray-core.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Advanced Protocols:&#039;&#039;&#039;&amp;lt;/span&amp;gt; VLESS and XTLS are highly effective at mimicking standard web traffic.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Complexity:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Inherits all of V2Ray&#039;s complexity.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Less Documentation:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Newer technology with poorer documentation than established setups.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/trojan-gfw/trojan Trojan] ==&lt;br /&gt;
A proxy protocol that is specifically designed to perfectly imitate a real HTTPS server. It runs on a server, binds to port 443, and simultaneously serves a real, working website. This makes it highly resistant to the “active probing” techniques.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Extremely Stealthy:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Mimics HTTPS perfectly and serves a real website as a disguise.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;High Performance:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Simpler protocol that uses TLS directly.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Requires a Domain Name:&#039;&#039;&#039;&amp;lt;/span&amp;gt; You must have a registered domain name and a valid SSL/TLS certificate.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Vulnerable to TLS-in-TLS Detection:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Censors have started detecting the “TLS-in-TLS” pattern.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/klzgrad/naiveproxy Naïve Proxy] ==&lt;br /&gt;
A proxy that re-uses the network stack from the Chromium browser to camouflage its traffic. A “Phase 4” tool. It uses HTTP/2 multiplexing, HTTP/2 traffic padding, and the exact TLS handshake of a real Chrome browser.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;The “Most” Stealthy:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Arguably the most advanced tool for defeating traffic analysis and fingerprinting.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;High Performance:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Leverages Chrome&#039;s high-performance HTTP/2 stack.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Complex:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Requires a Caddy server with a specific plugin, domain name, and TLS cert.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Still a Proxy:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Not a full system-wide VPN.&lt;br /&gt;
&lt;br /&gt;
= Self-Hosted VPN/Proxy Suites =&lt;br /&gt;
Instead of trusting a commercial VPN, these scripts automate the setup of a private server on a cloud provider.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/trailofbits/algo Algo] ==&lt;br /&gt;
A set of Ansible scripts that automates the deployment of a minimalist, secure personal VPN. Created by Trail of Bits. It installs WireGuard and IKEv2/IPsec, deliberately excluding obfuscation tools.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Secure by Default:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Uses modern, strong protocols with secure ciphers.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Minimalist:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Includes only the minimal software you need.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Clientless (IKEv2):&#039;&#039;&#039;&amp;lt;/span&amp;gt; Supported natively by most OS.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not for Censorship Bypass:&#039;&#039;&#039;&amp;lt;/span&amp;gt; WireGuard and IKEv2 are easily detected and blocked by DPI.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Security Vulnerabilities:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Theoretical risk of MitM if the VPS is compromised due to self-signed certs.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/StreisandEffect/streisand Streisand] ==&lt;br /&gt;
Automates the deployment of a full suite of anti-censorship tools (“kitchen sink” approach). Installs WireGuard, OpenVPN, Shadowsocks, Trojan, Tor bridges, and more.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Extremely Versatile:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Gives the user many options to try if one is blocked.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Designed for Censorship:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Specifically designed for circumvention.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;“Kitchen Sink” Risk:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Dramatically increases the potential attack surface.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Less Secure Defaults:&#039;&#039;&#039;&amp;lt;/span&amp;gt; More permissive defaults than Algo.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Outdated:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Did not get updated for a long time.&lt;br /&gt;
&lt;br /&gt;
= Anonymity Networks &amp;amp; Pluggable Transports =&lt;br /&gt;
Designed for anonymity. However, to be anonymous, you first must be able to connect.&lt;br /&gt;
&lt;br /&gt;
== [https://www.torproject.org/ Tor Project] ==&lt;br /&gt;
A free, open-source network and browser that provides anonymity by routing traffic through a three-layer “onion” of volunteer-run relays.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Strong Anonymity:&#039;&#039;&#039;&amp;lt;/span&amp;gt; The most-studied tool for public-internet anonymity.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Pluggable Transports:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Built-in system to bypass blocking.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Easy to Use:&#039;&#039;&#039;&amp;lt;/span&amp;gt; The Tor Browser is a simple, all-in-one application.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Slow:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Sometimes impractical for streaming or large downloads.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Blocked by Default:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Relay lists are public and easily blocked.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Stigma:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Can attract suspicion from ISPs or law enforcement.&lt;br /&gt;
&lt;br /&gt;
=== Tor Pluggable Transports (PTs) ===&lt;br /&gt;
; obfs4&lt;br /&gt;
: The modern “scrambler” (Phase 2). Makes Tor traffic “look random, like nothing”. Can be blocked by whitelists.&lt;br /&gt;
; meek&lt;br /&gt;
: The “domain fronting” transport (Phase 3). Makes Tor traffic look like it&#039;s going to a major CDN. Very slow and fragile; major providers blocked it.&lt;br /&gt;
; Web Tunnel&lt;br /&gt;
: A newer transport that masks Tor traffic as a standard HTTPS connection.&lt;br /&gt;
; Snowflake&lt;br /&gt;
: A peer-to-peer transport. Connects to ephemeral proxies run by volunteers in their web browsers.&lt;br /&gt;
&lt;br /&gt;
== I2P (Invisible Internet Project) ==&lt;br /&gt;
A decentralized, anonymous network layer. Uses “Garlic Routing” which bundles multiple messages together and sends them through unidirectional tunnels.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Excellent for Hidden Services:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Optimized for “eepsites”.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Decentralized &amp;amp; Resilient:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Distributed and P2P-friendly.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Harder Analysis:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Unidirectional tunnels make traffic analysis harder.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not for Public Web Access:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Relies on volunteer-run “out proxies” which are few and slow.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Slow:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Complex P2P routing.&lt;br /&gt;
&lt;br /&gt;
= Decentralized &amp;amp; Federated &amp;amp; P2P Networks =&lt;br /&gt;
Censorship-resistance-by-design. If there is no single server, there is no single point to block.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/HelloZeroNet/ZeroNet Zero Net] ==&lt;br /&gt;
A decentralized, peer-to-peer web-like network. Uses Bitcoin cryptography for identity and BitTorrent to distribute content.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Extremely Censorship-Resistant:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Cannot be taken down by DMCA or government order.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Zero Hosting Cost:&#039;&#039;&#039;&amp;lt;/span&amp;gt; The audience provides the infrastructure.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Works Offline:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Browse “seeded” sites without internet.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not Anonymous by Default:&#039;&#039;&#039;&amp;lt;/span&amp;gt; IP is visible to peers.&lt;br /&gt;
&lt;br /&gt;
== [[wikipedia:Hyphanet|Hypha net (formerly Freenet)]] ==&lt;br /&gt;
A decentralized, P2P network where all users contribute disk space and bandwidth. Content is retrieved by a key, not a location. Nodes do not know what content they are storing.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Anonymous by Design:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Anonymity built-in for publishers and consumers.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Deniable Storage:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Plausible deniability for hosts.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;“Forgets” Content:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Unpopular data is eventually dropped.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Static Content Only:&#039;&#039;&#039;&amp;lt;/span&amp;gt; No dynamic sites.&lt;br /&gt;
&lt;br /&gt;
== [https://ipfs.tech/ IPFS] ==&lt;br /&gt;
A decentralized, peer-to-peer protocol. Uses content-based addressing (CID) instead of location-based addressing.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Highly Censorship-Resistant:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Content itself cannot be blocked.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Data Integrity:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Cryptographic CIDs guarantee the exact file.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not Anonymous by Default:&#039;&#039;&#039;&amp;lt;/span&amp;gt; IP is visible.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Content is Not Permanent:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Files disappear if not “pinned”.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Censorable at the Gateway:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Public gateways can filter content.&lt;br /&gt;
&lt;br /&gt;
== Torrenting ==&lt;br /&gt;
Files are distributed across thousands of users&#039; computers. Extremely resilient against takedowns.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Distributed &amp;amp; Fast:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Speeds up as more people host.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;No Central Logs:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Makes surveillance resource-intensive.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not Anonymous by Default:&#039;&#039;&#039;&amp;lt;/span&amp;gt; IPs are public.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Stigma:&#039;&#039;&#039;&amp;lt;/span&amp;gt; ISPs actively throttle or block torrents.&lt;br /&gt;
&lt;br /&gt;
= Emerging Privacy Protocols (DNS/TLS) =&lt;br /&gt;
&lt;br /&gt;
== DNS-over-HTTPS (DoH) / DNS-over-TLS (DoT) / DNS Crypt ==&lt;br /&gt;
Protocols that encrypt DNS queries to prevent tracking and poisoning.&lt;br /&gt;
* &#039;&#039;&#039;DoT:&#039;&#039;&#039; Dedicated port 853.&lt;br /&gt;
* &#039;&#039;&#039;DoH:&#039;&#039;&#039; Uses port 443 (standard web traffic).&lt;br /&gt;
* &#039;&#039;&#039;DNS Crypt:&#039;&#039;&#039; Encrypts payloads using public keys.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Bypasses DNS Filtering:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Primary benefit.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Stealthy (DoH):&#039;&#039;&#039;&amp;lt;/span&amp;gt; Indistinguishable from HTTPS.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;DoT is Easily Blocked:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Port 853 can be blocked.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Does Not Bypass DPI:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Useless if SNI or IP is blocked.&lt;br /&gt;
&lt;br /&gt;
== Encrypted Client Hello (ECH) ==&lt;br /&gt;
A TLS 1.3 extension that encrypts the SNI, closing the metadata leak in HTTPS.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Defeats SNI-Based DPI:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Makes this class of censorship obsolete.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Proactive &amp;amp; Native:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Protects all users by default when adopted.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not Yet Standard:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Not universally deployed.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Already Being Blocked:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Russia blocks ECH directly; China blocks encrypted DNS to prevent ECH.&lt;br /&gt;
&lt;br /&gt;
= Other Workarounds =&lt;br /&gt;
; Privacy Frontends&lt;br /&gt;
: Proxy traffic to upstream services. Upstream doesn&#039;t see your IP, but usually limited to specific websites and can be unstable.&lt;br /&gt;
; Website Mirrors&lt;br /&gt;
: Viewing alternative hosted versions of sites. Only some content has mirrors.&lt;br /&gt;
; Federated Services&lt;br /&gt;
: Distributed alternatives to centralized platforms. Can leak metadata.&lt;br /&gt;
&lt;br /&gt;
= Do you need a VPN? =&lt;br /&gt;
If one or more of these are true, a VPN may be necessary:&lt;br /&gt;
* Connecting to untrusted hotspots.&lt;br /&gt;
* Untrusted websites (IP loggers).&lt;br /&gt;
* Geo-blocked regularly.&lt;br /&gt;
* ISP blocks content.&lt;br /&gt;
* Lack of trust in ISP.&lt;br /&gt;
* Need servers in specific countries.&lt;br /&gt;
* ISP throttling.&lt;br /&gt;
&lt;br /&gt;
= Inclusion Criteria =&lt;br /&gt;
* &#039;&#039;&#039;Source Availability:&#039;&#039;&#039; Open-source projects preferred.&lt;br /&gt;
* &#039;&#039;&#039;Security:&#039;&#039;&#039; Strong security practices, audited code.&lt;br /&gt;
* &#039;&#039;&#039;Community Support:&#039;&#039;&#039; Active forums and issue trackers.&lt;br /&gt;
* &#039;&#039;&#039;Cost-Effectiveness:&#039;&#039;&#039; Fits budget requirements.&lt;br /&gt;
* &#039;&#039;&#039;No Walled Gardens:&#039;&#039;&#039; Prefer self-hosted or alternative client capable software.&lt;br /&gt;
* &#039;&#039;&#039;Proven Track Record:&#039;&#039;&#039; Mature projects.&lt;br /&gt;
&lt;br /&gt;
= Tor vs. I2P Comparison =&lt;br /&gt;
&#039;&#039;This part of the guide is taken from the [https://geti2p.net/en/comparison/tor i2p projects comparison page].&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
{| class=&amp;quot;wikitable&amp;quot; style=&amp;quot;width:100%; vertical-align:top;&amp;quot;&lt;br /&gt;
|-&lt;br /&gt;
! Benefits of Tor over I2P !! Benefits of I2P over Tor&lt;br /&gt;
|- style=&amp;quot;vertical-align:top;&amp;quot;&lt;br /&gt;
|&lt;br /&gt;
* Much bigger user base; highly visible academic and hacker community support.&lt;br /&gt;
* Solved scaling issues I2P hasn&#039;t addressed.&lt;br /&gt;
* Significant funding and funded developers.&lt;br /&gt;
* More resistant to state-level blocking due to TLS transport layer and bridges.&lt;br /&gt;
* Designed and optimized for exit traffic (large number of exit nodes).&lt;br /&gt;
* Better documentation, formal papers, and translations.&lt;br /&gt;
* More efficient memory usage.&lt;br /&gt;
* Low bandwidth overhead for client nodes.&lt;br /&gt;
* Centralized control efficiently addresses Sybil attacks.&lt;br /&gt;
* High capacity core nodes provide higher throughput and lower latency.&lt;br /&gt;
* Written in C.&lt;br /&gt;
|&lt;br /&gt;
* Designed and optimized for hidden services, which are much faster than in Tor.&lt;br /&gt;
* Fully distributed and self-organizing.&lt;br /&gt;
* Peers selected by continuous profiling rather than trusted claims.&lt;br /&gt;
* Floodfill peers (&amp;quot;directory servers&amp;quot;) are untrusted and vary.&lt;br /&gt;
* Small enough that it hasn&#039;t been blocked or DOSed much.&lt;br /&gt;
* Peer-to-peer friendly.&lt;br /&gt;
* Packet switched instead of circuit switched (transparent load balancing, resilience via parallel tunnels).&lt;br /&gt;
* Unidirectional tunnels instead of bidirectional circuits (doubles nodes an attacker must compromise).&lt;br /&gt;
* Short-lived tunnels decrease active attack vectors compared to Tor circuits.&lt;br /&gt;
* Essentially all peers participate in routing.&lt;br /&gt;
* Written in Java.&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
= See also (Resources) =&lt;br /&gt;
* [[wikipedia:Internet_censorship_circumvention|Internet censorship circumvention: Wikipedia]]&lt;br /&gt;
* [https://github.com/bol-van/zapret Zapret Documentation]&lt;br /&gt;
* [https://github.com/ValdikSS/GoodbyeDPI Goodbye DPI GitHub]&lt;br /&gt;
* [https://shadowsocks.org/ Shadowsocks Official]&lt;br /&gt;
* [https://github.com/v2fly/v2ray-core V2Ray Core]&lt;br /&gt;
* [https://github.com/XTLS/Xray-core X-ray Core]&lt;br /&gt;
* [https://tb-manual.torproject.org/circumvention/ Tor Circumvention Manual]&lt;br /&gt;
* [https://geti2p.net/ I2P Anonymous Network]&lt;br /&gt;
* [https://ooni.org/ OONI Open Observatory of Network Interference]&lt;br /&gt;
&lt;br /&gt;
[[Category:Internet Censorship]]&lt;br /&gt;
[[Category:Privacy Software]]&lt;br /&gt;
[[Category:Circumvention]]&lt;/div&gt;</summary>
		<author><name>Admin</name></author>
	</entry>
	<entry>
		<id>https://wiki.n216.dedyn.io/index.php?title=How_to_bypass_ISP_censorship&amp;diff=75</id>
		<title>How to bypass ISP censorship</title>
		<link rel="alternate" type="text/html" href="https://wiki.n216.dedyn.io/index.php?title=How_to_bypass_ISP_censorship&amp;diff=75"/>
		<updated>2026-05-31T21:10:12Z</updated>

		<summary type="html">&lt;p&gt;Admin: /* Obfuscated Proxy Protocols &amp;amp; Platforms */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&#039;&#039;A curated list of tools, protocols, and technologies for bypassing internet blocks, inspired by [https://github.com/danoctavian/awesome-anti-censorship this] project.&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
This list focuses on tools and strategies designed to defeat active network-level filtering, such as Deep Packet Inspection (DPI), DNS blocking, and protocol-level blacklisting.&lt;br /&gt;
&lt;br /&gt;
__TOC__&lt;br /&gt;
&lt;br /&gt;
= How Online Content is Blocked =&lt;br /&gt;
Internet blocks are multi-layered systems and not simple on/off switches. Bypassing them is similar to a cat-and-mouse game.&lt;br /&gt;
&lt;br /&gt;
Filtering mechanisms primarily include:&lt;br /&gt;
&lt;br /&gt;
; DNS Filtering / Poisoning / Hijacking&lt;br /&gt;
: The censor intercepts requests to resolve a domain name and either returns no answer or a false IP address. This is the simplest and most common form of blocking, but also the easiest to bypass in some cases. To bypass it, a third party (not from your ISP) DNS server should be used with a DNS protocol supporting encryption like DNS over HTTPS. If blocks are still in place, your ISP may be using DPI.&lt;br /&gt;
; Deep Packet Inspection (DPI)&lt;br /&gt;
: This is a more advanced method. State-level “middle boxes” (like Russia&#039;s TSPU or China&#039;s Great Firewall (GFW)) actively inspect the content of unencrypted (or encrypted for their own certificate authority) traffic. For encrypted traffic, they inspect the “metadata,” such as the Server Name Indication (SNI) in a TLS handshake. The SNI field, which states the domain you are visiting, is unencrypted and provides a simple way for censors to identify and block HTTPS connections. However, even when SNI is encrypted or absent, advanced middle boxes can infer your destination through non-SNI leaks. They achieve this by analyzing TLS fingerprints (like JA4 signatures), monitoring packet sizes and timing patterns to profile websites. Even if a client successfully hides the destination domain during the initial handshake (for instance, by omitting the SNI), censors can simply look at the plaintext certificate returned by the server in some cases. In standard TLS connections below version 1.3, the server sends its X.509 certificate completely unencrypted. Censors intercepting this packet instantly know exactly which website you are communicating with. Bypassing DPI requires specialized programs. If blocks are still in place, your ISP may be using IP blacklisting.&lt;br /&gt;
; IP Blacklisting&lt;br /&gt;
: The censor blocks all network traffic to and from known IP addresses associated with a “forbidden” service (e.g., a VPN provider&#039;s servers or a specific website). Bypassing this is harder and requires connecting to a proxy/VPN server that doesn&#039;t have these restrictions. This can create a chicken-and-egg problem, like a proxy/VPN service being IP blocked but needing a proxy/VPN to bypass it.&lt;br /&gt;
; Protocol Filtering&lt;br /&gt;
: The DPI system is configured to identify and block the “fingerprints” of circumvention protocols themselves. Standard OpenVPN and WireGuard traffic is easily identifiable and is a primary target for blocking. Ports of commonly used protocols can be blocked too (e.g., port 51820 can be blocked to prevent a WireGuard connection if there are no alternative ports).&lt;br /&gt;
&lt;br /&gt;
The tools in this list are all solutions to one or more of these methods. They either:&lt;br /&gt;
# Manipulate packets at a low level to confuse the DPI,&lt;br /&gt;
# Obfuscate (disguise) traffic to look like something benign and unblockable (like standard web traffic), or&lt;br /&gt;
# Decentralize content, so there is no single server to block.&lt;br /&gt;
&lt;br /&gt;
= Censorship Measurement Tools =&lt;br /&gt;
This is a “meta” category. Before you can bypass censorship, you must prove it is happening and understand how. These tools are not for circumvention, but for detection. They are critical for activists, journalists, and researchers.&lt;br /&gt;
&lt;br /&gt;
== [https://ooni.org/ OONI Probe] ==&lt;br /&gt;
The Open Observatory of Network Interference. A free, open-source software and global network for measuring internet censorship. A project born out of The Tor Project, now an independent non-profit. Volunteers run the OONI Probe app on their mobile devices or computers from within 241 countries. The results are aggregated and published on the public OONI Explorer website. It is used to increase transparency, document censorship events globally, and provide hard, verifiable evidence of network interference and blocking.&lt;br /&gt;
&lt;br /&gt;
The app runs a series of tests to check for censorship:&lt;br /&gt;
* &#039;&#039;&#039;Web Connectivity:&#039;&#039;&#039; It tries to access a list of websites (including globally and locally sensitive ones) from the user&#039;s network and from a control network, then compares the results.&lt;br /&gt;
* &#039;&#039;&#039;App Blocking:&#039;&#039;&#039; It tests for blocks on specific apps like WhatsApp, Telegram, and Signal.&lt;br /&gt;
* &#039;&#039;&#039;Circumvention Tool Blocking:&#039;&#039;&#039; It tests if circumvention tools themselves (like Tor, Psiphon, and Lantern) are reachable.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Provides Hard Evidence:&#039;&#039;&#039;&amp;lt;/span&amp;gt; It is the best tool for scientifically proving how and what is being censored on a specific network.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Global &amp;amp; Open Data:&#039;&#039;&#039;&amp;lt;/span&amp;gt; All data is publicly available for analysis, which is an invaluable resource for researchers, journalists, and human rights organizations.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Easy to Use:&#039;&#039;&#039;&amp;lt;/span&amp;gt; The mobile app is simple for non-technical volunteers to run.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Potential Risk to User:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Running OONI Probe is not anonymous. Your ISP and any network monitor can see that you are running it. While OONI states the risk is “theoretical” and no user has faced consequences, this is a real risk in high-stakes environments.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Provocative Tests:&#039;&#039;&#039;&amp;lt;/span&amp;gt; The app intentionally tests “provocative or objectionable sites (e.g., pornography)”, which might be illegal to even attempt to access in some countries, regardless of intent.&lt;br /&gt;
&lt;br /&gt;
= TLDR: I need a tool now! What should I use? =&lt;br /&gt;
&#039;&#039;If you are in a risky situation, please do your research and do not trust any single source (including this one). These quick recommendations are for people with less sensitive threat models.&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
{| class=&amp;quot;wikitable&amp;quot;&lt;br /&gt;
|-&lt;br /&gt;
! Level !! Recommendation&lt;br /&gt;
|-&lt;br /&gt;
| &#039;&#039;&#039;Level 1&#039;&#039;&#039; || DNS over HTTPS (DNS over TLS can be blocked but it may be an easier solution if you use Android &amp;gt;9 since it is built-in) + Encrypted Client Hello (supported by most modern browsers)&lt;br /&gt;
|-&lt;br /&gt;
| &#039;&#039;&#039;Level 2&#039;&#039;&#039; || Level 1 + DPI bypassing (Zapret/GoodbyeDPI/DPI Tunnel v2/PowerTunnel)&lt;br /&gt;
|-&lt;br /&gt;
| &#039;&#039;&#039;Level 3&#039;&#039;&#039; || Level 2 + WireGuard (preferably with AmneziaWG protocol)&lt;br /&gt;
|-&lt;br /&gt;
| &#039;&#039;&#039;Level 4&#039;&#039;&#039; || Level 3 + tools similar to V2Ray or DNS tunneling (slow)&lt;br /&gt;
|-&lt;br /&gt;
| &#039;&#039;&#039;Level 5&#039;&#039;&#039; || &#039;&#039;&#039;Do Your Own Research If You Still Can&#039;t Connect to Websites&#039;&#039;&#039;&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
= Local DPI Bypass Tools =&lt;br /&gt;
This category of tools is fundamentally different from VPNs. They allow access to specific blocked services without the disruptive side effects of a VPN, such as changing your IP address. They also don&#039;t bypass IP blacklisting. &lt;br /&gt;
&lt;br /&gt;
These tools work by “desynchronizing” the censor&#039;s view of the network connection from the server&#039;s, causing the inspection to fail while allowing the real connection to proceed. They provide no extra encryption or anonymity; your ISP can still see what sites you are visiting, but their automated blocking mechanism is fooled.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/bol-van/zapret Zapret] ==&lt;br /&gt;
A stand-alone, high-performance DPI circumvention tool designed to “desynchronize” DPI systems by manipulating network packets at a low level. Zapret was created primarily to target the “Sovereign Internet” (RuNet) blocking system in Russia.&lt;br /&gt;
&lt;br /&gt;
Zapret is designed to run on a Linux-based gateway, such as a home router running OpenWrt or directly on a user&#039;s Linux desktop.&lt;br /&gt;
&lt;br /&gt;
Zapret uses low-level packet manipulation via components like &amp;lt;code&amp;gt;nfqws&amp;lt;/code&amp;gt; and &amp;lt;code&amp;gt;tpws&amp;lt;/code&amp;gt;. It employs a variety of “DPI desync” techniques, which can be configured by the user. These include sending fake packets (e.g., with the &amp;lt;code&amp;gt;--dpi-desync=fake&amp;lt;/code&amp;gt; parameter), fragmenting packets (&amp;lt;code&amp;gt;--dpi-desync=fakedsplit&amp;lt;/code&amp;gt;), and modifying packet checksums or TTLs to “fool” the inspection system (&amp;lt;code&amp;gt;--dpi-desync-fooling=badsum&amp;lt;/code&amp;gt;). The tool includes a &amp;lt;code&amp;gt;blockcheck.sh&amp;lt;/code&amp;gt; script that a user can run to test and identify the most effective desync parameters for their specific ISP.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;High Performance:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Adds negligible latency. Because it typically only manipulates the first few packets of a connection to break the DPI&#039;s state, it is significantly faster than a full tunnel.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;No IP Change:&#039;&#039;&#039;&amp;lt;/span&amp;gt; This is its most significant advantage. It does not change your public IP address, making it ideal for accessing local, geo-restricted services (like banking, streaming, or city services) that would be broken by a VPN. It also does not need to trust any third party servers.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Transparent:&#039;&#039;&#039;&amp;lt;/span&amp;gt; When installed on a router, it works transparently for all devices on the network (phones, computers, consoles) with no client-side software required.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Adaptive:&#039;&#039;&#039;&amp;lt;/span&amp;gt; It is highly configurable to adapt to the specific, evolving DPI strategies used by different ISPs and nation-states.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;No Extra Privacy or Anonymity:&#039;&#039;&#039;&amp;lt;/span&amp;gt; This is important to know. Zapret does not provide extra privacy or anonymity. Your ISP can still see which sites you are visiting; the tool just prevents the automated block to provide access.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Specific Use Case:&#039;&#039;&#039;&amp;lt;/span&amp;gt; It only defeats DPI. It does not bypass DNS-level blocking (it must be paired with an encrypted DNS service like DoH/DoT) or IP-address-level bans.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/ValdikSS/GoodbyeDPI Goodbye DPI] ==&lt;br /&gt;
A user-friendly DPI circumvention utility designed specifically for the Windows operating system. It runs on a user&#039;s local Windows PC (versions 7 through 11 are supported). It works by installing a Windows filter driver to intercept and modify packets as they leave the machine. It employs multiple methods simultaneously to be effective against a wide range of DPI systems. These methods include: TCP-level fragmentation, HTTP header manipulation (e.g., replacing Host with hoSt, or removing spaces), and sending fake packets with low TTLs to “poison” the DPI&#039;s state and cause it to fail. It also includes modes to redirect DNS requests to non-standard ports to bypass simple DNS poisoning.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Easy to Use:&#039;&#039;&#039;&amp;lt;/span&amp;gt; This is its primary advantage. It is ideal for non-technical Windows users. The most common use case involves just running a single &amp;lt;code&amp;gt;.cmd&amp;lt;/code&amp;gt; script.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;No IP Change:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Shares the same benefits as Zapret; it does not interfere with local, geo-restricted services. Also, no third party to trust.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Effective:&#039;&#039;&#039;&amp;lt;/span&amp;gt; It is designed to actively bypass both “Passive DPI” (which tries to “race” the real server with a fake reset packet) and “Active DPI” (which sits in-line and modifies traffic).&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;No Extra Privacy or Anonymity:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Like Zapret, this provides no extra encryption and is not a privacy tool. It is for access only.&lt;br /&gt;
&lt;br /&gt;
== Mobile DPI Bypass Tools ==&lt;br /&gt;
Stand-alone, open-source DPI circumvention tools exists on mobile devices too. They are mostly inspired by Zapret. The catch being not being capable as tools designed for computers. They mostly rely on 3 ways to see the packets. Having root, giving the VPN slot to the app, setting up a proxy inside your phone. You will usually have to set the bypass rules manually. Most popular ones are “DPI Tunnel v2”, “Bye DPI”, “Power Tunnel”. They don&#039;t increase battery usage that much compared to VPNs.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;High Performance:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Adds negligible latency. It is significantly faster than a full tunnel. &lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;No IP Change:&#039;&#039;&#039;&amp;lt;/span&amp;gt; It does not change your public IP address, making it ideal for accessing local, geo-restricted services (like banking, streaming, or city services) that would be broken by a VPN. It also does not need to trust any third party servers.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Easy to Use:&#039;&#039;&#039;&amp;lt;/span&amp;gt; After initial configuration, enabling or disabling is only one press.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;No Extra Privacy or Anonymity:&#039;&#039;&#039;&amp;lt;/span&amp;gt; These tools don&#039;t provide extra privacy or anonymity. Your ISP/GSM can still see which sites you are visiting; the tool just prevents the automated block to provide access.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Needs either root or a VPN slot:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Android only allows one active VPN slot at a time. If you are running a DPI bypass app, you cannot simultaneously run a standard VPN or a system-wide ad blocker without root.&lt;br /&gt;
&lt;br /&gt;
= Standard (Non-Obfuscated) Protocols =&lt;br /&gt;
This category includes the standard, “baseline” protocols for proxies and VPNs. These tools are not designed for censorship circumvention and are the primary targets for blocking. Their distinct protocol “fingerprints” make them easy for DPI systems to identify and filter. They are included here as a baseline to illustrate why the more advanced, obfuscated tools in the next section are necessary.&lt;br /&gt;
&lt;br /&gt;
== [https://www.wireguard.com/ WireGuard] ==&lt;br /&gt;
An extremely simple, fast, and modern VPN (Virtual Private Network) protocol. A modern protocol (initial release 2015) that is now part of the Linux kernel. Runs on client and server machines, supported natively or via apps on all major operating systems. It uses state-of-the-art cryptography and has a very small, auditable code base (under 4,000 lines of code). It operates over UDP.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Extremely Fast:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Significantly higher performance and lower latency compared to OpenVPN, due to its lightweight code and modern encryption.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Simple &amp;amp; Secure:&#039;&#039;&#039;&amp;lt;/span&amp;gt; A small code base makes it easier to audit and less susceptible to attack.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Quick Reconnects:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Connects and reconnects almost instantly, making it ideal for mobile devices switching between Wi-Fi and cellular data.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Easily Blocked:&#039;&#039;&#039;&amp;lt;/span&amp;gt; This is its key weakness for censorship. It has a distinct, recognizable protocol fingerprint. It is not designed to bypass DPI and is actively blocked in countries like China and Russia. Protocols like AmneziaWG (modified version of WireGuard designed to prevent DPI) should be used when possible.&lt;br /&gt;
&lt;br /&gt;
== [https://openvpn.net/ OpenVPN] ==&lt;br /&gt;
A mature, open-source, and highly configurable VPN protocol. First released in 2001, it has been the industry standard for over two decades. It uses a custom security protocol based on SSL/TLS. It can run over either TCP or UDP, which makes it flexible.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Mature:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Battle-tested and thoroughly audited for decades.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Flexible:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Can be configured to run over any port and use either TCP or UDP.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Easily Blocked:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Like WireGuard, its handshake is very distinct and easily identified and blocked by DPI systems.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Slow:&#039;&#039;&#039;&amp;lt;/span&amp;gt; It is much slower and has higher latency than WireGuard. Its code base is big (400,000+ lines).&lt;br /&gt;
&lt;br /&gt;
== [https://en.wikipedia.org/wiki/IKEv2 IKEv2/IPsec] ==&lt;br /&gt;
A secure, standards-based VPN protocol (Internet Key Exchange version 2). Developed by Microsoft and Cisco, and standardized by the IETF. Native to most modern operating systems. It is often used in self-hosted setups (like Algo).&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Native Support:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Supported “out of the box” by Windows, Android, macOS, and iOS.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Stable:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Very good at re-establishing a connection quickly when a network drops.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Easily Blocked:&#039;&#039;&#039;&amp;lt;/span&amp;gt; It is not a circumvention tool and is easily detected and blocked by DPI.&lt;br /&gt;
&lt;br /&gt;
== [https://en.wikipedia.org/wiki/SOCKS SOCKS] ==&lt;br /&gt;
A low-level proxy protocol that can route virtually any type of network traffic from any application (SOCKS5 since 1996). A client application sends traffic to a SOCKS5 server, which then forwards it to the final destination. It operates at Layer 5 (the Session Layer).&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Extremely Versatile:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Can handle any type of traffic, including web, P2P, gaming, and email.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not Encrypted:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Provides zero encryption by itself. All traffic is sent in the clear and is fully visible to an ISP.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Trivially Blocked:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Unencrypted, identifiable traffic is extremely easy for any DPI system to inspect and block.&lt;br /&gt;
&lt;br /&gt;
== [https://en.wikipedia.org/wiki/Proxy_server HTTP(S) Proxies / Web Proxies] ==&lt;br /&gt;
A basic, high-level proxy protocol designed exclusively for web (HTTP and HTTPS) traffic. Primarily used by web browsers. It operates at Layer 7 (the Application Layer).&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Simple:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Easy to set up and widely supported by all browsers.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Extremely Limited:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Only works for web traffic.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not Encrypted:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Provides no encryption for your connection to the proxy (when no HTTPS).&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not Anonymous:&#039;&#039;&#039;&amp;lt;/span&amp;gt; HTTP proxies typically add headers (like X-Forwarded-For) that identify the original user&#039;s IP address.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Trivially Blocked:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Very easy to detect and block.&lt;br /&gt;
&lt;br /&gt;
= Obfuscated Proxy Protocols &amp;amp; Platforms =&lt;br /&gt;
This category represents the “engine” for most modern, robust circumvention. The development of these protocols illustrates the “cat-and-mouse” arms race.&lt;br /&gt;
&lt;br /&gt;
# &#039;&#039;&#039;Phase 1 (Encrypt):&#039;&#039;&#039; Standard VPNs (OpenVPN, WireGuard) are encrypted but have obvious “fingerprints”.&lt;br /&gt;
# &#039;&#039;&#039;Phase 2 (Scramble):&#039;&#039;&#039; Tools like Shadowsocks and obfs4 encrypt and “scramble” traffic to look like “random” data.&lt;br /&gt;
# &#039;&#039;&#039;Phase 3 (Mimic):&#039;&#039;&#039; Tools like V2Ray and Trojan are designed to mimic standard, benign HTTPS traffic.&lt;br /&gt;
# &#039;&#039;&#039;Phase 4 (Be Indistinguishable):&#039;&#039;&#039; Tools like Naïve Proxy reuse the actual network stack from a real browser (Chrome) to be bit-for-bit indistinguishable.&lt;br /&gt;
&lt;br /&gt;
== [https://shadowsocks.org/ Shadow Socks] ==&lt;br /&gt;
A fast, encrypted SOCKS5 proxy. It is not a full VPN. Originally created in 2012 by “clowwindy” specifically to bypass the Great Firewall (GFW) of China. Its strength is its simplicity and its use of modern AEAD ciphers. It “disguises” traffic to look like HTTPS but does not explicitly mimic another protocol.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Fast and Lightweight:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Generally faster than full VPNs and complex multi-layered tools.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Selective:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Easy to configure which traffic goes through it (e.g., using a PAC file).&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Detectable by Advanced DPI:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Advanced DPI can detect Shadowsocks traffic through traffic analysis and active probing.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not a Full VPN:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Does not tunnel all system traffic by default, it is your job to be sure everything uses it.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/v2fly/v2ray-core V2Ray] ==&lt;br /&gt;
A platform or framework for building proxies. It is not a single protocol, but a “box” that can manage multiple inbound and outbound protocols, transports, and advanced routing rules. By wrapping its proxy traffic inside Web Socket and TLS for example, it makes the traffic appear as standard, indistinguishable HTTPS traffic.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Extremely Flexible:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Can be configured to mimic HTTPS, run over Web Sockets, use QUIC, etc.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Resilient:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Its multiprotocol nature means it can be reconfigured if one method is blocked.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Advanced Routing:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Can selectively route traffic based on domain or IP.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Complex:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Requires understanding of its complex concepts of inbounds, outbounds, and transports.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Performance Overhead:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Layered encryption adds significant latency.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;VMess is Detectable:&#039;&#039;&#039;&amp;lt;/span&amp;gt; The original VMess protocol is now considered detectable by advanced GFW packet sniffing.&lt;br /&gt;
&lt;br /&gt;
=== V2Ray Protocols: VMess vs. VLESS ===&lt;br /&gt;
* &#039;&#039;&#039;VMess:&#039;&#039;&#039; The original, feature-rich protocol for V2Ray. It has its own built-in encryption and authentication methods. It is considered more “heavy” and less safe against modern GFW probing.&lt;br /&gt;
* &#039;&#039;&#039;VLESS:&#039;&#039;&#039; A newer, lightweight protocol. It removes VMess&#039;s built-in encryption layer and delegates security to the underlying transport layer, such as TLS. This simplifies the handshake, improves speed, and makes it more indistinguishable from a standard HTTPS website.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/XTLS/Xray-core X-ray] ==&lt;br /&gt;
A high-performance, open-source proxy platform and a fork of V2Ray. Developed by the XTLS community. Xray-core supports all of V2Ray&#039;s protocols and adds XTLS. XTLS is a “direct encryption” technology that avoids the performance-draining “TLS-in-TLS” problem, resulting in lower latency and higher speeds than most VLESS configurations.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Faster:&#039;&#039;&#039;&amp;lt;/span&amp;gt; X-ray with its XTLS protocol is generally considered faster and more efficient.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Backward Compatible:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Acts as a drop-in, enhanced replacement for V2Ray-core.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Advanced Protocols:&#039;&#039;&#039;&amp;lt;/span&amp;gt; VLESS and XTLS are highly effective at mimicking standard web traffic.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Complexity:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Inherits all of V2Ray&#039;s complexity.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Less Documentation:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Newer technology with poorer documentation than established setups.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/trojan-gfw/trojan Trojan] ==&lt;br /&gt;
A proxy protocol that is specifically designed to perfectly imitate a real HTTPS server. It runs on a server, binds to port 443, and simultaneously serves a real, working website. This makes it highly resistant to the “active probing” techniques.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Extremely Stealthy:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Mimics HTTPS perfectly and serves a real website as a disguise.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;High Performance:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Simpler protocol that uses TLS directly.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Requires a Domain Name:&#039;&#039;&#039;&amp;lt;/span&amp;gt; You must have a registered domain name and a valid SSL/TLS certificate.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Vulnerable to TLS-in-TLS Detection:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Censors have started detecting the “TLS-in-TLS” pattern.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/klzgrad/naiveproxy Naïve Proxy] ==&lt;br /&gt;
A proxy that re-uses the network stack from the Chromium browser to camouflage its traffic. A “Phase 4” tool. It uses HTTP/2 multiplexing, HTTP/2 traffic padding, and the exact TLS handshake of a real Chrome browser.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;The “Most” Stealthy:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Arguably the most advanced tool for defeating traffic analysis and fingerprinting.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;High Performance:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Leverages Chrome&#039;s high-performance HTTP/2 stack.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Complex:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Requires a Caddy server with a specific plugin, domain name, and TLS cert.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Still a Proxy:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Not a full system-wide VPN.&lt;br /&gt;
&lt;br /&gt;
= Self-Hosted VPN/Proxy Suites =&lt;br /&gt;
Instead of trusting a commercial VPN, these scripts automate the setup of a private server on a cloud provider.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/trailofbits/algo Algo] ==&lt;br /&gt;
A set of Ansible scripts that automates the deployment of a minimalist, secure personal VPN. Created by Trail of Bits. It installs WireGuard and IKEv2/IPsec, deliberately excluding obfuscation tools.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Secure by Default:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Uses modern, strong protocols with secure ciphers.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Minimalist:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Includes only the minimal software you need.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Clientless (IKEv2):&#039;&#039;&#039;&amp;lt;/span&amp;gt; Supported natively by most OS.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not for Censorship Bypass:&#039;&#039;&#039;&amp;lt;/span&amp;gt; WireGuard and IKEv2 are easily detected and blocked by DPI.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Security Vulnerabilities:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Theoretical risk of MitM if the VPS is compromised due to self-signed certs.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/StreisandEffect/streisand Streisand] ==&lt;br /&gt;
Automates the deployment of a full suite of anti-censorship tools (“kitchen sink” approach). Installs WireGuard, OpenVPN, Shadowsocks, Trojan, Tor bridges, and more.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Extremely Versatile:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Gives the user many options to try if one is blocked.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Designed for Censorship:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Specifically designed for circumvention.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;“Kitchen Sink” Risk:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Dramatically increases the potential attack surface.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Less Secure Defaults:&#039;&#039;&#039;&amp;lt;/span&amp;gt; More permissive defaults than Algo.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Outdated:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Did not get updated for a long time.&lt;br /&gt;
&lt;br /&gt;
= Anonymity Networks &amp;amp; Pluggable Transports =&lt;br /&gt;
Designed for anonymity. However, to be anonymous, you first must be able to connect.&lt;br /&gt;
&lt;br /&gt;
== [https://www.torproject.org/ Tor Project] ==&lt;br /&gt;
A free, open-source network and browser that provides anonymity by routing traffic through a three-layer “onion” of volunteer-run relays.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Strong Anonymity:&#039;&#039;&#039;&amp;lt;/span&amp;gt; The most-studied tool for public-internet anonymity.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Pluggable Transports:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Built-in system to bypass blocking.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Easy to Use:&#039;&#039;&#039;&amp;lt;/span&amp;gt; The Tor Browser is a simple, all-in-one application.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Very Slow:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Impractical for streaming or large downloads.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Blocked by Default:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Relay lists are public and easily blocked.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Stigma:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Can attract suspicion from ISPs or law enforcement.&lt;br /&gt;
&lt;br /&gt;
=== Tor Pluggable Transports (PTs) ===&lt;br /&gt;
; obfs4&lt;br /&gt;
: The modern “scrambler” (Phase 2). Makes Tor traffic “look random, like nothing”. Can be blocked by whitelists.&lt;br /&gt;
; meek&lt;br /&gt;
: The “domain fronting” transport (Phase 3). Makes Tor traffic look like it&#039;s going to a major CDN. Very slow and fragile; major providers blocked it.&lt;br /&gt;
; Web Tunnel&lt;br /&gt;
: A newer transport that masks Tor traffic as a standard HTTPS connection.&lt;br /&gt;
; Snowflake&lt;br /&gt;
: A peer-to-peer transport. Connects to ephemeral proxies run by volunteers in their web browsers.&lt;br /&gt;
&lt;br /&gt;
== I2P (Invisible Internet Project) ==&lt;br /&gt;
A decentralized, anonymous network layer. Uses “Garlic Routing” which bundles multiple messages together and sends them through unidirectional tunnels.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Excellent for Hidden Services:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Optimized for “eepsites”.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Decentralized &amp;amp; Resilient:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Distributed and P2P-friendly.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Harder Analysis:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Unidirectional tunnels make traffic analysis harder.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not for Public Web Access:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Relies on volunteer-run “out proxies” which are few and slow.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Slow:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Complex P2P routing.&lt;br /&gt;
&lt;br /&gt;
= Decentralized &amp;amp; Federated &amp;amp; P2P Networks =&lt;br /&gt;
Censorship-resistance-by-design. If there is no single server, there is no single point to block.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/HelloZeroNet/ZeroNet Zero Net] ==&lt;br /&gt;
A decentralized, peer-to-peer web-like network. Uses Bitcoin cryptography for identity and BitTorrent to distribute content.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Extremely Censorship-Resistant:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Cannot be taken down by DMCA or government order.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Zero Hosting Cost:&#039;&#039;&#039;&amp;lt;/span&amp;gt; The audience provides the infrastructure.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Works Offline:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Browse “seeded” sites without internet.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not Anonymous by Default:&#039;&#039;&#039;&amp;lt;/span&amp;gt; IP is visible to peers.&lt;br /&gt;
&lt;br /&gt;
== [[wikipedia:Hyphanet|Hypha net (formerly Freenet)]] ==&lt;br /&gt;
A decentralized, P2P network where all users contribute disk space and bandwidth. Content is retrieved by a key, not a location. Nodes do not know what content they are storing.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Anonymous by Design:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Anonymity built-in for publishers and consumers.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Deniable Storage:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Plausible deniability for hosts.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;“Forgets” Content:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Unpopular data is eventually dropped.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Static Content Only:&#039;&#039;&#039;&amp;lt;/span&amp;gt; No dynamic sites.&lt;br /&gt;
&lt;br /&gt;
== [https://ipfs.tech/ IPFS] ==&lt;br /&gt;
A decentralized, peer-to-peer protocol. Uses content-based addressing (CID) instead of location-based addressing.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Highly Censorship-Resistant:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Content itself cannot be blocked.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Data Integrity:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Cryptographic CIDs guarantee the exact file.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not Anonymous by Default:&#039;&#039;&#039;&amp;lt;/span&amp;gt; IP is visible.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Content is Not Permanent:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Files disappear if not “pinned”.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Censorable at the Gateway:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Public gateways can filter content.&lt;br /&gt;
&lt;br /&gt;
== Torrenting ==&lt;br /&gt;
Files are distributed across thousands of users&#039; computers. Extremely resilient against takedowns.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Distributed &amp;amp; Fast:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Speeds up as more people host.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;No Central Logs:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Makes surveillance resource-intensive.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not Anonymous by Default:&#039;&#039;&#039;&amp;lt;/span&amp;gt; IPs are public.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Stigma:&#039;&#039;&#039;&amp;lt;/span&amp;gt; ISPs actively throttle or block torrents.&lt;br /&gt;
&lt;br /&gt;
= Emerging Privacy Protocols (DNS/TLS) =&lt;br /&gt;
&lt;br /&gt;
== DNS-over-HTTPS (DoH) / DNS-over-TLS (DoT) / DNS Crypt ==&lt;br /&gt;
Protocols that encrypt DNS queries to prevent tracking and poisoning.&lt;br /&gt;
* &#039;&#039;&#039;DoT:&#039;&#039;&#039; Dedicated port 853.&lt;br /&gt;
* &#039;&#039;&#039;DoH:&#039;&#039;&#039; Uses port 443 (standard web traffic).&lt;br /&gt;
* &#039;&#039;&#039;DNS Crypt:&#039;&#039;&#039; Encrypts payloads using public keys.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Bypasses DNS Filtering:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Primary benefit.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Stealthy (DoH):&#039;&#039;&#039;&amp;lt;/span&amp;gt; Indistinguishable from HTTPS.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;DoT is Easily Blocked:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Port 853 can be blocked.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Does Not Bypass DPI:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Useless if SNI or IP is blocked.&lt;br /&gt;
&lt;br /&gt;
== Encrypted Client Hello (ECH) ==&lt;br /&gt;
A TLS 1.3 extension that encrypts the SNI, closing the metadata leak in HTTPS.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Defeats SNI-Based DPI:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Makes this class of censorship obsolete.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Proactive &amp;amp; Native:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Protects all users by default when adopted.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not Yet Standard:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Not universally deployed.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Already Being Blocked:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Russia blocks ECH directly; China blocks encrypted DNS to prevent ECH.&lt;br /&gt;
&lt;br /&gt;
= Other Workarounds =&lt;br /&gt;
; Privacy Frontends&lt;br /&gt;
: Proxy traffic to upstream services. Upstream doesn&#039;t see your IP, but usually limited to specific websites and can be unstable.&lt;br /&gt;
; Website Mirrors&lt;br /&gt;
: Viewing alternative hosted versions of sites. Only some content has mirrors.&lt;br /&gt;
; Federated Services&lt;br /&gt;
: Distributed alternatives to centralized platforms. Can leak metadata.&lt;br /&gt;
&lt;br /&gt;
= Do you need a VPN? =&lt;br /&gt;
If one or more of these are true, a VPN may be necessary:&lt;br /&gt;
* Connecting to untrusted hotspots.&lt;br /&gt;
* Untrusted websites (IP loggers).&lt;br /&gt;
* Geo-blocked regularly.&lt;br /&gt;
* ISP blocks content.&lt;br /&gt;
* Lack of trust in ISP.&lt;br /&gt;
* Need servers in specific countries.&lt;br /&gt;
* ISP throttling.&lt;br /&gt;
&lt;br /&gt;
= Inclusion Criteria =&lt;br /&gt;
* &#039;&#039;&#039;Source Availability:&#039;&#039;&#039; Open-source projects preferred.&lt;br /&gt;
* &#039;&#039;&#039;Security:&#039;&#039;&#039; Strong security practices, audited code.&lt;br /&gt;
* &#039;&#039;&#039;Community Support:&#039;&#039;&#039; Active forums and issue trackers.&lt;br /&gt;
* &#039;&#039;&#039;Cost-Effectiveness:&#039;&#039;&#039; Fits budget requirements.&lt;br /&gt;
* &#039;&#039;&#039;No Walled Gardens:&#039;&#039;&#039; Prefer self-hosted or alternative client capable software.&lt;br /&gt;
* &#039;&#039;&#039;Proven Track Record:&#039;&#039;&#039; Mature projects.&lt;br /&gt;
&lt;br /&gt;
= Tor vs. I2P Comparison =&lt;br /&gt;
&#039;&#039;This part of the guide is taken from the [https://geti2p.net/en/comparison/tor i2p projects comparison page].&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
{| class=&amp;quot;wikitable&amp;quot; style=&amp;quot;width:100%; vertical-align:top;&amp;quot;&lt;br /&gt;
|-&lt;br /&gt;
! Benefits of Tor over I2P !! Benefits of I2P over Tor&lt;br /&gt;
|- style=&amp;quot;vertical-align:top;&amp;quot;&lt;br /&gt;
|&lt;br /&gt;
* Much bigger user base; highly visible academic and hacker community support.&lt;br /&gt;
* Solved scaling issues I2P hasn&#039;t addressed.&lt;br /&gt;
* Significant funding and funded developers.&lt;br /&gt;
* More resistant to state-level blocking due to TLS transport layer and bridges.&lt;br /&gt;
* Designed and optimized for exit traffic (large number of exit nodes).&lt;br /&gt;
* Better documentation, formal papers, and translations.&lt;br /&gt;
* More efficient memory usage.&lt;br /&gt;
* Low bandwidth overhead for client nodes.&lt;br /&gt;
* Centralized control efficiently addresses Sybil attacks.&lt;br /&gt;
* High capacity core nodes provide higher throughput and lower latency.&lt;br /&gt;
* Written in C.&lt;br /&gt;
|&lt;br /&gt;
* Designed and optimized for hidden services, which are much faster than in Tor.&lt;br /&gt;
* Fully distributed and self-organizing.&lt;br /&gt;
* Peers selected by continuous profiling rather than trusted claims.&lt;br /&gt;
* Floodfill peers (&amp;quot;directory servers&amp;quot;) are untrusted and vary.&lt;br /&gt;
* Small enough that it hasn&#039;t been blocked or DOSed much.&lt;br /&gt;
* Peer-to-peer friendly.&lt;br /&gt;
* Packet switched instead of circuit switched (transparent load balancing, resilience via parallel tunnels).&lt;br /&gt;
* Unidirectional tunnels instead of bidirectional circuits (doubles nodes an attacker must compromise).&lt;br /&gt;
* Short-lived tunnels decrease active attack vectors compared to Tor circuits.&lt;br /&gt;
* Essentially all peers participate in routing.&lt;br /&gt;
* Written in Java.&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
= See also (Resources) =&lt;br /&gt;
* [[wikipedia:Internet_censorship_circumvention|Internet censorship circumvention: Wikipedia]]&lt;br /&gt;
* [https://github.com/bol-van/zapret Zapret Documentation]&lt;br /&gt;
* [https://github.com/ValdikSS/GoodbyeDPI Goodbye DPI GitHub]&lt;br /&gt;
* [https://shadowsocks.org/ Shadowsocks Official]&lt;br /&gt;
* [https://github.com/v2fly/v2ray-core V2Ray Core]&lt;br /&gt;
* [https://github.com/XTLS/Xray-core X-ray Core]&lt;br /&gt;
* [https://tb-manual.torproject.org/circumvention/ Tor Circumvention Manual]&lt;br /&gt;
* [https://geti2p.net/ I2P Anonymous Network]&lt;br /&gt;
* [https://ooni.org/ OONI Open Observatory of Network Interference]&lt;br /&gt;
&lt;br /&gt;
[[Category:Internet Censorship]]&lt;br /&gt;
[[Category:Privacy Software]]&lt;br /&gt;
[[Category:Circumvention]]&lt;/div&gt;</summary>
		<author><name>Admin</name></author>
	</entry>
	<entry>
		<id>https://wiki.n216.dedyn.io/index.php?title=How_to_bypass_ISP_censorship&amp;diff=74</id>
		<title>How to bypass ISP censorship</title>
		<link rel="alternate" type="text/html" href="https://wiki.n216.dedyn.io/index.php?title=How_to_bypass_ISP_censorship&amp;diff=74"/>
		<updated>2026-05-31T14:30:23Z</updated>

		<summary type="html">&lt;p&gt;Admin: /* Zapret */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&#039;&#039;A curated list of tools, protocols, and technologies for bypassing internet blocks, inspired by [https://github.com/danoctavian/awesome-anti-censorship this] project.&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
This list focuses on tools and strategies designed to defeat active network-level filtering, such as Deep Packet Inspection (DPI), DNS blocking, and protocol-level blacklisting.&lt;br /&gt;
&lt;br /&gt;
__TOC__&lt;br /&gt;
&lt;br /&gt;
= How Online Content is Blocked =&lt;br /&gt;
Internet blocks are multi-layered systems and not simple on/off switches. Bypassing them is similar to a cat-and-mouse game.&lt;br /&gt;
&lt;br /&gt;
Filtering mechanisms primarily include:&lt;br /&gt;
&lt;br /&gt;
; DNS Filtering / Poisoning / Hijacking&lt;br /&gt;
: The censor intercepts requests to resolve a domain name and either returns no answer or a false IP address. This is the simplest and most common form of blocking, but also the easiest to bypass in some cases. To bypass it, a third party (not from your ISP) DNS server should be used with a DNS protocol supporting encryption like DNS over HTTPS. If blocks are still in place, your ISP may be using DPI.&lt;br /&gt;
; Deep Packet Inspection (DPI)&lt;br /&gt;
: This is a more advanced method. State-level “middle boxes” (like Russia&#039;s TSPU or China&#039;s Great Firewall (GFW)) actively inspect the content of unencrypted (or encrypted for their own certificate authority) traffic. For encrypted traffic, they inspect the “metadata,” such as the Server Name Indication (SNI) in a TLS handshake. The SNI field, which states the domain you are visiting, is unencrypted and provides a simple way for censors to identify and block HTTPS connections. However, even when SNI is encrypted or absent, advanced middle boxes can infer your destination through non-SNI leaks. They achieve this by analyzing TLS fingerprints (like JA4 signatures), monitoring packet sizes and timing patterns to profile websites. Even if a client successfully hides the destination domain during the initial handshake (for instance, by omitting the SNI), censors can simply look at the plaintext certificate returned by the server in some cases. In standard TLS connections below version 1.3, the server sends its X.509 certificate completely unencrypted. Censors intercepting this packet instantly know exactly which website you are communicating with. Bypassing DPI requires specialized programs. If blocks are still in place, your ISP may be using IP blacklisting.&lt;br /&gt;
; IP Blacklisting&lt;br /&gt;
: The censor blocks all network traffic to and from known IP addresses associated with a “forbidden” service (e.g., a VPN provider&#039;s servers or a specific website). Bypassing this is harder and requires connecting to a proxy/VPN server that doesn&#039;t have these restrictions. This can create a chicken-and-egg problem, like a proxy/VPN service being IP blocked but needing a proxy/VPN to bypass it.&lt;br /&gt;
; Protocol Filtering&lt;br /&gt;
: The DPI system is configured to identify and block the “fingerprints” of circumvention protocols themselves. Standard OpenVPN and WireGuard traffic is easily identifiable and is a primary target for blocking. Ports of commonly used protocols can be blocked too (e.g., port 51820 can be blocked to prevent a WireGuard connection if there are no alternative ports).&lt;br /&gt;
&lt;br /&gt;
The tools in this list are all solutions to one or more of these methods. They either:&lt;br /&gt;
# Manipulate packets at a low level to confuse the DPI,&lt;br /&gt;
# Obfuscate (disguise) traffic to look like something benign and unblockable (like standard web traffic), or&lt;br /&gt;
# Decentralize content, so there is no single server to block.&lt;br /&gt;
&lt;br /&gt;
= Censorship Measurement Tools =&lt;br /&gt;
This is a “meta” category. Before you can bypass censorship, you must prove it is happening and understand how. These tools are not for circumvention, but for detection. They are critical for activists, journalists, and researchers.&lt;br /&gt;
&lt;br /&gt;
== [https://ooni.org/ OONI Probe] ==&lt;br /&gt;
The Open Observatory of Network Interference. A free, open-source software and global network for measuring internet censorship. A project born out of The Tor Project, now an independent non-profit. Volunteers run the OONI Probe app on their mobile devices or computers from within 241 countries. The results are aggregated and published on the public OONI Explorer website. It is used to increase transparency, document censorship events globally, and provide hard, verifiable evidence of network interference and blocking.&lt;br /&gt;
&lt;br /&gt;
The app runs a series of tests to check for censorship:&lt;br /&gt;
* &#039;&#039;&#039;Web Connectivity:&#039;&#039;&#039; It tries to access a list of websites (including globally and locally sensitive ones) from the user&#039;s network and from a control network, then compares the results.&lt;br /&gt;
* &#039;&#039;&#039;App Blocking:&#039;&#039;&#039; It tests for blocks on specific apps like WhatsApp, Telegram, and Signal.&lt;br /&gt;
* &#039;&#039;&#039;Circumvention Tool Blocking:&#039;&#039;&#039; It tests if circumvention tools themselves (like Tor, Psiphon, and Lantern) are reachable.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Provides Hard Evidence:&#039;&#039;&#039;&amp;lt;/span&amp;gt; It is the best tool for scientifically proving how and what is being censored on a specific network.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Global &amp;amp; Open Data:&#039;&#039;&#039;&amp;lt;/span&amp;gt; All data is publicly available for analysis, which is an invaluable resource for researchers, journalists, and human rights organizations.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Easy to Use:&#039;&#039;&#039;&amp;lt;/span&amp;gt; The mobile app is simple for non-technical volunteers to run.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Potential Risk to User:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Running OONI Probe is not anonymous. Your ISP and any network monitor can see that you are running it. While OONI states the risk is “theoretical” and no user has faced consequences, this is a real risk in high-stakes environments.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Provocative Tests:&#039;&#039;&#039;&amp;lt;/span&amp;gt; The app intentionally tests “provocative or objectionable sites (e.g., pornography)”, which might be illegal to even attempt to access in some countries, regardless of intent.&lt;br /&gt;
&lt;br /&gt;
= TLDR: I need a tool now! What should I use? =&lt;br /&gt;
&#039;&#039;If you are in a risky situation, please do your research and do not trust any single source (including this one). These quick recommendations are for people with less sensitive threat models.&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
{| class=&amp;quot;wikitable&amp;quot;&lt;br /&gt;
|-&lt;br /&gt;
! Level !! Recommendation&lt;br /&gt;
|-&lt;br /&gt;
| &#039;&#039;&#039;Level 1&#039;&#039;&#039; || DNS over HTTPS (DNS over TLS can be blocked but it may be an easier solution if you use Android &amp;gt;9 since it is built-in) + Encrypted Client Hello (supported by most modern browsers)&lt;br /&gt;
|-&lt;br /&gt;
| &#039;&#039;&#039;Level 2&#039;&#039;&#039; || Level 1 + DPI bypassing (Zapret/GoodbyeDPI/DPI Tunnel v2/PowerTunnel)&lt;br /&gt;
|-&lt;br /&gt;
| &#039;&#039;&#039;Level 3&#039;&#039;&#039; || Level 2 + WireGuard (preferably with AmneziaWG protocol)&lt;br /&gt;
|-&lt;br /&gt;
| &#039;&#039;&#039;Level 4&#039;&#039;&#039; || Level 3 + tools similar to V2Ray or DNS tunneling (slow)&lt;br /&gt;
|-&lt;br /&gt;
| &#039;&#039;&#039;Level 5&#039;&#039;&#039; || &#039;&#039;&#039;Do Your Own Research If You Still Can&#039;t Connect to Websites&#039;&#039;&#039;&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
= Local DPI Bypass Tools =&lt;br /&gt;
This category of tools is fundamentally different from VPNs. They allow access to specific blocked services without the disruptive side effects of a VPN, such as changing your IP address. They also don&#039;t bypass IP blacklisting. &lt;br /&gt;
&lt;br /&gt;
These tools work by “desynchronizing” the censor&#039;s view of the network connection from the server&#039;s, causing the inspection to fail while allowing the real connection to proceed. They provide no extra encryption or anonymity; your ISP can still see what sites you are visiting, but their automated blocking mechanism is fooled.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/bol-van/zapret Zapret] ==&lt;br /&gt;
A stand-alone, high-performance DPI circumvention tool designed to “desynchronize” DPI systems by manipulating network packets at a low level. Zapret was created primarily to target the “Sovereign Internet” (RuNet) blocking system in Russia.&lt;br /&gt;
&lt;br /&gt;
Zapret is designed to run on a Linux-based gateway, such as a home router running OpenWrt or directly on a user&#039;s Linux desktop.&lt;br /&gt;
&lt;br /&gt;
Zapret uses low-level packet manipulation via components like &amp;lt;code&amp;gt;nfqws&amp;lt;/code&amp;gt; and &amp;lt;code&amp;gt;tpws&amp;lt;/code&amp;gt;. It employs a variety of “DPI desync” techniques, which can be configured by the user. These include sending fake packets (e.g., with the &amp;lt;code&amp;gt;--dpi-desync=fake&amp;lt;/code&amp;gt; parameter), fragmenting packets (&amp;lt;code&amp;gt;--dpi-desync=fakedsplit&amp;lt;/code&amp;gt;), and modifying packet checksums or TTLs to “fool” the inspection system (&amp;lt;code&amp;gt;--dpi-desync-fooling=badsum&amp;lt;/code&amp;gt;). The tool includes a &amp;lt;code&amp;gt;blockcheck.sh&amp;lt;/code&amp;gt; script that a user can run to test and identify the most effective desync parameters for their specific ISP.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;High Performance:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Adds negligible latency. Because it typically only manipulates the first few packets of a connection to break the DPI&#039;s state, it is significantly faster than a full tunnel.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;No IP Change:&#039;&#039;&#039;&amp;lt;/span&amp;gt; This is its most significant advantage. It does not change your public IP address, making it ideal for accessing local, geo-restricted services (like banking, streaming, or city services) that would be broken by a VPN. It also does not need to trust any third party servers.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Transparent:&#039;&#039;&#039;&amp;lt;/span&amp;gt; When installed on a router, it works transparently for all devices on the network (phones, computers, consoles) with no client-side software required.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Adaptive:&#039;&#039;&#039;&amp;lt;/span&amp;gt; It is highly configurable to adapt to the specific, evolving DPI strategies used by different ISPs and nation-states.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;No Extra Privacy or Anonymity:&#039;&#039;&#039;&amp;lt;/span&amp;gt; This is important to know. Zapret does not provide extra privacy or anonymity. Your ISP can still see which sites you are visiting; the tool just prevents the automated block to provide access.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Specific Use Case:&#039;&#039;&#039;&amp;lt;/span&amp;gt; It only defeats DPI. It does not bypass DNS-level blocking (it must be paired with an encrypted DNS service like DoH/DoT) or IP-address-level bans.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/ValdikSS/GoodbyeDPI Goodbye DPI] ==&lt;br /&gt;
A user-friendly DPI circumvention utility designed specifically for the Windows operating system. It runs on a user&#039;s local Windows PC (versions 7 through 11 are supported). It works by installing a Windows filter driver to intercept and modify packets as they leave the machine. It employs multiple methods simultaneously to be effective against a wide range of DPI systems. These methods include: TCP-level fragmentation, HTTP header manipulation (e.g., replacing Host with hoSt, or removing spaces), and sending fake packets with low TTLs to “poison” the DPI&#039;s state and cause it to fail. It also includes modes to redirect DNS requests to non-standard ports to bypass simple DNS poisoning.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Easy to Use:&#039;&#039;&#039;&amp;lt;/span&amp;gt; This is its primary advantage. It is ideal for non-technical Windows users. The most common use case involves just running a single &amp;lt;code&amp;gt;.cmd&amp;lt;/code&amp;gt; script.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;No IP Change:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Shares the same benefits as Zapret; it does not interfere with local, geo-restricted services. Also, no third party to trust.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Effective:&#039;&#039;&#039;&amp;lt;/span&amp;gt; It is designed to actively bypass both “Passive DPI” (which tries to “race” the real server with a fake reset packet) and “Active DPI” (which sits in-line and modifies traffic).&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;No Extra Privacy or Anonymity:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Like Zapret, this provides no extra encryption and is not a privacy tool. It is for access only.&lt;br /&gt;
&lt;br /&gt;
== Mobile DPI Bypass Tools ==&lt;br /&gt;
Stand-alone, open-source DPI circumvention tools exists on mobile devices too. They are mostly inspired by Zapret. The catch being not being capable as tools designed for computers. They mostly rely on 3 ways to see the packets. Having root, giving the VPN slot to the app, setting up a proxy inside your phone. You will usually have to set the bypass rules manually. Most popular ones are “DPI Tunnel v2”, “Bye DPI”, “Power Tunnel”. They don&#039;t increase battery usage that much compared to VPNs.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;High Performance:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Adds negligible latency. It is significantly faster than a full tunnel. &lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;No IP Change:&#039;&#039;&#039;&amp;lt;/span&amp;gt; It does not change your public IP address, making it ideal for accessing local, geo-restricted services (like banking, streaming, or city services) that would be broken by a VPN. It also does not need to trust any third party servers.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Easy to Use:&#039;&#039;&#039;&amp;lt;/span&amp;gt; After initial configuration, enabling or disabling is only one press.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;No Extra Privacy or Anonymity:&#039;&#039;&#039;&amp;lt;/span&amp;gt; These tools don&#039;t provide extra privacy or anonymity. Your ISP/GSM can still see which sites you are visiting; the tool just prevents the automated block to provide access.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Needs either root or a VPN slot:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Android only allows one active VPN slot at a time. If you are running a DPI bypass app, you cannot simultaneously run a standard VPN or a system-wide ad blocker without root.&lt;br /&gt;
&lt;br /&gt;
= Standard (Non-Obfuscated) Protocols =&lt;br /&gt;
This category includes the standard, “baseline” protocols for proxies and VPNs. These tools are not designed for censorship circumvention and are the primary targets for blocking. Their distinct protocol “fingerprints” make them easy for DPI systems to identify and filter. They are included here as a baseline to illustrate why the more advanced, obfuscated tools in the next section are necessary.&lt;br /&gt;
&lt;br /&gt;
== [https://www.wireguard.com/ WireGuard] ==&lt;br /&gt;
An extremely simple, fast, and modern VPN (Virtual Private Network) protocol. A modern protocol (initial release 2015) that is now part of the Linux kernel. Runs on client and server machines, supported natively or via apps on all major operating systems. It uses state-of-the-art cryptography and has a very small, auditable code base (under 4,000 lines of code). It operates over UDP.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Extremely Fast:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Significantly higher performance and lower latency compared to OpenVPN, due to its lightweight code and modern encryption.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Simple &amp;amp; Secure:&#039;&#039;&#039;&amp;lt;/span&amp;gt; A small code base makes it easier to audit and less susceptible to attack.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Quick Reconnects:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Connects and reconnects almost instantly, making it ideal for mobile devices switching between Wi-Fi and cellular data.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Easily Blocked:&#039;&#039;&#039;&amp;lt;/span&amp;gt; This is its key weakness for censorship. It has a distinct, recognizable protocol fingerprint. It is not designed to bypass DPI and is actively blocked in countries like China and Russia. Protocols like AmneziaWG (modified version of WireGuard designed to prevent DPI) should be used when possible.&lt;br /&gt;
&lt;br /&gt;
== [https://openvpn.net/ OpenVPN] ==&lt;br /&gt;
A mature, open-source, and highly configurable VPN protocol. First released in 2001, it has been the industry standard for over two decades. It uses a custom security protocol based on SSL/TLS. It can run over either TCP or UDP, which makes it flexible.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Mature:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Battle-tested and thoroughly audited for decades.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Flexible:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Can be configured to run over any port and use either TCP or UDP.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Easily Blocked:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Like WireGuard, its handshake is very distinct and easily identified and blocked by DPI systems.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Slow:&#039;&#039;&#039;&amp;lt;/span&amp;gt; It is much slower and has higher latency than WireGuard. Its code base is big (400,000+ lines).&lt;br /&gt;
&lt;br /&gt;
== [https://en.wikipedia.org/wiki/IKEv2 IKEv2/IPsec] ==&lt;br /&gt;
A secure, standards-based VPN protocol (Internet Key Exchange version 2). Developed by Microsoft and Cisco, and standardized by the IETF. Native to most modern operating systems. It is often used in self-hosted setups (like Algo).&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Native Support:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Supported “out of the box” by Windows, Android, macOS, and iOS.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Stable:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Very good at re-establishing a connection quickly when a network drops.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Easily Blocked:&#039;&#039;&#039;&amp;lt;/span&amp;gt; It is not a circumvention tool and is easily detected and blocked by DPI.&lt;br /&gt;
&lt;br /&gt;
== [https://en.wikipedia.org/wiki/SOCKS SOCKS] ==&lt;br /&gt;
A low-level proxy protocol that can route virtually any type of network traffic from any application (SOCKS5 since 1996). A client application sends traffic to a SOCKS5 server, which then forwards it to the final destination. It operates at Layer 5 (the Session Layer).&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Extremely Versatile:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Can handle any type of traffic, including web, P2P, gaming, and email.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not Encrypted:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Provides zero encryption by itself. All traffic is sent in the clear and is fully visible to an ISP.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Trivially Blocked:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Unencrypted, identifiable traffic is extremely easy for any DPI system to inspect and block.&lt;br /&gt;
&lt;br /&gt;
== [https://en.wikipedia.org/wiki/Proxy_server HTTP(S) Proxies / Web Proxies] ==&lt;br /&gt;
A basic, high-level proxy protocol designed exclusively for web (HTTP and HTTPS) traffic. Primarily used by web browsers. It operates at Layer 7 (the Application Layer).&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Simple:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Easy to set up and widely supported by all browsers.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Extremely Limited:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Only works for web traffic.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not Encrypted:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Provides no encryption for your connection to the proxy (when no HTTPS).&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not Anonymous:&#039;&#039;&#039;&amp;lt;/span&amp;gt; HTTP proxies typically add headers (like X-Forwarded-For) that identify the original user&#039;s IP address.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Trivially Blocked:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Very easy to detect and block.&lt;br /&gt;
&lt;br /&gt;
= Obfuscated Proxy Protocols &amp;amp; Platforms =&lt;br /&gt;
This category represents the “engine” for most modern, robust circumvention. The development of these protocols illustrates the “cat-and-mouse” arms race.&lt;br /&gt;
&lt;br /&gt;
# &#039;&#039;&#039;Phase 1 (Encrypt):&#039;&#039;&#039; Standard VPNs (OpenVPN, WireGuard) are encrypted but have obvious “fingerprints”.&lt;br /&gt;
# &#039;&#039;&#039;Phase 2 (Scramble):&#039;&#039;&#039; Tools like Shadowsocks and obfs4 encrypt and “scramble” traffic to look like “random” data.&lt;br /&gt;
# &#039;&#039;&#039;Phase 3 (Mimic):&#039;&#039;&#039; Tools like V2Ray (VLESS+TLS) and Trojan are designed to mimic standard, benign HTTPS traffic.&lt;br /&gt;
# &#039;&#039;&#039;Phase 4 (Be Indistinguishable):&#039;&#039;&#039; Tools like Naïve Proxy reuse the actual network stack from a real browser (Chrome) to be bit-for-bit indistinguishable.&lt;br /&gt;
&lt;br /&gt;
== [https://shadowsocks.org/ Shadow Socks] ==&lt;br /&gt;
A fast, encrypted SOCKS5 proxy. It is not a full VPN. Originally created in 2012 by “clowwindy” specifically to bypass the Great Firewall (GFW) of China. Its strength is its simplicity and its use of modern AEAD ciphers. It “disguises” traffic to look like HTTPS but does not explicitly mimic another protocol.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Fast and Lightweight:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Generally faster than full VPNs and complex multi-layered tools.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Selective:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Easy to configure which traffic goes through it (e.g., using a PAC file).&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Detectable by Advanced DPI:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Advanced DPI can detect Shadowsocks traffic through traffic analysis and active probing.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not a Full VPN:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Does not tunnel all system traffic by default, leading to potential “leaks”.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/v2fly/v2ray-core V2Ray] ==&lt;br /&gt;
A platform or framework for building proxies. It is not a single protocol, but a “box” that can manage multiple inbound and outbound protocols, transports, and advanced routing rules. By wrapping its proxy traffic inside Web Socket and TLS, it makes the traffic appear as standard, indistinguishable HTTPS traffic.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Extremely Flexible:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Can be configured to mimic HTTPS, run over Web Sockets, use QUIC, etc.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Resilient:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Its multiprotocol nature means it can be reconfigured if one method is blocked.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Advanced Routing:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Can selectively route traffic based on domain or IP.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Complex:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Requires understanding of its complex concepts of inbounds, outbounds, and transports.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Performance Overhead:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Layered encryption adds significant latency.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;VMess is Detectable:&#039;&#039;&#039;&amp;lt;/span&amp;gt; The original VMess protocol is now considered detectable by advanced GFW packet sniffing.&lt;br /&gt;
&lt;br /&gt;
=== V2Ray Protocols: VMess vs. VLESS ===&lt;br /&gt;
* &#039;&#039;&#039;VMess:&#039;&#039;&#039; The original, feature-rich protocol for V2Ray. It has its own built-in encryption and authentication methods. It is considered more “heavy” and less safe against modern GFW probing.&lt;br /&gt;
* &#039;&#039;&#039;VLESS:&#039;&#039;&#039; A newer, lightweight protocol. It removes VMess&#039;s built-in encryption layer and delegates security to the underlying transport layer, such as TLS. This simplifies the handshake, improves speed, and makes it more indistinguishable from a standard HTTPS website.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/XTLS/Xray-core X-ray] ==&lt;br /&gt;
A high-performance, open-source proxy platform and a fork of V2Ray. Developed by the XTLS community. Xray-core supports all of V2Ray&#039;s protocols and adds XTLS. XTLS is a “direct encryption” technology that avoids the performance-draining “TLS-in-TLS” problem, resulting in lower latency and higher speeds than VLESS+TLS.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Faster:&#039;&#039;&#039;&amp;lt;/span&amp;gt; X-ray with its XTLS protocol is generally considered faster and more efficient.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Backward Compatible:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Acts as a drop-in, enhanced replacement for V2Ray-core.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Advanced Protocols:&#039;&#039;&#039;&amp;lt;/span&amp;gt; VLESS and XTLS are highly effective at mimicking standard web traffic.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Complexity:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Inherits all of V2Ray&#039;s complexity.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Less Documentation:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Newer technology with poorer documentation than established setups.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/trojan-gfw/trojan Trojan] ==&lt;br /&gt;
A proxy protocol that is specifically designed to perfectly imitate a real HTTPS server. It runs on a server, binds to port 443, and simultaneously serves a real, working website. This makes it highly resistant to the “active probing” techniques.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Extremely Stealthy:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Mimics HTTPS perfectly and serves a real website as a disguise.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;High Performance:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Simpler protocol that uses TLS directly.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Requires a Domain Name:&#039;&#039;&#039;&amp;lt;/span&amp;gt; You must have a registered domain name and a valid SSL/TLS certificate.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Vulnerable to TLS-in-TLS Detection:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Censors have started detecting the “TLS-in-TLS” pattern.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/klzgrad/naiveproxy Naïve Proxy] ==&lt;br /&gt;
A proxy that re-uses the network stack from the Chromium browser to camouflage its traffic. A “Phase 4” tool. It uses HTTP/2 multiplexing, HTTP/2 traffic padding, and the exact TLS handshake of a real Chrome browser.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;The “Most” Stealthy:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Arguably the most advanced tool for defeating traffic analysis and fingerprinting.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;High Performance:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Leverages Chrome&#039;s high-performance HTTP/2 stack.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Complex:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Requires a Caddy server with a specific plugin, domain name, and TLS cert.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Still a Proxy:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Not a full system-wide VPN.&lt;br /&gt;
&lt;br /&gt;
= Self-Hosted VPN/Proxy Suites =&lt;br /&gt;
Instead of trusting a commercial VPN, these scripts automate the setup of a private server on a cloud provider.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/trailofbits/algo Algo] ==&lt;br /&gt;
A set of Ansible scripts that automates the deployment of a minimalist, secure personal VPN. Created by Trail of Bits. It installs WireGuard and IKEv2/IPsec, deliberately excluding obfuscation tools.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Secure by Default:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Uses modern, strong protocols with secure ciphers.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Minimalist:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Includes only the minimal software you need.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Clientless (IKEv2):&#039;&#039;&#039;&amp;lt;/span&amp;gt; Supported natively by most OS.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not for Censorship Bypass:&#039;&#039;&#039;&amp;lt;/span&amp;gt; WireGuard and IKEv2 are easily detected and blocked by DPI.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Security Vulnerabilities:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Theoretical risk of MitM if the VPS is compromised due to self-signed certs.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/StreisandEffect/streisand Streisand] ==&lt;br /&gt;
Automates the deployment of a full suite of anti-censorship tools (“kitchen sink” approach). Installs WireGuard, OpenVPN, Shadowsocks, Trojan, Tor bridges, and more.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Extremely Versatile:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Gives the user many options to try if one is blocked.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Designed for Censorship:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Specifically designed for circumvention.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;“Kitchen Sink” Risk:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Dramatically increases the potential attack surface.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Less Secure Defaults:&#039;&#039;&#039;&amp;lt;/span&amp;gt; More permissive defaults than Algo.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Outdated:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Did not get updated for a long time.&lt;br /&gt;
&lt;br /&gt;
= Anonymity Networks &amp;amp; Pluggable Transports =&lt;br /&gt;
Designed for anonymity. However, to be anonymous, you first must be able to connect.&lt;br /&gt;
&lt;br /&gt;
== [https://www.torproject.org/ Tor Project] ==&lt;br /&gt;
A free, open-source network and browser that provides anonymity by routing traffic through a three-layer “onion” of volunteer-run relays.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Strong Anonymity:&#039;&#039;&#039;&amp;lt;/span&amp;gt; The most-studied tool for public-internet anonymity.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Pluggable Transports:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Built-in system to bypass blocking.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Easy to Use:&#039;&#039;&#039;&amp;lt;/span&amp;gt; The Tor Browser is a simple, all-in-one application.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Very Slow:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Impractical for streaming or large downloads.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Blocked by Default:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Relay lists are public and easily blocked.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Stigma:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Can attract suspicion from ISPs or law enforcement.&lt;br /&gt;
&lt;br /&gt;
=== Tor Pluggable Transports (PTs) ===&lt;br /&gt;
; obfs4&lt;br /&gt;
: The modern “scrambler” (Phase 2). Makes Tor traffic “look random, like nothing”. Can be blocked by whitelists.&lt;br /&gt;
; meek&lt;br /&gt;
: The “domain fronting” transport (Phase 3). Makes Tor traffic look like it&#039;s going to a major CDN. Very slow and fragile; major providers blocked it.&lt;br /&gt;
; Web Tunnel&lt;br /&gt;
: A newer transport that masks Tor traffic as a standard HTTPS connection.&lt;br /&gt;
; Snowflake&lt;br /&gt;
: A peer-to-peer transport. Connects to ephemeral proxies run by volunteers in their web browsers.&lt;br /&gt;
&lt;br /&gt;
== I2P (Invisible Internet Project) ==&lt;br /&gt;
A decentralized, anonymous network layer. Uses “Garlic Routing” which bundles multiple messages together and sends them through unidirectional tunnels.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Excellent for Hidden Services:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Optimized for “eepsites”.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Decentralized &amp;amp; Resilient:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Distributed and P2P-friendly.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Harder Analysis:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Unidirectional tunnels make traffic analysis harder.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not for Public Web Access:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Relies on volunteer-run “out proxies” which are few and slow.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Slow:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Complex P2P routing.&lt;br /&gt;
&lt;br /&gt;
= Decentralized &amp;amp; Federated &amp;amp; P2P Networks =&lt;br /&gt;
Censorship-resistance-by-design. If there is no single server, there is no single point to block.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/HelloZeroNet/ZeroNet Zero Net] ==&lt;br /&gt;
A decentralized, peer-to-peer web-like network. Uses Bitcoin cryptography for identity and BitTorrent to distribute content.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Extremely Censorship-Resistant:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Cannot be taken down by DMCA or government order.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Zero Hosting Cost:&#039;&#039;&#039;&amp;lt;/span&amp;gt; The audience provides the infrastructure.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Works Offline:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Browse “seeded” sites without internet.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not Anonymous by Default:&#039;&#039;&#039;&amp;lt;/span&amp;gt; IP is visible to peers.&lt;br /&gt;
&lt;br /&gt;
== [[wikipedia:Hyphanet|Hypha net (formerly Freenet)]] ==&lt;br /&gt;
A decentralized, P2P network where all users contribute disk space and bandwidth. Content is retrieved by a key, not a location. Nodes do not know what content they are storing.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Anonymous by Design:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Anonymity built-in for publishers and consumers.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Deniable Storage:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Plausible deniability for hosts.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;“Forgets” Content:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Unpopular data is eventually dropped.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Static Content Only:&#039;&#039;&#039;&amp;lt;/span&amp;gt; No dynamic sites.&lt;br /&gt;
&lt;br /&gt;
== [https://ipfs.tech/ IPFS] ==&lt;br /&gt;
A decentralized, peer-to-peer protocol. Uses content-based addressing (CID) instead of location-based addressing.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Highly Censorship-Resistant:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Content itself cannot be blocked.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Data Integrity:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Cryptographic CIDs guarantee the exact file.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not Anonymous by Default:&#039;&#039;&#039;&amp;lt;/span&amp;gt; IP is visible.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Content is Not Permanent:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Files disappear if not “pinned”.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Censorable at the Gateway:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Public gateways can filter content.&lt;br /&gt;
&lt;br /&gt;
== Torrenting ==&lt;br /&gt;
Files are distributed across thousands of users&#039; computers. Extremely resilient against takedowns.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Distributed &amp;amp; Fast:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Speeds up as more people host.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;No Central Logs:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Makes surveillance resource-intensive.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not Anonymous by Default:&#039;&#039;&#039;&amp;lt;/span&amp;gt; IPs are public.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Stigma:&#039;&#039;&#039;&amp;lt;/span&amp;gt; ISPs actively throttle or block torrents.&lt;br /&gt;
&lt;br /&gt;
= Emerging Privacy Protocols (DNS/TLS) =&lt;br /&gt;
&lt;br /&gt;
== DNS-over-HTTPS (DoH) / DNS-over-TLS (DoT) / DNS Crypt ==&lt;br /&gt;
Protocols that encrypt DNS queries to prevent tracking and poisoning.&lt;br /&gt;
* &#039;&#039;&#039;DoT:&#039;&#039;&#039; Dedicated port 853.&lt;br /&gt;
* &#039;&#039;&#039;DoH:&#039;&#039;&#039; Uses port 443 (standard web traffic).&lt;br /&gt;
* &#039;&#039;&#039;DNS Crypt:&#039;&#039;&#039; Encrypts payloads using public keys.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Bypasses DNS Filtering:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Primary benefit.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Stealthy (DoH):&#039;&#039;&#039;&amp;lt;/span&amp;gt; Indistinguishable from HTTPS.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;DoT is Easily Blocked:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Port 853 can be blocked.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Does Not Bypass DPI:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Useless if SNI or IP is blocked.&lt;br /&gt;
&lt;br /&gt;
== Encrypted Client Hello (ECH) ==&lt;br /&gt;
A TLS 1.3 extension that encrypts the SNI, closing the metadata leak in HTTPS.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Defeats SNI-Based DPI:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Makes this class of censorship obsolete.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Proactive &amp;amp; Native:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Protects all users by default when adopted.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not Yet Standard:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Not universally deployed.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Already Being Blocked:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Russia blocks ECH directly; China blocks encrypted DNS to prevent ECH.&lt;br /&gt;
&lt;br /&gt;
= Other Workarounds =&lt;br /&gt;
; Privacy Frontends&lt;br /&gt;
: Proxy traffic to upstream services. Upstream doesn&#039;t see your IP, but usually limited to specific websites and can be unstable.&lt;br /&gt;
; Website Mirrors&lt;br /&gt;
: Viewing alternative hosted versions of sites. Only some content has mirrors.&lt;br /&gt;
; Federated Services&lt;br /&gt;
: Distributed alternatives to centralized platforms. Can leak metadata.&lt;br /&gt;
&lt;br /&gt;
= Do you need a VPN? =&lt;br /&gt;
If one or more of these are true, a VPN may be necessary:&lt;br /&gt;
* Connecting to untrusted hotspots.&lt;br /&gt;
* Untrusted websites (IP loggers).&lt;br /&gt;
* Geo-blocked regularly.&lt;br /&gt;
* ISP blocks content.&lt;br /&gt;
* Lack of trust in ISP.&lt;br /&gt;
* Need servers in specific countries.&lt;br /&gt;
* ISP throttling.&lt;br /&gt;
&lt;br /&gt;
= Inclusion Criteria =&lt;br /&gt;
* &#039;&#039;&#039;Source Availability:&#039;&#039;&#039; Open-source projects preferred.&lt;br /&gt;
* &#039;&#039;&#039;Security:&#039;&#039;&#039; Strong security practices, audited code.&lt;br /&gt;
* &#039;&#039;&#039;Community Support:&#039;&#039;&#039; Active forums and issue trackers.&lt;br /&gt;
* &#039;&#039;&#039;Cost-Effectiveness:&#039;&#039;&#039; Fits budget requirements.&lt;br /&gt;
* &#039;&#039;&#039;No Walled Gardens:&#039;&#039;&#039; Prefer self-hosted or alternative client capable software.&lt;br /&gt;
* &#039;&#039;&#039;Proven Track Record:&#039;&#039;&#039; Mature projects.&lt;br /&gt;
&lt;br /&gt;
= Tor vs. I2P Comparison =&lt;br /&gt;
&#039;&#039;This part of the guide is taken from the [https://geti2p.net/en/comparison/tor i2p projects comparison page].&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
{| class=&amp;quot;wikitable&amp;quot; style=&amp;quot;width:100%; vertical-align:top;&amp;quot;&lt;br /&gt;
|-&lt;br /&gt;
! Benefits of Tor over I2P !! Benefits of I2P over Tor&lt;br /&gt;
|- style=&amp;quot;vertical-align:top;&amp;quot;&lt;br /&gt;
|&lt;br /&gt;
* Much bigger user base; highly visible academic and hacker community support.&lt;br /&gt;
* Solved scaling issues I2P hasn&#039;t addressed.&lt;br /&gt;
* Significant funding and funded developers.&lt;br /&gt;
* More resistant to state-level blocking due to TLS transport layer and bridges.&lt;br /&gt;
* Designed and optimized for exit traffic (large number of exit nodes).&lt;br /&gt;
* Better documentation, formal papers, and translations.&lt;br /&gt;
* More efficient memory usage.&lt;br /&gt;
* Low bandwidth overhead for client nodes.&lt;br /&gt;
* Centralized control efficiently addresses Sybil attacks.&lt;br /&gt;
* High capacity core nodes provide higher throughput and lower latency.&lt;br /&gt;
* Written in C.&lt;br /&gt;
|&lt;br /&gt;
* Designed and optimized for hidden services, which are much faster than in Tor.&lt;br /&gt;
* Fully distributed and self-organizing.&lt;br /&gt;
* Peers selected by continuous profiling rather than trusted claims.&lt;br /&gt;
* Floodfill peers (&amp;quot;directory servers&amp;quot;) are untrusted and vary.&lt;br /&gt;
* Small enough that it hasn&#039;t been blocked or DOSed much.&lt;br /&gt;
* Peer-to-peer friendly.&lt;br /&gt;
* Packet switched instead of circuit switched (transparent load balancing, resilience via parallel tunnels).&lt;br /&gt;
* Unidirectional tunnels instead of bidirectional circuits (doubles nodes an attacker must compromise).&lt;br /&gt;
* Short-lived tunnels decrease active attack vectors compared to Tor circuits.&lt;br /&gt;
* Essentially all peers participate in routing.&lt;br /&gt;
* Written in Java.&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
= See also (Resources) =&lt;br /&gt;
* [[wikipedia:Internet_censorship_circumvention|Internet censorship circumvention: Wikipedia]]&lt;br /&gt;
* [https://github.com/bol-van/zapret Zapret Documentation]&lt;br /&gt;
* [https://github.com/ValdikSS/GoodbyeDPI Goodbye DPI GitHub]&lt;br /&gt;
* [https://shadowsocks.org/ Shadowsocks Official]&lt;br /&gt;
* [https://github.com/v2fly/v2ray-core V2Ray Core]&lt;br /&gt;
* [https://github.com/XTLS/Xray-core X-ray Core]&lt;br /&gt;
* [https://tb-manual.torproject.org/circumvention/ Tor Circumvention Manual]&lt;br /&gt;
* [https://geti2p.net/ I2P Anonymous Network]&lt;br /&gt;
* [https://ooni.org/ OONI Open Observatory of Network Interference]&lt;br /&gt;
&lt;br /&gt;
[[Category:Internet Censorship]]&lt;br /&gt;
[[Category:Privacy Software]]&lt;br /&gt;
[[Category:Circumvention]]&lt;/div&gt;</summary>
		<author><name>Admin</name></author>
	</entry>
	<entry>
		<id>https://wiki.n216.dedyn.io/index.php?title=How_to_bypass_ISP_censorship&amp;diff=73</id>
		<title>How to bypass ISP censorship</title>
		<link rel="alternate" type="text/html" href="https://wiki.n216.dedyn.io/index.php?title=How_to_bypass_ISP_censorship&amp;diff=73"/>
		<updated>2026-05-31T12:50:46Z</updated>

		<summary type="html">&lt;p&gt;Admin: /* How Online Content is Blocked */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&#039;&#039;A curated list of tools, protocols, and technologies for bypassing internet blocks, inspired by [https://github.com/danoctavian/awesome-anti-censorship this] project.&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
This list focuses on tools and strategies designed to defeat active network-level filtering, such as Deep Packet Inspection (DPI), DNS blocking, and protocol-level blacklisting.&lt;br /&gt;
&lt;br /&gt;
__TOC__&lt;br /&gt;
&lt;br /&gt;
= How Online Content is Blocked =&lt;br /&gt;
Internet blocks are multi-layered systems and not simple on/off switches. Bypassing them is similar to a cat-and-mouse game.&lt;br /&gt;
&lt;br /&gt;
Filtering mechanisms primarily include:&lt;br /&gt;
&lt;br /&gt;
; DNS Filtering / Poisoning / Hijacking&lt;br /&gt;
: The censor intercepts requests to resolve a domain name and either returns no answer or a false IP address. This is the simplest and most common form of blocking, but also the easiest to bypass in some cases. To bypass it, a third party (not from your ISP) DNS server should be used with a DNS protocol supporting encryption like DNS over HTTPS. If blocks are still in place, your ISP may be using DPI.&lt;br /&gt;
; Deep Packet Inspection (DPI)&lt;br /&gt;
: This is a more advanced method. State-level “middle boxes” (like Russia&#039;s TSPU or China&#039;s Great Firewall (GFW)) actively inspect the content of unencrypted (or encrypted for their own certificate authority) traffic. For encrypted traffic, they inspect the “metadata,” such as the Server Name Indication (SNI) in a TLS handshake. The SNI field, which states the domain you are visiting, is unencrypted and provides a simple way for censors to identify and block HTTPS connections. However, even when SNI is encrypted or absent, advanced middle boxes can infer your destination through non-SNI leaks. They achieve this by analyzing TLS fingerprints (like JA4 signatures), monitoring packet sizes and timing patterns to profile websites. Even if a client successfully hides the destination domain during the initial handshake (for instance, by omitting the SNI), censors can simply look at the plaintext certificate returned by the server in some cases. In standard TLS connections below version 1.3, the server sends its X.509 certificate completely unencrypted. Censors intercepting this packet instantly know exactly which website you are communicating with. Bypassing DPI requires specialized programs. If blocks are still in place, your ISP may be using IP blacklisting.&lt;br /&gt;
; IP Blacklisting&lt;br /&gt;
: The censor blocks all network traffic to and from known IP addresses associated with a “forbidden” service (e.g., a VPN provider&#039;s servers or a specific website). Bypassing this is harder and requires connecting to a proxy/VPN server that doesn&#039;t have these restrictions. This can create a chicken-and-egg problem, like a proxy/VPN service being IP blocked but needing a proxy/VPN to bypass it.&lt;br /&gt;
; Protocol Filtering&lt;br /&gt;
: The DPI system is configured to identify and block the “fingerprints” of circumvention protocols themselves. Standard OpenVPN and WireGuard traffic is easily identifiable and is a primary target for blocking. Ports of commonly used protocols can be blocked too (e.g., port 51820 can be blocked to prevent a WireGuard connection if there are no alternative ports).&lt;br /&gt;
&lt;br /&gt;
The tools in this list are all solutions to one or more of these methods. They either:&lt;br /&gt;
# Manipulate packets at a low level to confuse the DPI,&lt;br /&gt;
# Obfuscate (disguise) traffic to look like something benign and unblockable (like standard web traffic), or&lt;br /&gt;
# Decentralize content, so there is no single server to block.&lt;br /&gt;
&lt;br /&gt;
= Censorship Measurement Tools =&lt;br /&gt;
This is a “meta” category. Before you can bypass censorship, you must prove it is happening and understand how. These tools are not for circumvention, but for detection. They are critical for activists, journalists, and researchers.&lt;br /&gt;
&lt;br /&gt;
== [https://ooni.org/ OONI Probe] ==&lt;br /&gt;
The Open Observatory of Network Interference. A free, open-source software and global network for measuring internet censorship. A project born out of The Tor Project, now an independent non-profit. Volunteers run the OONI Probe app on their mobile devices or computers from within 241 countries. The results are aggregated and published on the public OONI Explorer website. It is used to increase transparency, document censorship events globally, and provide hard, verifiable evidence of network interference and blocking.&lt;br /&gt;
&lt;br /&gt;
The app runs a series of tests to check for censorship:&lt;br /&gt;
* &#039;&#039;&#039;Web Connectivity:&#039;&#039;&#039; It tries to access a list of websites (including globally and locally sensitive ones) from the user&#039;s network and from a control network, then compares the results.&lt;br /&gt;
* &#039;&#039;&#039;App Blocking:&#039;&#039;&#039; It tests for blocks on specific apps like WhatsApp, Telegram, and Signal.&lt;br /&gt;
* &#039;&#039;&#039;Circumvention Tool Blocking:&#039;&#039;&#039; It tests if circumvention tools themselves (like Tor, Psiphon, and Lantern) are reachable.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Provides Hard Evidence:&#039;&#039;&#039;&amp;lt;/span&amp;gt; It is the best tool for scientifically proving how and what is being censored on a specific network.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Global &amp;amp; Open Data:&#039;&#039;&#039;&amp;lt;/span&amp;gt; All data is publicly available for analysis, which is an invaluable resource for researchers, journalists, and human rights organizations.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Easy to Use:&#039;&#039;&#039;&amp;lt;/span&amp;gt; The mobile app is simple for non-technical volunteers to run.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Potential Risk to User:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Running OONI Probe is not anonymous. Your ISP and any network monitor can see that you are running it. While OONI states the risk is “theoretical” and no user has faced consequences, this is a real risk in high-stakes environments.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Provocative Tests:&#039;&#039;&#039;&amp;lt;/span&amp;gt; The app intentionally tests “provocative or objectionable sites (e.g., pornography)”, which might be illegal to even attempt to access in some countries, regardless of intent.&lt;br /&gt;
&lt;br /&gt;
= TLDR: I need a tool now! What should I use? =&lt;br /&gt;
&#039;&#039;If you are in a risky situation, please do your research and do not trust any single source (including this one). These quick recommendations are for people with less sensitive threat models.&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
{| class=&amp;quot;wikitable&amp;quot;&lt;br /&gt;
|-&lt;br /&gt;
! Level !! Recommendation&lt;br /&gt;
|-&lt;br /&gt;
| &#039;&#039;&#039;Level 1&#039;&#039;&#039; || DNS over HTTPS (DNS over TLS can be blocked but it may be an easier solution if you use Android &amp;gt;9 since it is built-in) + Encrypted Client Hello (supported by most modern browsers)&lt;br /&gt;
|-&lt;br /&gt;
| &#039;&#039;&#039;Level 2&#039;&#039;&#039; || Level 1 + DPI bypassing (Zapret/GoodbyeDPI/DPI Tunnel v2/PowerTunnel)&lt;br /&gt;
|-&lt;br /&gt;
| &#039;&#039;&#039;Level 3&#039;&#039;&#039; || Level 2 + WireGuard (preferably with AmneziaWG protocol)&lt;br /&gt;
|-&lt;br /&gt;
| &#039;&#039;&#039;Level 4&#039;&#039;&#039; || Level 3 + tools similar to V2Ray or DNS tunneling (slow)&lt;br /&gt;
|-&lt;br /&gt;
| &#039;&#039;&#039;Level 5&#039;&#039;&#039; || &#039;&#039;&#039;Do Your Own Research If You Still Can&#039;t Connect to Websites&#039;&#039;&#039;&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
= Local DPI Bypass Tools =&lt;br /&gt;
This category of tools is fundamentally different from VPNs. They allow access to specific blocked services without the disruptive side effects of a VPN, such as changing your IP address. They also don&#039;t bypass IP blacklisting. &lt;br /&gt;
&lt;br /&gt;
These tools work by “desynchronizing” the censor&#039;s view of the network connection from the server&#039;s, causing the inspection to fail while allowing the real connection to proceed. They provide no extra encryption or anonymity; your ISP can still see what sites you are visiting, but their automated blocking mechanism is fooled.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/bol-van/zapret Zapret] ==&lt;br /&gt;
A stand-alone, high-performance DPI circumvention tool designed to “desynchronize” DPI systems by manipulating network packets at a low level. Zapret was created primarily to target the “Sovereign Internet” (RuNet) blocking system in Russia.&lt;br /&gt;
&lt;br /&gt;
Zapret is designed to run on a Linux-based gateway, such as a home router running OpenWrt or directly on a user&#039;s Linux desktop.&lt;br /&gt;
&lt;br /&gt;
Zapret uses low-level packet manipulation via components like &amp;lt;code&amp;gt;nfqws&amp;lt;/code&amp;gt; and &amp;lt;code&amp;gt;tpws&amp;lt;/code&amp;gt;. It employs a variety of “DPI desync” techniques, which can be configured by the user. These include sending fake packets (e.g., with the &amp;lt;code&amp;gt;--dpi-desync=fake&amp;lt;/code&amp;gt; parameter), fragmenting packets (&amp;lt;code&amp;gt;--dpi-desync=fakedsplit&amp;lt;/code&amp;gt;), and modifying packet checksums or TTLs to “fool” the inspection system (&amp;lt;code&amp;gt;--dpi-desync-fooling=badsum&amp;lt;/code&amp;gt;). The tool includes a &amp;lt;code&amp;gt;blockcheck.sh&amp;lt;/code&amp;gt; script that a user can run to test and identify the most effective desync parameters for their specific ISP.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;High Performance:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Adds negligible latency. Because it typically only manipulates the first few packets of a connection to break the DPI&#039;s state, it is significantly faster than a full tunnel.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;No IP Change:&#039;&#039;&#039;&amp;lt;/span&amp;gt; This is its most significant advantage. It does not change your public IP address, making it ideal for accessing local, geo-restricted services (like banking, streaming, or city services) that would be broken by a VPN. It also does not need to trust any third party servers.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Transparent:&#039;&#039;&#039;&amp;lt;/span&amp;gt; When installed on a router, it works transparently for all devices on the network (phones, computers, consoles) with no client-side software required.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Adaptive:&#039;&#039;&#039;&amp;lt;/span&amp;gt; It is highly configurable to adapt to the specific, evolving DPI strategies used by different ISPs and nation-states.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;No Extra Privacy or Anonymity:&#039;&#039;&#039;&amp;lt;/span&amp;gt; This is critical to understand. Zapret does not provide extra privacy or anonymity. Your ISP can still see which sites you are visiting; the tool just prevents the automated block to provide access.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Specific Use Case:&#039;&#039;&#039;&amp;lt;/span&amp;gt; It only defeats DPI. It does not bypass DNS-level blocking (it must be paired with an encrypted DNS service like DoH/DoT) or IP-address-level bans.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/ValdikSS/GoodbyeDPI Goodbye DPI] ==&lt;br /&gt;
A user-friendly DPI circumvention utility designed specifically for the Windows operating system. It runs on a user&#039;s local Windows PC (versions 7 through 11 are supported). It works by installing a Windows filter driver to intercept and modify packets as they leave the machine. It employs multiple methods simultaneously to be effective against a wide range of DPI systems. These methods include: TCP-level fragmentation, HTTP header manipulation (e.g., replacing Host with hoSt, or removing spaces), and sending fake packets with low TTLs to “poison” the DPI&#039;s state and cause it to fail. It also includes modes to redirect DNS requests to non-standard ports to bypass simple DNS poisoning.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Easy to Use:&#039;&#039;&#039;&amp;lt;/span&amp;gt; This is its primary advantage. It is ideal for non-technical Windows users. The most common use case involves just running a single &amp;lt;code&amp;gt;.cmd&amp;lt;/code&amp;gt; script.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;No IP Change:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Shares the same benefits as Zapret; it does not interfere with local, geo-restricted services. Also, no third party to trust.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Effective:&#039;&#039;&#039;&amp;lt;/span&amp;gt; It is designed to actively bypass both “Passive DPI” (which tries to “race” the real server with a fake reset packet) and “Active DPI” (which sits in-line and modifies traffic).&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;No Extra Privacy or Anonymity:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Like Zapret, this provides no extra encryption and is not a privacy tool. It is for access only.&lt;br /&gt;
&lt;br /&gt;
== Mobile DPI Bypass Tools ==&lt;br /&gt;
Stand-alone, open-source DPI circumvention tools exists on mobile devices too. They are mostly inspired by Zapret. The catch being not being capable as tools designed for computers. They mostly rely on 3 ways to see the packets. Having root, giving the VPN slot to the app, setting up a proxy inside your phone. You will usually have to set the bypass rules manually. Most popular ones are “DPI Tunnel v2”, “Bye DPI”, “Power Tunnel”. They don&#039;t increase battery usage that much compared to VPNs.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;High Performance:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Adds negligible latency. It is significantly faster than a full tunnel. &lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;No IP Change:&#039;&#039;&#039;&amp;lt;/span&amp;gt; It does not change your public IP address, making it ideal for accessing local, geo-restricted services (like banking, streaming, or city services) that would be broken by a VPN. It also does not need to trust any third party servers.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Easy to Use:&#039;&#039;&#039;&amp;lt;/span&amp;gt; After initial configuration, enabling or disabling is only one press.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;No Extra Privacy or Anonymity:&#039;&#039;&#039;&amp;lt;/span&amp;gt; These tools don&#039;t provide extra privacy or anonymity. Your ISP/GSM can still see which sites you are visiting; the tool just prevents the automated block to provide access.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Needs either root or a VPN slot:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Android only allows one active VPN slot at a time. If you are running a DPI bypass app, you cannot simultaneously run a standard VPN or a system-wide ad blocker without root.&lt;br /&gt;
&lt;br /&gt;
= Standard (Non-Obfuscated) Protocols =&lt;br /&gt;
This category includes the standard, “baseline” protocols for proxies and VPNs. These tools are not designed for censorship circumvention and are the primary targets for blocking. Their distinct protocol “fingerprints” make them easy for DPI systems to identify and filter. They are included here as a baseline to illustrate why the more advanced, obfuscated tools in the next section are necessary.&lt;br /&gt;
&lt;br /&gt;
== [https://www.wireguard.com/ WireGuard] ==&lt;br /&gt;
An extremely simple, fast, and modern VPN (Virtual Private Network) protocol. A modern protocol (initial release 2015) that is now part of the Linux kernel. Runs on client and server machines, supported natively or via apps on all major operating systems. It uses state-of-the-art cryptography and has a very small, auditable code base (under 4,000 lines of code). It operates over UDP.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Extremely Fast:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Significantly higher performance and lower latency compared to OpenVPN, due to its lightweight code and modern encryption.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Simple &amp;amp; Secure:&#039;&#039;&#039;&amp;lt;/span&amp;gt; A small code base makes it easier to audit and less susceptible to attack.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Quick Reconnects:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Connects and reconnects almost instantly, making it ideal for mobile devices switching between Wi-Fi and cellular data.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Easily Blocked:&#039;&#039;&#039;&amp;lt;/span&amp;gt; This is its key weakness for censorship. It has a distinct, recognizable protocol fingerprint. It is not designed to bypass DPI and is actively blocked in countries like China and Russia. Protocols like AmneziaWG (modified version of WireGuard designed to prevent DPI) should be used when possible.&lt;br /&gt;
&lt;br /&gt;
== [https://openvpn.net/ OpenVPN] ==&lt;br /&gt;
A mature, open-source, and highly configurable VPN protocol. First released in 2001, it has been the industry standard for over two decades. It uses a custom security protocol based on SSL/TLS. It can run over either TCP or UDP, which makes it flexible.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Mature:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Battle-tested and thoroughly audited for decades.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Flexible:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Can be configured to run over any port and use either TCP or UDP.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Easily Blocked:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Like WireGuard, its handshake is very distinct and easily identified and blocked by DPI systems.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Slow:&#039;&#039;&#039;&amp;lt;/span&amp;gt; It is much slower and has higher latency than WireGuard. Its code base is big (400,000+ lines).&lt;br /&gt;
&lt;br /&gt;
== [https://en.wikipedia.org/wiki/IKEv2 IKEv2/IPsec] ==&lt;br /&gt;
A secure, standards-based VPN protocol (Internet Key Exchange version 2). Developed by Microsoft and Cisco, and standardized by the IETF. Native to most modern operating systems. It is often used in self-hosted setups (like Algo).&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Native Support:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Supported “out of the box” by Windows, Android, macOS, and iOS.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Stable:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Very good at re-establishing a connection quickly when a network drops.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Easily Blocked:&#039;&#039;&#039;&amp;lt;/span&amp;gt; It is not a circumvention tool and is easily detected and blocked by DPI.&lt;br /&gt;
&lt;br /&gt;
== [https://en.wikipedia.org/wiki/SOCKS SOCKS] ==&lt;br /&gt;
A low-level proxy protocol that can route virtually any type of network traffic from any application (SOCKS5 since 1996). A client application sends traffic to a SOCKS5 server, which then forwards it to the final destination. It operates at Layer 5 (the Session Layer).&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Extremely Versatile:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Can handle any type of traffic, including web, P2P, gaming, and email.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not Encrypted:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Provides zero encryption by itself. All traffic is sent in the clear and is fully visible to an ISP.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Trivially Blocked:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Unencrypted, identifiable traffic is extremely easy for any DPI system to inspect and block.&lt;br /&gt;
&lt;br /&gt;
== [https://en.wikipedia.org/wiki/Proxy_server HTTP(S) Proxies / Web Proxies] ==&lt;br /&gt;
A basic, high-level proxy protocol designed exclusively for web (HTTP and HTTPS) traffic. Primarily used by web browsers. It operates at Layer 7 (the Application Layer).&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Simple:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Easy to set up and widely supported by all browsers.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Extremely Limited:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Only works for web traffic.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not Encrypted:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Provides no encryption for your connection to the proxy (when no HTTPS).&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not Anonymous:&#039;&#039;&#039;&amp;lt;/span&amp;gt; HTTP proxies typically add headers (like X-Forwarded-For) that identify the original user&#039;s IP address.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Trivially Blocked:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Very easy to detect and block.&lt;br /&gt;
&lt;br /&gt;
= Obfuscated Proxy Protocols &amp;amp; Platforms =&lt;br /&gt;
This category represents the “engine” for most modern, robust circumvention. The development of these protocols illustrates the “cat-and-mouse” arms race.&lt;br /&gt;
&lt;br /&gt;
# &#039;&#039;&#039;Phase 1 (Encrypt):&#039;&#039;&#039; Standard VPNs (OpenVPN, WireGuard) are encrypted but have obvious “fingerprints”.&lt;br /&gt;
# &#039;&#039;&#039;Phase 2 (Scramble):&#039;&#039;&#039; Tools like Shadowsocks and obfs4 encrypt and “scramble” traffic to look like “random” data.&lt;br /&gt;
# &#039;&#039;&#039;Phase 3 (Mimic):&#039;&#039;&#039; Tools like V2Ray (VLESS+TLS) and Trojan are designed to mimic standard, benign HTTPS traffic.&lt;br /&gt;
# &#039;&#039;&#039;Phase 4 (Be Indistinguishable):&#039;&#039;&#039; Tools like Naïve Proxy reuse the actual network stack from a real browser (Chrome) to be bit-for-bit indistinguishable.&lt;br /&gt;
&lt;br /&gt;
== [https://shadowsocks.org/ Shadow Socks] ==&lt;br /&gt;
A fast, encrypted SOCKS5 proxy. It is not a full VPN. Originally created in 2012 by “clowwindy” specifically to bypass the Great Firewall (GFW) of China. Its strength is its simplicity and its use of modern AEAD ciphers. It “disguises” traffic to look like HTTPS but does not explicitly mimic another protocol.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Fast and Lightweight:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Generally faster than full VPNs and complex multi-layered tools.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Selective:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Easy to configure which traffic goes through it (e.g., using a PAC file).&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Detectable by Advanced DPI:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Advanced DPI can detect Shadowsocks traffic through traffic analysis and active probing.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not a Full VPN:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Does not tunnel all system traffic by default, leading to potential “leaks”.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/v2fly/v2ray-core V2Ray] ==&lt;br /&gt;
A platform or framework for building proxies. It is not a single protocol, but a “box” that can manage multiple inbound and outbound protocols, transports, and advanced routing rules. By wrapping its proxy traffic inside Web Socket and TLS, it makes the traffic appear as standard, indistinguishable HTTPS traffic.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Extremely Flexible:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Can be configured to mimic HTTPS, run over Web Sockets, use QUIC, etc.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Resilient:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Its multiprotocol nature means it can be reconfigured if one method is blocked.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Advanced Routing:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Can selectively route traffic based on domain or IP.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Complex:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Requires understanding of its complex concepts of inbounds, outbounds, and transports.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Performance Overhead:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Layered encryption adds significant latency.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;VMess is Detectable:&#039;&#039;&#039;&amp;lt;/span&amp;gt; The original VMess protocol is now considered detectable by advanced GFW packet sniffing.&lt;br /&gt;
&lt;br /&gt;
=== V2Ray Protocols: VMess vs. VLESS ===&lt;br /&gt;
* &#039;&#039;&#039;VMess:&#039;&#039;&#039; The original, feature-rich protocol for V2Ray. It has its own built-in encryption and authentication methods. It is considered more “heavy” and less safe against modern GFW probing.&lt;br /&gt;
* &#039;&#039;&#039;VLESS:&#039;&#039;&#039; A newer, lightweight protocol. It removes VMess&#039;s built-in encryption layer and delegates security to the underlying transport layer, such as TLS. This simplifies the handshake, improves speed, and makes it more indistinguishable from a standard HTTPS website.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/XTLS/Xray-core X-ray] ==&lt;br /&gt;
A high-performance, open-source proxy platform and a fork of V2Ray. Developed by the XTLS community. Xray-core supports all of V2Ray&#039;s protocols and adds XTLS. XTLS is a “direct encryption” technology that avoids the performance-draining “TLS-in-TLS” problem, resulting in lower latency and higher speeds than VLESS+TLS.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Faster:&#039;&#039;&#039;&amp;lt;/span&amp;gt; X-ray with its XTLS protocol is generally considered faster and more efficient.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Backward Compatible:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Acts as a drop-in, enhanced replacement for V2Ray-core.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Advanced Protocols:&#039;&#039;&#039;&amp;lt;/span&amp;gt; VLESS and XTLS are highly effective at mimicking standard web traffic.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Complexity:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Inherits all of V2Ray&#039;s complexity.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Less Documentation:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Newer technology with poorer documentation than established setups.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/trojan-gfw/trojan Trojan] ==&lt;br /&gt;
A proxy protocol that is specifically designed to perfectly imitate a real HTTPS server. It runs on a server, binds to port 443, and simultaneously serves a real, working website. This makes it highly resistant to the “active probing” techniques.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Extremely Stealthy:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Mimics HTTPS perfectly and serves a real website as a disguise.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;High Performance:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Simpler protocol that uses TLS directly.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Requires a Domain Name:&#039;&#039;&#039;&amp;lt;/span&amp;gt; You must have a registered domain name and a valid SSL/TLS certificate.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Vulnerable to TLS-in-TLS Detection:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Censors have started detecting the “TLS-in-TLS” pattern.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/klzgrad/naiveproxy Naïve Proxy] ==&lt;br /&gt;
A proxy that re-uses the network stack from the Chromium browser to camouflage its traffic. A “Phase 4” tool. It uses HTTP/2 multiplexing, HTTP/2 traffic padding, and the exact TLS handshake of a real Chrome browser.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;The “Most” Stealthy:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Arguably the most advanced tool for defeating traffic analysis and fingerprinting.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;High Performance:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Leverages Chrome&#039;s high-performance HTTP/2 stack.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Complex:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Requires a Caddy server with a specific plugin, domain name, and TLS cert.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Still a Proxy:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Not a full system-wide VPN.&lt;br /&gt;
&lt;br /&gt;
= Self-Hosted VPN/Proxy Suites =&lt;br /&gt;
Instead of trusting a commercial VPN, these scripts automate the setup of a private server on a cloud provider.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/trailofbits/algo Algo] ==&lt;br /&gt;
A set of Ansible scripts that automates the deployment of a minimalist, secure personal VPN. Created by Trail of Bits. It installs WireGuard and IKEv2/IPsec, deliberately excluding obfuscation tools.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Secure by Default:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Uses modern, strong protocols with secure ciphers.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Minimalist:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Includes only the minimal software you need.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Clientless (IKEv2):&#039;&#039;&#039;&amp;lt;/span&amp;gt; Supported natively by most OS.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not for Censorship Bypass:&#039;&#039;&#039;&amp;lt;/span&amp;gt; WireGuard and IKEv2 are easily detected and blocked by DPI.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Security Vulnerabilities:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Theoretical risk of MitM if the VPS is compromised due to self-signed certs.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/StreisandEffect/streisand Streisand] ==&lt;br /&gt;
Automates the deployment of a full suite of anti-censorship tools (“kitchen sink” approach). Installs WireGuard, OpenVPN, Shadowsocks, Trojan, Tor bridges, and more.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Extremely Versatile:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Gives the user many options to try if one is blocked.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Designed for Censorship:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Specifically designed for circumvention.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;“Kitchen Sink” Risk:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Dramatically increases the potential attack surface.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Less Secure Defaults:&#039;&#039;&#039;&amp;lt;/span&amp;gt; More permissive defaults than Algo.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Outdated:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Did not get updated for a long time.&lt;br /&gt;
&lt;br /&gt;
= Anonymity Networks &amp;amp; Pluggable Transports =&lt;br /&gt;
Designed for anonymity. However, to be anonymous, you first must be able to connect.&lt;br /&gt;
&lt;br /&gt;
== [https://www.torproject.org/ Tor Project] ==&lt;br /&gt;
A free, open-source network and browser that provides anonymity by routing traffic through a three-layer “onion” of volunteer-run relays.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Strong Anonymity:&#039;&#039;&#039;&amp;lt;/span&amp;gt; The most-studied tool for public-internet anonymity.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Pluggable Transports:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Built-in system to bypass blocking.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Easy to Use:&#039;&#039;&#039;&amp;lt;/span&amp;gt; The Tor Browser is a simple, all-in-one application.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Very Slow:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Impractical for streaming or large downloads.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Blocked by Default:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Relay lists are public and easily blocked.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Stigma:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Can attract suspicion from ISPs or law enforcement.&lt;br /&gt;
&lt;br /&gt;
=== Tor Pluggable Transports (PTs) ===&lt;br /&gt;
; obfs4&lt;br /&gt;
: The modern “scrambler” (Phase 2). Makes Tor traffic “look random, like nothing”. Can be blocked by whitelists.&lt;br /&gt;
; meek&lt;br /&gt;
: The “domain fronting” transport (Phase 3). Makes Tor traffic look like it&#039;s going to a major CDN. Very slow and fragile; major providers blocked it.&lt;br /&gt;
; Web Tunnel&lt;br /&gt;
: A newer transport that masks Tor traffic as a standard HTTPS connection.&lt;br /&gt;
; Snowflake&lt;br /&gt;
: A peer-to-peer transport. Connects to ephemeral proxies run by volunteers in their web browsers.&lt;br /&gt;
&lt;br /&gt;
== I2P (Invisible Internet Project) ==&lt;br /&gt;
A decentralized, anonymous network layer. Uses “Garlic Routing” which bundles multiple messages together and sends them through unidirectional tunnels.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Excellent for Hidden Services:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Optimized for “eepsites”.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Decentralized &amp;amp; Resilient:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Distributed and P2P-friendly.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Harder Analysis:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Unidirectional tunnels make traffic analysis harder.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not for Public Web Access:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Relies on volunteer-run “out proxies” which are few and slow.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Slow:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Complex P2P routing.&lt;br /&gt;
&lt;br /&gt;
= Decentralized &amp;amp; Federated &amp;amp; P2P Networks =&lt;br /&gt;
Censorship-resistance-by-design. If there is no single server, there is no single point to block.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/HelloZeroNet/ZeroNet Zero Net] ==&lt;br /&gt;
A decentralized, peer-to-peer web-like network. Uses Bitcoin cryptography for identity and BitTorrent to distribute content.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Extremely Censorship-Resistant:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Cannot be taken down by DMCA or government order.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Zero Hosting Cost:&#039;&#039;&#039;&amp;lt;/span&amp;gt; The audience provides the infrastructure.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Works Offline:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Browse “seeded” sites without internet.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not Anonymous by Default:&#039;&#039;&#039;&amp;lt;/span&amp;gt; IP is visible to peers.&lt;br /&gt;
&lt;br /&gt;
== [[wikipedia:Hyphanet|Hypha net (formerly Freenet)]] ==&lt;br /&gt;
A decentralized, P2P network where all users contribute disk space and bandwidth. Content is retrieved by a key, not a location. Nodes do not know what content they are storing.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Anonymous by Design:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Anonymity built-in for publishers and consumers.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Deniable Storage:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Plausible deniability for hosts.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;“Forgets” Content:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Unpopular data is eventually dropped.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Static Content Only:&#039;&#039;&#039;&amp;lt;/span&amp;gt; No dynamic sites.&lt;br /&gt;
&lt;br /&gt;
== [https://ipfs.tech/ IPFS] ==&lt;br /&gt;
A decentralized, peer-to-peer protocol. Uses content-based addressing (CID) instead of location-based addressing.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Highly Censorship-Resistant:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Content itself cannot be blocked.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Data Integrity:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Cryptographic CIDs guarantee the exact file.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not Anonymous by Default:&#039;&#039;&#039;&amp;lt;/span&amp;gt; IP is visible.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Content is Not Permanent:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Files disappear if not “pinned”.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Censorable at the Gateway:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Public gateways can filter content.&lt;br /&gt;
&lt;br /&gt;
== Torrenting ==&lt;br /&gt;
Files are distributed across thousands of users&#039; computers. Extremely resilient against takedowns.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Distributed &amp;amp; Fast:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Speeds up as more people host.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;No Central Logs:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Makes surveillance resource-intensive.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not Anonymous by Default:&#039;&#039;&#039;&amp;lt;/span&amp;gt; IPs are public.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Stigma:&#039;&#039;&#039;&amp;lt;/span&amp;gt; ISPs actively throttle or block torrents.&lt;br /&gt;
&lt;br /&gt;
= Emerging Privacy Protocols (DNS/TLS) =&lt;br /&gt;
&lt;br /&gt;
== DNS-over-HTTPS (DoH) / DNS-over-TLS (DoT) / DNS Crypt ==&lt;br /&gt;
Protocols that encrypt DNS queries to prevent tracking and poisoning.&lt;br /&gt;
* &#039;&#039;&#039;DoT:&#039;&#039;&#039; Dedicated port 853.&lt;br /&gt;
* &#039;&#039;&#039;DoH:&#039;&#039;&#039; Uses port 443 (standard web traffic).&lt;br /&gt;
* &#039;&#039;&#039;DNS Crypt:&#039;&#039;&#039; Encrypts payloads using public keys.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Bypasses DNS Filtering:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Primary benefit.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Stealthy (DoH):&#039;&#039;&#039;&amp;lt;/span&amp;gt; Indistinguishable from HTTPS.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;DoT is Easily Blocked:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Port 853 can be blocked.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Does Not Bypass DPI:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Useless if SNI or IP is blocked.&lt;br /&gt;
&lt;br /&gt;
== Encrypted Client Hello (ECH) ==&lt;br /&gt;
A TLS 1.3 extension that encrypts the SNI, closing the metadata leak in HTTPS.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Defeats SNI-Based DPI:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Makes this class of censorship obsolete.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Proactive &amp;amp; Native:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Protects all users by default when adopted.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not Yet Standard:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Not universally deployed.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Already Being Blocked:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Russia blocks ECH directly; China blocks encrypted DNS to prevent ECH.&lt;br /&gt;
&lt;br /&gt;
= Other Workarounds =&lt;br /&gt;
; Privacy Frontends&lt;br /&gt;
: Proxy traffic to upstream services. Upstream doesn&#039;t see your IP, but usually limited to specific websites and can be unstable.&lt;br /&gt;
; Website Mirrors&lt;br /&gt;
: Viewing alternative hosted versions of sites. Only some content has mirrors.&lt;br /&gt;
; Federated Services&lt;br /&gt;
: Distributed alternatives to centralized platforms. Can leak metadata.&lt;br /&gt;
&lt;br /&gt;
= Do you need a VPN? =&lt;br /&gt;
If one or more of these are true, a VPN may be necessary:&lt;br /&gt;
* Connecting to untrusted hotspots.&lt;br /&gt;
* Untrusted websites (IP loggers).&lt;br /&gt;
* Geo-blocked regularly.&lt;br /&gt;
* ISP blocks content.&lt;br /&gt;
* Lack of trust in ISP.&lt;br /&gt;
* Need servers in specific countries.&lt;br /&gt;
* ISP throttling.&lt;br /&gt;
&lt;br /&gt;
= Inclusion Criteria =&lt;br /&gt;
* &#039;&#039;&#039;Source Availability:&#039;&#039;&#039; Open-source projects preferred.&lt;br /&gt;
* &#039;&#039;&#039;Security:&#039;&#039;&#039; Strong security practices, audited code.&lt;br /&gt;
* &#039;&#039;&#039;Community Support:&#039;&#039;&#039; Active forums and issue trackers.&lt;br /&gt;
* &#039;&#039;&#039;Cost-Effectiveness:&#039;&#039;&#039; Fits budget requirements.&lt;br /&gt;
* &#039;&#039;&#039;No Walled Gardens:&#039;&#039;&#039; Prefer self-hosted or alternative client capable software.&lt;br /&gt;
* &#039;&#039;&#039;Proven Track Record:&#039;&#039;&#039; Mature projects.&lt;br /&gt;
&lt;br /&gt;
= Tor vs. I2P Comparison =&lt;br /&gt;
&#039;&#039;This part of the guide is taken from the [https://geti2p.net/en/comparison/tor i2p projects comparison page].&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
{| class=&amp;quot;wikitable&amp;quot; style=&amp;quot;width:100%; vertical-align:top;&amp;quot;&lt;br /&gt;
|-&lt;br /&gt;
! Benefits of Tor over I2P !! Benefits of I2P over Tor&lt;br /&gt;
|- style=&amp;quot;vertical-align:top;&amp;quot;&lt;br /&gt;
|&lt;br /&gt;
* Much bigger user base; highly visible academic and hacker community support.&lt;br /&gt;
* Solved scaling issues I2P hasn&#039;t addressed.&lt;br /&gt;
* Significant funding and funded developers.&lt;br /&gt;
* More resistant to state-level blocking due to TLS transport layer and bridges.&lt;br /&gt;
* Designed and optimized for exit traffic (large number of exit nodes).&lt;br /&gt;
* Better documentation, formal papers, and translations.&lt;br /&gt;
* More efficient memory usage.&lt;br /&gt;
* Low bandwidth overhead for client nodes.&lt;br /&gt;
* Centralized control efficiently addresses Sybil attacks.&lt;br /&gt;
* High capacity core nodes provide higher throughput and lower latency.&lt;br /&gt;
* Written in C.&lt;br /&gt;
|&lt;br /&gt;
* Designed and optimized for hidden services, which are much faster than in Tor.&lt;br /&gt;
* Fully distributed and self-organizing.&lt;br /&gt;
* Peers selected by continuous profiling rather than trusted claims.&lt;br /&gt;
* Floodfill peers (&amp;quot;directory servers&amp;quot;) are untrusted and vary.&lt;br /&gt;
* Small enough that it hasn&#039;t been blocked or DOSed much.&lt;br /&gt;
* Peer-to-peer friendly.&lt;br /&gt;
* Packet switched instead of circuit switched (transparent load balancing, resilience via parallel tunnels).&lt;br /&gt;
* Unidirectional tunnels instead of bidirectional circuits (doubles nodes an attacker must compromise).&lt;br /&gt;
* Short-lived tunnels decrease active attack vectors compared to Tor circuits.&lt;br /&gt;
* Essentially all peers participate in routing.&lt;br /&gt;
* Written in Java.&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
= See also (Resources) =&lt;br /&gt;
* [[wikipedia:Internet_censorship_circumvention|Internet censorship circumvention: Wikipedia]]&lt;br /&gt;
* [https://github.com/bol-van/zapret Zapret Documentation]&lt;br /&gt;
* [https://github.com/ValdikSS/GoodbyeDPI Goodbye DPI GitHub]&lt;br /&gt;
* [https://shadowsocks.org/ Shadowsocks Official]&lt;br /&gt;
* [https://github.com/v2fly/v2ray-core V2Ray Core]&lt;br /&gt;
* [https://github.com/XTLS/Xray-core X-ray Core]&lt;br /&gt;
* [https://tb-manual.torproject.org/circumvention/ Tor Circumvention Manual]&lt;br /&gt;
* [https://geti2p.net/ I2P Anonymous Network]&lt;br /&gt;
* [https://ooni.org/ OONI Open Observatory of Network Interference]&lt;br /&gt;
&lt;br /&gt;
[[Category:Internet Censorship]]&lt;br /&gt;
[[Category:Privacy Software]]&lt;br /&gt;
[[Category:Circumvention]]&lt;/div&gt;</summary>
		<author><name>Admin</name></author>
	</entry>
	<entry>
		<id>https://wiki.n216.dedyn.io/index.php?title=Non-Techy_Entries&amp;diff=72</id>
		<title>Non-Techy Entries</title>
		<link rel="alternate" type="text/html" href="https://wiki.n216.dedyn.io/index.php?title=Non-Techy_Entries&amp;diff=72"/>
		<updated>2026-05-28T12:58:55Z</updated>

		<summary type="html">&lt;p&gt;Admin: Created page with &amp;quot;Features of Languages I like&amp;quot;&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;[[Features of Languages I like]]&lt;/div&gt;</summary>
		<author><name>Admin</name></author>
	</entry>
	<entry>
		<id>https://wiki.n216.dedyn.io/index.php?title=UBlock_Settings&amp;diff=71</id>
		<title>UBlock Settings</title>
		<link rel="alternate" type="text/html" href="https://wiki.n216.dedyn.io/index.php?title=UBlock_Settings&amp;diff=71"/>
		<updated>2026-05-18T12:23:24Z</updated>

		<summary type="html">&lt;p&gt;Admin: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;= uBlock Origin filterlists that worth using =&lt;br /&gt;
&lt;br /&gt;
== WARNING: This article is imported from my old note-taking app so expect broken links ==&lt;br /&gt;
&lt;br /&gt;
== Some of these filters are too big. Do not use if your computer is a potato (like mine). ==&lt;br /&gt;
=== If you are using uMatrix look at [https://github.com/themagicteeth/umatrix-recipes this rule recipe] ===&lt;br /&gt;
=== Good [https://tw3.gitlab.io/tw3filterlists/umatrix/ resource] ===&lt;br /&gt;
&lt;br /&gt;
== uBlock Origin Filter Templates ==&lt;br /&gt;
* [https://letsblock.it/filters Let&#039;s Block It]&lt;br /&gt;
&lt;br /&gt;
== More general guide ==&lt;br /&gt;
* [https://github.com/StellarSand/privacy-settings?tab=readme-ov-file StellarSand GitHub]&lt;br /&gt;
&lt;br /&gt;
== Start from [https://github.com/yokoffing/filterlists this] guide and expand the list using my list afterward ==&lt;br /&gt;
&lt;br /&gt;
== Another useful [https://v.firebog.net/hosts/lists.php list] ==&lt;br /&gt;
&lt;br /&gt;
== HOSTS Files and Some Big Filters ==&lt;br /&gt;
=== (these filters can even crash your potato pc, modern computers can handle these filters) ===&lt;br /&gt;
# [http://adblock.mahakala.is Mahakala&#039;s Lists]&lt;br /&gt;
# [https://raw.githubusercontent.com/badmojr/1Hosts/master/Xtra/adblock.txt 1Hosts (Xtra)]&lt;br /&gt;
# [https://big.oisd.nl/ oisd big]&lt;br /&gt;
# [https://mkb2091.github.io/blockconvert/output/adblock.txt Block Convert]&lt;br /&gt;
# [https://raw.githubusercontent.com/hagezi/dns-blocklists/main/adblock/ultimate.txt HaGeZi&#039;s Ultimate DNS Blocklist]&lt;br /&gt;
# [https://raw.githubusercontent.com/jerryn70/GoodbyeAds/master/Formats/GoodbyeAds-Ultra-AdBlock-Filter.txt GoodbyeAds Ultra Adblock]&lt;br /&gt;
# [https://winhelp2002.mvps.org/hosts.txt MVPS hosts]&lt;br /&gt;
# [https://raw.githubusercontent.com/TheFrenchGhosty/Microsoft-Spying-Domain-Names-Collection/master/hosts.txt TheFrenchGhosty&#039;s Windows Hosts]&lt;br /&gt;
# [https://raw.githubusercontent.com/MrRawes/firefox-hosts/firefox-hosts/hosts Firefox Hosts]&lt;br /&gt;
# [https://github.com/ph00lt0/blocklist ph00lt0&#039;s list]&lt;br /&gt;
# [https://raw.githubusercontent.com/Lennolium/PrivacyShield/master/Filters/PrivacyShield-diamond.txt PrivacyShield Diamond]&lt;br /&gt;
# [https://github.com/T145/black-mirror/releases/download/latest/BLOCK_DOMAIN.txt Black Mirror]&lt;br /&gt;
# [https://raw.githubusercontent.com/neodevpro/neodevhost/master/host neodevhosts]&lt;br /&gt;
# [https://a.dove.isdumb.one/list.txt Adobe Licence Check Block]&lt;br /&gt;
# [https://divested.dev/hosts DivestOS HOSTS]&lt;br /&gt;
# [https://github.com/hectorm/hmirror/tree/master/data hmirror (Hector&#039;s blocklists)]&lt;br /&gt;
# [https://blocklistproject.github.io/Lists/everything.txt BlocklistProject Everything]&lt;br /&gt;
&lt;br /&gt;
== Annoyance Cleaners ==&lt;br /&gt;
# [https://raw.githubusercontent.com/yourduskquibbles/webannoyances/master/ultralist.txt Web Annoyances Ultralist] (DON&#039;T use on a potato computer)&lt;br /&gt;
# [https://fanboy.co.nz/r/fanboy-ultimate.txt Fanboy Ultimate] (I don&#039;t tested it. If it is too big filter make a Pull Request to me)&lt;br /&gt;
# [https://github.com/DandelionSprout/adfilt/raw/master/AnnoyancesList Dandelion Sprout Annoyances]&lt;br /&gt;
# [https://raw.githubusercontent.com/RedDragonWebDesign/block-everything/master/block-everything.txt Block Everything] (Use with Web Annoyances Ultralist)&lt;br /&gt;
# [https://raw.githubusercontent.com/anyuzu99/nothingblock/main/filter.txt Nothing Block]&lt;br /&gt;
# [https://raw.githubusercontent.com/jerryn70/GoodbyeAds/master/Formats/GoodbyeAds-AdBlock-Filter.txt GoodbyeAds] (I don&#039;t tested it. If it is too big filter make a Pull Request to me)&lt;br /&gt;
# [https://raw.githubusercontent.com/jerryn70/GoodbyeAds/master/Formats/GoodbyeAds-YouTube-AdBlock-Filter.txt GoodbyeAds YouTube]&lt;br /&gt;
# [https://raw.githubusercontent.com/DandelionSprout/adfilt/master/stayingonbrowser/Staying%20On%20The%20Phone%20Browser Staying On The Browser]&lt;br /&gt;
# [https://raw.githubusercontent.com/DandelionSprout/adfilt/master/I%20Don&#039;t%20Want%20to%20Download%20Your%20Browser.txt I Don&#039;t Want to Download Your Browser]&lt;br /&gt;
# [https://raw.githubusercontent.com/iam-py-test/my_filters_001/main/antitypo.txt anti typo lists]&lt;br /&gt;
# [https://www.github.developerdan.com/hosts/lists/amp-hosts-extended.txt LightSwitch05 AMP Hosts Extended]&lt;br /&gt;
# [https://www.github.developerdan.com/hosts/lists/hate-and-junk-extended.txt Hate and Junk extended]&lt;br /&gt;
# [https://www.i-dont-care-about-cookies.eu/abp/ I don&#039;t care about cookies]&lt;br /&gt;
# [https://raw.githubusercontent.com/DandelionSprout/adfilt/master/ClearURLs%20for%20uBo/clear_urls_uboified.txt Clear URLs for uBo]&lt;br /&gt;
# [https://raw.githubusercontent.com/DandelionSprout/adfilt/master/LegitimateURLShortener.txt Actually Legitimate URL Shortener Tool]&lt;br /&gt;
# [https://raw.githubusercontent.com/yokoffing/filterlists/main/annoyance_list.txt yokoffing&#039;s Annoyance List]&lt;br /&gt;
# [https://raw.githubusercontent.com/iam-py-test/uBlock-combo/main/list.txt uBlock-combo list]&lt;br /&gt;
# [https://raw.github.com/r4vi/block-the-eu-cookie-shit-list/master/filterlist.txt EU cookie list]&lt;br /&gt;
# [https://raw.githubusercontent.com/AdguardTeam/AdguardFilters/master/AnnoyancesFilter/Popups/sections/popups_general.txt Adguard PopUps filter]&lt;br /&gt;
# [https://raw.githubusercontent.com/AFNIL-AntiFakeNewsList/AFNIL/master/AFNIL-ABP-uBO.txt Anti Fake News]&lt;br /&gt;
# [https://raw.githubusercontent.com/infinitytec/blocklists/master/medicalpseudoscience.txt Medical Pseudo Science Filter]&lt;br /&gt;
# [https://chuck.is/yt/yt-ublock-filters.txt YouTube uBlock filters] (Not Up to Date)&lt;br /&gt;
# [https://raw.githubusercontent.com/DandelionSprout/adfilt/master/Anti-Elsagate%20List.txt Anti-Elsagate List]&lt;br /&gt;
# [https://raw.githubusercontent.com/DandelionSprout/adfilt/master/StopAutoplayOnYouTube.txt Stop Autoplay on YouTube]&lt;br /&gt;
# [https://raw.githubusercontent.com/DandelionSprout/adfilt/master/YouTubeEvenMorePureVideoExperience.txt YouTube Even More Pure Video Experience]&lt;br /&gt;
# [https://raw.githubusercontent.com/theel0ja/CrapBlock/master/crapblock-annoyances.txt CrapBlock Annoyances]&lt;br /&gt;
# [https://raw.githubusercontent.com/theel0ja/CrapBlock/master/even-cleaner-news-sites.txt CrapBlock Cleaner News Sites]&lt;br /&gt;
# [https://neuter.mchang.xyz/ YT Neuter] and [https://github.com/mchangrh/yt-neuter 2nd link]&lt;br /&gt;
# [https://raw.githubusercontent.com/gijsdev/ublock-hide-yt-shorts/master/list.txt YT Short Hide]&lt;br /&gt;
# [https://raw.githubusercontent.com/DRSDavidSoft/additional-hosts/master/domains/blacklist/search-blacklist.txt Search Blacklist]&lt;br /&gt;
# [https://raw.githubusercontent.com/DRSDavidSoft/additional-hosts/master/domains/blacklist/adservers-and-trackers.txt Ad and Tracker Blocker]&lt;br /&gt;
# [https://raw.githubusercontent.com/anudeepND/blacklist/master/adservers.txt Ad Servers]&lt;br /&gt;
# [https://github.com/infinitytec/blocklists/raw/master/annoyances.txt Infinitytec Annoyances]&lt;br /&gt;
# [https://raw.githubusercontent.com/taylr/linkedinsanity/master/linkedinsanity.txt LinkedInsanity]&lt;br /&gt;
# [https://raw.githubusercontent.com/lutoma/nocomments/master/abp.txt NoComments]&lt;br /&gt;
# [https://raw.githubusercontent.com/mistalaba/popover-blocklist/master/blocklist.txt Popover Blocklist]&lt;br /&gt;
# [https://raw.githubusercontent.com/Nebula-Mechanica/Anti-AutoTranslation-List/master/anti-autotranslation-list-full.txt Anti-AutoTranslation List]&lt;br /&gt;
# [https://github.com/bcye/Hello-Goodbye/raw/master/filterlist.txt Hello-Goodbye Chat/Cookie Widget Blocker]&lt;br /&gt;
# [https://raw.githubusercontent.com/lassekongo83/Frellwits-filter-lists/master/emoji-filter.txt Frellwit&#039;s Emoji Filter]&lt;br /&gt;
# [https://raw.githubusercontent.com/Yhonay/antipopads/master/popads.txt&amp;amp;title=Anti%20popads.net Anti Popads.net]&lt;br /&gt;
# [https://raw.githubusercontent.com/cpeterso/clickbait-blocklist/master/clickbait-blocklist.txt Clickbait Blocklist (cpeterso)]&lt;br /&gt;
# [https://raw.githubusercontent.com/endolith/clickbait/master/clickbait.txt Clickbait Blocklist (endolith)]&lt;br /&gt;
# [https://raw.githubusercontent.com/caffeinewriter/dontpushme/master/filterlist.txt DontPushMe (Push Notifications Blocker)]&lt;br /&gt;
# [https://raw2.github.com/ilyakatz/adblock_filters/master/inpage_popups.txt Inpage Popups Filter]&lt;br /&gt;
# [https://github.com/Manu1400/i-don-t-care-about-newsletters/raw/master/adp.txt I Don&#039;t Care About Newsletters]&lt;br /&gt;
# [https://github.com/Manu1400/i-don-t-care-about-gotoup-btns/raw/master/list-gotoup-btns.txt I Don&#039;t Care About Go-To-Up Buttons]&lt;br /&gt;
&lt;br /&gt;
== Not Piracy but someone hates it ==&lt;br /&gt;
# [https://raw.githubusercontent.com/DandelionSprout/adfilt/master/BrowseWebsitesWithoutLoggingIn.txt Browse websites without logging in]&lt;br /&gt;
# [https://raw.githubusercontent.com/liamengland1/miscfilters/master/antipaywall.txt Anti-paywall filters]&lt;br /&gt;
# [https://gitlab.com/magnolia1234/bypass-paywalls-clean-filters/-/raw/main/bpc-paywall-filter.txt Bypass Paywalls Clean Filters]&lt;br /&gt;
# [https://raw.githubusercontent.com/reek/anti-adblock-killer/master/anti-adblock-killer-filters.txt Anti Adblock Killer]&lt;br /&gt;
# [https://files.enderman.ch/scripts/yt-antiadblocker.txt Anti-Anti-Adblocker by Enderman]&lt;br /&gt;
# [https://raw.githubusercontent.com/DRSDavidSoft/additional-hosts/master/domains/blacklist/activation.txt Block Activation Servers to Get Infinite Trials]&lt;br /&gt;
# [https://raw.githubusercontent.com/ignaciocastro/a-dove-is-dumb/main/list.txt Adobe Licence Check Block]&lt;br /&gt;
# [https://raw.githubusercontent.com/acnapyx/paywall-remover/master/paywall-remover-list.txt Acnapyx Paywall Remover]&lt;br /&gt;
# [https://raw.githubusercontent.com/bogachenko/fuckfuckadblock/master/fuckfuckadblock.txt?_=3 FuckFuckAdblock]&lt;br /&gt;
&lt;br /&gt;
== Sneaky Trackers and Security Filters ==&lt;br /&gt;
# [https://raw.githubusercontent.com/AdguardTeam/cname-trackers/master/combined_disguised_trackers.txt AdGuard CNAME disguised trackers list]&lt;br /&gt;
# [https://raw.githubusercontent.com/AdguardTeam/cname-trackers/master/combined_disguised_ads.txt AdGuard CNAME disguised trackers list(ads)]&lt;br /&gt;
# [https://raw.githubusercontent.com/AdguardTeam/cname-trackers/master/combined_original_trackers.txt AdGuard CNAME original trackers list]&lt;br /&gt;
# [https://easylist-downloads.adblockplus.org/abp-filters-anti-cv.txt Anti CV List]&lt;br /&gt;
# [https://filters.adavoid.org/ultimate-privacy-filter.txt Ultimate Privacy Filter]&lt;br /&gt;
# [https://raw.githubusercontent.com/iam-py-test/my_filters_001/main/antimalware.txt The malicious website blocklist]&lt;br /&gt;
# [https://malware-filter.gitlab.io/malware-filter/urlhaus-filter.txt URLhaus Filter]&lt;br /&gt;
# [https://phishing.army/download/phishing_army_blocklist_extended.txt Phishing Army Extended]&lt;br /&gt;
# [https://raw.githubusercontent.com/gasull/adblock-nsa/master/filters.txt AdBlock the NSA]&lt;br /&gt;
# [https://raw.githubusercontent.com/Spam404/lists/master/adblock-list.txt Spam404]&lt;br /&gt;
# [https://gist.githubusercontent.com/Rust1667/df78d493cf3c00340c535d93e303c4f9/raw FMHY unsafe sites]&lt;br /&gt;
# [https://www.github.developerdan.com/hosts/lists/ads-and-tracking-extended.txt LightSwitch05 Ads and Tracking Extended] (I don&#039;t tested it. If it is too big filter make a Pull Request to me)&lt;br /&gt;
# [https://raw.githubusercontent.com/durablenapkin/scamblocklist/master/hosts.txt Durablenapkin Spam Filter]&lt;br /&gt;
# [https://raw.githubusercontent.com/quenhus/uBlock-Origin-dev-filter/main/dist/all_search_engines/global.txt uBO dev filter]&lt;br /&gt;
# [https://raw.githubusercontent.com/stephenhawk8054/PrivacyExtended/main/privacy_extended.txt Privacy Extended]&lt;br /&gt;
# [https://raw.githubusercontent.com/hagezi/dns-blocklists/main/adblock/spam-tlds-ublock.txt Most Abused TLDs]&lt;br /&gt;
# [https://raw.githubusercontent.com/yokoffing/filterlists/main/privacy_essentials.txt Privacy Essentials]&lt;br /&gt;
# [https://raw.githubusercontent.com/DandelionSprout/adfilt/master/Dandelion%20Sprout&#039;s%20Anti-Malware%20List.txt Dandelion Sprouts Anti Malware List]&lt;br /&gt;
# [https://zerodot1.gitlab.io/CoinBlockerLists/list_browser_UBO.txt Coin Blocker List]&lt;br /&gt;
# [https://raw.githubusercontent.com/hoshsadiq/adblock-nocoin-list/master/nocoin.txt NoCoin] / [https://raw.githubusercontent.com/anudeepND/blacklist/master/CoinMiner.txt CoinMiner]&lt;br /&gt;
# [https://github.com/WindowsAurora/FMHYFilterlist FMHY Filter]&lt;br /&gt;
# [https://raw.githubusercontent.com/DRSDavidSoft/additional-hosts/master/domains/blacklist/fake-domains.txt Fake Domains]&lt;br /&gt;
# [https://raw.githubusercontent.com/piperun/iploggerfilter/master/filterlist IP logger filter]&lt;br /&gt;
# [https://raw.githubusercontent.com/anudeepND/blacklist/master/facebook.txt No Facebook]&lt;br /&gt;
# [https://raw.githubusercontent.com/infinitytec/blocklists/master/adfilters.txt Infinitytec AdFilters]&lt;br /&gt;
# [https://raw.githubusercontent.com/Rpsl/adblock-leadgenerator-list/master/list/list.txt Lead Generator Blocklist]&lt;br /&gt;
# [https://raw.githubusercontent.com/metaphoricgiraffe/tracking-filters/master/trackingfilters.txt MetaphoricGiraffe Tracking Filters]&lt;br /&gt;
# [https://malware-filter.gitlab.io/malware-filter/tracking-filter.txt URLhaus Tracking Filter]&lt;br /&gt;
# [https://raw.githubusercontent.com/durablenapkin/scamblocklist/master/adguard.txt Durablenapkin Scam Blocklist (AdGuard format)]&lt;br /&gt;
# [https://raw.githubusercontent.com/kano1/Kano/master/Spyware.txt Kano Spyware Filter]&lt;br /&gt;
# [https://raw.githubusercontent.com/L8X/AntiAuthenticationUrlFilter/main/AntiAuthenticationUrlFilter.txt&amp;amp;title=Anti-Authentication-Url-Filter Anti-Authentication URL Filter]&lt;br /&gt;
# [https://github.com/Kees1958/W3C_annual_most_used_survey_blocklist/raw/master/EU_US_MV2_most_common_ad%2Btracking_networks Kees1958 Most Common Ad &amp;amp; Tracking Networks]&lt;br /&gt;
# [https://github.com/Kees1958/W3C_annual_most_used_survey_blocklist/raw/master/URL_tracking_parameters.txt Kees1958 URL Tracking Parameters]&lt;br /&gt;
# [https://raw.githubusercontent.com/bogachenko/fuckfuckadblock/master/fuckfuckadblock-mining.txt?_=3 FuckFuckAdblock Mining]&lt;br /&gt;
&lt;br /&gt;
== Other ==&lt;br /&gt;
# [https://raw.githubusercontent.com/yokoffing/filterlists/main/block_third_party_fonts.txt Block Third Party Fonts]&lt;br /&gt;
# [https://raw.githubusercontent.com/theel0ja/CrapBlock/master/block-googlefonts.txt CrapBlock Google Fonts]&lt;br /&gt;
# [https://github.com/mig4ng/ublock-origin-filters mig4ng&#039;s uBlock Origin filters]&lt;br /&gt;
# [https://pastebin.com/raw/r9a5WrZa?__cpo=aHR0cHM6Ly9wYXN0ZWJpbi5jb20 Pastebin Custom Filter (r9a5WrZa)]&lt;br /&gt;
# [https://adblock.twoslashes.com/nt-adblock.txt TwoSlashes NT Adblock]&lt;br /&gt;
# [https://github.com/secretsnow/Ad-Filters/raw/master/Ad%20Filters.txt Secretsnow Ad Filters]&lt;br /&gt;
# [https://raw.githubusercontent.com/KCaglarCoskun/enur-filter-list/master/enur-filter-list.txt Enur Filter List]&lt;br /&gt;
# [https://gist.github.com/gorhill/ef1b62d606473c68d524/raw/90edb7864ee40d49c8f29ad4f2f1aded08e60c6c/gistfile1.txt gorhill&#039;s Experimental Filter Gist]&lt;br /&gt;
# [https://github.com/jkrejcha/AdmiraList/raw/master/AdmiraList.txt AdmiraList]&lt;br /&gt;
# [https://raw.githubusercontent.com/VernonStow/Filterlist/master/Filterlist.txt VernonStow Filterlist]&lt;br /&gt;
&lt;br /&gt;
&amp;lt;br /&amp;gt;&lt;br /&gt;
Or try this rule (sometimes causes breakages like weird icons): &amp;lt;code&amp;gt;*$font,third-party&amp;lt;/code&amp;gt;&lt;br /&gt;
&lt;br /&gt;
== uBlock Origin rules ==&lt;br /&gt;
=== from CHEF-KOCH ===&lt;br /&gt;
&amp;lt;pre&amp;gt;&lt;br /&gt;
! Disable Content Security Policies set by filters on all websites by setting a CSP with no values&lt;br /&gt;
@@||*$csp&lt;br /&gt;
&lt;br /&gt;
! Block the use of eval javascript command but allow using uBlocks no-eval scriptlet on all websites&lt;br /&gt;
*##+js(noeval)&lt;br /&gt;
&amp;lt;/pre&amp;gt;&lt;br /&gt;
&lt;br /&gt;
=== Not from CHEF-KOCH ===&lt;br /&gt;
&amp;lt;pre&amp;gt;&lt;br /&gt;
! Block http POST requests (can break things)&lt;br /&gt;
||*^$method=post&lt;br /&gt;
&lt;br /&gt;
! Block URL parameters (can break things)&lt;br /&gt;
*$removeparam=*&lt;br /&gt;
&amp;lt;/pre&amp;gt;&lt;br /&gt;
&lt;br /&gt;
== uBlock Origin settings from yokoffing ==&lt;br /&gt;
{| class=&amp;quot;wikitable&amp;quot;&lt;br /&gt;
! Setting !! Value !! Description&lt;br /&gt;
|-&lt;br /&gt;
| autoUpdateAssetFetchPeriod || 10 || auto-updater waits x seconds before fetching the next filterlist&lt;br /&gt;
|-&lt;br /&gt;
| autoUpdateDelayAfterLaunch || 5 || update out-of-date filter lists x seconds after browser startup&lt;br /&gt;
|-&lt;br /&gt;
| autoUpdatePeriod || 1 || uBO checks for filter lists updates every x hours&lt;br /&gt;
|-&lt;br /&gt;
| cnameMaxTTL || 720 || cache CNAME aliases for x minutes&lt;br /&gt;
|-&lt;br /&gt;
| filterAuthorMode || true || enable Dynamic Filtering&lt;br /&gt;
|-&lt;br /&gt;
| updateAssetBypassBrowserCache || true || bypass cache when manually fetching a filter list more often than every hour&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
[[Category:Web browsers]]&lt;br /&gt;
[[Category:Hardening]]&lt;br /&gt;
[[Category:Privacy]]&lt;br /&gt;
[[Category:Security]]&lt;/div&gt;</summary>
		<author><name>Admin</name></author>
	</entry>
	<entry>
		<id>https://wiki.n216.dedyn.io/index.php?title=UBlock_Settings&amp;diff=70</id>
		<title>UBlock Settings</title>
		<link rel="alternate" type="text/html" href="https://wiki.n216.dedyn.io/index.php?title=UBlock_Settings&amp;diff=70"/>
		<updated>2026-05-18T12:20:25Z</updated>

		<summary type="html">&lt;p&gt;Admin: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;= uBlock Origin filterlists that worth using =&lt;br /&gt;
&lt;br /&gt;
== WARNING: This article is imported from my old note-taking app so expect broken links ==&lt;br /&gt;
&lt;br /&gt;
== Some of these filters are too big. Do not use if your computer is a potato (like mine). ==&lt;br /&gt;
=== If you are using uMatrix look at [https://github.com/themagicteeth/umatrix-recipes this rule recipe] ===&lt;br /&gt;
=== Good [https://tw3.gitlab.io/tw3filterlists/umatrix/ resource] ===&lt;br /&gt;
&lt;br /&gt;
== uBlock Origin Filter Templates ==&lt;br /&gt;
* [https://letsblock.it/filters Let&#039;s Block It]&lt;br /&gt;
&lt;br /&gt;
== More general guide ==&lt;br /&gt;
* [https://github.com/StellarSand/privacy-settings?tab=readme-ov-file StellarSand GitHub]&lt;br /&gt;
&lt;br /&gt;
== Start from [https://github.com/yokoffing/filterlists this] guide and expand the list using my list afterward ==&lt;br /&gt;
&lt;br /&gt;
== HOSTS Files and Some Big Filters ==&lt;br /&gt;
=== (these filters can even crash your potato pc, modern computers can handle these filters) ===&lt;br /&gt;
# [http://adblock.mahakala.is Mahakala&#039;s Lists]&lt;br /&gt;
# [https://raw.githubusercontent.com/badmojr/1Hosts/master/Xtra/adblock.txt 1Hosts (Xtra)]&lt;br /&gt;
# [https://big.oisd.nl/ oisd big]&lt;br /&gt;
# [https://mkb2091.github.io/blockconvert/output/adblock.txt Block Convert]&lt;br /&gt;
# [https://raw.githubusercontent.com/hagezi/dns-blocklists/main/adblock/ultimate.txt HaGeZi&#039;s Ultimate DNS Blocklist]&lt;br /&gt;
# [https://raw.githubusercontent.com/jerryn70/GoodbyeAds/master/Formats/GoodbyeAds-Ultra-AdBlock-Filter.txt GoodbyeAds Ultra Adblock]&lt;br /&gt;
# [https://winhelp2002.mvps.org/hosts.txt MVPS hosts]&lt;br /&gt;
# [https://raw.githubusercontent.com/TheFrenchGhosty/Microsoft-Spying-Domain-Names-Collection/master/hosts.txt TheFrenchGhosty&#039;s Windows Hosts]&lt;br /&gt;
# [https://raw.githubusercontent.com/MrRawes/firefox-hosts/firefox-hosts/hosts Firefox Hosts]&lt;br /&gt;
# [https://github.com/ph00lt0/blocklist ph00lt0&#039;s list]&lt;br /&gt;
# [https://raw.githubusercontent.com/Lennolium/PrivacyShield/master/Filters/PrivacyShield-diamond.txt PrivacyShield Diamond]&lt;br /&gt;
# [https://github.com/T145/black-mirror/releases/download/latest/BLOCK_DOMAIN.txt Black Mirror]&lt;br /&gt;
# [https://raw.githubusercontent.com/neodevpro/neodevhost/master/host neodevhosts]&lt;br /&gt;
# [https://a.dove.isdumb.one/list.txt Adobe Licence Check Block]&lt;br /&gt;
# [https://divested.dev/hosts DivestOS HOSTS]&lt;br /&gt;
# [https://github.com/hectorm/hmirror/tree/master/data hmirror (Hector&#039;s blocklists)]&lt;br /&gt;
# [https://blocklistproject.github.io/Lists/everything.txt BlocklistProject Everything]&lt;br /&gt;
&lt;br /&gt;
== Annoyance Cleaners ==&lt;br /&gt;
# [https://raw.githubusercontent.com/yourduskquibbles/webannoyances/master/ultralist.txt Web Annoyances Ultralist] (DON&#039;T use on a potato computer)&lt;br /&gt;
# [https://fanboy.co.nz/r/fanboy-ultimate.txt Fanboy Ultimate] (I don&#039;t tested it. If it is too big filter make a Pull Request to me)&lt;br /&gt;
# [https://github.com/DandelionSprout/adfilt/raw/master/AnnoyancesList Dandelion Sprout Annoyances]&lt;br /&gt;
# [https://raw.githubusercontent.com/RedDragonWebDesign/block-everything/master/block-everything.txt Block Everything] (Use with Web Annoyances Ultralist)&lt;br /&gt;
# [https://raw.githubusercontent.com/anyuzu99/nothingblock/main/filter.txt Nothing Block]&lt;br /&gt;
# [https://raw.githubusercontent.com/jerryn70/GoodbyeAds/master/Formats/GoodbyeAds-AdBlock-Filter.txt GoodbyeAds] (I don&#039;t tested it. If it is too big filter make a Pull Request to me)&lt;br /&gt;
# [https://raw.githubusercontent.com/jerryn70/GoodbyeAds/master/Formats/GoodbyeAds-YouTube-AdBlock-Filter.txt GoodbyeAds YouTube]&lt;br /&gt;
# [https://raw.githubusercontent.com/DandelionSprout/adfilt/master/stayingonbrowser/Staying%20On%20The%20Phone%20Browser Staying On The Browser]&lt;br /&gt;
# [https://raw.githubusercontent.com/DandelionSprout/adfilt/master/I%20Don&#039;t%20Want%20to%20Download%20Your%20Browser.txt I Don&#039;t Want to Download Your Browser]&lt;br /&gt;
# [https://raw.githubusercontent.com/iam-py-test/my_filters_001/main/antitypo.txt anti typo lists]&lt;br /&gt;
# [https://www.github.developerdan.com/hosts/lists/amp-hosts-extended.txt LightSwitch05 AMP Hosts Extended]&lt;br /&gt;
# [https://www.github.developerdan.com/hosts/lists/hate-and-junk-extended.txt Hate and Junk extended]&lt;br /&gt;
# [https://www.i-dont-care-about-cookies.eu/abp/ I don&#039;t care about cookies]&lt;br /&gt;
# [https://raw.githubusercontent.com/DandelionSprout/adfilt/master/ClearURLs%20for%20uBo/clear_urls_uboified.txt Clear URLs for uBo]&lt;br /&gt;
# [https://raw.githubusercontent.com/DandelionSprout/adfilt/master/LegitimateURLShortener.txt Actually Legitimate URL Shortener Tool]&lt;br /&gt;
# [https://raw.githubusercontent.com/yokoffing/filterlists/main/annoyance_list.txt yokoffing&#039;s Annoyance List]&lt;br /&gt;
# [https://raw.githubusercontent.com/iam-py-test/uBlock-combo/main/list.txt uBlock-combo list]&lt;br /&gt;
# [https://raw.github.com/r4vi/block-the-eu-cookie-shit-list/master/filterlist.txt EU cookie list]&lt;br /&gt;
# [https://raw.githubusercontent.com/AdguardTeam/AdguardFilters/master/AnnoyancesFilter/Popups/sections/popups_general.txt Adguard PopUps filter]&lt;br /&gt;
# [https://raw.githubusercontent.com/AFNIL-AntiFakeNewsList/AFNIL/master/AFNIL-ABP-uBO.txt Anti Fake News]&lt;br /&gt;
# [https://raw.githubusercontent.com/infinitytec/blocklists/master/medicalpseudoscience.txt Medical Pseudo Science Filter]&lt;br /&gt;
# [https://chuck.is/yt/yt-ublock-filters.txt YouTube uBlock filters] (Not Up to Date)&lt;br /&gt;
# [https://raw.githubusercontent.com/DandelionSprout/adfilt/master/Anti-Elsagate%20List.txt Anti-Elsagate List]&lt;br /&gt;
# [https://raw.githubusercontent.com/DandelionSprout/adfilt/master/StopAutoplayOnYouTube.txt Stop Autoplay on YouTube]&lt;br /&gt;
# [https://raw.githubusercontent.com/DandelionSprout/adfilt/master/YouTubeEvenMorePureVideoExperience.txt YouTube Even More Pure Video Experience]&lt;br /&gt;
# [https://raw.githubusercontent.com/theel0ja/CrapBlock/master/crapblock-annoyances.txt CrapBlock Annoyances]&lt;br /&gt;
# [https://raw.githubusercontent.com/theel0ja/CrapBlock/master/even-cleaner-news-sites.txt CrapBlock Cleaner News Sites]&lt;br /&gt;
# [https://neuter.mchang.xyz/ YT Neuter] and [https://github.com/mchangrh/yt-neuter 2nd link]&lt;br /&gt;
# [https://raw.githubusercontent.com/gijsdev/ublock-hide-yt-shorts/master/list.txt YT Short Hide]&lt;br /&gt;
# [https://raw.githubusercontent.com/DRSDavidSoft/additional-hosts/master/domains/blacklist/search-blacklist.txt Search Blacklist]&lt;br /&gt;
# [https://raw.githubusercontent.com/DRSDavidSoft/additional-hosts/master/domains/blacklist/adservers-and-trackers.txt Ad and Tracker Blocker]&lt;br /&gt;
# [https://raw.githubusercontent.com/anudeepND/blacklist/master/adservers.txt Ad Servers]&lt;br /&gt;
# [https://github.com/infinitytec/blocklists/raw/master/annoyances.txt Infinitytec Annoyances]&lt;br /&gt;
# [https://raw.githubusercontent.com/taylr/linkedinsanity/master/linkedinsanity.txt LinkedInsanity]&lt;br /&gt;
# [https://raw.githubusercontent.com/lutoma/nocomments/master/abp.txt NoComments]&lt;br /&gt;
# [https://raw.githubusercontent.com/mistalaba/popover-blocklist/master/blocklist.txt Popover Blocklist]&lt;br /&gt;
# [https://raw.githubusercontent.com/Nebula-Mechanica/Anti-AutoTranslation-List/master/anti-autotranslation-list-full.txt Anti-AutoTranslation List]&lt;br /&gt;
# [https://github.com/bcye/Hello-Goodbye/raw/master/filterlist.txt Hello-Goodbye Chat/Cookie Widget Blocker]&lt;br /&gt;
# [https://raw.githubusercontent.com/lassekongo83/Frellwits-filter-lists/master/emoji-filter.txt Frellwit&#039;s Emoji Filter]&lt;br /&gt;
# [https://raw.githubusercontent.com/Yhonay/antipopads/master/popads.txt&amp;amp;title=Anti%20popads.net Anti Popads.net]&lt;br /&gt;
# [https://raw.githubusercontent.com/cpeterso/clickbait-blocklist/master/clickbait-blocklist.txt Clickbait Blocklist (cpeterso)]&lt;br /&gt;
# [https://raw.githubusercontent.com/endolith/clickbait/master/clickbait.txt Clickbait Blocklist (endolith)]&lt;br /&gt;
# [https://raw.githubusercontent.com/caffeinewriter/dontpushme/master/filterlist.txt DontPushMe (Push Notifications Blocker)]&lt;br /&gt;
# [https://raw2.github.com/ilyakatz/adblock_filters/master/inpage_popups.txt Inpage Popups Filter]&lt;br /&gt;
# [https://github.com/Manu1400/i-don-t-care-about-newsletters/raw/master/adp.txt I Don&#039;t Care About Newsletters]&lt;br /&gt;
# [https://github.com/Manu1400/i-don-t-care-about-gotoup-btns/raw/master/list-gotoup-btns.txt I Don&#039;t Care About Go-To-Up Buttons]&lt;br /&gt;
&lt;br /&gt;
== Not Piracy but someone hates it ==&lt;br /&gt;
# [https://raw.githubusercontent.com/DandelionSprout/adfilt/master/BrowseWebsitesWithoutLoggingIn.txt Browse websites without logging in]&lt;br /&gt;
# [https://raw.githubusercontent.com/liamengland1/miscfilters/master/antipaywall.txt Anti-paywall filters]&lt;br /&gt;
# [https://gitlab.com/magnolia1234/bypass-paywalls-clean-filters/-/raw/main/bpc-paywall-filter.txt Bypass Paywalls Clean Filters]&lt;br /&gt;
# [https://raw.githubusercontent.com/reek/anti-adblock-killer/master/anti-adblock-killer-filters.txt Anti Adblock Killer]&lt;br /&gt;
# [https://files.enderman.ch/scripts/yt-antiadblocker.txt Anti-Anti-Adblocker by Enderman]&lt;br /&gt;
# [https://raw.githubusercontent.com/DRSDavidSoft/additional-hosts/master/domains/blacklist/activation.txt Block Activation Servers to Get Infinite Trials]&lt;br /&gt;
# [https://raw.githubusercontent.com/ignaciocastro/a-dove-is-dumb/main/list.txt Adobe Licence Check Block]&lt;br /&gt;
# [https://raw.githubusercontent.com/acnapyx/paywall-remover/master/paywall-remover-list.txt Acnapyx Paywall Remover]&lt;br /&gt;
# [https://raw.githubusercontent.com/bogachenko/fuckfuckadblock/master/fuckfuckadblock.txt?_=3 FuckFuckAdblock]&lt;br /&gt;
&lt;br /&gt;
== Sneaky Trackers and Security Filters ==&lt;br /&gt;
# [https://raw.githubusercontent.com/AdguardTeam/cname-trackers/master/combined_disguised_trackers.txt AdGuard CNAME disguised trackers list]&lt;br /&gt;
# [https://raw.githubusercontent.com/AdguardTeam/cname-trackers/master/combined_disguised_ads.txt AdGuard CNAME disguised trackers list(ads)]&lt;br /&gt;
# [https://raw.githubusercontent.com/AdguardTeam/cname-trackers/master/combined_original_trackers.txt AdGuard CNAME original trackers list]&lt;br /&gt;
# [https://easylist-downloads.adblockplus.org/abp-filters-anti-cv.txt Anti CV List]&lt;br /&gt;
# [https://filters.adavoid.org/ultimate-privacy-filter.txt Ultimate Privacy Filter]&lt;br /&gt;
# [https://raw.githubusercontent.com/iam-py-test/my_filters_001/main/antimalware.txt The malicious website blocklist]&lt;br /&gt;
# [https://malware-filter.gitlab.io/malware-filter/urlhaus-filter.txt URLhaus Filter]&lt;br /&gt;
# [https://phishing.army/download/phishing_army_blocklist_extended.txt Phishing Army Extended]&lt;br /&gt;
# [https://raw.githubusercontent.com/gasull/adblock-nsa/master/filters.txt AdBlock the NSA]&lt;br /&gt;
# [https://raw.githubusercontent.com/Spam404/lists/master/adblock-list.txt Spam404]&lt;br /&gt;
# [https://gist.githubusercontent.com/Rust1667/df78d493cf3c00340c535d93e303c4f9/raw FMHY unsafe sites]&lt;br /&gt;
# [https://www.github.developerdan.com/hosts/lists/ads-and-tracking-extended.txt LightSwitch05 Ads and Tracking Extended] (I don&#039;t tested it. If it is too big filter make a Pull Request to me)&lt;br /&gt;
# [https://raw.githubusercontent.com/durablenapkin/scamblocklist/master/hosts.txt Durablenapkin Spam Filter]&lt;br /&gt;
# [https://raw.githubusercontent.com/quenhus/uBlock-Origin-dev-filter/main/dist/all_search_engines/global.txt uBO dev filter]&lt;br /&gt;
# [https://raw.githubusercontent.com/stephenhawk8054/PrivacyExtended/main/privacy_extended.txt Privacy Extended]&lt;br /&gt;
# [https://raw.githubusercontent.com/hagezi/dns-blocklists/main/adblock/spam-tlds-ublock.txt Most Abused TLDs]&lt;br /&gt;
# [https://raw.githubusercontent.com/yokoffing/filterlists/main/privacy_essentials.txt Privacy Essentials]&lt;br /&gt;
# [https://raw.githubusercontent.com/DandelionSprout/adfilt/master/Dandelion%20Sprout&#039;s%20Anti-Malware%20List.txt Dandelion Sprouts Anti Malware List]&lt;br /&gt;
# [https://zerodot1.gitlab.io/CoinBlockerLists/list_browser_UBO.txt Coin Blocker List]&lt;br /&gt;
# [https://raw.githubusercontent.com/hoshsadiq/adblock-nocoin-list/master/nocoin.txt NoCoin] / [https://raw.githubusercontent.com/anudeepND/blacklist/master/CoinMiner.txt CoinMiner]&lt;br /&gt;
# [https://github.com/WindowsAurora/FMHYFilterlist FMHY Filter]&lt;br /&gt;
# [https://raw.githubusercontent.com/DRSDavidSoft/additional-hosts/master/domains/blacklist/fake-domains.txt Fake Domains]&lt;br /&gt;
# [https://raw.githubusercontent.com/piperun/iploggerfilter/master/filterlist IP logger filter]&lt;br /&gt;
# [https://raw.githubusercontent.com/anudeepND/blacklist/master/facebook.txt No Facebook]&lt;br /&gt;
# [https://raw.githubusercontent.com/infinitytec/blocklists/master/adfilters.txt Infinitytec AdFilters]&lt;br /&gt;
# [https://raw.githubusercontent.com/Rpsl/adblock-leadgenerator-list/master/list/list.txt Lead Generator Blocklist]&lt;br /&gt;
# [https://raw.githubusercontent.com/metaphoricgiraffe/tracking-filters/master/trackingfilters.txt MetaphoricGiraffe Tracking Filters]&lt;br /&gt;
# [https://malware-filter.gitlab.io/malware-filter/tracking-filter.txt URLhaus Tracking Filter]&lt;br /&gt;
# [https://raw.githubusercontent.com/durablenapkin/scamblocklist/master/adguard.txt Durablenapkin Scam Blocklist (AdGuard format)]&lt;br /&gt;
# [https://raw.githubusercontent.com/kano1/Kano/master/Spyware.txt Kano Spyware Filter]&lt;br /&gt;
# [https://raw.githubusercontent.com/L8X/AntiAuthenticationUrlFilter/main/AntiAuthenticationUrlFilter.txt&amp;amp;title=Anti-Authentication-Url-Filter Anti-Authentication URL Filter]&lt;br /&gt;
# [https://github.com/Kees1958/W3C_annual_most_used_survey_blocklist/raw/master/EU_US_MV2_most_common_ad%2Btracking_networks Kees1958 Most Common Ad &amp;amp; Tracking Networks]&lt;br /&gt;
# [https://github.com/Kees1958/W3C_annual_most_used_survey_blocklist/raw/master/URL_tracking_parameters.txt Kees1958 URL Tracking Parameters]&lt;br /&gt;
# [https://raw.githubusercontent.com/bogachenko/fuckfuckadblock/master/fuckfuckadblock-mining.txt?_=3 FuckFuckAdblock Mining]&lt;br /&gt;
&lt;br /&gt;
== Other ==&lt;br /&gt;
# [https://raw.githubusercontent.com/yokoffing/filterlists/main/block_third_party_fonts.txt Block Third Party Fonts]&lt;br /&gt;
# [https://raw.githubusercontent.com/theel0ja/CrapBlock/master/block-googlefonts.txt CrapBlock Google Fonts]&lt;br /&gt;
# [https://github.com/mig4ng/ublock-origin-filters mig4ng&#039;s uBlock Origin filters]&lt;br /&gt;
# [https://pastebin.com/raw/r9a5WrZa?__cpo=aHR0cHM6Ly9wYXN0ZWJpbi5jb20 Pastebin Custom Filter (r9a5WrZa)]&lt;br /&gt;
# [https://adblock.twoslashes.com/nt-adblock.txt TwoSlashes NT Adblock]&lt;br /&gt;
# [https://github.com/secretsnow/Ad-Filters/raw/master/Ad%20Filters.txt Secretsnow Ad Filters]&lt;br /&gt;
# [https://raw.githubusercontent.com/KCaglarCoskun/enur-filter-list/master/enur-filter-list.txt Enur Filter List]&lt;br /&gt;
# [https://gist.github.com/gorhill/ef1b62d606473c68d524/raw/90edb7864ee40d49c8f29ad4f2f1aded08e60c6c/gistfile1.txt gorhill&#039;s Experimental Filter Gist]&lt;br /&gt;
# [https://github.com/jkrejcha/AdmiraList/raw/master/AdmiraList.txt AdmiraList]&lt;br /&gt;
# [https://raw.githubusercontent.com/VernonStow/Filterlist/master/Filterlist.txt VernonStow Filterlist]&lt;br /&gt;
&lt;br /&gt;
&amp;lt;br /&amp;gt;&lt;br /&gt;
Or try this rule (sometimes causes breakages like weird icons): &amp;lt;code&amp;gt;*$font,third-party&amp;lt;/code&amp;gt;&lt;br /&gt;
&lt;br /&gt;
== uBlock Origin rules ==&lt;br /&gt;
=== from CHEF-KOCH ===&lt;br /&gt;
&amp;lt;pre&amp;gt;&lt;br /&gt;
! Disable Content Security Policies set by filters on all websites by setting a CSP with no values&lt;br /&gt;
@@||*$csp&lt;br /&gt;
&lt;br /&gt;
! Block the use of eval javascript command but allow using uBlocks no-eval scriptlet on all websites&lt;br /&gt;
*##+js(noeval)&lt;br /&gt;
&amp;lt;/pre&amp;gt;&lt;br /&gt;
&lt;br /&gt;
=== Not from CHEF-KOCH ===&lt;br /&gt;
&amp;lt;pre&amp;gt;&lt;br /&gt;
! Block http POST requests (can break things)&lt;br /&gt;
||*^$method=post&lt;br /&gt;
&lt;br /&gt;
! Block URL parameters (can break things)&lt;br /&gt;
*$removeparam=*&lt;br /&gt;
&amp;lt;/pre&amp;gt;&lt;br /&gt;
&lt;br /&gt;
== uBlock Origin settings from yokoffing ==&lt;br /&gt;
{| class=&amp;quot;wikitable&amp;quot;&lt;br /&gt;
! Setting !! Value !! Description&lt;br /&gt;
|-&lt;br /&gt;
| autoUpdateAssetFetchPeriod || 10 || auto-updater waits x seconds before fetching the next filterlist&lt;br /&gt;
|-&lt;br /&gt;
| autoUpdateDelayAfterLaunch || 5 || update out-of-date filter lists x seconds after browser startup&lt;br /&gt;
|-&lt;br /&gt;
| autoUpdatePeriod || 1 || uBO checks for filter lists updates every x hours&lt;br /&gt;
|-&lt;br /&gt;
| cnameMaxTTL || 720 || cache CNAME aliases for x minutes&lt;br /&gt;
|-&lt;br /&gt;
| filterAuthorMode || true || enable Dynamic Filtering&lt;br /&gt;
|-&lt;br /&gt;
| updateAssetBypassBrowserCache || true || bypass cache when manually fetching a filter list more often than every hour&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
[[Category:Web browsers]]&lt;br /&gt;
[[Category:Hardening]]&lt;br /&gt;
[[Category:Privacy]]&lt;br /&gt;
[[Category:Security]]&lt;/div&gt;</summary>
		<author><name>Admin</name></author>
	</entry>
	<entry>
		<id>https://wiki.n216.dedyn.io/index.php?title=UBlock_Settings&amp;diff=69</id>
		<title>UBlock Settings</title>
		<link rel="alternate" type="text/html" href="https://wiki.n216.dedyn.io/index.php?title=UBlock_Settings&amp;diff=69"/>
		<updated>2026-05-18T12:11:34Z</updated>

		<summary type="html">&lt;p&gt;Admin: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;= uBlock Origin filterlists that worth using =&lt;br /&gt;
&lt;br /&gt;
== WARNING: This article is imported from my old note-taking app so expect broken links ==&lt;br /&gt;
&lt;br /&gt;
== Some of these filters are too big. Do not use if your computer is a potato (like mine). ==&lt;br /&gt;
=== If you are using uMatrix look at [https://github.com/themagicteeth/umatrix-recipes this rule recipe] ===&lt;br /&gt;
=== Good [https://tw3.gitlab.io/tw3filterlists/umatrix/ resource] ===&lt;br /&gt;
&lt;br /&gt;
== uBlock Origin Filter Templates ==&lt;br /&gt;
* [https://letsblock.it/filters Let&#039;s Block It]&lt;br /&gt;
&lt;br /&gt;
== More general guide ==&lt;br /&gt;
* [https://github.com/StellarSand/privacy-settings?tab=readme-ov-file StellarSand GitHub]&lt;br /&gt;
&lt;br /&gt;
== HOSTS Files and Some Big Filters ==&lt;br /&gt;
=== (these filters can even crash your potato pc, modern computers can handle these filters) ===&lt;br /&gt;
# [http://adblock.mahakala.is Mahakala&#039;s Lists]&lt;br /&gt;
# [https://raw.githubusercontent.com/badmojr/1Hosts/master/Xtra/adblock.txt 1Hosts (Xtra)]&lt;br /&gt;
# [https://big.oisd.nl/ oisd big]&lt;br /&gt;
# [https://mkb2091.github.io/blockconvert/output/adblock.txt Block Convert]&lt;br /&gt;
# [https://raw.githubusercontent.com/hagezi/dns-blocklists/main/adblock/ultimate.txt HaGeZi&#039;s Ultimate DNS Blocklist]&lt;br /&gt;
# [https://raw.githubusercontent.com/jerryn70/GoodbyeAds/master/Formats/GoodbyeAds-Ultra-AdBlock-Filter.txt GoodbyeAds Ultra Adblock]&lt;br /&gt;
# [https://winhelp2002.mvps.org/hosts.txt MVPS hosts]&lt;br /&gt;
# [https://raw.githubusercontent.com/TheFrenchGhosty/Microsoft-Spying-Domain-Names-Collection/master/hosts.txt TheFrenchGhosty&#039;s Windows Hosts]&lt;br /&gt;
# [https://raw.githubusercontent.com/MrRawes/firefox-hosts/firefox-hosts/hosts Firefox Hosts]&lt;br /&gt;
# [https://github.com/ph00lt0/blocklist ph00lt0&#039;s list]&lt;br /&gt;
# [https://raw.githubusercontent.com/Lennolium/PrivacyShield/master/Filters/PrivacyShield-diamond.txt PrivacyShield Diamond]&lt;br /&gt;
# [https://github.com/T145/black-mirror/releases/download/latest/BLOCK_DOMAIN.txt Black Mirror]&lt;br /&gt;
# [https://raw.githubusercontent.com/neodevpro/neodevhost/master/host neodevhosts]&lt;br /&gt;
# [https://a.dove.isdumb.one/list.txt Adobe Licence Check Block]&lt;br /&gt;
# [https://divested.dev/hosts DivestOS HOSTS]&lt;br /&gt;
# [https://github.com/hectorm/hmirror/tree/master/data hmirror (Hector&#039;s blocklists)]&lt;br /&gt;
# [https://blocklistproject.github.io/Lists/everything.txt BlocklistProject Everything]&lt;br /&gt;
&lt;br /&gt;
== Annoyance Cleaners ==&lt;br /&gt;
# [https://raw.githubusercontent.com/yourduskquibbles/webannoyances/master/ultralist.txt Web Annoyances Ultralist] (DON&#039;T use on a potato computer)&lt;br /&gt;
# [https://fanboy.co.nz/r/fanboy-ultimate.txt Fanboy Ultimate] (I don&#039;t tested it. If it is too big filter make a Pull Request to me)&lt;br /&gt;
# [https://github.com/DandelionSprout/adfilt/raw/master/AnnoyancesList Dandelion Sprout Annoyances]&lt;br /&gt;
# [https://raw.githubusercontent.com/RedDragonWebDesign/block-everything/master/block-everything.txt Block Everything] (Use with Web Annoyances Ultralist)&lt;br /&gt;
# [https://raw.githubusercontent.com/anyuzu99/nothingblock/main/filter.txt Nothing Block]&lt;br /&gt;
# [https://raw.githubusercontent.com/jerryn70/GoodbyeAds/master/Formats/GoodbyeAds-AdBlock-Filter.txt GoodbyeAds] (I don&#039;t tested it. If it is too big filter make a Pull Request to me)&lt;br /&gt;
# [https://raw.githubusercontent.com/jerryn70/GoodbyeAds/master/Formats/GoodbyeAds-YouTube-AdBlock-Filter.txt GoodbyeAds YouTube]&lt;br /&gt;
# [https://raw.githubusercontent.com/DandelionSprout/adfilt/master/stayingonbrowser/Staying%20On%20The%20Phone%20Browser Staying On The Browser]&lt;br /&gt;
# [https://raw.githubusercontent.com/DandelionSprout/adfilt/master/I%20Don&#039;t%20Want%20to%20Download%20Your%20Browser.txt I Don&#039;t Want to Download Your Browser]&lt;br /&gt;
# [https://raw.githubusercontent.com/iam-py-test/my_filters_001/main/antitypo.txt anti typo lists]&lt;br /&gt;
# [https://www.github.developerdan.com/hosts/lists/amp-hosts-extended.txt LightSwitch05 AMP Hosts Extended]&lt;br /&gt;
# [https://www.github.developerdan.com/hosts/lists/hate-and-junk-extended.txt Hate and Junk extended]&lt;br /&gt;
# [https://www.i-dont-care-about-cookies.eu/abp/ I don&#039;t care about cookies]&lt;br /&gt;
# [https://raw.githubusercontent.com/DandelionSprout/adfilt/master/ClearURLs%20for%20uBo/clear_urls_uboified.txt Clear URLs for uBo]&lt;br /&gt;
# [https://raw.githubusercontent.com/DandelionSprout/adfilt/master/LegitimateURLShortener.txt Actually Legitimate URL Shortener Tool]&lt;br /&gt;
# [https://raw.githubusercontent.com/yokoffing/filterlists/main/annoyance_list.txt yokoffing&#039;s Annoyance List]&lt;br /&gt;
# [https://raw.githubusercontent.com/iam-py-test/uBlock-combo/main/list.txt uBlock-combo list]&lt;br /&gt;
# [https://raw.github.com/r4vi/block-the-eu-cookie-shit-list/master/filterlist.txt EU cookie list]&lt;br /&gt;
# [https://raw.githubusercontent.com/AdguardTeam/AdguardFilters/master/AnnoyancesFilter/Popups/sections/popups_general.txt Adguard PopUps filter]&lt;br /&gt;
# [https://raw.githubusercontent.com/AFNIL-AntiFakeNewsList/AFNIL/master/AFNIL-ABP-uBO.txt Anti Fake News]&lt;br /&gt;
# [https://raw.githubusercontent.com/infinitytec/blocklists/master/medicalpseudoscience.txt Medical Pseudo Science Filter]&lt;br /&gt;
# [https://chuck.is/yt/yt-ublock-filters.txt YouTube uBlock filters] (Not Up to Date)&lt;br /&gt;
# [https://raw.githubusercontent.com/DandelionSprout/adfilt/master/Anti-Elsagate%20List.txt Anti-Elsagate List]&lt;br /&gt;
# [https://raw.githubusercontent.com/DandelionSprout/adfilt/master/StopAutoplayOnYouTube.txt Stop Autoplay on YouTube]&lt;br /&gt;
# [https://raw.githubusercontent.com/DandelionSprout/adfilt/master/YouTubeEvenMorePureVideoExperience.txt YouTube Even More Pure Video Experience]&lt;br /&gt;
# [https://raw.githubusercontent.com/theel0ja/CrapBlock/master/crapblock-annoyances.txt CrapBlock Annoyances]&lt;br /&gt;
# [https://raw.githubusercontent.com/theel0ja/CrapBlock/master/even-cleaner-news-sites.txt CrapBlock Cleaner News Sites]&lt;br /&gt;
# [https://neuter.mchang.xyz/ YT Neuter] and [https://github.com/mchangrh/yt-neuter 2nd link]&lt;br /&gt;
# [https://raw.githubusercontent.com/gijsdev/ublock-hide-yt-shorts/master/list.txt YT Short Hide]&lt;br /&gt;
# [https://raw.githubusercontent.com/DRSDavidSoft/additional-hosts/master/domains/blacklist/search-blacklist.txt Search Blacklist]&lt;br /&gt;
# [https://raw.githubusercontent.com/DRSDavidSoft/additional-hosts/master/domains/blacklist/adservers-and-trackers.txt Ad and Tracker Blocker]&lt;br /&gt;
# [https://raw.githubusercontent.com/anudeepND/blacklist/master/adservers.txt Ad Servers]&lt;br /&gt;
# [https://github.com/infinitytec/blocklists/raw/master/annoyances.txt Infinitytec Annoyances]&lt;br /&gt;
# [https://raw.githubusercontent.com/taylr/linkedinsanity/master/linkedinsanity.txt LinkedInsanity]&lt;br /&gt;
# [https://raw.githubusercontent.com/lutoma/nocomments/master/abp.txt NoComments]&lt;br /&gt;
# [https://raw.githubusercontent.com/mistalaba/popover-blocklist/master/blocklist.txt Popover Blocklist]&lt;br /&gt;
# [https://raw.githubusercontent.com/Nebula-Mechanica/Anti-AutoTranslation-List/master/anti-autotranslation-list-full.txt Anti-AutoTranslation List]&lt;br /&gt;
# [https://github.com/bcye/Hello-Goodbye/raw/master/filterlist.txt Hello-Goodbye Chat/Cookie Widget Blocker]&lt;br /&gt;
# [https://raw.githubusercontent.com/lassekongo83/Frellwits-filter-lists/master/emoji-filter.txt Frellwit&#039;s Emoji Filter]&lt;br /&gt;
# [https://raw.githubusercontent.com/Yhonay/antipopads/master/popads.txt&amp;amp;title=Anti%20popads.net Anti Popads.net]&lt;br /&gt;
# [https://raw.githubusercontent.com/cpeterso/clickbait-blocklist/master/clickbait-blocklist.txt Clickbait Blocklist (cpeterso)]&lt;br /&gt;
# [https://raw.githubusercontent.com/endolith/clickbait/master/clickbait.txt Clickbait Blocklist (endolith)]&lt;br /&gt;
# [https://raw.githubusercontent.com/caffeinewriter/dontpushme/master/filterlist.txt DontPushMe (Push Notifications Blocker)]&lt;br /&gt;
# [https://raw2.github.com/ilyakatz/adblock_filters/master/inpage_popups.txt Inpage Popups Filter]&lt;br /&gt;
# [https://github.com/Manu1400/i-don-t-care-about-newsletters/raw/master/adp.txt I Don&#039;t Care About Newsletters]&lt;br /&gt;
# [https://github.com/Manu1400/i-don-t-care-about-gotoup-btns/raw/master/list-gotoup-btns.txt I Don&#039;t Care About Go-To-Up Buttons]&lt;br /&gt;
&lt;br /&gt;
== Not Piracy but someone hates it ==&lt;br /&gt;
# [https://raw.githubusercontent.com/DandelionSprout/adfilt/master/BrowseWebsitesWithoutLoggingIn.txt Browse websites without logging in]&lt;br /&gt;
# [https://raw.githubusercontent.com/liamengland1/miscfilters/master/antipaywall.txt Anti-paywall filters]&lt;br /&gt;
# [https://gitlab.com/magnolia1234/bypass-paywalls-clean-filters/-/raw/main/bpc-paywall-filter.txt Bypass Paywalls Clean Filters]&lt;br /&gt;
# [https://raw.githubusercontent.com/reek/anti-adblock-killer/master/anti-adblock-killer-filters.txt Anti Adblock Killer]&lt;br /&gt;
# [https://files.enderman.ch/scripts/yt-antiadblocker.txt Anti-Anti-Adblocker by Enderman]&lt;br /&gt;
# [https://raw.githubusercontent.com/DRSDavidSoft/additional-hosts/master/domains/blacklist/activation.txt Block Activation Servers to Get Infinite Trials]&lt;br /&gt;
# [https://raw.githubusercontent.com/ignaciocastro/a-dove-is-dumb/main/list.txt Adobe Licence Check Block]&lt;br /&gt;
# [https://raw.githubusercontent.com/acnapyx/paywall-remover/master/paywall-remover-list.txt Acnapyx Paywall Remover]&lt;br /&gt;
# [https://raw.githubusercontent.com/bogachenko/fuckfuckadblock/master/fuckfuckadblock.txt?_=3 FuckFuckAdblock]&lt;br /&gt;
&lt;br /&gt;
== Sneaky Trackers and Security Filters ==&lt;br /&gt;
# [https://raw.githubusercontent.com/AdguardTeam/cname-trackers/master/combined_disguised_trackers.txt AdGuard CNAME disguised trackers list]&lt;br /&gt;
# [https://raw.githubusercontent.com/AdguardTeam/cname-trackers/master/combined_disguised_ads.txt AdGuard CNAME disguised trackers list(ads)]&lt;br /&gt;
# [https://raw.githubusercontent.com/AdguardTeam/cname-trackers/master/combined_original_trackers.txt AdGuard CNAME original trackers list]&lt;br /&gt;
# [https://easylist-downloads.adblockplus.org/abp-filters-anti-cv.txt Anti CV List]&lt;br /&gt;
# [https://filters.adavoid.org/ultimate-privacy-filter.txt Ultimate Privacy Filter]&lt;br /&gt;
# [https://raw.githubusercontent.com/iam-py-test/my_filters_001/main/antimalware.txt The malicious website blocklist]&lt;br /&gt;
# [https://malware-filter.gitlab.io/malware-filter/urlhaus-filter.txt URLhaus Filter]&lt;br /&gt;
# [https://phishing.army/download/phishing_army_blocklist_extended.txt Phishing Army Extended]&lt;br /&gt;
# [https://raw.githubusercontent.com/gasull/adblock-nsa/master/filters.txt AdBlock the NSA]&lt;br /&gt;
# [https://raw.githubusercontent.com/Spam404/lists/master/adblock-list.txt Spam404]&lt;br /&gt;
# [https://gist.githubusercontent.com/Rust1667/df78d493cf3c00340c535d93e303c4f9/raw FMHY unsafe sites]&lt;br /&gt;
# [https://www.github.developerdan.com/hosts/lists/ads-and-tracking-extended.txt LightSwitch05 Ads and Tracking Extended] (I don&#039;t tested it. If it is too big filter make a Pull Request to me)&lt;br /&gt;
# [https://raw.githubusercontent.com/durablenapkin/scamblocklist/master/hosts.txt Durablenapkin Spam Filter]&lt;br /&gt;
# [https://raw.githubusercontent.com/quenhus/uBlock-Origin-dev-filter/main/dist/all_search_engines/global.txt uBO dev filter]&lt;br /&gt;
# [https://raw.githubusercontent.com/stephenhawk8054/PrivacyExtended/main/privacy_extended.txt Privacy Extended]&lt;br /&gt;
# [https://raw.githubusercontent.com/hagezi/dns-blocklists/main/adblock/spam-tlds-ublock.txt Most Abused TLDs]&lt;br /&gt;
# [https://raw.githubusercontent.com/yokoffing/filterlists/main/privacy_essentials.txt Privacy Essentials]&lt;br /&gt;
# [https://raw.githubusercontent.com/DandelionSprout/adfilt/master/Dandelion%20Sprout&#039;s%20Anti-Malware%20List.txt Dandelion Sprouts Anti Malware List]&lt;br /&gt;
# [https://zerodot1.gitlab.io/CoinBlockerLists/list_browser_UBO.txt Coin Blocker List]&lt;br /&gt;
# [https://raw.githubusercontent.com/hoshsadiq/adblock-nocoin-list/master/nocoin.txt NoCoin] / [https://raw.githubusercontent.com/anudeepND/blacklist/master/CoinMiner.txt CoinMiner]&lt;br /&gt;
# [https://github.com/WindowsAurora/FMHYFilterlist FMHY Filter]&lt;br /&gt;
# [https://raw.githubusercontent.com/DRSDavidSoft/additional-hosts/master/domains/blacklist/fake-domains.txt Fake Domains]&lt;br /&gt;
# [https://raw.githubusercontent.com/piperun/iploggerfilter/master/filterlist IP logger filter]&lt;br /&gt;
# [https://raw.githubusercontent.com/anudeepND/blacklist/master/facebook.txt No Facebook]&lt;br /&gt;
# [https://raw.githubusercontent.com/infinitytec/blocklists/master/adfilters.txt Infinitytec AdFilters]&lt;br /&gt;
# [https://raw.githubusercontent.com/Rpsl/adblock-leadgenerator-list/master/list/list.txt Lead Generator Blocklist]&lt;br /&gt;
# [https://raw.githubusercontent.com/metaphoricgiraffe/tracking-filters/master/trackingfilters.txt MetaphoricGiraffe Tracking Filters]&lt;br /&gt;
# [https://malware-filter.gitlab.io/malware-filter/tracking-filter.txt URLhaus Tracking Filter]&lt;br /&gt;
# [https://raw.githubusercontent.com/durablenapkin/scamblocklist/master/adguard.txt Durablenapkin Scam Blocklist (AdGuard format)]&lt;br /&gt;
# [https://raw.githubusercontent.com/kano1/Kano/master/Spyware.txt Kano Spyware Filter]&lt;br /&gt;
# [https://raw.githubusercontent.com/L8X/AntiAuthenticationUrlFilter/main/AntiAuthenticationUrlFilter.txt&amp;amp;title=Anti-Authentication-Url-Filter Anti-Authentication URL Filter]&lt;br /&gt;
# [https://github.com/Kees1958/W3C_annual_most_used_survey_blocklist/raw/master/EU_US_MV2_most_common_ad%2Btracking_networks Kees1958 Most Common Ad &amp;amp; Tracking Networks]&lt;br /&gt;
# [https://github.com/Kees1958/W3C_annual_most_used_survey_blocklist/raw/master/URL_tracking_parameters.txt Kees1958 URL Tracking Parameters]&lt;br /&gt;
# [https://raw.githubusercontent.com/bogachenko/fuckfuckadblock/master/fuckfuckadblock-mining.txt?_=3 FuckFuckAdblock Mining]&lt;br /&gt;
&lt;br /&gt;
== Other ==&lt;br /&gt;
# [https://raw.githubusercontent.com/yokoffing/filterlists/main/block_third_party_fonts.txt Block Third Party Fonts]&lt;br /&gt;
# [https://raw.githubusercontent.com/theel0ja/CrapBlock/master/block-googlefonts.txt CrapBlock Google Fonts]&lt;br /&gt;
# [https://github.com/mig4ng/ublock-origin-filters mig4ng&#039;s uBlock Origin filters]&lt;br /&gt;
# [https://pastebin.com/raw/r9a5WrZa?__cpo=aHR0cHM6Ly9wYXN0ZWJpbi5jb20 Pastebin Custom Filter (r9a5WrZa)]&lt;br /&gt;
# [https://adblock.twoslashes.com/nt-adblock.txt TwoSlashes NT Adblock]&lt;br /&gt;
# [https://github.com/secretsnow/Ad-Filters/raw/master/Ad%20Filters.txt Secretsnow Ad Filters]&lt;br /&gt;
# [https://raw.githubusercontent.com/KCaglarCoskun/enur-filter-list/master/enur-filter-list.txt Enur Filter List]&lt;br /&gt;
# [https://gist.github.com/gorhill/ef1b62d606473c68d524/raw/90edb7864ee40d49c8f29ad4f2f1aded08e60c6c/gistfile1.txt gorhill&#039;s Experimental Filter Gist]&lt;br /&gt;
# [https://github.com/jkrejcha/AdmiraList/raw/master/AdmiraList.txt AdmiraList]&lt;br /&gt;
# [https://raw.githubusercontent.com/VernonStow/Filterlist/master/Filterlist.txt VernonStow Filterlist]&lt;br /&gt;
&lt;br /&gt;
&amp;lt;br /&amp;gt;&lt;br /&gt;
Or try this rule (sometimes causes breakages like weird icons): &amp;lt;code&amp;gt;*$font,third-party&amp;lt;/code&amp;gt;&lt;br /&gt;
&lt;br /&gt;
== uBlock Origin rules ==&lt;br /&gt;
=== from CHEF-KOCH ===&lt;br /&gt;
&amp;lt;pre&amp;gt;&lt;br /&gt;
! Disable Content Security Policies set by filters on all websites by setting a CSP with no values&lt;br /&gt;
@@||*$csp&lt;br /&gt;
&lt;br /&gt;
! Block the use of eval javascript command but allow using uBlocks no-eval scriptlet on all websites&lt;br /&gt;
*##+js(noeval)&lt;br /&gt;
&amp;lt;/pre&amp;gt;&lt;br /&gt;
&lt;br /&gt;
=== Not from CHEF-KOCH ===&lt;br /&gt;
&amp;lt;pre&amp;gt;&lt;br /&gt;
! Block http POST requests (can break things)&lt;br /&gt;
||*^$method=post&lt;br /&gt;
&lt;br /&gt;
! Block URL parameters (can break things)&lt;br /&gt;
*$removeparam=*&lt;br /&gt;
&amp;lt;/pre&amp;gt;&lt;br /&gt;
&lt;br /&gt;
== uBlock Origin settings from yokoffing ==&lt;br /&gt;
{| class=&amp;quot;wikitable&amp;quot;&lt;br /&gt;
! Setting !! Value !! Description&lt;br /&gt;
|-&lt;br /&gt;
| autoUpdateAssetFetchPeriod || 10 || auto-updater waits x seconds before fetching the next filterlist&lt;br /&gt;
|-&lt;br /&gt;
| autoUpdateDelayAfterLaunch || 5 || update out-of-date filter lists x seconds after browser startup&lt;br /&gt;
|-&lt;br /&gt;
| autoUpdatePeriod || 1 || uBO checks for filter lists updates every x hours&lt;br /&gt;
|-&lt;br /&gt;
| cnameMaxTTL || 720 || cache CNAME aliases for x minutes&lt;br /&gt;
|-&lt;br /&gt;
| filterAuthorMode || true || enable Dynamic Filtering&lt;br /&gt;
|-&lt;br /&gt;
| updateAssetBypassBrowserCache || true || bypass cache when manually fetching a filter list more often than every hour&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
[[Category:Web browsers]]&lt;br /&gt;
[[Category:Hardening]]&lt;br /&gt;
[[Category:Privacy]]&lt;br /&gt;
[[Category:Security]]&lt;/div&gt;</summary>
		<author><name>Admin</name></author>
	</entry>
	<entry>
		<id>https://wiki.n216.dedyn.io/index.php?title=UBlock_Settings&amp;diff=68</id>
		<title>UBlock Settings</title>
		<link rel="alternate" type="text/html" href="https://wiki.n216.dedyn.io/index.php?title=UBlock_Settings&amp;diff=68"/>
		<updated>2026-05-18T12:09:48Z</updated>

		<summary type="html">&lt;p&gt;Admin: Created page with &amp;quot;= uBlock Origin filterlists that worth using =  == Some of these filters are too big. Do not use if your computer is a potato (like mine). == === If you are using uMatrix look at [https://github.com/themagicteeth/umatrix-recipes this rule recipe] === === Good [https://tw3.gitlab.io/tw3filterlists/umatrix/ resource] ===  == uBlock Origin Filter Templates == * [https://letsblock.it/filters Let&amp;#039;s Block It]  == More general guide == * [https://github.com/StellarSand/privacy-...&amp;quot;&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;= uBlock Origin filterlists that worth using =&lt;br /&gt;
&lt;br /&gt;
== Some of these filters are too big. Do not use if your computer is a potato (like mine). ==&lt;br /&gt;
=== If you are using uMatrix look at [https://github.com/themagicteeth/umatrix-recipes this rule recipe] ===&lt;br /&gt;
=== Good [https://tw3.gitlab.io/tw3filterlists/umatrix/ resource] ===&lt;br /&gt;
&lt;br /&gt;
== uBlock Origin Filter Templates ==&lt;br /&gt;
* [https://letsblock.it/filters Let&#039;s Block It]&lt;br /&gt;
&lt;br /&gt;
== More general guide ==&lt;br /&gt;
* [https://github.com/StellarSand/privacy-settings?tab=readme-ov-file StellarSand GitHub]&lt;br /&gt;
&lt;br /&gt;
== HOSTS Files and Some Big Filters ==&lt;br /&gt;
=== (these filters can even crash your potato pc, modern computers can handle these filters) ===&lt;br /&gt;
# [http://adblock.mahakala.is Mahakala&#039;s Lists]&lt;br /&gt;
# [https://raw.githubusercontent.com/badmojr/1Hosts/master/Xtra/adblock.txt 1Hosts (Xtra)]&lt;br /&gt;
# [https://big.oisd.nl/ oisd big]&lt;br /&gt;
# [https://mkb2091.github.io/blockconvert/output/adblock.txt Block Convert]&lt;br /&gt;
# [https://raw.githubusercontent.com/hagezi/dns-blocklists/main/adblock/ultimate.txt HaGeZi&#039;s Ultimate DNS Blocklist]&lt;br /&gt;
# [https://raw.githubusercontent.com/jerryn70/GoodbyeAds/master/Formats/GoodbyeAds-Ultra-AdBlock-Filter.txt GoodbyeAds Ultra Adblock]&lt;br /&gt;
# [https://winhelp2002.mvps.org/hosts.txt MVPS hosts]&lt;br /&gt;
# [https://raw.githubusercontent.com/TheFrenchGhosty/Microsoft-Spying-Domain-Names-Collection/master/hosts.txt TheFrenchGhosty&#039;s Windows Hosts]&lt;br /&gt;
# [https://raw.githubusercontent.com/MrRawes/firefox-hosts/firefox-hosts/hosts Firefox Hosts]&lt;br /&gt;
# [https://github.com/ph00lt0/blocklist ph00lt0&#039;s list]&lt;br /&gt;
# [https://raw.githubusercontent.com/Lennolium/PrivacyShield/master/Filters/PrivacyShield-diamond.txt PrivacyShield Diamond]&lt;br /&gt;
# [https://github.com/T145/black-mirror/releases/download/latest/BLOCK_DOMAIN.txt Black Mirror]&lt;br /&gt;
# [https://raw.githubusercontent.com/neodevpro/neodevhost/master/host neodevhosts]&lt;br /&gt;
# [https://a.dove.isdumb.one/list.txt Adobe Licence Check Block]&lt;br /&gt;
# [https://divested.dev/hosts DivestOS HOSTS]&lt;br /&gt;
# [https://github.com/hectorm/hmirror/tree/master/data hmirror (Hector&#039;s blocklists)]&lt;br /&gt;
# [https://blocklistproject.github.io/Lists/everything.txt BlocklistProject Everything]&lt;br /&gt;
&lt;br /&gt;
== Annoyance Cleaners ==&lt;br /&gt;
# [https://raw.githubusercontent.com/yourduskquibbles/webannoyances/master/ultralist.txt Web Annoyances Ultralist] (DON&#039;T use on a potato computer)&lt;br /&gt;
# [https://fanboy.co.nz/r/fanboy-ultimate.txt Fanboy Ultimate] (I don&#039;t tested it. If it is too big filter make a Pull Request to me)&lt;br /&gt;
# [https://github.com/DandelionSprout/adfilt/raw/master/AnnoyancesList Dandelion Sprout Annoyances]&lt;br /&gt;
# [https://raw.githubusercontent.com/RedDragonWebDesign/block-everything/master/block-everything.txt Block Everything] (Use with Web Annoyances Ultralist)&lt;br /&gt;
# [https://raw.githubusercontent.com/anyuzu99/nothingblock/main/filter.txt Nothing Block]&lt;br /&gt;
# [https://raw.githubusercontent.com/jerryn70/GoodbyeAds/master/Formats/GoodbyeAds-AdBlock-Filter.txt GoodbyeAds] (I don&#039;t tested it. If it is too big filter make a Pull Request to me)&lt;br /&gt;
# [https://raw.githubusercontent.com/jerryn70/GoodbyeAds/master/Formats/GoodbyeAds-YouTube-AdBlock-Filter.txt GoodbyeAds YouTube]&lt;br /&gt;
# [https://raw.githubusercontent.com/DandelionSprout/adfilt/master/stayingonbrowser/Staying%20On%20The%20Phone%20Browser Staying On The Browser]&lt;br /&gt;
# [https://raw.githubusercontent.com/DandelionSprout/adfilt/master/I%20Don&#039;t%20Want%20to%20Download%20Your%20Browser.txt I Don&#039;t Want to Download Your Browser]&lt;br /&gt;
# [https://raw.githubusercontent.com/iam-py-test/my_filters_001/main/antitypo.txt anti typo lists]&lt;br /&gt;
# [https://www.github.developerdan.com/hosts/lists/amp-hosts-extended.txt LightSwitch05 AMP Hosts Extended]&lt;br /&gt;
# [https://www.github.developerdan.com/hosts/lists/hate-and-junk-extended.txt Hate and Junk extended]&lt;br /&gt;
# [https://www.i-dont-care-about-cookies.eu/abp/ I don&#039;t care about cookies]&lt;br /&gt;
# [https://raw.githubusercontent.com/DandelionSprout/adfilt/master/ClearURLs%20for%20uBo/clear_urls_uboified.txt Clear URLs for uBo]&lt;br /&gt;
# [https://raw.githubusercontent.com/DandelionSprout/adfilt/master/LegitimateURLShortener.txt Actually Legitimate URL Shortener Tool]&lt;br /&gt;
# [https://raw.githubusercontent.com/yokoffing/filterlists/main/annoyance_list.txt yokoffing&#039;s Annoyance List]&lt;br /&gt;
# [https://raw.githubusercontent.com/iam-py-test/uBlock-combo/main/list.txt uBlock-combo list]&lt;br /&gt;
# [https://raw.github.com/r4vi/block-the-eu-cookie-shit-list/master/filterlist.txt EU cookie list]&lt;br /&gt;
# [https://raw.githubusercontent.com/AdguardTeam/AdguardFilters/master/AnnoyancesFilter/Popups/sections/popups_general.txt Adguard PopUps filter]&lt;br /&gt;
# [https://raw.githubusercontent.com/AFNIL-AntiFakeNewsList/AFNIL/master/AFNIL-ABP-uBO.txt Anti Fake News]&lt;br /&gt;
# [https://raw.githubusercontent.com/infinitytec/blocklists/master/medicalpseudoscience.txt Medical Pseudo Science Filter]&lt;br /&gt;
# [https://chuck.is/yt/yt-ublock-filters.txt YouTube uBlock filters] (Not Up to Date)&lt;br /&gt;
# [https://raw.githubusercontent.com/DandelionSprout/adfilt/master/Anti-Elsagate%20List.txt Anti-Elsagate List]&lt;br /&gt;
# [https://raw.githubusercontent.com/DandelionSprout/adfilt/master/StopAutoplayOnYouTube.txt Stop Autoplay on YouTube]&lt;br /&gt;
# [https://raw.githubusercontent.com/DandelionSprout/adfilt/master/YouTubeEvenMorePureVideoExperience.txt YouTube Even More Pure Video Experience]&lt;br /&gt;
# [https://raw.githubusercontent.com/theel0ja/CrapBlock/master/crapblock-annoyances.txt CrapBlock Annoyances]&lt;br /&gt;
# [https://raw.githubusercontent.com/theel0ja/CrapBlock/master/even-cleaner-news-sites.txt CrapBlock Cleaner News Sites]&lt;br /&gt;
# [https://neuter.mchang.xyz/ YT Neuter] and [https://github.com/mchangrh/yt-neuter 2nd link]&lt;br /&gt;
# [https://raw.githubusercontent.com/gijsdev/ublock-hide-yt-shorts/master/list.txt YT Short Hide]&lt;br /&gt;
# [https://raw.githubusercontent.com/DRSDavidSoft/additional-hosts/master/domains/blacklist/search-blacklist.txt Search Blacklist]&lt;br /&gt;
# [https://raw.githubusercontent.com/DRSDavidSoft/additional-hosts/master/domains/blacklist/adservers-and-trackers.txt Ad and Tracker Blocker]&lt;br /&gt;
# [https://raw.githubusercontent.com/anudeepND/blacklist/master/adservers.txt Ad Servers]&lt;br /&gt;
# [https://github.com/infinitytec/blocklists/raw/master/annoyances.txt Infinitytec Annoyances]&lt;br /&gt;
# [https://raw.githubusercontent.com/taylr/linkedinsanity/master/linkedinsanity.txt LinkedInsanity]&lt;br /&gt;
# [https://raw.githubusercontent.com/lutoma/nocomments/master/abp.txt NoComments]&lt;br /&gt;
# [https://raw.githubusercontent.com/mistalaba/popover-blocklist/master/blocklist.txt Popover Blocklist]&lt;br /&gt;
# [https://raw.githubusercontent.com/Nebula-Mechanica/Anti-AutoTranslation-List/master/anti-autotranslation-list-full.txt Anti-AutoTranslation List]&lt;br /&gt;
# [https://github.com/bcye/Hello-Goodbye/raw/master/filterlist.txt Hello-Goodbye Chat/Cookie Widget Blocker]&lt;br /&gt;
# [https://raw.githubusercontent.com/lassekongo83/Frellwits-filter-lists/master/emoji-filter.txt Frellwit&#039;s Emoji Filter]&lt;br /&gt;
# [https://raw.githubusercontent.com/Yhonay/antipopads/master/popads.txt&amp;amp;title=Anti%20popads.net Anti Popads.net]&lt;br /&gt;
# [https://raw.githubusercontent.com/cpeterso/clickbait-blocklist/master/clickbait-blocklist.txt Clickbait Blocklist (cpeterso)]&lt;br /&gt;
# [https://raw.githubusercontent.com/endolith/clickbait/master/clickbait.txt Clickbait Blocklist (endolith)]&lt;br /&gt;
# [https://raw.githubusercontent.com/caffeinewriter/dontpushme/master/filterlist.txt DontPushMe (Push Notifications Blocker)]&lt;br /&gt;
# [https://raw2.github.com/ilyakatz/adblock_filters/master/inpage_popups.txt Inpage Popups Filter]&lt;br /&gt;
# [https://github.com/Manu1400/i-don-t-care-about-newsletters/raw/master/adp.txt I Don&#039;t Care About Newsletters]&lt;br /&gt;
# [https://github.com/Manu1400/i-don-t-care-about-gotoup-btns/raw/master/list-gotoup-btns.txt I Don&#039;t Care About Go-To-Up Buttons]&lt;br /&gt;
&lt;br /&gt;
== Not Piracy but someone hates it ==&lt;br /&gt;
# [https://raw.githubusercontent.com/DandelionSprout/adfilt/master/BrowseWebsitesWithoutLoggingIn.txt Browse websites without logging in]&lt;br /&gt;
# [https://raw.githubusercontent.com/liamengland1/miscfilters/master/antipaywall.txt Anti-paywall filters]&lt;br /&gt;
# [https://gitlab.com/magnolia1234/bypass-paywalls-clean-filters/-/raw/main/bpc-paywall-filter.txt Bypass Paywalls Clean Filters]&lt;br /&gt;
# [https://raw.githubusercontent.com/reek/anti-adblock-killer/master/anti-adblock-killer-filters.txt Anti Adblock Killer]&lt;br /&gt;
# [https://files.enderman.ch/scripts/yt-antiadblocker.txt Anti-Anti-Adblocker by Enderman]&lt;br /&gt;
# [https://raw.githubusercontent.com/DRSDavidSoft/additional-hosts/master/domains/blacklist/activation.txt Block Activation Servers to Get Infinite Trials]&lt;br /&gt;
# [https://raw.githubusercontent.com/ignaciocastro/a-dove-is-dumb/main/list.txt Adobe Licence Check Block]&lt;br /&gt;
# [https://raw.githubusercontent.com/acnapyx/paywall-remover/master/paywall-remover-list.txt Acnapyx Paywall Remover]&lt;br /&gt;
# [https://raw.githubusercontent.com/bogachenko/fuckfuckadblock/master/fuckfuckadblock.txt?_=3 FuckFuckAdblock]&lt;br /&gt;
&lt;br /&gt;
== Sneaky Trackers and Security Filters ==&lt;br /&gt;
# [https://raw.githubusercontent.com/AdguardTeam/cname-trackers/master/combined_disguised_trackers.txt AdGuard CNAME disguised trackers list]&lt;br /&gt;
# [https://raw.githubusercontent.com/AdguardTeam/cname-trackers/master/combined_disguised_ads.txt AdGuard CNAME disguised trackers list(ads)]&lt;br /&gt;
# [https://raw.githubusercontent.com/AdguardTeam/cname-trackers/master/combined_original_trackers.txt AdGuard CNAME original trackers list]&lt;br /&gt;
# [https://easylist-downloads.adblockplus.org/abp-filters-anti-cv.txt Anti CV List]&lt;br /&gt;
# [https://filters.adavoid.org/ultimate-privacy-filter.txt Ultimate Privacy Filter]&lt;br /&gt;
# [https://raw.githubusercontent.com/iam-py-test/my_filters_001/main/antimalware.txt The malicious website blocklist]&lt;br /&gt;
# [https://malware-filter.gitlab.io/malware-filter/urlhaus-filter.txt URLhaus Filter]&lt;br /&gt;
# [https://phishing.army/download/phishing_army_blocklist_extended.txt Phishing Army Extended]&lt;br /&gt;
# [https://raw.githubusercontent.com/gasull/adblock-nsa/master/filters.txt AdBlock the NSA]&lt;br /&gt;
# [https://raw.githubusercontent.com/Spam404/lists/master/adblock-list.txt Spam404]&lt;br /&gt;
# [https://gist.githubusercontent.com/Rust1667/df78d493cf3c00340c535d93e303c4f9/raw FMHY unsafe sites]&lt;br /&gt;
# [https://www.github.developerdan.com/hosts/lists/ads-and-tracking-extended.txt LightSwitch05 Ads and Tracking Extended] (I don&#039;t tested it. If it is too big filter make a Pull Request to me)&lt;br /&gt;
# [https://raw.githubusercontent.com/durablenapkin/scamblocklist/master/hosts.txt Durablenapkin Spam Filter]&lt;br /&gt;
# [https://raw.githubusercontent.com/quenhus/uBlock-Origin-dev-filter/main/dist/all_search_engines/global.txt uBO dev filter]&lt;br /&gt;
# [https://raw.githubusercontent.com/stephenhawk8054/PrivacyExtended/main/privacy_extended.txt Privacy Extended]&lt;br /&gt;
# [https://raw.githubusercontent.com/hagezi/dns-blocklists/main/adblock/spam-tlds-ublock.txt Most Abused TLDs]&lt;br /&gt;
# [https://raw.githubusercontent.com/yokoffing/filterlists/main/privacy_essentials.txt Privacy Essentials]&lt;br /&gt;
# [https://raw.githubusercontent.com/DandelionSprout/adfilt/master/Dandelion%20Sprout&#039;s%20Anti-Malware%20List.txt Dandelion Sprouts Anti Malware List]&lt;br /&gt;
# [https://zerodot1.gitlab.io/CoinBlockerLists/list_browser_UBO.txt Coin Blocker List]&lt;br /&gt;
# [https://raw.githubusercontent.com/hoshsadiq/adblock-nocoin-list/master/nocoin.txt NoCoin] / [https://raw.githubusercontent.com/anudeepND/blacklist/master/CoinMiner.txt CoinMiner]&lt;br /&gt;
# [https://github.com/WindowsAurora/FMHYFilterlist FMHY Filter]&lt;br /&gt;
# [https://raw.githubusercontent.com/DRSDavidSoft/additional-hosts/master/domains/blacklist/fake-domains.txt Fake Domains]&lt;br /&gt;
# [https://raw.githubusercontent.com/piperun/iploggerfilter/master/filterlist IP logger filter]&lt;br /&gt;
# [https://raw.githubusercontent.com/anudeepND/blacklist/master/facebook.txt No Facebook]&lt;br /&gt;
# [https://raw.githubusercontent.com/infinitytec/blocklists/master/adfilters.txt Infinitytec AdFilters]&lt;br /&gt;
# [https://raw.githubusercontent.com/Rpsl/adblock-leadgenerator-list/master/list/list.txt Lead Generator Blocklist]&lt;br /&gt;
# [https://raw.githubusercontent.com/metaphoricgiraffe/tracking-filters/master/trackingfilters.txt MetaphoricGiraffe Tracking Filters]&lt;br /&gt;
# [https://malware-filter.gitlab.io/malware-filter/tracking-filter.txt URLhaus Tracking Filter]&lt;br /&gt;
# [https://raw.githubusercontent.com/durablenapkin/scamblocklist/master/adguard.txt Durablenapkin Scam Blocklist (AdGuard format)]&lt;br /&gt;
# [https://raw.githubusercontent.com/kano1/Kano/master/Spyware.txt Kano Spyware Filter]&lt;br /&gt;
# [https://raw.githubusercontent.com/L8X/AntiAuthenticationUrlFilter/main/AntiAuthenticationUrlFilter.txt&amp;amp;title=Anti-Authentication-Url-Filter Anti-Authentication URL Filter]&lt;br /&gt;
# [https://github.com/Kees1958/W3C_annual_most_used_survey_blocklist/raw/master/EU_US_MV2_most_common_ad%2Btracking_networks Kees1958 Most Common Ad &amp;amp; Tracking Networks]&lt;br /&gt;
# [https://github.com/Kees1958/W3C_annual_most_used_survey_blocklist/raw/master/URL_tracking_parameters.txt Kees1958 URL Tracking Parameters]&lt;br /&gt;
# [https://raw.githubusercontent.com/bogachenko/fuckfuckadblock/master/fuckfuckadblock-mining.txt?_=3 FuckFuckAdblock Mining]&lt;br /&gt;
&lt;br /&gt;
== Other ==&lt;br /&gt;
# [https://raw.githubusercontent.com/yokoffing/filterlists/main/block_third_party_fonts.txt Block Third Party Fonts]&lt;br /&gt;
# [https://raw.githubusercontent.com/theel0ja/CrapBlock/master/block-googlefonts.txt CrapBlock Google Fonts]&lt;br /&gt;
# [https://github.com/mig4ng/ublock-origin-filters mig4ng&#039;s uBlock Origin filters]&lt;br /&gt;
# [https://pastebin.com/raw/r9a5WrZa?__cpo=aHR0cHM6Ly9wYXN0ZWJpbi5jb20 Pastebin Custom Filter (r9a5WrZa)]&lt;br /&gt;
# [https://adblock.twoslashes.com/nt-adblock.txt TwoSlashes NT Adblock]&lt;br /&gt;
# [https://github.com/secretsnow/Ad-Filters/raw/master/Ad%20Filters.txt Secretsnow Ad Filters]&lt;br /&gt;
# [https://raw.githubusercontent.com/KCaglarCoskun/enur-filter-list/master/enur-filter-list.txt Enur Filter List]&lt;br /&gt;
# [https://gist.github.com/gorhill/ef1b62d606473c68d524/raw/90edb7864ee40d49c8f29ad4f2f1aded08e60c6c/gistfile1.txt gorhill&#039;s Experimental Filter Gist]&lt;br /&gt;
# [https://github.com/jkrejcha/AdmiraList/raw/master/AdmiraList.txt AdmiraList]&lt;br /&gt;
# [https://raw.githubusercontent.com/VernonStow/Filterlist/master/Filterlist.txt VernonStow Filterlist]&lt;br /&gt;
&lt;br /&gt;
&amp;lt;br /&amp;gt;&lt;br /&gt;
Or try this rule (sometimes causes breakages like weird icons): &amp;lt;code&amp;gt;*$font,third-party&amp;lt;/code&amp;gt;&lt;br /&gt;
&lt;br /&gt;
== uBlock Origin rules ==&lt;br /&gt;
=== from CHEF-KOCH ===&lt;br /&gt;
&amp;lt;pre&amp;gt;&lt;br /&gt;
! Disable Content Security Policies set by filters on all websites by setting a CSP with no values&lt;br /&gt;
@@||*$csp&lt;br /&gt;
&lt;br /&gt;
! Block the use of eval javascript command but allow using uBlocks no-eval scriptlet on all websites&lt;br /&gt;
*##+js(noeval)&lt;br /&gt;
&amp;lt;/pre&amp;gt;&lt;br /&gt;
&lt;br /&gt;
=== Not from CHEF-KOCH ===&lt;br /&gt;
&amp;lt;pre&amp;gt;&lt;br /&gt;
! Block http POST requests (can break things)&lt;br /&gt;
||*^$method=post&lt;br /&gt;
&lt;br /&gt;
! Block URL parameters (can break things)&lt;br /&gt;
*$removeparam=*&lt;br /&gt;
&amp;lt;/pre&amp;gt;&lt;br /&gt;
&lt;br /&gt;
== uBlock Origin settings from yokoffing ==&lt;br /&gt;
{| class=&amp;quot;wikitable&amp;quot;&lt;br /&gt;
! Setting !! Value !! Description&lt;br /&gt;
|-&lt;br /&gt;
| autoUpdateAssetFetchPeriod || 10 || auto-updater waits x seconds before fetching the next filterlist&lt;br /&gt;
|-&lt;br /&gt;
| autoUpdateDelayAfterLaunch || 5 || update out-of-date filter lists x seconds after browser startup&lt;br /&gt;
|-&lt;br /&gt;
| autoUpdatePeriod || 1 || uBO checks for filter lists updates every x hours&lt;br /&gt;
|-&lt;br /&gt;
| cnameMaxTTL || 720 || cache CNAME aliases for x minutes&lt;br /&gt;
|-&lt;br /&gt;
| filterAuthorMode || true || enable Dynamic Filtering&lt;br /&gt;
|-&lt;br /&gt;
| updateAssetBypassBrowserCache || true || bypass cache when manually fetching a filter list more often than every hour&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
[[Category:Web browsers]]&lt;br /&gt;
[[Category:Hardening]]&lt;br /&gt;
[[Category:Privacy]]&lt;br /&gt;
[[Category:Security]]&lt;/div&gt;</summary>
		<author><name>Admin</name></author>
	</entry>
	<entry>
		<id>https://wiki.n216.dedyn.io/index.php?title=Privacy_and_Security&amp;diff=67</id>
		<title>Privacy and Security</title>
		<link rel="alternate" type="text/html" href="https://wiki.n216.dedyn.io/index.php?title=Privacy_and_Security&amp;diff=67"/>
		<updated>2026-05-18T12:09:35Z</updated>

		<summary type="html">&lt;p&gt;Admin: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;[[How to bypass ISP censorship]]&lt;br /&gt;
&lt;br /&gt;
[[The Offline-First Mobile Setup]]&lt;br /&gt;
&lt;br /&gt;
[[My Firefox Settings]]&lt;br /&gt;
&lt;br /&gt;
[[Interesting Browser Extensions]]&lt;br /&gt;
&lt;br /&gt;
[[uBlock Settings]]&lt;/div&gt;</summary>
		<author><name>Admin</name></author>
	</entry>
	<entry>
		<id>https://wiki.n216.dedyn.io/index.php?title=Interesting_Browser_Extensions&amp;diff=66</id>
		<title>Interesting Browser Extensions</title>
		<link rel="alternate" type="text/html" href="https://wiki.n216.dedyn.io/index.php?title=Interesting_Browser_Extensions&amp;diff=66"/>
		<updated>2026-05-18T11:26:45Z</updated>

		<summary type="html">&lt;p&gt;Admin: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;= My Browser Extensions =&lt;br /&gt;
== Using too many extensions isn&#039;t recommended! ==&lt;br /&gt;
&lt;br /&gt;
== WARNING: This article is imported from my older notes. Which means there will be dead links or some extensions are not needed anymore. ==&lt;br /&gt;
&lt;br /&gt;
== My Pale Moon Add-Ons ==&lt;br /&gt;
* [https://github.com/Lootyhoof/darkmoon Dark Moon] (Theme)&lt;br /&gt;
* [https://addons.palemoon.org/addon/ematrix/ eMatrix]&lt;br /&gt;
* [https://addons.palemoon.org/addon/pm-commander Pale Moon Commander]&lt;br /&gt;
* [https://0xacab.org/dCF/deCloudflare/-/tree/master/tool/block_cloudflare_requests_pm Block Cloudflare Requests]&lt;br /&gt;
* [https://github.com/gorhill/uBlock-for-firefox-legacy/releases uBlock Origin]&lt;br /&gt;
* [https://addons.palemoon.org/addon/hidescrollbars/ HideScrollBars] [https://forum.palemoon.org/viewtopic.php?t=3243 (Alternative Solution Without Extension)] [https://web.archive.org/web/https://forum.palemoon.org/viewtopic.php?t=3243 (Archive)]&lt;br /&gt;
* [https://addons.palemoon.org/addon/werewolf/ WereWolf]&lt;br /&gt;
* [https://github.com/JustOff/greedy-cache Greedy Cache]&lt;br /&gt;
* [https://addons.palemoon.org/addon/certpatrol/ Certificate Patrol]&lt;br /&gt;
* [https://addons.palemoon.org/addon/pmplus/ PermissionsPlus]&lt;br /&gt;
* [https://addons.palemoon.org/addon/decentraleyes/ Decentraleyes]&lt;br /&gt;
* [https://github.com/RealityRipple/GeoFlag GeoFlag]&lt;br /&gt;
* [https://realityripple.com/Software/XUL/qrThis/ QR This!]&lt;br /&gt;
&lt;br /&gt;
== My Chrome/Firefox Add-Ons ==&lt;br /&gt;
# [https://reader.postlight.com/ PostlightReader] (Reader Mode on All Websites)&lt;br /&gt;
# [https://github.com/dnakov/little-rat Little Rat] (It&#039;s Basically a Firewall for Your Extensions)&lt;br /&gt;
# [https://github.com/dessant/buster Buster] (CAPTCHA Solver)&lt;br /&gt;
# [https://github.com/kas-elvirov/gloc GitHub Gloc] (GitHub Lines Of Code)&lt;br /&gt;
# [https://privacypass.github.io/ Privacy Pass] (Captcha Reducer)&lt;br /&gt;
# [https://tabliss.io/ Tabliss] (Better New Tab Page)&lt;br /&gt;
# [https://www.getvoila.ai/ Voilà] (I don&#039;t trust it, but it&#039;s an AI extension)&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/temp-mail-disposable-temp/inojafojbhdpnehkhhfjalgjjobnhomj Temp mail] (Temporary Mail Creator)&lt;br /&gt;
# [https://www.deepl.com/en/chrome-extension DeepL] (Translate but better than Google Translate just try it)&lt;br /&gt;
# [https://www.aiprm.com/ Aiprm] (ChatGPT Prompt Manager)&lt;br /&gt;
# [https://butter.sonnet.io/ Butter] (AI Video Sponsor Skipper works better on short videos)&lt;br /&gt;
# [https://gitlab.com/magnolia1234/bypass-paywalls-chrome-clean Bypass Paywalls Clean] (Bypass Paywalls Legally)&lt;br /&gt;
# [https://consentomatic.au.dk/ Consent O Matic] (Do you want cookie… Rejected)&lt;br /&gt;
# [https://webextension.org/listing/tab-discard.html Tab discard] (Delete Inactive Tab&#039;s Memory)&lt;br /&gt;
# [https://github.com/kkapsner/CanvasBlocker/ Canvas Block] (Canvas Blocker for Privacy)&lt;br /&gt;
# [https://darkreader.org/ Dark Reader] (Dark Mode extension I am using with high contrast setting)&lt;br /&gt;
# [https://github.com/alextrv/enhanced-h264ify enhanced h264ify] (Especially useful on older machines It blocks VP9 and forces h264)&lt;br /&gt;
# [https://libredirect.github.io/ libredirect] (Redirects you to privacy-friendly frontends of websites)&lt;br /&gt;
# [https://github.com/cowlicks/privacypossum Privacy Possum] (Improves your privacy)&lt;br /&gt;
# [https://add0n.com/privacy-settings.html Privacy Settings] (Changes your browsers settings to improve privacy)&lt;br /&gt;
# [https://www.returnyoutubedislike.com/ Return YouTube Dislike] (Returns YouTube&#039;s Dislike button)&lt;br /&gt;
# [https://sponsor.ajay.app/ SponsorBlock] (Blocks in-video sponsors)&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/temporary-containers/ Temporary Containers] (Separates cookies for websites)&lt;br /&gt;
# [https://vimium.github.io/ vimium] (Use your browser without mouse)&lt;br /&gt;
# [https://clearurls.xyz Clear URLs] (Clears tracking parameters from URLs)&lt;br /&gt;
# [https://istilldontcareaboutcookies.com/ I still don&#039;t care abut cookies] (Cookie popup blocker and not acquired by Avast)&lt;br /&gt;
# [https://mybrowseraddon.com/speed-tweaks.html Speed Tweaks] (Makes some changes that may can improve your browser performance)&lt;br /&gt;
# [https://github.com/gdh1995/vimium-c Vimium C] (vimium but faster!)&lt;br /&gt;
# [https://github.com/dan-online/youtubeaudiocompressor YouTube Audio Compressor] (Destroys the &amp;quot;HeLlO EvErYoNe&amp;quot; and &amp;quot;AAAUUGHHHHH&amp;quot; ear rapes)&lt;br /&gt;
# [http://dearrow.ajay.app/ Dearrow] (Removes Clickbait Thumbnails)&lt;br /&gt;
# [https://github.com/refined-github/refined-github Refined GitHub] (Adds Some Features to GitHub Website)&lt;br /&gt;
# [https://www.exify.io/ Exify] (View metadata of media)&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/tildes-reextended/ Tildes ReExtended] (Extension for Tildes)&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/maximize-video/bfpkgjlnboeecjmnbhbknmemmckmpomb Maximize Video] (Can maximize video frame even if it isn&#039;t supported)&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/flagfox/ Flagfox] (Says the country of websites)&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/privacy-oriented-origin-policy/ PO Origin Policy] (Privacy extension) (may break websites)&lt;br /&gt;
# [https://github.com/dessant/web-archives#readme Web Archives] (Shows if there a archived version of a website)&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/instant-data-scraper/ofaokhiedipichpaobibbnahnkdoiiah/ Instant Data Scraper] (You can scrape all data including financial and other results from search engines and export to CSV file)&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/nuke-anything-enhanced/ Nuke Anything Enhanced] (just select an object and Boom all object except selected object are deleted)&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/ctrl-number-to-switch-tabs/ Ctrl Number Switch] (CTRL+3 to switch to 3rd tab)&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/new-tab-redirect/icpgjfneehieebagbmdbhnlpiopdcmna New Tab Redirect] (You can set your new tab page to ANYTHING you want)&lt;br /&gt;
# [https://30secondsofknowledge.com/ 30 Seconds of Knowledge]&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/ninja-cookie/jifeafcpcjjgnlcnkffmeegehmnmkefl Ninja Cookie] (I don&#039;t tried it and I don&#039;t know if it&#039;s FLOSS or not)&lt;br /&gt;
# [https://www.zotero.org/download/ Zotero Connector] (Reasearch Helper)&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/replacer/cnaegfealmimnhmjhieeokofoeddejjk Replacer] (Replaces words e.g. f#$k to duck)&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/tabox-save-and-share-tab/bdbliblipiempfdkkkjohnecmeknnpoa Tab Saver] (I don&#039;t tried it yet)&lt;br /&gt;
# [https://www.makeuseof.com/chrome-color-picker-extensions/ Color Picker] (Picks Colors)&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/referrer-switch/ Referrer Switch] (Switches Referrers)&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/color-tab/hchlgfaicmddilenlflajnmomalehbom Color Tab] (New Tab pages with color palettes!)&lt;br /&gt;
# [https://git.sr.ht/~duncan-bayne/youtube-crapfilter YouTube Crapfilter] (Makes YouTube More Minimal)&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/google-scholar-button/ldipcbpaocekfooobnbcddclnhejkcpn Google Scholar Button]&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/firefox-translations/ Firefox Translations] (Translates Webpages)&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/bloody-vikings/ Bloody Vikings] (Generate Temp E-Mails!)&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/click-to-remove-element/jcgpghgjhhahcefnfpbncdmhhddedhnk Click To Remove Element]&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/transover/aggiiclaiamajehmlfpkjmlbadmkledi TransOver] (Translates Webpages)&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/ublacklist/pncfbmialoiaghdehhbnbhkkgmjanfhe uBlackList] (Block Spesific Domains From Search Results!)&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/netflix-bilingual-subtitl/ociifpecaephgjmjlkepjmiemcjidbgn Netflix Bilingual Subtitles] (Netflix Multi-Subtitles)&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/online-image-editor-img2g/kpecfgjcmboghimfnkpcfijmoknhipdi img2go]&lt;br /&gt;
# [https://einaregilsson.com/redirector/ Redirector]&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/css-exfil-protection/ibeemfhcbbikonfajhamlkdgedmekifo CSS Exfil Protection] (CSS attack protection)&lt;br /&gt;
# [https://burles.co/en/ Burlesco] (Paywall Bypasser)&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/recaptcha-autoclick/caahalkghnhbabknipmconmbicpkcopl?hl=en ReCaptcha AutoClick]&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/chrome-extension-source-v/jifpbeccnghkjeaalbbjmodiffmgedin Chrome Extension Source V]&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/gomhfpbcjfidhpffhecghfdieincgncc Bionify] (Faster Readings!)&lt;br /&gt;
# [https://github.com/privacy-tech-lab/gpc-optmeowt OptMeowT] (Sends some &amp;quot;Don&#039;t Track Me&amp;quot; signals to websites.)&lt;br /&gt;
# [https://github.com/deejayy/linkedin-noise-remover LinkedIN Noise Remover]&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/youtube-tab-arranger/ YouTube Tab Arranger]&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/languagetool/ AI Grammar Checker &amp;amp; Paraphraser – LanguageTool] (LanguageTool Grammar Checker and Paraphraser…)&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/bitwarden-password-manager/ Bitwarden Password Manager]&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/localcdn-fork-of-decentraleyes/ LocalCDN] (Protects you against tracking through CDNs)&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/save-data/ Save-Data: on] (Automatically enable data-savings mode on compatible websites.)&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/traduzir-paginas-web/ TWP - Translate Web Pages] (Translate your page in real time using Google or Yandex.)&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/ uBlock Origin] (Finally, an efficient blocker. Easy on CPU and memory.)&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/user-agent-string-switcher/ User-Agent Switcher and Manager] (Spoof websites trying to gather information about your web navigation…)&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/dark-background-light-text/ Dark Background and Light Text] (Makes every page to have light text on dark background…)&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/random-bookmark/ Random Bookmark] (Load up a random bookmark!)&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/referer-modifier/ Referer Modifier] (Modify the Referer header in HTTP requests.)&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/violentmonkey/ Violentmonkey] (An open source userscript manager that supports a lot of browsers)&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/wappalyzer/ Wappalyzer - Technology profiler] (Identify web technologies)&lt;br /&gt;
&lt;br /&gt;
= My Redirector Rules =&lt;br /&gt;
&amp;lt;syntaxhighlight lang=&amp;quot;json&amp;quot;&amp;gt;&lt;br /&gt;
{&lt;br /&gt;
  &amp;quot;createdBy&amp;quot;: &amp;quot;Redirector v3.5.3&amp;quot;,&lt;br /&gt;
  &amp;quot;createdAt&amp;quot;: &amp;quot;2023-08-25T17:18:34.192Z&amp;quot;,&lt;br /&gt;
  &amp;quot;redirects&amp;quot;: [&lt;br /&gt;
    {&lt;br /&gt;
      &amp;quot;description&amp;quot;: &amp;quot;Search Engine&amp;quot;,&lt;br /&gt;
      &amp;quot;exampleUrl&amp;quot;: &amp;quot;https://www.google.com/search?q=searchterm&amp;quot;,&lt;br /&gt;
      &amp;quot;exampleResult&amp;quot;: &amp;quot;https://search.whateveritworks.org/?preferences=eJx1V82WqzYMfppmw5mctnfR00VWPW0foLdrjrAV0MW2PP5Jwjx95QDBDNPFMCDbkix9-qQoSNhzIIyXHh0GMCcDrs_Q4wXd27__nAwrMHhJ4QQ5sWLrDSa89My9wRNZ2dn6wI_p8j1kPFlMA-vL339-P0W4YkQIarj8fEoDWrxEKsdPAWM2KbbsWof3NkE3H9ZMrayxuWG4MMjnmUN_mk-1MU3iiIYwnhS6hKEFQ72z8j4fB30Dp1C3i9W_wEQ8vWcMU0uuTZTk_CwkdyVHSZSqwMYs5ilCZ-Q8up6chAScg9gUXXTDtr2SwfjTr3-AHxtLIXCoZeJiI88mJg715vl0Q7FtlxCL9E4jedQEtbCj1GU1YmpbSvKtlHpLt7a9kUYuusTXGANeW3GbUK46y-76RhLGSpPKwRB-kgQ5MdUyjfghUWxtjqTKt-4bjc_AELudvyhWSLctSx7D4r-GtHNfi-_lr-evpc0TLKJ2_r9fuyMU1ZuFOaAWvByQZ_HB8o81aOuuJHmadhf95VEZuOrAxe01GdeA2ES-pjsEbDQFVJKtaYn3NZAbCVSloBfMQLfmgzV2GPrlcy6BxhuYSuLjZqZesSzJiVUSe89a12EfoAtQHotesrrbbkgOqsPk5JU4x69lq8ofFAfedIykRoiVg4bEZJiaErZIuwXX33ZZNdzFhOcQF-_gw0yBVGVMSh6UB7dscN6ubxPAppo9uoCeK2sexK-e4gp4X9Jb3ez5fX7a2cz53J013pYj73dwqfb3KWiEVsROeb5EB_TN4tlYZXQmj5Lrpjxe2AALJWyrIKKV46SaqAY2EOqajAlC8oUZK8cSjxMnlsSMJVZrDCYYeFcwT8H-AnfqdoUrhPwAp8OePkpNdszjgWg-6RrpPXPCz7si56AOUmHiSGk6iHn6dD1NKn2w29fit2-_Pbar6qzRbaiM-OHA1vsd3EphbIKQu6lHu2LPI4aUO6yyZQsfiMKxUOAdu2opZCtsXgnu_KCRnaCniZNjN1msvPnhz_7u9hRnhQtrf7xA3cwA-R_xEWYCmq165iAPOW0c8lJ0QrdvP7_3IFwTWRGY5nnRpZ80Uqb50RQP16oMiWregvCgWw3JTvCiwPqtjjop9X33cf3R-6d0B6Cn5FA1XdLU9_tqL9jBSteEft9-biQlJK7XLYGlAYZmyCvpYposO7lwlaurEUILNU2jo5r_5DuVyM4xprSpm6m5dmMh68PNF_nu7ovscPtF_gUVDIu9p_GPt4V4j0zMV2Eb18v0U_tg6aEMZ12RLUiLwrVVlCiDdLHSiiPKRFVZXteELyVcsLT0_XpM0hCTtNe1x3pdqmvb5AehLPdapSDzYgeV_6LdFs6ujkx-RaU4pikdIBzRE6xVtPEuZ4Ho_rZCpGpkwdHV8H2Fehxzl13Ka0lljyHHV0xkfCQtXV3GnVT1mnSnVGbGz85kF6VPx6HGKedPLPOSvEYlICO4LEGttt3IIteEQ2PZ8Uz4i1bYzL3ED9UcY4WLrEwiTQrgopEoV8OWzD2I446COWhHY6U1pXCmir0EVbcN5tto600WcomXEv7Hefk6S7haNaAal_63rciVWsHAiFN88dPXOoYSxPnjoGXgmITrUaZ7CfbcI3cbjFBtWrpCLWdo5x8F9yDrh-UFRJIENf-QmWT2NzLUfbHTXOVHwJUPKxLxQjmtjMxixxa0naRXS3Fc_gOANvTM&amp;amp;q=searchterm&amp;quot;,&lt;br /&gt;
      &amp;quot;error&amp;quot;: null,&lt;br /&gt;
      &amp;quot;includePattern&amp;quot;: &amp;quot;^https?://www.\\google\\.com/search\\?q=([^&amp;amp;]+)&amp;quot;,&lt;br /&gt;
      &amp;quot;excludePattern&amp;quot;: &amp;quot;&amp;quot;,&lt;br /&gt;
      &amp;quot;patternDesc&amp;quot;: &amp;quot;&amp;quot;,&lt;br /&gt;
      &amp;quot;redirectUrl&amp;quot;: &amp;quot;https://search.whateveritworks.org/?preferences=eJx1V82WqzYMfppmw5mctnfR00VWPW0foLdrjrAV0MW2PP5Jwjx95QDBDNPFMCDbkix9-qQoSNhzIIyXHh0GMCcDrs_Q4wXd27__nAwrMHhJ4QQ5sWLrDSa89My9wRNZ2dn6wI_p8j1kPFlMA-vL339-P0W4YkQIarj8fEoDWrxEKsdPAWM2KbbsWof3NkE3H9ZMrayxuWG4MMjnmUN_mk-1MU3iiIYwnhS6hKEFQ72z8j4fB30Dp1C3i9W_wEQ8vWcMU0uuTZTk_CwkdyVHSZSqwMYs5ilCZ-Q8up6chAScg9gUXXTDtr2SwfjTr3-AHxtLIXCoZeJiI88mJg715vl0Q7FtlxCL9E4jedQEtbCj1GU1YmpbSvKtlHpLt7a9kUYuusTXGANeW3GbUK46y-76RhLGSpPKwRB-kgQ5MdUyjfghUWxtjqTKt-4bjc_AELudvyhWSLctSx7D4r-GtHNfi-_lr-evpc0TLKJ2_r9fuyMU1ZuFOaAWvByQZ_HB8o81aOuuJHmadhf95VEZuOrAxe01GdeA2ES-pjsEbDQFVJKtaYn3NZAbCVSloBfMQLfmgzV2GPrlcy6BxhuYSuLjZqZesSzJiVUSe89a12EfoAtQHotesrrbbkgOqsPk5JU4x69lq8ofFAfedIykRoiVg4bEZJiaErZIuwXX33ZZNdzFhOcQF-_gw0yBVGVMSh6UB7dscN6ubxPAppo9uoCeK2sexK-e4gp4X9Jb3ez5fX7a2cz53J013pYj73dwqfb3KWiEVsROeb5EB_TN4tlYZXQmj5Lrpjxe2AALJWyrIKKV46SaqAY2EOqajAlC8oUZK8cSjxMnlsSMJVZrDCYYeFcwT8H-AnfqdoUrhPwAp8OePkpNdszjgWg-6RrpPXPCz7si56AOUmHiSGk6iHn6dD1NKn2w29fit2-_Pbar6qzRbaiM-OHA1vsd3EphbIKQu6lHu2LPI4aUO6yyZQsfiMKxUOAdu2opZCtsXgnu_KCRnaCniZNjN1msvPnhz_7u9hRnhQtrf7xA3cwA-R_xEWYCmq165iAPOW0c8lJ0QrdvP7_3IFwTWRGY5nnRpZ80Uqb50RQP16oMiWregvCgWw3JTvCiwPqtjjop9X33cf3R-6d0B6Cn5FA1XdLU9_tqL9jBSteEft9-biQlJK7XLYGlAYZmyCvpYposO7lwlaurEUILNU2jo5r_5DuVyM4xprSpm6m5dmMh68PNF_nu7ovscPtF_gUVDIu9p_GPt4V4j0zMV2Eb18v0U_tg6aEMZ12RLUiLwrVVlCiDdLHSiiPKRFVZXteELyVcsLT0_XpM0hCTtNe1x3pdqmvb5AehLPdapSDzYgeV_6LdFs6ujkx-RaU4pikdIBzRE6xVtPEuZ4Ho_rZCpGpkwdHV8H2Fehxzl13Ka0lljyHHV0xkfCQtXV3GnVT1mnSnVGbGz85kF6VPx6HGKedPLPOSvEYlICO4LEGttt3IIteEQ2PZ8Uz4i1bYzL3ED9UcY4WLrEwiTQrgopEoV8OWzD2I446COWhHY6U1pXCmir0EVbcN5tto600WcomXEv7Hefk6S7haNaAal_63rciVWsHAiFN88dPXOoYSxPnjoGXgmITrUaZ7CfbcI3cbjFBtWrpCLWdo5x8F9yDrh-UFRJIENf-QmWT2NzLUfbHTXOVHwJUPKxLxQjmtjMxixxa0naRXS3Fc_gOANvTM&amp;amp;q=$1&amp;quot;,&lt;br /&gt;
      &amp;quot;patternType&amp;quot;: &amp;quot;R&amp;quot;,&lt;br /&gt;
      &amp;quot;processMatches&amp;quot;: &amp;quot;noProcessing&amp;quot;,&lt;br /&gt;
      &amp;quot;disabled&amp;quot;: false,&lt;br /&gt;
      &amp;quot;grouped&amp;quot;: false,&lt;br /&gt;
      &amp;quot;appliesTo&amp;quot;: [&lt;br /&gt;
        &amp;quot;main_frame&amp;quot;&lt;br /&gt;
      ]&lt;br /&gt;
    },&lt;br /&gt;
    {&lt;br /&gt;
      &amp;quot;description&amp;quot;: &amp;quot;Redirect YouTube Shorts to regular YouTube&amp;quot;,&lt;br /&gt;
      &amp;quot;exampleUrl&amp;quot;: &amp;quot;https://www.youtube.com/shorts/video-id&amp;quot;,&lt;br /&gt;
      &amp;quot;exampleResult&amp;quot;: &amp;quot;https://www.youtube.com/watch?v=video-id&amp;quot;,&lt;br /&gt;
      &amp;quot;error&amp;quot;: null,&lt;br /&gt;
      &amp;quot;includePattern&amp;quot;: &amp;quot;https://www.youtube.com/shorts/*&amp;quot;,&lt;br /&gt;
      &amp;quot;excludePattern&amp;quot;: &amp;quot;&amp;quot;,&lt;br /&gt;
      &amp;quot;patternDesc&amp;quot;: &amp;quot;Redirect YouTube Shorts to regular YouTube&amp;quot;,&lt;br /&gt;
      &amp;quot;redirectUrl&amp;quot;: &amp;quot;https://www.youtube.com/watch?v=$1&amp;quot;,&lt;br /&gt;
      &amp;quot;patternType&amp;quot;: &amp;quot;W&amp;quot;,&lt;br /&gt;
      &amp;quot;processMatches&amp;quot;: &amp;quot;noProcessing&amp;quot;,&lt;br /&gt;
      &amp;quot;disabled&amp;quot;: false,&lt;br /&gt;
      &amp;quot;grouped&amp;quot;: false,&lt;br /&gt;
      &amp;quot;appliesTo&amp;quot;: [&lt;br /&gt;
        &amp;quot;main_frame&amp;quot;&lt;br /&gt;
      ]&lt;br /&gt;
    },&lt;br /&gt;
    {&lt;br /&gt;
      &amp;quot;description&amp;quot;: &amp;quot;Redirect Wikipedia to Mobile Version&amp;quot;,&lt;br /&gt;
      &amp;quot;exampleUrl&amp;quot;: &amp;quot;https://en.wikipedia.org/&amp;quot;,&lt;br /&gt;
      &amp;quot;exampleResult&amp;quot;: &amp;quot;https://en.m.wikipedia.org/&amp;quot;,&lt;br /&gt;
      &amp;quot;error&amp;quot;: null,&lt;br /&gt;
      &amp;quot;includePattern&amp;quot;: &amp;quot;https://en.wikipedia.org/*&amp;quot;,&lt;br /&gt;
      &amp;quot;excludePattern&amp;quot;: &amp;quot;&amp;quot;,&lt;br /&gt;
      &amp;quot;patternDesc&amp;quot;: &amp;quot;Redirect Wikipedia to Mobile Version&amp;quot;,&lt;br /&gt;
      &amp;quot;redirectUrl&amp;quot;: &amp;quot;https://en.m.wikipedia.org/$1&amp;quot;,&lt;br /&gt;
      &amp;quot;patternType&amp;quot;: &amp;quot;W&amp;quot;,&lt;br /&gt;
      &amp;quot;processMatches&amp;quot;: &amp;quot;noProcessing&amp;quot;,&lt;br /&gt;
      &amp;quot;disabled&amp;quot;: false,&lt;br /&gt;
      &amp;quot;grouped&amp;quot;: false,&lt;br /&gt;
      &amp;quot;appliesTo&amp;quot;: [&lt;br /&gt;
        &amp;quot;main_frame&amp;quot;&lt;br /&gt;
      ]&lt;br /&gt;
    },&lt;br /&gt;
    {&lt;br /&gt;
      &amp;quot;description&amp;quot;: &amp;quot;Image proxy for privacy.&amp;quot;,&lt;br /&gt;
      &amp;quot;exampleUrl&amp;quot;: &amp;quot;https://www.example.com/image.jpg&amp;quot;,&lt;br /&gt;
      &amp;quot;exampleResult&amp;quot;: &amp;quot;https://external-content.duckduckgo.com/iu/?u=https://www.example.com/image.jpg&amp;quot;,&lt;br /&gt;
      &amp;quot;error&amp;quot;: null,&lt;br /&gt;
      &amp;quot;includePattern&amp;quot;: &amp;quot;(.*\\.(?:jpg|png|webp|jpeg|gif))$&amp;quot;,&lt;br /&gt;
      &amp;quot;excludePattern&amp;quot;: &amp;quot;&amp;quot;,&lt;br /&gt;
      &amp;quot;patternDesc&amp;quot;: &amp;quot;&amp;quot;,&lt;br /&gt;
      &amp;quot;redirectUrl&amp;quot;: &amp;quot;https://external-content.duckduckgo.com/iu/?u=$1&amp;quot;,&lt;br /&gt;
      &amp;quot;patternType&amp;quot;: &amp;quot;R&amp;quot;,&lt;br /&gt;
      &amp;quot;processMatches&amp;quot;: &amp;quot;noProcessing&amp;quot;,&lt;br /&gt;
      &amp;quot;disabled&amp;quot;: false,&lt;br /&gt;
      &amp;quot;grouped&amp;quot;: false,&lt;br /&gt;
      &amp;quot;appliesTo&amp;quot;: [&lt;br /&gt;
        &amp;quot;main_frame&amp;quot;&lt;br /&gt;
      ]&lt;br /&gt;
    }&lt;br /&gt;
  ]&lt;br /&gt;
}&lt;br /&gt;
&amp;lt;/syntaxhighlight&amp;gt;&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/stefanbuck/awesome-browser-extensions-for-github Awesome Browser Extensions for GitHub] ==&lt;br /&gt;
== [https://alternativeto.net/list/35731/firefox-addons-convenience/ AlternativeTo Browser Extension List] ==&lt;br /&gt;
== [https://www.makeuseof.com/chrome-extensions-make-reading-online-articles-better/ Extensions for Reading] ==&lt;br /&gt;
&lt;br /&gt;
[[Category:web browsers]]&lt;/div&gt;</summary>
		<author><name>Admin</name></author>
	</entry>
	<entry>
		<id>https://wiki.n216.dedyn.io/index.php?title=Interesting_Browser_Extensions&amp;diff=65</id>
		<title>Interesting Browser Extensions</title>
		<link rel="alternate" type="text/html" href="https://wiki.n216.dedyn.io/index.php?title=Interesting_Browser_Extensions&amp;diff=65"/>
		<updated>2026-05-18T11:23:37Z</updated>

		<summary type="html">&lt;p&gt;Admin: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;= My Browser Extensions =&lt;br /&gt;
== Using too many extensions isn&#039;t recommended! ==&lt;br /&gt;
&lt;br /&gt;
== WARNING: This article is imported from my older notes. Which means there will be dead links or some extensions are not needed anymore. ==&lt;br /&gt;
&lt;br /&gt;
== My Pale Moon Add-Ons ==&lt;br /&gt;
* [https://github.com/Lootyhoof/darkmoon Dark Moon] (Theme)&lt;br /&gt;
* [https://addons.palemoon.org/addon/ematrix/ eMatrix]&lt;br /&gt;
* [https://addons.palemoon.org/addon/pm-commander Pale Moon Commander]&lt;br /&gt;
* [https://0xacab.org/dCF/deCloudflare/-/tree/master/tool/block_cloudflare_requests_pm Block Cloudflare Requests]&lt;br /&gt;
* [https://github.com/gorhill/uBlock-for-firefox-legacy/releases uBlock Origin]&lt;br /&gt;
* [https://addons.palemoon.org/addon/hidescrollbars/ HideScrollBars] [https://forum.palemoon.org/viewtopic.php?t=3243 (Alternative Solution Without Extension)] [https://web.archive.org/web/https://forum.palemoon.org/viewtopic.php?t=3243 (Archive)]&lt;br /&gt;
* [https://addons.palemoon.org/addon/werewolf/ WereWolf]&lt;br /&gt;
* [https://github.com/JustOff/greedy-cache Greedy Cache]&lt;br /&gt;
* [https://addons.palemoon.org/addon/certpatrol/ Certificate Patrol]&lt;br /&gt;
* [https://addons.palemoon.org/addon/pmplus/ PermissionsPlus]&lt;br /&gt;
* [https://addons.palemoon.org/addon/decentraleyes/ Decentraleyes]&lt;br /&gt;
* [https://github.com/RealityRipple/GeoFlag GeoFlag]&lt;br /&gt;
* [https://realityripple.com/Software/XUL/qrThis/ QR This!]&lt;br /&gt;
&lt;br /&gt;
== My Chrome/Firefox Add-Ons ==&lt;br /&gt;
# [https://reader.postlight.com/ PostlightReader] (Reader Mode on All Websites)&lt;br /&gt;
# [https://github.com/dnakov/little-rat Little Rat] (It&#039;s Basically a Firewall for Your Extensions)&lt;br /&gt;
# [https://github.com/dessant/buster Buster] (CAPTCHA Solver)&lt;br /&gt;
# [https://github.com/kas-elvirov/gloc GitHub Gloc] (GitHub Lines Of Code)&lt;br /&gt;
# [https://privacypass.github.io/ Privacy Pass] (Captcha Reducer)&lt;br /&gt;
# [https://tabliss.io/ Tabliss] (Better New Tab Page)&lt;br /&gt;
# [https://www.getvoila.ai/ Voilà] (I don&#039;t trust it, but it&#039;s an AI extension)&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/temp-mail-disposable-temp/inojafojbhdpnehkhhfjalgjjobnhomj Temp mail] (Temporary Mail Creator)&lt;br /&gt;
# [https://www.deepl.com/en/chrome-extension DeepL] (Translate but better than Google Translate just try it)&lt;br /&gt;
# [https://www.aiprm.com/ Aiprm] (ChatGPT Prompt Manager)&lt;br /&gt;
# [https://butter.sonnet.io/ Butter] (AI Video Sponsor Skipper works better on short videos)&lt;br /&gt;
# [https://gitlab.com/magnolia1234/bypass-paywalls-chrome-clean Bypass Paywalls Clean] (Bypass Paywalls Legally)&lt;br /&gt;
# [https://consentomatic.au.dk/ Consent O Matic] (Do you want cookie… Rejected)&lt;br /&gt;
# [https://webextension.org/listing/tab-discard.html Tab discard] (Delete Inactive Tab&#039;s Memory)&lt;br /&gt;
# [https://github.com/kkapsner/CanvasBlocker/ Canvas Block] (Canvas Blocker for Privacy)&lt;br /&gt;
# [https://darkreader.org/ Dark Reader] (Dark Mode extension I am using with high contrast setting)&lt;br /&gt;
# [https://github.com/alextrv/enhanced-h264ify enhanced h264ify] (Especially useful on older machines It blocks VP9 and forces h264)&lt;br /&gt;
# [https://libredirect.github.io/ libredirect] (Redirects you to privacy-friendly frontends of websites)&lt;br /&gt;
# [https://github.com/cowlicks/privacypossum Privacy Possum] (Improves your privacy)&lt;br /&gt;
# [https://add0n.com/privacy-settings.html Privacy Settings] (Changes your browsers settings to improve privacy)&lt;br /&gt;
# [https://www.returnyoutubedislike.com/ Return YouTube Dislike] (Returns YouTube&#039;s Dislike button)&lt;br /&gt;
# [https://sponsor.ajay.app/ SponsorBlock] (Blocks in-video sponsors)&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/temporary-containers/ Temporary Containers] (Separates cookies for websites)&lt;br /&gt;
# [https://vimium.github.io/ vimium] (Use your browser without mouse)&lt;br /&gt;
# [https://clearurls.xyz Clear URLs] (Clears tracking parameters from URLs)&lt;br /&gt;
# [https://istilldontcareaboutcookies.com/ I still don&#039;t care abut cookies] (Cookie popup blocker and not acquired by Avast)&lt;br /&gt;
# [https://mybrowseraddon.com/speed-tweaks.html Speed Tweaks] (Makes some changes that may can improve your browser performance)&lt;br /&gt;
# [https://github.com/gdh1995/vimium-c Vimium C] (vimium but faster!)&lt;br /&gt;
# [https://github.com/dan-online/youtubeaudiocompressor YouTube Audio Compressor] (Destroys the &amp;quot;HeLlO EvErYoNe&amp;quot; and &amp;quot;AAAUUGHHHHH&amp;quot; ear rapes)&lt;br /&gt;
# [http://dearrow.ajay.app/ Dearrow] (Removes Clickbait Thumbnails)&lt;br /&gt;
# [https://github.com/refined-github/refined-github Refined GitHub] (Adds Some Features to GitHub Website)&lt;br /&gt;
# [https://www.exify.io/ Exify] (View metadata of media)&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/tildes-reextended/ Tildes ReExtended] (Extension for Tildes)&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/maximize-video/bfpkgjlnboeecjmnbhbknmemmckmpomb Maximize Video] (Can maximize video frame even if it isn&#039;t supported)&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/flagfox/ Flagfox] (Says the country of websites)&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/privacy-oriented-origin-policy/ PO Origin Policy] (Privacy extension) (may break websites)&lt;br /&gt;
# [https://github.com/dessant/web-archives#readme Web Archives] (Shows if there a archived version of a website)&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/instant-data-scraper/ofaokhiedipichpaobibbnahnkdoiiah/ Instant Data Scraper] (You can scrape all data including financial and other results from search engines and export to CSV file)&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/nuke-anything-enhanced/ Nuke Anything Enhanced] (just select an object and Boom all object except selected object are deleted)&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/ctrl-number-to-switch-tabs/ Ctrl Number Switch] (CTRL+3 to switch to 3rd tab)&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/new-tab-redirect/icpgjfneehieebagbmdbhnlpiopdcmna New Tab Redirect] (You can set your new tab page to ANYTHING you want)&lt;br /&gt;
# [https://30secondsofknowledge.com/ 30 Seconds of Knowledge]&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/ninja-cookie/jifeafcpcjjgnlcnkffmeegehmnmkefl Ninja Cookie] (I don&#039;t tried it and I don&#039;t know if it&#039;s FLOSS or not)&lt;br /&gt;
# [https://www.zotero.org/download/ Zotero Connector] (Reasearch Helper)&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/replacer/cnaegfealmimnhmjhieeokofoeddejjk Replacer] (Replaces words e.g. f#$k to duck)&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/tabox-save-and-share-tab/bdbliblipiempfdkkkjohnecmeknnpoa Tab Saver] (I don&#039;t tried it yet)&lt;br /&gt;
# [https://www.makeuseof.com/chrome-color-picker-extensions/ Color Picker] (Picks Colors)&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/referrer-switch/ Referrer Switch] (Switches Referrers)&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/color-tab/hchlgfaicmddilenlflajnmomalehbom Color Tab] (New Tab pages with color palettes!)&lt;br /&gt;
# [https://git.sr.ht/~duncan-bayne/youtube-crapfilter YouTube Crapfilter] (Makes YouTube More Minimal)&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/google-scholar-button/ldipcbpaocekfooobnbcddclnhejkcpn Google Scholar Button]&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/firefox-translations/ Firefox Translations] (Translates Webpages)&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/bloody-vikings/ Bloody Vikings] (Generate Temp E-Mails!)&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/click-to-remove-element/jcgpghgjhhahcefnfpbncdmhhddedhnk Click To Remove Element]&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/transover/aggiiclaiamajehmlfpkjmlbadmkledi TransOver] (Translates Webpages)&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/ublacklist/pncfbmialoiaghdehhbnbhkkgmjanfhe uBlackList] (Block Spesific Domains From Search Results!)&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/netflix-bilingual-subtitl/ociifpecaephgjmjlkepjmiemcjidbgn Netflix Bilingual Subtitles] (Netflix Multi-Subtitles)&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/online-image-editor-img2g/kpecfgjcmboghimfnkpcfijmoknhipdi img2go]&lt;br /&gt;
# [https://einaregilsson.com/redirector/ Redirector]&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/css-exfil-protection/ibeemfhcbbikonfajhamlkdgedmekifo CSS Exfil Protection] (CSS attack protection)&lt;br /&gt;
# [https://burles.co/en/ Burlesco] (Paywall Bypasser)&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/recaptcha-autoclick/caahalkghnhbabknipmconmbicpkcopl?hl=en ReCaptcha AutoClick]&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/chrome-extension-source-v/jifpbeccnghkjeaalbbjmodiffmgedin Chrome Extension Source V]&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/gomhfpbcjfidhpffhecghfdieincgncc Bionify] (Faster Readings!)&lt;br /&gt;
# [https://github.com/privacy-tech-lab/gpc-optmeowt OptMeowT] (Sends some &amp;quot;Don&#039;t Track Me&amp;quot; signals to websites.)&lt;br /&gt;
# [https://github.com/deejayy/linkedin-noise-remover LinkedIN Noise Remover]&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/youtube-tab-arranger/ YouTube Tab Arranger]&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/languagetool/ AI Grammar Checker &amp;amp; Paraphraser – LanguageTool] (Instantly Enhance Your Texts with LanguageTool&#039;s Grammar Checker and Paraphraser...)&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/bitwarden-password-manager/ Bitwarden Password Manager] (At home, at work, or on the go, Bitwarden easily secures all your passwords, passkeys...)&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/deepl-translator/ DeepL: translate and write with AI] (Translate while you read and write with DeepL. Translate the world&#039;s most accurate translator...) &#039;&#039;*Already in your list (#9)&#039;&#039;&lt;br /&gt;
# [https://libredirect.github.io/ LibRedirect] (A web extension that redirects popular sites to alternative privacy-friendly frontends...) &#039;&#039;*Already in your list (#18)&#039;&#039;&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/localcdn-fork-of-decentraleyes/ LocalCDN] (Protects you against tracking through CDNs (Content Delivery Networks) by redirecting...)&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/proton-pass/ Proton Pass: Free Password Manager] (Free and fully encrypted password manager to keep your logins and passwords safe...)&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/save-data/ Save-Data: on] (Automatically enable data-savings mode on compatible websites.)&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/traduzir-paginas-web/ TWP - Translate Web Pages] (Translate your page in real time using Google or Yandex.)&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/ uBlock Origin] (Finally, an efficient blocker. Easy on CPU and memory.) &#039;&#039;*Already in your Pale Moon list&#039;&#039;&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/user-agent-string-switcher/ User-Agent Switcher and Manager] (Spoof websites trying to gather information about your web navigation...)&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/vimium-c/ Vimium C - All by Keyboard] (A keyboard shortcut tool for keyboard-based page navigation and browser tabs operati...) &#039;&#039;*Already in your list (#28)&#039;&#039;&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/dark-background-light-text/ Dark Background and Light Text] (Makes every page to have light text on dark background...)&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/random-bookmark/ Random Bookmark] (Load up a random bookmark! Features: Create groups of bookmark folders to rando...)&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/referer-modifier/ Referer Modifier] (Modify the Referer header in HTTP requests.)&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/violentmonkey/ Violentmonkey] (An open source userscript manager that supports a lot of browsers)&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/wappalyzer/ Wappalyzer - Technology profiler] (Identify web technologies)&lt;br /&gt;
&lt;br /&gt;
= My Redirector Rules =&lt;br /&gt;
&amp;lt;syntaxhighlight lang=&amp;quot;json&amp;quot;&amp;gt;&lt;br /&gt;
{&lt;br /&gt;
  &amp;quot;createdBy&amp;quot;: &amp;quot;Redirector v3.5.3&amp;quot;,&lt;br /&gt;
  &amp;quot;createdAt&amp;quot;: &amp;quot;2023-08-25T17:18:34.192Z&amp;quot;,&lt;br /&gt;
  &amp;quot;redirects&amp;quot;: [&lt;br /&gt;
    {&lt;br /&gt;
      &amp;quot;description&amp;quot;: &amp;quot;Search Engine&amp;quot;,&lt;br /&gt;
      &amp;quot;exampleUrl&amp;quot;: &amp;quot;https://www.google.com/search?q=searchterm&amp;quot;,&lt;br /&gt;
      &amp;quot;exampleResult&amp;quot;: &amp;quot;https://search.whateveritworks.org/?preferences=eJx1V82WqzYMfppmw5mctnfR00VWPW0foLdrjrAV0MW2PP5Jwjx95QDBDNPFMCDbkix9-qQoSNhzIIyXHh0GMCcDrs_Q4wXd27__nAwrMHhJ4QQ5sWLrDSa89My9wRNZ2dn6wI_p8j1kPFlMA-vL339-P0W4YkQIarj8fEoDWrxEKsdPAWM2KbbsWof3NkE3H9ZMrayxuWG4MMjnmUN_mk-1MU3iiIYwnhS6hKEFQ72z8j4fB30Dp1C3i9W_wEQ8vWcMU0uuTZTk_CwkdyVHSZSqwMYs5ilCZ-Q8up6chAScg9gUXXTDtr2SwfjTr3-AHxtLIXCoZeJiI88mJg715vl0Q7FtlxCL9E4jedQEtbCj1GU1YmpbSvKtlHpLt7a9kUYuusTXGANeW3GbUK46y-76RhLGSpPKwRB-kgQ5MdUyjfghUWxtjqTKt-4bjc_AELudvyhWSLctSx7D4r-GtHNfi-_lr-evpc0TLKJ2_r9fuyMU1ZuFOaAWvByQZ_HB8o81aOuuJHmadhf95VEZuOrAxe01GdeA2ES-pjsEbDQFVJKtaYn3NZAbCVSloBfMQLfmgzV2GPrlcy6BxhuYSuLjZqZesSzJiVUSe89a12EfoAtQHotesrrbbkgOqsPk5JU4x69lq8ofFAfedIykRoiVg4bEZJiaErZIuwXX33ZZNdzFhOcQF-_gw0yBVGVMSh6UB7dscN6ubxPAppo9uoCeK2sexK-e4gp4X9Jb3ez5fX7a2cz53J013pYj73dwqfb3KWiEVsROeb5EB_TN4tlYZXQmj5Lrpjxe2AALJWyrIKKV46SaqAY2EOqajAlC8oUZK8cSjxMnlsSMJVZrDCYYeFcwT8H-AnfqdoUrhPwAp8OePkpNdszjgWg-6RrpPXPCz7si56AOUmHiSGk6iHn6dD1NKn2w29fit2-_Pbar6qzRbaiM-OHA1vsd3EphbIKQu6lHu2LPI4aUO6yyZQsfiMKxUOAdu2opZCtsXgnu_KCRnaCniZNjN1msvPnhz_7u9hRnhQtrf7xA3cwA-R_xEWYCmq165iAPOW0c8lJ0QrdvP7_3IFwTWRGY5nnRpZ80Uqb50RQP16oMiWregvCgWw3JTvCiwPqtjjop9X33cf3R-6d0B6Cn5FA1XdLU9_tqL9jBSteEft9-biQlJK7XLYGlAYZmyCvpYposO7lwlaurEUILNU2jo5r_5DuVyM4xprSpm6m5dmMh68PNF_nu7ovscPtF_gUVDIu9p_GPt4V4j0zMV2Eb18v0U_tg6aEMZ12RLUiLwrVVlCiDdLHSiiPKRFVZXteELyVcsLT0_XpM0hCTtNe1x3pdqmvb5AehLPdapSDzYgeV_6LdFs6ujkx-RaU4pikdIBzRE6xVtPEuZ4Ho_rZCpGpkwdHV8H2Fehxzl13Ka0lljyHHV0xkfCQtXV3GnVT1mnSnVGbGz85kF6VPx6HGKedPLPOSvEYlICO4LEGttt3IIteEQ2PZ8Uz4i1bYzL3ED9UcY4WLrEwiTQrgopEoV8OWzD2I446COWhHY6U1pXCmir0EVbcN5tto600WcomXEv7Hefk6S7haNaAal_63rciVWsHAiFN88dPXOoYSxPnjoGXgmITrUaZ7CfbcI3cbjFBtWrpCLWdo5x8F9yDrh-UFRJIENf-QmWT2NzLUfbHTXOVHwJUPKxLxQjmtjMxixxa0naRXS3Fc_gOANvTM&amp;amp;q=searchterm&amp;quot;,&lt;br /&gt;
      &amp;quot;error&amp;quot;: null,&lt;br /&gt;
      &amp;quot;includePattern&amp;quot;: &amp;quot;^https?://www.\\google\\.com/search\\?q=([^&amp;amp;]+)&amp;quot;,&lt;br /&gt;
      &amp;quot;excludePattern&amp;quot;: &amp;quot;&amp;quot;,&lt;br /&gt;
      &amp;quot;patternDesc&amp;quot;: &amp;quot;&amp;quot;,&lt;br /&gt;
      &amp;quot;redirectUrl&amp;quot;: &amp;quot;https://search.whateveritworks.org/?preferences=eJx1V82WqzYMfppmw5mctnfR00VWPW0foLdrjrAV0MW2PP5Jwjx95QDBDNPFMCDbkix9-qQoSNhzIIyXHh0GMCcDrs_Q4wXd27__nAwrMHhJ4QQ5sWLrDSa89My9wRNZ2dn6wI_p8j1kPFlMA-vL339-P0W4YkQIarj8fEoDWrxEKsdPAWM2KbbsWof3NkE3H9ZMrayxuWG4MMjnmUN_mk-1MU3iiIYwnhS6hKEFQ72z8j4fB30Dp1C3i9W_wEQ8vWcMU0uuTZTk_CwkdyVHSZSqwMYs5ilCZ-Q8up6chAScg9gUXXTDtr2SwfjTr3-AHxtLIXCoZeJiI88mJg715vl0Q7FtlxCL9E4jedQEtbCj1GU1YmpbSvKtlHpLt7a9kUYuusTXGANeW3GbUK46y-76RhLGSpPKwRB-kgQ5MdUyjfghUWxtjqTKt-4bjc_AELudvyhWSLctSx7D4r-GtHNfi-_lr-evpc0TLKJ2_r9fuyMU1ZuFOaAWvByQZ_HB8o81aOuuJHmadhf95VEZuOrAxe01GdeA2ES-pjsEbDQFVJKtaYn3NZAbCVSloBfMQLfmgzV2GPrlcy6BxhuYSuLjZqZesSzJiVUSe89a12EfoAtQHotesrrbbkgOqsPk5JU4x69lq8ofFAfedIykRoiVg4bEZJiaErZIuwXX33ZZNdzFhOcQF-_gw0yBVGVMSh6UB7dscN6ubxPAppo9uoCeK2sexK-e4gp4X9Jb3ez5fX7a2cz53J013pYj73dwqfb3KWiEVsROeb5EB_TN4tlYZXQmj5Lrpjxe2AALJWyrIKKV46SaqAY2EOqajAlC8oUZK8cSjxMnlsSMJVZrDCYYeFcwT8H-AnfqdoUrhPwAp8OePkpNdszjgWg-6RrpPXPCz7si56AOUmHiSGk6iHn6dD1NKn2w29fit2-_Pbar6qzRbaiM-OHA1vsd3EphbIKQu6lHu2LPI4aUO6yyZQsfiMKxUOAdu2opZCtsXgnu_KCRnaCniZNjN1msvPnhz_7u9hRnhQtrf7xA3cwA-R_xEWYCmq165iAPOW0c8lJ0QrdvP7_3IFwTWRGY5nnRpZ80Uqb50RQP16oMiWregvCgWw3JTvCiwPqtjjop9X33cf3R-6d0B6Cn5FA1XdLU9_tqL9jBSteEft9-biQlJK7XLYGlAYZmyCvpYposO7lwlaurEUILNU2jo5r_5DuVyM4xprSpm6m5dmMh68PNF_nu7ovscPtF_gUVDIu9p_GPt4V4j0zMV2Eb18v0U_tg6aEMZ12RLUiLwrVVlCiDdLHSiiPKRFVZXteELyVcsLT0_XpM0hCTtNe1x3pdqmvb5AehLPdapSDzYgeV_6LdFs6ujkx-RaU4pikdIBzRE6xVtPEuZ4Ho_rZCpGpkwdHV8H2Fehxzl13Ka0lljyHHV0xkfCQtXV3GnVT1mnSnVGbGz85kF6VPx6HGKedPLPOSvEYlICO4LEGttt3IIteEQ2PZ8Uz4i1bYzL3ED9UcY4WLrEwiTQrgopEoV8OWzD2I446COWhHY6U1pXCmir0EVbcN5tto600WcomXEv7Hefk6S7haNaAal_63rciVWsHAiFN88dPXOoYSxPnjoGXgmITrUaZ7CfbcI3cbjFBtWrpCLWdo5x8F9yDrh-UFRJIENf-QmWT2NzLUfbHTXOVHwJUPKxLxQjmtjMxixxa0naRXS3Fc_gOANvTM&amp;amp;q=$1&amp;quot;,&lt;br /&gt;
      &amp;quot;patternType&amp;quot;: &amp;quot;R&amp;quot;,&lt;br /&gt;
      &amp;quot;processMatches&amp;quot;: &amp;quot;noProcessing&amp;quot;,&lt;br /&gt;
      &amp;quot;disabled&amp;quot;: false,&lt;br /&gt;
      &amp;quot;grouped&amp;quot;: false,&lt;br /&gt;
      &amp;quot;appliesTo&amp;quot;: [&lt;br /&gt;
        &amp;quot;main_frame&amp;quot;&lt;br /&gt;
      ]&lt;br /&gt;
    },&lt;br /&gt;
    {&lt;br /&gt;
      &amp;quot;description&amp;quot;: &amp;quot;Redirect YouTube Shorts to regular YouTube&amp;quot;,&lt;br /&gt;
      &amp;quot;exampleUrl&amp;quot;: &amp;quot;https://www.youtube.com/shorts/video-id&amp;quot;,&lt;br /&gt;
      &amp;quot;exampleResult&amp;quot;: &amp;quot;https://www.youtube.com/watch?v=video-id&amp;quot;,&lt;br /&gt;
      &amp;quot;error&amp;quot;: null,&lt;br /&gt;
      &amp;quot;includePattern&amp;quot;: &amp;quot;https://www.youtube.com/shorts/*&amp;quot;,&lt;br /&gt;
      &amp;quot;excludePattern&amp;quot;: &amp;quot;&amp;quot;,&lt;br /&gt;
      &amp;quot;patternDesc&amp;quot;: &amp;quot;Redirect YouTube Shorts to regular YouTube&amp;quot;,&lt;br /&gt;
      &amp;quot;redirectUrl&amp;quot;: &amp;quot;https://www.youtube.com/watch?v=$1&amp;quot;,&lt;br /&gt;
      &amp;quot;patternType&amp;quot;: &amp;quot;W&amp;quot;,&lt;br /&gt;
      &amp;quot;processMatches&amp;quot;: &amp;quot;noProcessing&amp;quot;,&lt;br /&gt;
      &amp;quot;disabled&amp;quot;: false,&lt;br /&gt;
      &amp;quot;grouped&amp;quot;: false,&lt;br /&gt;
      &amp;quot;appliesTo&amp;quot;: [&lt;br /&gt;
        &amp;quot;main_frame&amp;quot;&lt;br /&gt;
      ]&lt;br /&gt;
    },&lt;br /&gt;
    {&lt;br /&gt;
      &amp;quot;description&amp;quot;: &amp;quot;Redirect Wikipedia to Mobile Version&amp;quot;,&lt;br /&gt;
      &amp;quot;exampleUrl&amp;quot;: &amp;quot;https://en.wikipedia.org/&amp;quot;,&lt;br /&gt;
      &amp;quot;exampleResult&amp;quot;: &amp;quot;https://en.m.wikipedia.org/&amp;quot;,&lt;br /&gt;
      &amp;quot;error&amp;quot;: null,&lt;br /&gt;
      &amp;quot;includePattern&amp;quot;: &amp;quot;https://en.wikipedia.org/*&amp;quot;,&lt;br /&gt;
      &amp;quot;excludePattern&amp;quot;: &amp;quot;&amp;quot;,&lt;br /&gt;
      &amp;quot;patternDesc&amp;quot;: &amp;quot;Redirect Wikipedia to Mobile Version&amp;quot;,&lt;br /&gt;
      &amp;quot;redirectUrl&amp;quot;: &amp;quot;https://en.m.wikipedia.org/$1&amp;quot;,&lt;br /&gt;
      &amp;quot;patternType&amp;quot;: &amp;quot;W&amp;quot;,&lt;br /&gt;
      &amp;quot;processMatches&amp;quot;: &amp;quot;noProcessing&amp;quot;,&lt;br /&gt;
      &amp;quot;disabled&amp;quot;: false,&lt;br /&gt;
      &amp;quot;grouped&amp;quot;: false,&lt;br /&gt;
      &amp;quot;appliesTo&amp;quot;: [&lt;br /&gt;
        &amp;quot;main_frame&amp;quot;&lt;br /&gt;
      ]&lt;br /&gt;
    },&lt;br /&gt;
    {&lt;br /&gt;
      &amp;quot;description&amp;quot;: &amp;quot;Image proxy for privacy.&amp;quot;,&lt;br /&gt;
      &amp;quot;exampleUrl&amp;quot;: &amp;quot;https://www.example.com/image.jpg&amp;quot;,&lt;br /&gt;
      &amp;quot;exampleResult&amp;quot;: &amp;quot;https://external-content.duckduckgo.com/iu/?u=https://www.example.com/image.jpg&amp;quot;,&lt;br /&gt;
      &amp;quot;error&amp;quot;: null,&lt;br /&gt;
      &amp;quot;includePattern&amp;quot;: &amp;quot;(.*\\.(?:jpg|png|webp|jpeg|gif))$&amp;quot;,&lt;br /&gt;
      &amp;quot;excludePattern&amp;quot;: &amp;quot;&amp;quot;,&lt;br /&gt;
      &amp;quot;patternDesc&amp;quot;: &amp;quot;&amp;quot;,&lt;br /&gt;
      &amp;quot;redirectUrl&amp;quot;: &amp;quot;https://external-content.duckduckgo.com/iu/?u=$1&amp;quot;,&lt;br /&gt;
      &amp;quot;patternType&amp;quot;: &amp;quot;R&amp;quot;,&lt;br /&gt;
      &amp;quot;processMatches&amp;quot;: &amp;quot;noProcessing&amp;quot;,&lt;br /&gt;
      &amp;quot;disabled&amp;quot;: false,&lt;br /&gt;
      &amp;quot;grouped&amp;quot;: false,&lt;br /&gt;
      &amp;quot;appliesTo&amp;quot;: [&lt;br /&gt;
        &amp;quot;main_frame&amp;quot;&lt;br /&gt;
      ]&lt;br /&gt;
    }&lt;br /&gt;
  ]&lt;br /&gt;
}&lt;br /&gt;
&amp;lt;/syntaxhighlight&amp;gt;&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/stefanbuck/awesome-browser-extensions-for-github Awesome Browser Extensions for GitHub] ==&lt;br /&gt;
== [https://alternativeto.net/list/35731/firefox-addons-convenience/ AlternativeTo Browser Extension List] ==&lt;br /&gt;
== [https://www.makeuseof.com/chrome-extensions-make-reading-online-articles-better/ Extensions for Reading] ==&lt;br /&gt;
&lt;br /&gt;
[[Category:web browsers]]&lt;/div&gt;</summary>
		<author><name>Admin</name></author>
	</entry>
	<entry>
		<id>https://wiki.n216.dedyn.io/index.php?title=Interesting_Browser_Extensions&amp;diff=64</id>
		<title>Interesting Browser Extensions</title>
		<link rel="alternate" type="text/html" href="https://wiki.n216.dedyn.io/index.php?title=Interesting_Browser_Extensions&amp;diff=64"/>
		<updated>2026-05-18T11:22:22Z</updated>

		<summary type="html">&lt;p&gt;Admin: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;= My Browser Extensions =&lt;br /&gt;
== Using too many extensions isn&#039;t recommended! ==&lt;br /&gt;
&lt;br /&gt;
== WARNING: This article is imported from my older notes. Which means there will be dead links or some extensions are not needed anymore. ==&lt;br /&gt;
&lt;br /&gt;
== My Pale Moon Add-Ons ==&lt;br /&gt;
* [https://github.com/Lootyhoof/darkmoon Dark Moon] (Theme)&lt;br /&gt;
* [https://addons.palemoon.org/addon/ematrix/ eMatrix]&lt;br /&gt;
* [https://addons.palemoon.org/addon/pm-commander Pale Moon Commander]&lt;br /&gt;
* [https://0xacab.org/dCF/deCloudflare/-/tree/master/tool/block_cloudflare_requests_pm Block Cloudflare Requests]&lt;br /&gt;
* [https://github.com/gorhill/uBlock-for-firefox-legacy/releases uBlock Origin]&lt;br /&gt;
* [https://addons.palemoon.org/addon/hidescrollbars/ HideScrollBars] [https://forum.palemoon.org/viewtopic.php?t=3243 (Alternative Solution Without Extension)] [https://web.archive.org/web/https://forum.palemoon.org/viewtopic.php?t=3243 (Archive)]&lt;br /&gt;
* [https://addons.palemoon.org/addon/werewolf/ WereWolf]&lt;br /&gt;
* [https://github.com/JustOff/greedy-cache Greedy Cache]&lt;br /&gt;
* [https://addons.palemoon.org/addon/certpatrol/ Certificate Patrol]&lt;br /&gt;
* [https://addons.palemoon.org/addon/pmplus/ PermissionsPlus]&lt;br /&gt;
* [https://addons.palemoon.org/addon/decentraleyes/ Decentraleyes]&lt;br /&gt;
* [https://github.com/RealityRipple/GeoFlag GeoFlag]&lt;br /&gt;
* [https://realityripple.com/Software/XUL/qrThis/ QR This!]&lt;br /&gt;
&lt;br /&gt;
== My Chrome/Firefox Add-Ons ==&lt;br /&gt;
# [https://reader.postlight.com/ PostlightReader] (Reader Mode on All Websites)&lt;br /&gt;
# [https://github.com/dnakov/little-rat Little Rat] (It&#039;s Basically a Firewall for Your Extensions)&lt;br /&gt;
# [https://github.com/dessant/buster Buster] (CAPTCHA Solver)&lt;br /&gt;
# [https://github.com/kas-elvirov/gloc GitHub Gloc] (GitHub Lines Of Code)&lt;br /&gt;
# [https://privacypass.github.io/ Privacy Pass] (Captcha Reducer)&lt;br /&gt;
# [https://tabliss.io/ Tabliss] (Better New Tab Page)&lt;br /&gt;
# [https://www.getvoila.ai/ Voilà] (I don&#039;t trust it, but it&#039;s an AI extension)&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/temp-mail-disposable-temp/inojafojbhdpnehkhhfjalgjjobnhomj Temp mail] (Temporary Mail Creator)&lt;br /&gt;
# [https://www.deepl.com/en/chrome-extension DeepL] (Translate but better than Google Translate just try it)&lt;br /&gt;
# [https://www.aiprm.com/ Aiprm] (ChatGPT Prompt Manager)&lt;br /&gt;
# [https://butter.sonnet.io/ Butter] (AI Video Sponsor Skipper works better on short videos)&lt;br /&gt;
# [https://gitlab.com/magnolia1234/bypass-paywalls-chrome-clean Bypass Paywalls Clean] (Bypass Paywalls Legally)&lt;br /&gt;
# [https://consentomatic.au.dk/ Consent O Matic] (Do you want cookie… Rejected)&lt;br /&gt;
# [https://webextension.org/listing/tab-discard.html Tab discard] (Delete Inactive Tab&#039;s Memory)&lt;br /&gt;
# [https://github.com/kkapsner/CanvasBlocker/ Canvas Block] (Canvas Blocker for Privacy)&lt;br /&gt;
# [https://darkreader.org/ Dark Reader] (Dark Mode extension I am using with high contrast setting)&lt;br /&gt;
# [https://github.com/alextrv/enhanced-h264ify enhanced h264ify] (Especially useful on older machines It blocks VP9 and forces h264)&lt;br /&gt;
# [https://libredirect.github.io/ libredirect] (Redirects you to privacy-friendly frontends of websites)&lt;br /&gt;
# [https://github.com/cowlicks/privacypossum Privacy Possum] (Improves your privacy)&lt;br /&gt;
# [https://add0n.com/privacy-settings.html Privacy Settings] (Changes your browsers settings to improve privacy)&lt;br /&gt;
# [https://www.returnyoutubedislike.com/ Return YouTube Dislike] (Returns YouTube&#039;s Dislike button)&lt;br /&gt;
# [https://sponsor.ajay.app/ SponsorBlock] (Blocks in-video sponsors)&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/temporary-containers/ Temporary Containers] (Separates cookies for websites)&lt;br /&gt;
# [https://vimium.github.io/ vimium] (Use your browser without mouse)&lt;br /&gt;
# [https://clearurls.xyz Clear URLs] (Clears tracking parameters from URLs)&lt;br /&gt;
# [https://istilldontcareaboutcookies.com/ I still don&#039;t care abut cookies] (Cookie popup blocker and not acquired by Avast)&lt;br /&gt;
# [https://mybrowseraddon.com/speed-tweaks.html Speed Tweaks] (Makes some changes that may can improve your browser performance)&lt;br /&gt;
# [https://github.com/gdh1995/vimium-c Vimium C] (vimium but faster!)&lt;br /&gt;
# [https://github.com/dan-online/youtubeaudiocompressor YouTube Audio Compressor] (Destroys the &amp;quot;HeLlO EvErYoNe&amp;quot; and &amp;quot;AAAUUGHHHHH&amp;quot; ear rapes)&lt;br /&gt;
# [http://dearrow.ajay.app/ Dearrow] (Removes Clickbait Thumbnails)&lt;br /&gt;
# [https://github.com/refined-github/refined-github Refined GitHub] (Adds Some Features to GitHub Website)&lt;br /&gt;
# [https://www.exify.io/ Exify] (View metadata of media)&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/tildes-reextended/ Tildes ReExtended] (Extension for Tildes)&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/maximize-video/bfpkgjlnboeecjmnbhbknmemmckmpomb Maximize Video] (Can maximize video frame even if it isn&#039;t supported)&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/flagfox/ Flagfox] (Says the country of websites)&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/privacy-oriented-origin-policy/ PO Origin Policy] (Privacy extension) (may break websites)&lt;br /&gt;
# [https://github.com/dessant/web-archives#readme Web Archives] (Shows if there a archived version of a website)&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/instant-data-scraper/ofaokhiedipichpaobibbnahnkdoiiah/ Instant Data Scraper] (You can scrape all data including financial and other results from search engines and export to CSV file)&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/nuke-anything-enhanced/ Nuke Anything Enhanced] (just select an object and Boom all object except selected object are deleted)&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/ctrl-number-to-switch-tabs/ Ctrl Number Switch] (CTRL+3 to switch to 3rd tab)&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/new-tab-redirect/icpgjfneehieebagbmdbhnlpiopdcmna New Tab Redirect] (You can set your new tab page to ANYTHING you want)&lt;br /&gt;
# [https://30secondsofknowledge.com/ 30 Seconds of Knowledge]&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/ninja-cookie/jifeafcpcjjgnlcnkffmeegehmnmkefl Ninja Cookie] (I don&#039;t tried it and I don&#039;t know if it&#039;s FLOSS or not)&lt;br /&gt;
# [https://www.zotero.org/download/ Zotero Connector] (Reasearch Helper)&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/replacer/cnaegfealmimnhmjhieeokofoeddejjk Replacer] (Replaces words e.g. f#$k to duck)&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/tabox-save-and-share-tab/bdbliblipiempfdkkkjohnecmeknnpoa Tab Saver] (I don&#039;t tried it yet)&lt;br /&gt;
# [https://www.makeuseof.com/chrome-color-picker-extensions/ Color Picker] (Picks Colors)&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/referrer-switch/ Referrer Switch] (Switches Referrers)&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/color-tab/hchlgfaicmddilenlflajnmomalehbom Color Tab] (New Tab pages with color palettes!)&lt;br /&gt;
# [https://git.sr.ht/~duncan-bayne/youtube-crapfilter YouTube Crapfilter] (Makes YouTube More Minimal)&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/google-scholar-button/ldipcbpaocekfooobnbcddclnhejkcpn Google Scholar Button]&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/firefox-translations/ Firefox Translations] (Translates Webpages)&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/bloody-vikings/ Bloody Vikings] (Generate Temp E-Mails!)&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/click-to-remove-element/jcgpghgjhhahcefnfpbncdmhhddedhnk Click To Remove Element]&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/transover/aggiiclaiamajehmlfpkjmlbadmkledi TransOver] (Translates Webpages)&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/ublacklist/pncfbmialoiaghdehhbnbhkkgmjanfhe uBlackList] (Block Spesific Domains From Search Results!)&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/netflix-bilingual-subtitl/ociifpecaephgjmjlkepjmiemcjidbgn Netflix Bilingual Subtitles] (Netflix Multi-Subtitles)&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/online-image-editor-img2g/kpecfgjcmboghimfnkpcfijmoknhipdi img2go]&lt;br /&gt;
# [https://einaregilsson.com/redirector/ Redirector]&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/css-exfil-protection/ibeemfhcbbikonfajhamlkdgedmekifo CSS Exfil Protection] (CSS attack protection)&lt;br /&gt;
# [https://burles.co/en/ Burlesco] (Paywall Bypasser)&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/recaptcha-autoclick/caahalkghnhbabknipmconmbicpkcopl?hl=en ReCaptcha AutoClick]&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/chrome-extension-source-v/jifpbeccnghkjeaalbbjmodiffmgedin Chrome Extension Source V]&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/gomhfpbcjfidhpffhecghfdieincgncc Bionify] (Faster Readings!)&lt;br /&gt;
# [https://github.com/privacy-tech-lab/gpc-optmeowt OptMeowT] (Sends some &amp;quot;Don&#039;t Track Me&amp;quot; signals to websites.)&lt;br /&gt;
# [https://github.com/deejayy/linkedin-noise-remover LinkedIN Noise Remover]&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/youtube-tab-arranger/ YouTube Tab Arranger]&lt;br /&gt;
&lt;br /&gt;
= My Redirector Rules =&lt;br /&gt;
&amp;lt;syntaxhighlight lang=&amp;quot;json&amp;quot;&amp;gt;&lt;br /&gt;
{&lt;br /&gt;
  &amp;quot;createdBy&amp;quot;: &amp;quot;Redirector v3.5.3&amp;quot;,&lt;br /&gt;
  &amp;quot;createdAt&amp;quot;: &amp;quot;2023-08-25T17:18:34.192Z&amp;quot;,&lt;br /&gt;
  &amp;quot;redirects&amp;quot;: [&lt;br /&gt;
    {&lt;br /&gt;
      &amp;quot;description&amp;quot;: &amp;quot;Search Engine&amp;quot;,&lt;br /&gt;
      &amp;quot;exampleUrl&amp;quot;: &amp;quot;https://www.google.com/search?q=searchterm&amp;quot;,&lt;br /&gt;
      &amp;quot;exampleResult&amp;quot;: &amp;quot;https://search.whateveritworks.org/?preferences=eJx1V82WqzYMfppmw5mctnfR00VWPW0foLdrjrAV0MW2PP5Jwjx95QDBDNPFMCDbkix9-qQoSNhzIIyXHh0GMCcDrs_Q4wXd27__nAwrMHhJ4QQ5sWLrDSa89My9wRNZ2dn6wI_p8j1kPFlMA-vL339-P0W4YkQIarj8fEoDWrxEKsdPAWM2KbbsWof3NkE3H9ZMrayxuWG4MMjnmUN_mk-1MU3iiIYwnhS6hKEFQ72z8j4fB30Dp1C3i9W_wEQ8vWcMU0uuTZTk_CwkdyVHSZSqwMYs5ilCZ-Q8up6chAScg9gUXXTDtr2SwfjTr3-AHxtLIXCoZeJiI88mJg715vl0Q7FtlxCL9E4jedQEtbCj1GU1YmpbSvKtlHpLt7a9kUYuusTXGANeW3GbUK46y-76RhLGSpPKwRB-kgQ5MdUyjfghUWxtjqTKt-4bjc_AELudvyhWSLctSx7D4r-GtHNfi-_lr-evpc0TLKJ2_r9fuyMU1ZuFOaAWvByQZ_HB8o81aOuuJHmadhf95VEZuOrAxe01GdeA2ES-pjsEbDQFVJKtaYn3NZAbCVSloBfMQLfmgzV2GPrlcy6BxhuYSuLjZqZesSzJiVUSe89a12EfoAtQHotesrrbbkgOqsPk5JU4x69lq8ofFAfedIykRoiVg4bEZJiaErZIuwXX33ZZNdzFhOcQF-_gw0yBVGVMSh6UB7dscN6ubxPAppo9uoCeK2sexK-e4gp4X9Jb3ez5fX7a2cz53J013pYj73dwqfb3KWiEVsROeb5EB_TN4tlYZXQmj5Lrpjxe2AALJWyrIKKV46SaqAY2EOqajAlC8oUZK8cSjxMnlsSMJVZrDCYYeFcwT8H-AnfqdoUrhPwAp8OePkpNdszjgWg-6RrpPXPCz7si56AOUmHiSGk6iHn6dD1NKn2w29fit2-_Pbar6qzRbaiM-OHA1vsd3EphbIKQu6lHu2LPI4aUO6yyZQsfiMKxUOAdu2opZCtsXgnu_KCRnaCniZNjN1msvPnhz_7u9hRnhQtrf7xA3cwA-R_xEWYCmq165iAPOW0c8lJ0QrdvP7_3IFwTWRGY5nnRpZ80Uqb50RQP16oMiWregvCgWw3JTvCiwPqtjjop9X33cf3R-6d0B6Cn5FA1XdLU9_tqL9jBSteEft9-biQlJK7XLYGlAYZmyCvpYposO7lwlaurEUILNU2jo5r_5DuVyM4xprSpm6m5dmMh68PNF_nu7ovscPtF_gUVDIu9p_GPt4V4j0zMV2Eb18v0U_tg6aEMZ12RLUiLwrVVlCiDdLHSiiPKRFVZXteELyVcsLT0_XpM0hCTtNe1x3pdqmvb5AehLPdapSDzYgeV_6LdFs6ujkx-RaU4pikdIBzRE6xVtPEuZ4Ho_rZCpGpkwdHV8H2Fehxzl13Ka0lljyHHV0xkfCQtXV3GnVT1mnSnVGbGz85kF6VPx6HGKedPLPOSvEYlICO4LEGttt3IIteEQ2PZ8Uz4i1bYzL3ED9UcY4WLrEwiTQrgopEoV8OWzD2I446COWhHY6U1pXCmir0EVbcN5tto600WcomXEv7Hefk6S7haNaAal_63rciVWsHAiFN88dPXOoYSxPnjoGXgmITrUaZ7CfbcI3cbjFBtWrpCLWdo5x8F9yDrh-UFRJIENf-QmWT2NzLUfbHTXOVHwJUPKxLxQjmtjMxixxa0naRXS3Fc_gOANvTM&amp;amp;q=searchterm&amp;quot;,&lt;br /&gt;
      &amp;quot;error&amp;quot;: null,&lt;br /&gt;
      &amp;quot;includePattern&amp;quot;: &amp;quot;^https?://www.\\google\\.com/search\\?q=([^&amp;amp;]+)&amp;quot;,&lt;br /&gt;
      &amp;quot;excludePattern&amp;quot;: &amp;quot;&amp;quot;,&lt;br /&gt;
      &amp;quot;patternDesc&amp;quot;: &amp;quot;&amp;quot;,&lt;br /&gt;
      &amp;quot;redirectUrl&amp;quot;: &amp;quot;https://search.whateveritworks.org/?preferences=eJx1V82WqzYMfppmw5mctnfR00VWPW0foLdrjrAV0MW2PP5Jwjx95QDBDNPFMCDbkix9-qQoSNhzIIyXHh0GMCcDrs_Q4wXd27__nAwrMHhJ4QQ5sWLrDSa89My9wRNZ2dn6wI_p8j1kPFlMA-vL339-P0W4YkQIarj8fEoDWrxEKsdPAWM2KbbsWof3NkE3H9ZMrayxuWG4MMjnmUN_mk-1MU3iiIYwnhS6hKEFQ72z8j4fB30Dp1C3i9W_wEQ8vWcMU0uuTZTk_CwkdyVHSZSqwMYs5ilCZ-Q8up6chAScg9gUXXTDtr2SwfjTr3-AHxtLIXCoZeJiI88mJg715vl0Q7FtlxCL9E4jedQEtbCj1GU1YmpbSvKtlHpLt7a9kUYuusTXGANeW3GbUK46y-76RhLGSpPKwRB-kgQ5MdUyjfghUWxtjqTKt-4bjc_AELudvyhWSLctSx7D4r-GtHNfi-_lr-evpc0TLKJ2_r9fuyMU1ZuFOaAWvByQZ_HB8o81aOuuJHmadhf95VEZuOrAxe01GdeA2ES-pjsEbDQFVJKtaYn3NZAbCVSloBfMQLfmgzV2GPrlcy6BxhuYSuLjZqZesSzJiVUSe89a12EfoAtQHotesrrbbkgOqsPk5JU4x69lq8ofFAfedIykRoiVg4bEZJiaErZIuwXX33ZZNdzFhOcQF-_gw0yBVGVMSh6UB7dscN6ubxPAppo9uoCeK2sexK-e4gp4X9Jb3ez5fX7a2cz53J013pYj73dwqfb3KWiEVsROeb5EB_TN4tlYZXQmj5Lrpjxe2AALJWyrIKKV46SaqAY2EOqajAlC8oUZK8cSjxMnlsSMJVZrDCYYeFcwT8H-AnfqdoUrhPwAp8OePkpNdszjgWg-6RrpPXPCz7si56AOUmHiSGk6iHn6dD1NKn2w29fit2-_Pbar6qzRbaiM-OHA1vsd3EphbIKQu6lHu2LPI4aUO6yyZQsfiMKxUOAdu2opZCtsXgnu_KCRnaCniZNjN1msvPnhz_7u9hRnhQtrf7xA3cwA-R_xEWYCmq165iAPOW0c8lJ0QrdvP7_3IFwTWRGY5nnRpZ80Uqb50RQP16oMiWregvCgWw3JTvCiwPqtjjop9X33cf3R-6d0B6Cn5FA1XdLU9_tqL9jBSteEft9-biQlJK7XLYGlAYZmyCvpYposO7lwlaurEUILNU2jo5r_5DuVyM4xprSpm6m5dmMh68PNF_nu7ovscPtF_gUVDIu9p_GPt4V4j0zMV2Eb18v0U_tg6aEMZ12RLUiLwrVVlCiDdLHSiiPKRFVZXteELyVcsLT0_XpM0hCTtNe1x3pdqmvb5AehLPdapSDzYgeV_6LdFs6ujkx-RaU4pikdIBzRE6xVtPEuZ4Ho_rZCpGpkwdHV8H2Fehxzl13Ka0lljyHHV0xkfCQtXV3GnVT1mnSnVGbGz85kF6VPx6HGKedPLPOSvEYlICO4LEGttt3IIteEQ2PZ8Uz4i1bYzL3ED9UcY4WLrEwiTQrgopEoV8OWzD2I446COWhHY6U1pXCmir0EVbcN5tto600WcomXEv7Hefk6S7haNaAal_63rciVWsHAiFN88dPXOoYSxPnjoGXgmITrUaZ7CfbcI3cbjFBtWrpCLWdo5x8F9yDrh-UFRJIENf-QmWT2NzLUfbHTXOVHwJUPKxLxQjmtjMxixxa0naRXS3Fc_gOANvTM&amp;amp;q=$1&amp;quot;,&lt;br /&gt;
      &amp;quot;patternType&amp;quot;: &amp;quot;R&amp;quot;,&lt;br /&gt;
      &amp;quot;processMatches&amp;quot;: &amp;quot;noProcessing&amp;quot;,&lt;br /&gt;
      &amp;quot;disabled&amp;quot;: false,&lt;br /&gt;
      &amp;quot;grouped&amp;quot;: false,&lt;br /&gt;
      &amp;quot;appliesTo&amp;quot;: [&lt;br /&gt;
        &amp;quot;main_frame&amp;quot;&lt;br /&gt;
      ]&lt;br /&gt;
    },&lt;br /&gt;
    {&lt;br /&gt;
      &amp;quot;description&amp;quot;: &amp;quot;Redirect YouTube Shorts to regular YouTube&amp;quot;,&lt;br /&gt;
      &amp;quot;exampleUrl&amp;quot;: &amp;quot;https://www.youtube.com/shorts/video-id&amp;quot;,&lt;br /&gt;
      &amp;quot;exampleResult&amp;quot;: &amp;quot;https://www.youtube.com/watch?v=video-id&amp;quot;,&lt;br /&gt;
      &amp;quot;error&amp;quot;: null,&lt;br /&gt;
      &amp;quot;includePattern&amp;quot;: &amp;quot;https://www.youtube.com/shorts/*&amp;quot;,&lt;br /&gt;
      &amp;quot;excludePattern&amp;quot;: &amp;quot;&amp;quot;,&lt;br /&gt;
      &amp;quot;patternDesc&amp;quot;: &amp;quot;Redirect YouTube Shorts to regular YouTube&amp;quot;,&lt;br /&gt;
      &amp;quot;redirectUrl&amp;quot;: &amp;quot;https://www.youtube.com/watch?v=$1&amp;quot;,&lt;br /&gt;
      &amp;quot;patternType&amp;quot;: &amp;quot;W&amp;quot;,&lt;br /&gt;
      &amp;quot;processMatches&amp;quot;: &amp;quot;noProcessing&amp;quot;,&lt;br /&gt;
      &amp;quot;disabled&amp;quot;: false,&lt;br /&gt;
      &amp;quot;grouped&amp;quot;: false,&lt;br /&gt;
      &amp;quot;appliesTo&amp;quot;: [&lt;br /&gt;
        &amp;quot;main_frame&amp;quot;&lt;br /&gt;
      ]&lt;br /&gt;
    },&lt;br /&gt;
    {&lt;br /&gt;
      &amp;quot;description&amp;quot;: &amp;quot;Redirect Wikipedia to Mobile Version&amp;quot;,&lt;br /&gt;
      &amp;quot;exampleUrl&amp;quot;: &amp;quot;https://en.wikipedia.org/&amp;quot;,&lt;br /&gt;
      &amp;quot;exampleResult&amp;quot;: &amp;quot;https://en.m.wikipedia.org/&amp;quot;,&lt;br /&gt;
      &amp;quot;error&amp;quot;: null,&lt;br /&gt;
      &amp;quot;includePattern&amp;quot;: &amp;quot;https://en.wikipedia.org/*&amp;quot;,&lt;br /&gt;
      &amp;quot;excludePattern&amp;quot;: &amp;quot;&amp;quot;,&lt;br /&gt;
      &amp;quot;patternDesc&amp;quot;: &amp;quot;Redirect Wikipedia to Mobile Version&amp;quot;,&lt;br /&gt;
      &amp;quot;redirectUrl&amp;quot;: &amp;quot;https://en.m.wikipedia.org/$1&amp;quot;,&lt;br /&gt;
      &amp;quot;patternType&amp;quot;: &amp;quot;W&amp;quot;,&lt;br /&gt;
      &amp;quot;processMatches&amp;quot;: &amp;quot;noProcessing&amp;quot;,&lt;br /&gt;
      &amp;quot;disabled&amp;quot;: false,&lt;br /&gt;
      &amp;quot;grouped&amp;quot;: false,&lt;br /&gt;
      &amp;quot;appliesTo&amp;quot;: [&lt;br /&gt;
        &amp;quot;main_frame&amp;quot;&lt;br /&gt;
      ]&lt;br /&gt;
    },&lt;br /&gt;
    {&lt;br /&gt;
      &amp;quot;description&amp;quot;: &amp;quot;Image proxy for privacy.&amp;quot;,&lt;br /&gt;
      &amp;quot;exampleUrl&amp;quot;: &amp;quot;https://www.example.com/image.jpg&amp;quot;,&lt;br /&gt;
      &amp;quot;exampleResult&amp;quot;: &amp;quot;https://external-content.duckduckgo.com/iu/?u=https://www.example.com/image.jpg&amp;quot;,&lt;br /&gt;
      &amp;quot;error&amp;quot;: null,&lt;br /&gt;
      &amp;quot;includePattern&amp;quot;: &amp;quot;(.*\\.(?:jpg|png|webp|jpeg|gif))$&amp;quot;,&lt;br /&gt;
      &amp;quot;excludePattern&amp;quot;: &amp;quot;&amp;quot;,&lt;br /&gt;
      &amp;quot;patternDesc&amp;quot;: &amp;quot;&amp;quot;,&lt;br /&gt;
      &amp;quot;redirectUrl&amp;quot;: &amp;quot;https://external-content.duckduckgo.com/iu/?u=$1&amp;quot;,&lt;br /&gt;
      &amp;quot;patternType&amp;quot;: &amp;quot;R&amp;quot;,&lt;br /&gt;
      &amp;quot;processMatches&amp;quot;: &amp;quot;noProcessing&amp;quot;,&lt;br /&gt;
      &amp;quot;disabled&amp;quot;: false,&lt;br /&gt;
      &amp;quot;grouped&amp;quot;: false,&lt;br /&gt;
      &amp;quot;appliesTo&amp;quot;: [&lt;br /&gt;
        &amp;quot;main_frame&amp;quot;&lt;br /&gt;
      ]&lt;br /&gt;
    }&lt;br /&gt;
  ]&lt;br /&gt;
}&lt;br /&gt;
&amp;lt;/syntaxhighlight&amp;gt;&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/stefanbuck/awesome-browser-extensions-for-github Awesome Browser Extensions for GitHub] ==&lt;br /&gt;
== [https://alternativeto.net/list/35731/firefox-addons-convenience/ AlternativeTo Browser Extension List] ==&lt;br /&gt;
== [https://www.makeuseof.com/chrome-extensions-make-reading-online-articles-better/ Extensions for Reading] ==&lt;br /&gt;
&lt;br /&gt;
[[Category:web browsers]]&lt;/div&gt;</summary>
		<author><name>Admin</name></author>
	</entry>
	<entry>
		<id>https://wiki.n216.dedyn.io/index.php?title=Interesting_Browser_Extensions&amp;diff=63</id>
		<title>Interesting Browser Extensions</title>
		<link rel="alternate" type="text/html" href="https://wiki.n216.dedyn.io/index.php?title=Interesting_Browser_Extensions&amp;diff=63"/>
		<updated>2026-05-18T11:17:33Z</updated>

		<summary type="html">&lt;p&gt;Admin: Created page with &amp;quot;= My Browser Extensions = == Using too many extensions isn&amp;#039;t recommended! ==  == My Pale Moon Add-Ons == * [https://github.com/Lootyhoof/darkmoon Dark Moon] (Theme) * [https://addons.palemoon.org/addon/ematrix/ eMatrix] * [https://addons.palemoon.org/addon/pm-commander Pale Moon Commander] * [https://0xacab.org/dCF/deCloudflare/-/tree/master/tool/block_cloudflare_requests_pm Block Cloudflare Requests] * [https://github.com/gorhill/uBlock-for-firefox-legacy/releases uBloc...&amp;quot;&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;= My Browser Extensions =&lt;br /&gt;
== Using too many extensions isn&#039;t recommended! ==&lt;br /&gt;
&lt;br /&gt;
== My Pale Moon Add-Ons ==&lt;br /&gt;
* [https://github.com/Lootyhoof/darkmoon Dark Moon] (Theme)&lt;br /&gt;
* [https://addons.palemoon.org/addon/ematrix/ eMatrix]&lt;br /&gt;
* [https://addons.palemoon.org/addon/pm-commander Pale Moon Commander]&lt;br /&gt;
* [https://0xacab.org/dCF/deCloudflare/-/tree/master/tool/block_cloudflare_requests_pm Block Cloudflare Requests]&lt;br /&gt;
* [https://github.com/gorhill/uBlock-for-firefox-legacy/releases uBlock Origin]&lt;br /&gt;
* [https://addons.palemoon.org/addon/hidescrollbars/ HideScrollBars] [https://forum.palemoon.org/viewtopic.php?t=3243 (Alternative Solution Without Extension)] [https://web.archive.org/web/https://forum.palemoon.org/viewtopic.php?t=3243 (Archive)]&lt;br /&gt;
* [https://addons.palemoon.org/addon/werewolf/ WereWolf]&lt;br /&gt;
* [https://github.com/JustOff/greedy-cache Greedy Cache]&lt;br /&gt;
* [https://addons.palemoon.org/addon/certpatrol/ Certificate Patrol]&lt;br /&gt;
* [https://addons.palemoon.org/addon/pmplus/ PermissionsPlus]&lt;br /&gt;
* [https://addons.palemoon.org/addon/decentraleyes/ Decentraleyes]&lt;br /&gt;
* [https://github.com/RealityRipple/GeoFlag GeoFlag]&lt;br /&gt;
* [https://realityripple.com/Software/XUL/qrThis/ QR This!]&lt;br /&gt;
&lt;br /&gt;
== My Chrome/Firefox Add-Ons ==&lt;br /&gt;
# [https://reader.postlight.com/ PostlightReader] (Reader Mode on All Websites)&lt;br /&gt;
# [https://github.com/dnakov/little-rat Little Rat] (It&#039;s Basically a Firewall for Your Extensions)&lt;br /&gt;
# [https://github.com/dessant/buster Buster] (CAPTCHA Solver)&lt;br /&gt;
# [https://github.com/kas-elvirov/gloc GitHub Gloc] (GitHub Lines Of Code)&lt;br /&gt;
# [https://privacypass.github.io/ Privacy Pass] (Captcha Reducer)&lt;br /&gt;
# [https://tabliss.io/ Tabliss] (Better New Tab Page)&lt;br /&gt;
# [https://www.getvoila.ai/ Voilà] (I don&#039;t trust it, but it&#039;s an AI extension)&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/temp-mail-disposable-temp/inojafojbhdpnehkhhfjalgjjobnhomj Temp mail] (Temporary Mail Creator)&lt;br /&gt;
# [https://www.deepl.com/en/chrome-extension DeepL] (Translate but better than Google Translate just try it)&lt;br /&gt;
# [https://www.aiprm.com/ Aiprm] (ChatGPT Prompt Manager)&lt;br /&gt;
# [https://butter.sonnet.io/ Butter] (AI Video Sponsor Skipper works better on short videos)&lt;br /&gt;
# [https://gitlab.com/magnolia1234/bypass-paywalls-chrome-clean Bypass Paywalls Clean] (Bypass Paywalls Legally)&lt;br /&gt;
# [https://consentomatic.au.dk/ Consent O Matic] (Do you want cookie… Rejected)&lt;br /&gt;
# [https://webextension.org/listing/tab-discard.html Tab discard] (Delete Inactive Tab&#039;s Memory)&lt;br /&gt;
# [https://github.com/kkapsner/CanvasBlocker/ Canvas Block] (Canvas Blocker for Privacy)&lt;br /&gt;
# [https://darkreader.org/ Dark Reader] (Dark Mode extension I am using with high contrast setting)&lt;br /&gt;
# [https://github.com/alextrv/enhanced-h264ify enhanced h264ify] (Especially useful on older machines It blocks VP9 and forces h264)&lt;br /&gt;
# [https://libredirect.github.io/ libredirect] (Redirects you to privacy-friendly frontends of websites)&lt;br /&gt;
# [https://github.com/cowlicks/privacypossum Privacy Possum] (Improves your privacy)&lt;br /&gt;
# [https://add0n.com/privacy-settings.html Privacy Settings] (Changes your browsers settings to improve privacy)&lt;br /&gt;
# [https://www.returnyoutubedislike.com/ Return YouTube Dislike] (Returns YouTube&#039;s Dislike button)&lt;br /&gt;
# [https://sponsor.ajay.app/ SponsorBlock] (Blocks in-video sponsors)&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/temporary-containers/ Temporary Containers] (Separates cookies for websites)&lt;br /&gt;
# [https://vimium.github.io/ vimium] (Use your browser without mouse)&lt;br /&gt;
# [https://clearurls.xyz Clear URLs] (Clears tracking parameters from URLs)&lt;br /&gt;
# [https://istilldontcareaboutcookies.com/ I still don&#039;t care abut cookies] (Cookie popup blocker and not acquired by Avast)&lt;br /&gt;
# [https://mybrowseraddon.com/speed-tweaks.html Speed Tweaks] (Makes some changes that may can improve your browser performance)&lt;br /&gt;
# [https://github.com/gdh1995/vimium-c Vimium C] (vimium but faster!)&lt;br /&gt;
# [https://github.com/dan-online/youtubeaudiocompressor YouTube Audio Compressor] (Destroys the &amp;quot;HeLlO EvErYoNe&amp;quot; and &amp;quot;AAAUUGHHHHH&amp;quot; ear rapes)&lt;br /&gt;
# [http://dearrow.ajay.app/ Dearrow] (Removes Clickbait Thumbnails)&lt;br /&gt;
# [https://github.com/refined-github/refined-github Refined GitHub] (Adds Some Features to GitHub Website)&lt;br /&gt;
# [https://www.exify.io/ Exify] (View metadata of media)&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/tildes-reextended/ Tildes ReExtended] (Extension for Tildes)&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/maximize-video/bfpkgjlnboeecjmnbhbknmemmckmpomb Maximize Video] (Can maximize video frame even if it isn&#039;t supported)&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/flagfox/ Flagfox] (Says the country of websites)&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/privacy-oriented-origin-policy/ PO Origin Policy] (Privacy extension) (may break websites)&lt;br /&gt;
# [https://github.com/dessant/web-archives#readme Web Archives] (Shows if there a archived version of a website)&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/instant-data-scraper/ofaokhiedipichpaobibbnahnkdoiiah/ Instant Data Scraper] (You can scrape all data including financial and other results from search engines and export to CSV file)&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/nuke-anything-enhanced/ Nuke Anything Enhanced] (just select an object and Boom all object except selected object are deleted)&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/ctrl-number-to-switch-tabs/ Ctrl Number Switch] (CTRL+3 to switch to 3rd tab)&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/new-tab-redirect/icpgjfneehieebagbmdbhnlpiopdcmna New Tab Redirect] (You can set your new tab page to ANYTHING you want)&lt;br /&gt;
# [https://30secondsofknowledge.com/ 30 Seconds of Knowledge]&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/ninja-cookie/jifeafcpcjjgnlcnkffmeegehmnmkefl Ninja Cookie] (I don&#039;t tried it and I don&#039;t know if it&#039;s FLOSS or not)&lt;br /&gt;
# [https://www.zotero.org/download/ Zotero Connector] (Reasearch Helper)&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/replacer/cnaegfealmimnhmjhieeokofoeddejjk Replacer] (Replaces words e.g. f#$k to duck)&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/tabox-save-and-share-tab/bdbliblipiempfdkkkjohnecmeknnpoa Tab Saver] (I don&#039;t tried it yet)&lt;br /&gt;
# [https://www.makeuseof.com/chrome-color-picker-extensions/ Color Picker] (Picks Colors)&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/referrer-switch/ Referrer Switch] (Switches Referrers)&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/color-tab/hchlgfaicmddilenlflajnmomalehbom Color Tab] (New Tab pages with color palettes!)&lt;br /&gt;
# [https://git.sr.ht/~duncan-bayne/youtube-crapfilter YouTube Crapfilter] (Makes YouTube More Minimal)&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/google-scholar-button/ldipcbpaocekfooobnbcddclnhejkcpn Google Scholar Button]&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/firefox-translations/ Firefox Translations] (Translates Webpages)&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/bloody-vikings/ Bloody Vikings] (Generate Temp E-Mails!)&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/click-to-remove-element/jcgpghgjhhahcefnfpbncdmhhddedhnk Click To Remove Element]&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/transover/aggiiclaiamajehmlfpkjmlbadmkledi TransOver] (Translates Webpages)&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/ublacklist/pncfbmialoiaghdehhbnbhkkgmjanfhe uBlackList] (Block Spesific Domains From Search Results!)&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/netflix-bilingual-subtitl/ociifpecaephgjmjlkepjmiemcjidbgn Netflix Bilingual Subtitles] (Netflix Multi-Subtitles)&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/online-image-editor-img2g/kpecfgjcmboghimfnkpcfijmoknhipdi img2go]&lt;br /&gt;
# [https://einaregilsson.com/redirector/ Redirector]&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/css-exfil-protection/ibeemfhcbbikonfajhamlkdgedmekifo CSS Exfil Protection] (CSS attack protection)&lt;br /&gt;
# [https://burles.co/en/ Burlesco] (Paywall Bypasser)&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/recaptcha-autoclick/caahalkghnhbabknipmconmbicpkcopl?hl=en ReCaptcha AutoClick]&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/chrome-extension-source-v/jifpbeccnghkjeaalbbjmodiffmgedin Chrome Extension Source V]&lt;br /&gt;
# [https://chrome.google.com/webstore/detail/gomhfpbcjfidhpffhecghfdieincgncc Bionify] (Faster Readings!)&lt;br /&gt;
# [https://github.com/privacy-tech-lab/gpc-optmeowt OptMeowT] (Sends some &amp;quot;Don&#039;t Track Me&amp;quot; signals to websites.)&lt;br /&gt;
# [https://github.com/deejayy/linkedin-noise-remover LinkedIN Noise Remover]&lt;br /&gt;
# [https://addons.mozilla.org/en-US/firefox/addon/youtube-tab-arranger/ YouTube Tab Arranger]&lt;br /&gt;
&lt;br /&gt;
= My Redirector Rules =&lt;br /&gt;
&amp;lt;syntaxhighlight lang=&amp;quot;json&amp;quot;&amp;gt;&lt;br /&gt;
{&lt;br /&gt;
  &amp;quot;createdBy&amp;quot;: &amp;quot;Redirector v3.5.3&amp;quot;,&lt;br /&gt;
  &amp;quot;createdAt&amp;quot;: &amp;quot;2023-08-25T17:18:34.192Z&amp;quot;,&lt;br /&gt;
  &amp;quot;redirects&amp;quot;: [&lt;br /&gt;
    {&lt;br /&gt;
      &amp;quot;description&amp;quot;: &amp;quot;Search Engine&amp;quot;,&lt;br /&gt;
      &amp;quot;exampleUrl&amp;quot;: &amp;quot;https://www.google.com/search?q=searchterm&amp;quot;,&lt;br /&gt;
      &amp;quot;exampleResult&amp;quot;: &amp;quot;https://search.whateveritworks.org/?preferences=eJx1V82WqzYMfppmw5mctnfR00VWPW0foLdrjrAV0MW2PP5Jwjx95QDBDNPFMCDbkix9-qQoSNhzIIyXHh0GMCcDrs_Q4wXd27__nAwrMHhJ4QQ5sWLrDSa89My9wRNZ2dn6wI_p8j1kPFlMA-vL339-P0W4YkQIarj8fEoDWrxEKsdPAWM2KbbsWof3NkE3H9ZMrayxuWG4MMjnmUN_mk-1MU3iiIYwnhS6hKEFQ72z8j4fB30Dp1C3i9W_wEQ8vWcMU0uuTZTk_CwkdyVHSZSqwMYs5ilCZ-Q8up6chAScg9gUXXTDtr2SwfjTr3-AHxtLIXCoZeJiI88mJg715vl0Q7FtlxCL9E4jedQEtbCj1GU1YmpbSvKtlHpLt7a9kUYuusTXGANeW3GbUK46y-76RhLGSpPKwRB-kgQ5MdUyjfghUWxtjqTKt-4bjc_AELudvyhWSLctSx7D4r-GtHNfi-_lr-evpc0TLKJ2_r9fuyMU1ZuFOaAWvByQZ_HB8o81aOuuJHmadhf95VEZuOrAxe01GdeA2ES-pjsEbDQFVJKtaYn3NZAbCVSloBfMQLfmgzV2GPrlcy6BxhuYSuLjZqZesSzJiVUSe89a12EfoAtQHotesrrbbkgOqsPk5JU4x69lq8ofFAfedIykRoiVg4bEZJiaErZIuwXX33ZZNdzFhOcQF-_gw0yBVGVMSh6UB7dscN6ubxPAppo9uoCeK2sexK-e4gp4X9Jb3ez5fX7a2cz53J013pYj73dwqfb3KWiEVsROeb5EB_TN4tlYZXQmj5Lrpjxe2AALJWyrIKKV46SaqAY2EOqajAlC8oUZK8cSjxMnlsSMJVZrDCYYeFcwT8H-AnfqdoUrhPwAp8OePkpNdszjgWg-6RrpPXPCz7si56AOUmHiSGk6iHn6dD1NKn2w29fit2-_Pbar6qzRbaiM-OHA1vsd3EphbIKQu6lHu2LPI4aUO6yyZQsfiMKxUOAdu2opZCtsXgnu_KCRnaCniZNjN1msvPnhz_7u9hRnhQtrf7xA3cwA-R_xEWYCmq165iAPOW0c8lJ0QrdvP7_3IFwTWRGY5nnRpZ80Uqb50RQP16oMiWregvCgWw3JTvCiwPqtjjop9X33cf3R-6d0B6Cn5FA1XdLU9_tqL9jBSteEft9-biQlJK7XLYGlAYZmyCvpYposO7lwlaurEUILNU2jo5r_5DuVyM4xprSpm6m5dmMh68PNF_nu7ovscPtF_gUVDIu9p_GPt4V4j0zMV2Eb18v0U_tg6aEMZ12RLUiLwrVVlCiDdLHSiiPKRFVZXteELyVcsLT0_XpM0hCTtNe1x3pdqmvb5AehLPdapSDzYgeV_6LdFs6ujkx-RaU4pikdIBzRE6xVtPEuZ4Ho_rZCpGpkwdHV8H2Fehxzl13Ka0lljyHHV0xkfCQtXV3GnVT1mnSnVGbGz85kF6VPx6HGKedPLPOSvEYlICO4LEGttt3IIteEQ2PZ8Uz4i1bYzL3ED9UcY4WLrEwiTQrgopEoV8OWzD2I446COWhHY6U1pXCmir0EVbcN5tto600WcomXEv7Hefk6S7haNaAal_63rciVWsHAiFN88dPXOoYSxPnjoGXgmITrUaZ7CfbcI3cbjFBtWrpCLWdo5x8F9yDrh-UFRJIENf-QmWT2NzLUfbHTXOVHwJUPKxLxQjmtjMxixxa0naRXS3Fc_gOANvTM&amp;amp;q=searchterm&amp;quot;,&lt;br /&gt;
      &amp;quot;error&amp;quot;: null,&lt;br /&gt;
      &amp;quot;includePattern&amp;quot;: &amp;quot;^https?://www.\\google\\.com/search\\?q=([^&amp;amp;]+)&amp;quot;,&lt;br /&gt;
      &amp;quot;excludePattern&amp;quot;: &amp;quot;&amp;quot;,&lt;br /&gt;
      &amp;quot;patternDesc&amp;quot;: &amp;quot;&amp;quot;,&lt;br /&gt;
      &amp;quot;redirectUrl&amp;quot;: &amp;quot;https://search.whateveritworks.org/?preferences=eJx1V82WqzYMfppmw5mctnfR00VWPW0foLdrjrAV0MW2PP5Jwjx95QDBDNPFMCDbkix9-qQoSNhzIIyXHh0GMCcDrs_Q4wXd27__nAwrMHhJ4QQ5sWLrDSa89My9wRNZ2dn6wI_p8j1kPFlMA-vL339-P0W4YkQIarj8fEoDWrxEKsdPAWM2KbbsWof3NkE3H9ZMrayxuWG4MMjnmUN_mk-1MU3iiIYwnhS6hKEFQ72z8j4fB30Dp1C3i9W_wEQ8vWcMU0uuTZTk_CwkdyVHSZSqwMYs5ilCZ-Q8up6chAScg9gUXXTDtr2SwfjTr3-AHxtLIXCoZeJiI88mJg715vl0Q7FtlxCL9E4jedQEtbCj1GU1YmpbSvKtlHpLt7a9kUYuusTXGANeW3GbUK46y-76RhLGSpPKwRB-kgQ5MdUyjfghUWxtjqTKt-4bjc_AELudvyhWSLctSx7D4r-GtHNfi-_lr-evpc0TLKJ2_r9fuyMU1ZuFOaAWvByQZ_HB8o81aOuuJHmadhf95VEZuOrAxe01GdeA2ES-pjsEbDQFVJKtaYn3NZAbCVSloBfMQLfmgzV2GPrlcy6BxhuYSuLjZqZesSzJiVUSe89a12EfoAtQHotesrrbbkgOqsPk5JU4x69lq8ofFAfedIykRoiVg4bEZJiaErZIuwXX33ZZNdzFhOcQF-_gw0yBVGVMSh6UB7dscN6ubxPAppo9uoCeK2sexK-e4gp4X9Jb3ez5fX7a2cz53J013pYj73dwqfb3KWiEVsROeb5EB_TN4tlYZXQmj5Lrpjxe2AALJWyrIKKV46SaqAY2EOqajAlC8oUZK8cSjxMnlsSMJVZrDCYYeFcwT8H-AnfqdoUrhPwAp8OePkpNdszjgWg-6RrpPXPCz7si56AOUmHiSGk6iHn6dD1NKn2w29fit2-_Pbar6qzRbaiM-OHA1vsd3EphbIKQu6lHu2LPI4aUO6yyZQsfiMKxUOAdu2opZCtsXgnu_KCRnaCniZNjN1msvPnhz_7u9hRnhQtrf7xA3cwA-R_xEWYCmq165iAPOW0c8lJ0QrdvP7_3IFwTWRGY5nnRpZ80Uqb50RQP16oMiWregvCgWw3JTvCiwPqtjjop9X33cf3R-6d0B6Cn5FA1XdLU9_tqL9jBSteEft9-biQlJK7XLYGlAYZmyCvpYposO7lwlaurEUILNU2jo5r_5DuVyM4xprSpm6m5dmMh68PNF_nu7ovscPtF_gUVDIu9p_GPt4V4j0zMV2Eb18v0U_tg6aEMZ12RLUiLwrVVlCiDdLHSiiPKRFVZXteELyVcsLT0_XpM0hCTtNe1x3pdqmvb5AehLPdapSDzYgeV_6LdFs6ujkx-RaU4pikdIBzRE6xVtPEuZ4Ho_rZCpGpkwdHV8H2Fehxzl13Ka0lljyHHV0xkfCQtXV3GnVT1mnSnVGbGz85kF6VPx6HGKedPLPOSvEYlICO4LEGttt3IIteEQ2PZ8Uz4i1bYzL3ED9UcY4WLrEwiTQrgopEoV8OWzD2I446COWhHY6U1pXCmir0EVbcN5tto600WcomXEv7Hefk6S7haNaAal_63rciVWsHAiFN88dPXOoYSxPnjoGXgmITrUaZ7CfbcI3cbjFBtWrpCLWdo5x8F9yDrh-UFRJIENf-QmWT2NzLUfbHTXOVHwJUPKxLxQjmtjMxixxa0naRXS3Fc_gOANvTM&amp;amp;q=$1&amp;quot;,&lt;br /&gt;
      &amp;quot;patternType&amp;quot;: &amp;quot;R&amp;quot;,&lt;br /&gt;
      &amp;quot;processMatches&amp;quot;: &amp;quot;noProcessing&amp;quot;,&lt;br /&gt;
      &amp;quot;disabled&amp;quot;: false,&lt;br /&gt;
      &amp;quot;grouped&amp;quot;: false,&lt;br /&gt;
      &amp;quot;appliesTo&amp;quot;: [&lt;br /&gt;
        &amp;quot;main_frame&amp;quot;&lt;br /&gt;
      ]&lt;br /&gt;
    },&lt;br /&gt;
    {&lt;br /&gt;
      &amp;quot;description&amp;quot;: &amp;quot;Redirect YouTube Shorts to regular YouTube&amp;quot;,&lt;br /&gt;
      &amp;quot;exampleUrl&amp;quot;: &amp;quot;https://www.youtube.com/shorts/video-id&amp;quot;,&lt;br /&gt;
      &amp;quot;exampleResult&amp;quot;: &amp;quot;https://www.youtube.com/watch?v=video-id&amp;quot;,&lt;br /&gt;
      &amp;quot;error&amp;quot;: null,&lt;br /&gt;
      &amp;quot;includePattern&amp;quot;: &amp;quot;https://www.youtube.com/shorts/*&amp;quot;,&lt;br /&gt;
      &amp;quot;excludePattern&amp;quot;: &amp;quot;&amp;quot;,&lt;br /&gt;
      &amp;quot;patternDesc&amp;quot;: &amp;quot;Redirect YouTube Shorts to regular YouTube&amp;quot;,&lt;br /&gt;
      &amp;quot;redirectUrl&amp;quot;: &amp;quot;https://www.youtube.com/watch?v=$1&amp;quot;,&lt;br /&gt;
      &amp;quot;patternType&amp;quot;: &amp;quot;W&amp;quot;,&lt;br /&gt;
      &amp;quot;processMatches&amp;quot;: &amp;quot;noProcessing&amp;quot;,&lt;br /&gt;
      &amp;quot;disabled&amp;quot;: false,&lt;br /&gt;
      &amp;quot;grouped&amp;quot;: false,&lt;br /&gt;
      &amp;quot;appliesTo&amp;quot;: [&lt;br /&gt;
        &amp;quot;main_frame&amp;quot;&lt;br /&gt;
      ]&lt;br /&gt;
    },&lt;br /&gt;
    {&lt;br /&gt;
      &amp;quot;description&amp;quot;: &amp;quot;Redirect Wikipedia to Mobile Version&amp;quot;,&lt;br /&gt;
      &amp;quot;exampleUrl&amp;quot;: &amp;quot;https://en.wikipedia.org/&amp;quot;,&lt;br /&gt;
      &amp;quot;exampleResult&amp;quot;: &amp;quot;https://en.m.wikipedia.org/&amp;quot;,&lt;br /&gt;
      &amp;quot;error&amp;quot;: null,&lt;br /&gt;
      &amp;quot;includePattern&amp;quot;: &amp;quot;https://en.wikipedia.org/*&amp;quot;,&lt;br /&gt;
      &amp;quot;excludePattern&amp;quot;: &amp;quot;&amp;quot;,&lt;br /&gt;
      &amp;quot;patternDesc&amp;quot;: &amp;quot;Redirect Wikipedia to Mobile Version&amp;quot;,&lt;br /&gt;
      &amp;quot;redirectUrl&amp;quot;: &amp;quot;https://en.m.wikipedia.org/$1&amp;quot;,&lt;br /&gt;
      &amp;quot;patternType&amp;quot;: &amp;quot;W&amp;quot;,&lt;br /&gt;
      &amp;quot;processMatches&amp;quot;: &amp;quot;noProcessing&amp;quot;,&lt;br /&gt;
      &amp;quot;disabled&amp;quot;: false,&lt;br /&gt;
      &amp;quot;grouped&amp;quot;: false,&lt;br /&gt;
      &amp;quot;appliesTo&amp;quot;: [&lt;br /&gt;
        &amp;quot;main_frame&amp;quot;&lt;br /&gt;
      ]&lt;br /&gt;
    },&lt;br /&gt;
    {&lt;br /&gt;
      &amp;quot;description&amp;quot;: &amp;quot;Image proxy for privacy.&amp;quot;,&lt;br /&gt;
      &amp;quot;exampleUrl&amp;quot;: &amp;quot;https://www.example.com/image.jpg&amp;quot;,&lt;br /&gt;
      &amp;quot;exampleResult&amp;quot;: &amp;quot;https://external-content.duckduckgo.com/iu/?u=https://www.example.com/image.jpg&amp;quot;,&lt;br /&gt;
      &amp;quot;error&amp;quot;: null,&lt;br /&gt;
      &amp;quot;includePattern&amp;quot;: &amp;quot;(.*\\.(?:jpg|png|webp|jpeg|gif))$&amp;quot;,&lt;br /&gt;
      &amp;quot;excludePattern&amp;quot;: &amp;quot;&amp;quot;,&lt;br /&gt;
      &amp;quot;patternDesc&amp;quot;: &amp;quot;&amp;quot;,&lt;br /&gt;
      &amp;quot;redirectUrl&amp;quot;: &amp;quot;https://external-content.duckduckgo.com/iu/?u=$1&amp;quot;,&lt;br /&gt;
      &amp;quot;patternType&amp;quot;: &amp;quot;R&amp;quot;,&lt;br /&gt;
      &amp;quot;processMatches&amp;quot;: &amp;quot;noProcessing&amp;quot;,&lt;br /&gt;
      &amp;quot;disabled&amp;quot;: false,&lt;br /&gt;
      &amp;quot;grouped&amp;quot;: false,&lt;br /&gt;
      &amp;quot;appliesTo&amp;quot;: [&lt;br /&gt;
        &amp;quot;main_frame&amp;quot;&lt;br /&gt;
      ]&lt;br /&gt;
    }&lt;br /&gt;
  ]&lt;br /&gt;
}&lt;br /&gt;
&amp;lt;/syntaxhighlight&amp;gt;&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/stefanbuck/awesome-browser-extensions-for-github Awesome Browser Extensions for GitHub] ==&lt;br /&gt;
== [https://alternativeto.net/list/35731/firefox-addons-convenience/ AlternativeTo Browser Extension List] ==&lt;br /&gt;
== [https://www.makeuseof.com/chrome-extensions-make-reading-online-articles-better/ Extensions for Reading] ==&lt;br /&gt;
&lt;br /&gt;
[[Category:web browsers]]&lt;/div&gt;</summary>
		<author><name>Admin</name></author>
	</entry>
	<entry>
		<id>https://wiki.n216.dedyn.io/index.php?title=Privacy_and_Security&amp;diff=62</id>
		<title>Privacy and Security</title>
		<link rel="alternate" type="text/html" href="https://wiki.n216.dedyn.io/index.php?title=Privacy_and_Security&amp;diff=62"/>
		<updated>2026-05-18T11:16:33Z</updated>

		<summary type="html">&lt;p&gt;Admin: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;[[How to bypass ISP censorship]]&lt;br /&gt;
&lt;br /&gt;
[[The Offline-First Mobile Setup]]&lt;br /&gt;
&lt;br /&gt;
[[My Firefox Settings]]&lt;br /&gt;
&lt;br /&gt;
[[Interesting Browser Extensions]]&lt;/div&gt;</summary>
		<author><name>Admin</name></author>
	</entry>
	<entry>
		<id>https://wiki.n216.dedyn.io/index.php?title=Privacy_and_Security&amp;diff=61</id>
		<title>Privacy and Security</title>
		<link rel="alternate" type="text/html" href="https://wiki.n216.dedyn.io/index.php?title=Privacy_and_Security&amp;diff=61"/>
		<updated>2026-05-18T11:11:11Z</updated>

		<summary type="html">&lt;p&gt;Admin: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;[[How to bypass ISP censorship]]&lt;br /&gt;
&lt;br /&gt;
[[The Offline-First Mobile Setup]]&lt;br /&gt;
&lt;br /&gt;
[[My Firefox Settings]]&lt;/div&gt;</summary>
		<author><name>Admin</name></author>
	</entry>
	<entry>
		<id>https://wiki.n216.dedyn.io/index.php?title=My_Firefox_Settings&amp;diff=60</id>
		<title>My Firefox Settings</title>
		<link rel="alternate" type="text/html" href="https://wiki.n216.dedyn.io/index.php?title=My_Firefox_Settings&amp;diff=60"/>
		<updated>2026-05-18T11:09:21Z</updated>

		<summary type="html">&lt;p&gt;Admin: /* Browser UI &amp;amp; Maintenance Tweaks */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&amp;lt;blockquote&amp;gt;&#039;&#039;&#039;Note:&#039;&#039;&#039; This article is imported from an old note-taking app and may be outdated.&amp;lt;/blockquote&amp;gt;&lt;br /&gt;
&lt;br /&gt;
== Core Modifications &amp;amp; Bloatware Removal ==&lt;br /&gt;
&lt;br /&gt;
Some guides, such as the [https://spyware.neocities.org/guides/firefox Spyware Watchdog Mitigation Guide], recommend deleting default plugins bundled within the Firefox directory that may introduce privacy concerns or act as bloatware.&lt;br /&gt;
&lt;br /&gt;
Navigate to your Firefox features directory and remove unnecessary add-ons:&lt;br /&gt;
&amp;lt;syntaxhighlight lang=&amp;quot;bash&amp;quot;&amp;gt;&lt;br /&gt;
cd /usr/lib/firefox/browser/features&lt;br /&gt;
sudo rm *.xpi&lt;br /&gt;
&amp;lt;/syntaxhighlight&amp;gt;&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;List of bundled plugins commonly removed:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;code&amp;gt;firefox@getpocket.com.xpi&amp;lt;/code&amp;gt; — Pocket&lt;br /&gt;
* &amp;lt;code&amp;gt;followonsearch@mozilla.com.xpi&amp;lt;/code&amp;gt; — Follow-On Search&lt;br /&gt;
* &amp;lt;code&amp;gt;activity-stream@mozilla.org.xpi&amp;lt;/code&amp;gt; — Activity Stream&lt;br /&gt;
* &amp;lt;code&amp;gt;screenshots@mozilla.org.xpi&amp;lt;/code&amp;gt; — Screenshots&lt;br /&gt;
* &amp;lt;code&amp;gt;onboarding@mozilla.org.xpi&amp;lt;/code&amp;gt; — Onboarding&lt;br /&gt;
* &amp;lt;code&amp;gt;formautofill@mozilla.org.xpi&amp;lt;/code&amp;gt; — Autofill&lt;br /&gt;
* &amp;lt;code&amp;gt;webcompat@mozilla.org.xpi&amp;lt;/code&amp;gt; — Web Compatibility Reporter&lt;br /&gt;
&lt;br /&gt;
== Configuration Tweaks (about:config) (if user.js does not cover them) ==&lt;br /&gt;
&lt;br /&gt;
=== Privacy, Security &amp;amp; Networking ===&lt;br /&gt;
; &amp;lt;code&amp;gt;accessibility.blockautorefresh&amp;lt;/code&amp;gt; : Set to &amp;lt;code&amp;gt;true&amp;lt;/code&amp;gt; to disable forced redirections. Combining this with disabled CSS and JS yields raw, unmangled result links. [https://pedantic.software/fxc/blog/why_there_is_no_css_on_my_website.html (via Pedantic Software)]&lt;br /&gt;
; &amp;lt;code&amp;gt;browser.sessionstore.interval&amp;lt;/code&amp;gt; : Set to a very high value to reduce disk writes and SessionStore tracking.&lt;br /&gt;
&lt;br /&gt;
=== Additional Hardening Actions ===&lt;br /&gt;
* &#039;&#039;&#039;Disable Firefox SessionStore&#039;&#039;&#039;: Search for &amp;lt;code&amp;gt;browser.sessionstore&amp;lt;/code&amp;gt; in &amp;lt;code&amp;gt;about:config&amp;lt;/code&amp;gt; and disable relevant telemetry/saving mechanisms.&lt;br /&gt;
* &#039;&#039;&#039;Disable CSS Visited Links&#039;&#039;&#039;: Mitigates history-sniffing vulnerabilities. [https://www.reddit.com/r/privacy/comments/15fddo0/retrieving_your_browsing_history_through_a/juf5br1/ Read the Reddit discussion here.]&lt;br /&gt;
&lt;br /&gt;
== User.js Templates &amp;amp; Generators ==&lt;br /&gt;
&lt;br /&gt;
Instead of manually configuring &amp;lt;code&amp;gt;about:config&amp;lt;/code&amp;gt;, you can use pre-configured &amp;lt;code&amp;gt;user.js&amp;lt;/code&amp;gt; files.&lt;br /&gt;
&lt;br /&gt;
To use a &amp;lt;code&amp;gt;user.js&amp;lt;/code&amp;gt; file, you need to place it in your Firefox profile directory. This file is read every time Firefox starts, overriding any matching settings in &amp;lt;code&amp;gt;about:config&amp;lt;/code&amp;gt; or &amp;lt;code&amp;gt;prefs.js&amp;lt;/code&amp;gt;:&lt;br /&gt;
&lt;br /&gt;
# Navigate to &amp;lt;code&amp;gt;about:support&amp;lt;/code&amp;gt; in your URL bar.&lt;br /&gt;
# Find the &#039;&#039;&#039;Profile Directory&#039;&#039;&#039; row and click the &#039;&#039;&#039;Open Directory&#039;&#039;&#039; button.&lt;br /&gt;
# Create a new text file in this directory and name it exactly &amp;lt;code&amp;gt;user.js&amp;lt;/code&amp;gt;.&lt;br /&gt;
# Open the file using a text editor.&lt;br /&gt;
# Paste your desired configuration settings from the templates below into the file and save it.&lt;br /&gt;
# Restart Firefox for the changes to take effect.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Generators:&#039;&#039;&#039;&lt;br /&gt;
* [https://ffprofile.com ffprofile.com] — Interactive &amp;lt;code&amp;gt;user.js&amp;lt;/code&amp;gt; generator.&lt;br /&gt;
** &#039;&#039;Note on User-Agent Spoofing:&#039;&#039; While you can spoof your user-agent to a more common one (e.g., Chrome), doing so on Firefox can actually make your browser fingerprint [https://deviceinfo.me more unique] ([https://www.billdietrich.me/ComputerPrivacy.html alternative tools list]). Because Firefox&#039;s engine behaves differently than Chromium, mismatched engine/user-agent data is easily detectable. For common agents, see [https://techblog.willshouse.com/2012/01/03/most-common-user-agents/ Willhouse] or [https://www.whatismybrowser.com/guides/the-latest-user-agent/chrome WhatIsMyBrowser].&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Popular Pre-configured Templates:&#039;&#039;&#039;&lt;br /&gt;
# [https://github.com/arkenfox/user.js/raw/master/user.js Arkenfox] (Highly recommended, well-known)&lt;br /&gt;
# [https://raw.githubusercontent.com/pyllyukko/user.js/master/user.js Pyllyukko] (Security focused)&lt;br /&gt;
# [https://git.nixnet.services/Narsil/desktop_user.js/raw/branch/master/user.js Narsil&#039;s user.js] (Privacy focused) (I use this one)&lt;br /&gt;
# [https://codeberg.org/polarhive/vulpes Vulpes]&lt;br /&gt;
# [https://git.nixnet.services/Narsil/palemoon_user.js Narsil&#039;s user.js for Pale Moon] (Privacy focused)&lt;br /&gt;
# [https://git.sr.ht/~krathalan/firefox-complement krathalan config]&lt;br /&gt;
# [https://github.com/simeononsecurity/FireFox-Privacy-Script simeononsec FireFox Script]&lt;br /&gt;
# [https://vermaden.wordpress.com/2024/03/18/sensible-firefox-setup/ vermaden&#039;s Sensible Setup]&lt;br /&gt;
&lt;br /&gt;
== Extensions &amp;amp; Add-ons ==&lt;br /&gt;
&lt;br /&gt;
* &#039;&#039;&#039;ximatrix&#039;&#039;&#039;: A Firefox extension similar to uMatrix capable of blocking inline scripts and advanced requests. [https://github.com/xi/xiMatrix Source code available here]. &lt;br /&gt;
** &#039;&#039;Alternative:&#039;&#039; [https://gitler.moe/Wrongthink/paraMatrix paraMatrix] (a fork of ximatrix).&lt;br /&gt;
* &#039;&#039;&#039;Chrome Extensions on Firefox&#039;&#039;&#039;: Firefox has introduced capabilities for importing Chrome extensions. [https://news.slashdot.org/story/23/08/24/2233242/firefox-users-may-import-chrome-extensions-now Read the Slashdot coverage].&lt;br /&gt;
* &#039;&#039;&#039;Extension Restrictions&#039;&#039;&#039;: Mozilla occasionally restricts add-ons on specific domains. To disable these restrictions and allow uBlock Origin to operate aggressively everywhere, read [https://12bytes.org/tech/mozilla-wants-more-control-over-your-add-ons/ 12bytes&#039; analysis] and their [https://12bytes.org/ublock-origin-suggested-settings/ uBlock suggested settings].&lt;br /&gt;
&lt;br /&gt;
== Browser UI &amp;amp; Maintenance Tweaks ==&lt;br /&gt;
&lt;br /&gt;
* &#039;&#039;&#039;Verify Database Integrity&#039;&#039;&#039;: Navigate to &amp;lt;code&amp;gt;about:support&amp;lt;/code&amp;gt; -&amp;gt; Scroll down to &#039;&#039;&#039;Places Database&#039;&#039;&#039; -&amp;gt; Click &#039;&#039;&#039;Verify Integrity&#039;&#039;&#039;.&lt;br /&gt;
* &#039;&#039;&#039;Turn Off Firefox Sidebar&#039;&#039;&#039;: [https://utcc.utoronto.ca/~cks/space/blog/web/FirefoxPdfViewerSidebarOff Guide to disabling the PDF viewer sidebar].&lt;br /&gt;
* &#039;&#039;&#039;Disable Firefox Translator&#039;&#039;&#039;: [https://xnacly.me/posts/2023/disable-firefox-translation/ Guide to disabling built-in local translation].&lt;br /&gt;
* &#039;&#039;&#039;Block Pop-Ups&#039;&#039;&#039;: [https://support.mozilla.org/bm/questions/1369602 Mozilla Support thread on native pop-up blocking].&lt;br /&gt;
* &#039;&#039;&#039;GeckoView Config&#039;&#039;&#039;: You can access deeper settings via [chrome://geckoview/content/config.xhtml chrome://geckoview/content/config.xhtml].&lt;br /&gt;
&lt;br /&gt;
=== Custom GUI Settings ===&lt;br /&gt;
Navigate to the standard Firefox Settings (&amp;lt;code&amp;gt;about:preferences&amp;lt;/code&amp;gt;) to adjust the following:&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;General&#039;&#039;&#039;&lt;br /&gt;
* &#039;&#039;&#039;Tabs:&#039;&#039;&#039; Enable &#039;&#039;Open links in tabs instead of new windows&#039;&#039;. Disable &#039;&#039;Show an image preview when you hover on a tab&#039;&#039; and disable &#039;&#039;Enable link previews&#039;&#039;.&lt;br /&gt;
* &#039;&#039;&#039;Fonts:&#039;&#039;&#039; Uncheck &#039;&#039;Allow pages to choose their own fonts, instead of your selections above&#039;&#039;.&lt;br /&gt;
* &#039;&#039;&#039;Language:&#039;&#039;&#039; Set to English (US). Enable &#039;&#039;Request English versions of web pages for enhanced privacy&#039;&#039;. Disable &#039;&#039;Enable full page translations&#039;&#039;.&lt;br /&gt;
* &#039;&#039;&#039;Typing:&#039;&#039;&#039; Disable &#039;&#039;Check your spelling as you type&#039;&#039;.&lt;br /&gt;
* &#039;&#039;&#039;Browsing &amp;amp; Media:&#039;&#039;&#039; Disable &#039;&#039;Enable picture-in-picture video controls&#039;&#039; and &#039;&#039;Control media via keyboard, headset, or virtual interface&#039;&#039;.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Home&#039;&#039;&#039;&lt;br /&gt;
* &#039;&#039;&#039;New Windows and Tabs:&#039;&#039;&#039; Set both &#039;&#039;Homepage and new windows&#039;&#039; and &#039;&#039;New tabs&#039;&#039; to &#039;&#039;&#039;Blank Page&#039;&#039;&#039;.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Search&#039;&#039;&#039;&lt;br /&gt;
* &#039;&#039;&#039;Default Search Engine:&#039;&#039;&#039; Switch to a privacy-respecting alternative like &amp;lt;code&amp;gt;lite.duckduckgo.com&amp;lt;/code&amp;gt;, or your own self-hosted &#039;&#039;&#039;SearXNG&#039;&#039;&#039; or &#039;&#039;&#039;4get&#039;&#039;&#039; instance.&lt;br /&gt;
* &#039;&#039;&#039;Search Suggestions:&#039;&#039;&#039; Disable &#039;&#039;Show search suggestions&#039;&#039;.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Privacy &amp;amp; Security&#039;&#039;&#039;&lt;br /&gt;
* &#039;&#039;&#039;Tracking Protection:&#039;&#039;&#039; Set Enhanced Tracking Protection to &#039;&#039;&#039;Strict&#039;&#039;&#039; (disable &#039;&#039;Fix major site issues&#039;&#039; if opting for absolute strictness without exceptions).&lt;br /&gt;
* &#039;&#039;&#039;Global Privacy Control:&#039;&#039;&#039; Enable &#039;&#039;Tell websites not to sell or share my data&#039;&#039;.&lt;br /&gt;
** &#039;&#039;Note:&#039;&#039; You can also explicitly enable the Do Not Track header by setting &amp;lt;code&amp;gt;privacy.donottrackheader.enabled&amp;lt;/code&amp;gt; to &amp;lt;code&amp;gt;true&amp;lt;/code&amp;gt; via the hidden &amp;lt;code&amp;gt;about:config&amp;lt;/code&amp;gt; entry.&lt;br /&gt;
* &#039;&#039;&#039;Cookies and Site Data:&#039;&#039;&#039; Enable &#039;&#039;Delete cookies and site data when Firefox is closed&#039;&#039;.&lt;br /&gt;
* &#039;&#039;&#039;Logins and Passwords:&#039;&#039;&#039; Disable saving passwords, payments, and addresses.&lt;br /&gt;
* &#039;&#039;&#039;History:&#039;&#039;&#039; Set to &#039;&#039;Use custom settings for history&#039;&#039; and enable &#039;&#039;Clear history when Firefox closes&#039;&#039;.&lt;br /&gt;
* &#039;&#039;&#039;Permissions:&#039;&#039;&#039; Disallow all requests (Location, Camera, Microphone, Notifications, etc.). Enable &#039;&#039;Block pop-up windows&#039;&#039; and &#039;&#039;Warn you when websites try to install add-ons&#039;&#039;.&lt;br /&gt;
* &#039;&#039;&#039;Data Collection and Use:&#039;&#039;&#039; Disallow/uncheck all telemetry and data collection options.&lt;br /&gt;
* &#039;&#039;&#039;Security:&#039;&#039;&#039; Enable &#039;&#039;HTTPS-Only Mode in all windows&#039;&#039;.&lt;br /&gt;
* &#039;&#039;&#039;DNS over HTTPS:&#039;&#039;&#039; Set to &#039;&#039;&#039;Max Protection&#039;&#039;&#039; and select a privacy-friendly provider.&lt;br /&gt;
&lt;br /&gt;
== Comprehensive Hardening Guides &amp;amp; Reading ==&lt;br /&gt;
&lt;br /&gt;
* [https://github.com/awesome-windows11/firefox Awesome Firefox]&lt;br /&gt;
* [https://github.com/JArmandoG/Firefox-Hardening JArmandoG&#039;s Firefox Hardening Guide]&lt;br /&gt;
* [https://github.com/drduh/macOS-Security-and-Privacy-Guide#browser drduh&#039;s macOS Browser Privacy Guide]&lt;br /&gt;
* [https://sunknudsen.com/privacy-guides sunknudsen&#039;s Privacy Guides]&lt;br /&gt;
* [https://wrongthink.link/posts/hardened-web-browser/ Wrongthink: Hardened Web Browser]&lt;br /&gt;
* [https://unixsheikh.com/articles/choose-your-browser-carefully.html#tweaking-firefox Unixsheikh: Tweaking Firefox]&lt;br /&gt;
* [https://spyware.neocities.org/guides/firefox Spyware Watchdog: Firefox Mitigation]&lt;br /&gt;
* [https://fingerprint.com/blog/browser-anti-fingerprinting-techniques/ Fingerprint.com: Browser Anti-Fingerprinting Techniques]&lt;br /&gt;
* [https://gist.github.com/atcuno/3425484ac5cce5298932 atcuno&#039;s Privacy Guide] (Outdated but helpful concepts)&lt;br /&gt;
* [https://github.com/CISOfy/privacy-guide/blob/master/browser-security.md CISOfy Browser Security Guide]&lt;br /&gt;
* [http://kb.mozillazine.org/Category:Firefox MozillaZine Firefox Wiki]&lt;br /&gt;
&lt;br /&gt;
[[Category:Hardening]]&lt;br /&gt;
[[Category:Web browsers]]&lt;br /&gt;
[[Category:Privacy]]&lt;br /&gt;
[[Category:Security]]&lt;/div&gt;</summary>
		<author><name>Admin</name></author>
	</entry>
	<entry>
		<id>https://wiki.n216.dedyn.io/index.php?title=My_Firefox_Settings&amp;diff=59</id>
		<title>My Firefox Settings</title>
		<link rel="alternate" type="text/html" href="https://wiki.n216.dedyn.io/index.php?title=My_Firefox_Settings&amp;diff=59"/>
		<updated>2026-05-18T11:07:45Z</updated>

		<summary type="html">&lt;p&gt;Admin: /* Core Modifications &amp;amp; Bloatware Removal */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&amp;lt;blockquote&amp;gt;&#039;&#039;&#039;Note:&#039;&#039;&#039; This article is imported from an old note-taking app and may be outdated.&amp;lt;/blockquote&amp;gt;&lt;br /&gt;
&lt;br /&gt;
== Core Modifications &amp;amp; Bloatware Removal ==&lt;br /&gt;
&lt;br /&gt;
Some guides, such as the [https://spyware.neocities.org/guides/firefox Spyware Watchdog Mitigation Guide], recommend deleting default plugins bundled within the Firefox directory that may introduce privacy concerns or act as bloatware.&lt;br /&gt;
&lt;br /&gt;
Navigate to your Firefox features directory and remove unnecessary add-ons:&lt;br /&gt;
&amp;lt;syntaxhighlight lang=&amp;quot;bash&amp;quot;&amp;gt;&lt;br /&gt;
cd /usr/lib/firefox/browser/features&lt;br /&gt;
sudo rm *.xpi&lt;br /&gt;
&amp;lt;/syntaxhighlight&amp;gt;&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;List of bundled plugins commonly removed:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;code&amp;gt;firefox@getpocket.com.xpi&amp;lt;/code&amp;gt; — Pocket&lt;br /&gt;
* &amp;lt;code&amp;gt;followonsearch@mozilla.com.xpi&amp;lt;/code&amp;gt; — Follow-On Search&lt;br /&gt;
* &amp;lt;code&amp;gt;activity-stream@mozilla.org.xpi&amp;lt;/code&amp;gt; — Activity Stream&lt;br /&gt;
* &amp;lt;code&amp;gt;screenshots@mozilla.org.xpi&amp;lt;/code&amp;gt; — Screenshots&lt;br /&gt;
* &amp;lt;code&amp;gt;onboarding@mozilla.org.xpi&amp;lt;/code&amp;gt; — Onboarding&lt;br /&gt;
* &amp;lt;code&amp;gt;formautofill@mozilla.org.xpi&amp;lt;/code&amp;gt; — Autofill&lt;br /&gt;
* &amp;lt;code&amp;gt;webcompat@mozilla.org.xpi&amp;lt;/code&amp;gt; — Web Compatibility Reporter&lt;br /&gt;
&lt;br /&gt;
== Configuration Tweaks (about:config) (if user.js does not cover them) ==&lt;br /&gt;
&lt;br /&gt;
=== Privacy, Security &amp;amp; Networking ===&lt;br /&gt;
; &amp;lt;code&amp;gt;accessibility.blockautorefresh&amp;lt;/code&amp;gt; : Set to &amp;lt;code&amp;gt;true&amp;lt;/code&amp;gt; to disable forced redirections. Combining this with disabled CSS and JS yields raw, unmangled result links. [https://pedantic.software/fxc/blog/why_there_is_no_css_on_my_website.html (via Pedantic Software)]&lt;br /&gt;
; &amp;lt;code&amp;gt;browser.sessionstore.interval&amp;lt;/code&amp;gt; : Set to a very high value to reduce disk writes and SessionStore tracking.&lt;br /&gt;
&lt;br /&gt;
=== Additional Hardening Actions ===&lt;br /&gt;
* &#039;&#039;&#039;Disable Firefox SessionStore&#039;&#039;&#039;: Search for &amp;lt;code&amp;gt;browser.sessionstore&amp;lt;/code&amp;gt; in &amp;lt;code&amp;gt;about:config&amp;lt;/code&amp;gt; and disable relevant telemetry/saving mechanisms.&lt;br /&gt;
* &#039;&#039;&#039;Disable CSS Visited Links&#039;&#039;&#039;: Mitigates history-sniffing vulnerabilities. [https://www.reddit.com/r/privacy/comments/15fddo0/retrieving_your_browsing_history_through_a/juf5br1/ Read the Reddit discussion here.]&lt;br /&gt;
&lt;br /&gt;
== User.js Templates &amp;amp; Generators ==&lt;br /&gt;
&lt;br /&gt;
Instead of manually configuring &amp;lt;code&amp;gt;about:config&amp;lt;/code&amp;gt;, you can use pre-configured &amp;lt;code&amp;gt;user.js&amp;lt;/code&amp;gt; files.&lt;br /&gt;
&lt;br /&gt;
To use a &amp;lt;code&amp;gt;user.js&amp;lt;/code&amp;gt; file, you need to place it in your Firefox profile directory. This file is read every time Firefox starts, overriding any matching settings in &amp;lt;code&amp;gt;about:config&amp;lt;/code&amp;gt; or &amp;lt;code&amp;gt;prefs.js&amp;lt;/code&amp;gt;:&lt;br /&gt;
&lt;br /&gt;
# Navigate to &amp;lt;code&amp;gt;about:support&amp;lt;/code&amp;gt; in your URL bar.&lt;br /&gt;
# Find the &#039;&#039;&#039;Profile Directory&#039;&#039;&#039; row and click the &#039;&#039;&#039;Open Directory&#039;&#039;&#039; button.&lt;br /&gt;
# Create a new text file in this directory and name it exactly &amp;lt;code&amp;gt;user.js&amp;lt;/code&amp;gt;.&lt;br /&gt;
# Open the file using a text editor.&lt;br /&gt;
# Paste your desired configuration settings from the templates below into the file and save it.&lt;br /&gt;
# Restart Firefox for the changes to take effect.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Generators:&#039;&#039;&#039;&lt;br /&gt;
* [https://ffprofile.com ffprofile.com] — Interactive &amp;lt;code&amp;gt;user.js&amp;lt;/code&amp;gt; generator.&lt;br /&gt;
** &#039;&#039;Note on User-Agent Spoofing:&#039;&#039; While you can spoof your user-agent to a more common one (e.g., Chrome), doing so on Firefox can actually make your browser fingerprint [https://deviceinfo.me more unique] ([https://www.billdietrich.me/ComputerPrivacy.html alternative tools list]). Because Firefox&#039;s engine behaves differently than Chromium, mismatched engine/user-agent data is easily detectable. For common agents, see [https://techblog.willshouse.com/2012/01/03/most-common-user-agents/ Willhouse] or [https://www.whatismybrowser.com/guides/the-latest-user-agent/chrome WhatIsMyBrowser].&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Popular Pre-configured Templates:&#039;&#039;&#039;&lt;br /&gt;
# [https://github.com/arkenfox/user.js/raw/master/user.js Arkenfox] (Highly recommended, well-known)&lt;br /&gt;
# [https://raw.githubusercontent.com/pyllyukko/user.js/master/user.js Pyllyukko] (Security focused)&lt;br /&gt;
# [https://git.nixnet.services/Narsil/desktop_user.js/raw/branch/master/user.js Narsil&#039;s user.js] (Privacy focused) (I use this one)&lt;br /&gt;
# [https://codeberg.org/polarhive/vulpes Vulpes]&lt;br /&gt;
# [https://git.nixnet.services/Narsil/palemoon_user.js Narsil&#039;s user.js for Pale Moon] (Privacy focused)&lt;br /&gt;
# [https://git.sr.ht/~krathalan/firefox-complement krathalan config]&lt;br /&gt;
# [https://github.com/simeononsecurity/FireFox-Privacy-Script simeononsec FireFox Script]&lt;br /&gt;
# [https://vermaden.wordpress.com/2024/03/18/sensible-firefox-setup/ vermaden&#039;s Sensible Setup]&lt;br /&gt;
&lt;br /&gt;
== Extensions &amp;amp; Add-ons ==&lt;br /&gt;
&lt;br /&gt;
* &#039;&#039;&#039;ximatrix&#039;&#039;&#039;: A Firefox extension similar to uMatrix capable of blocking inline scripts and advanced requests. [https://github.com/xi/xiMatrix Source code available here]. &lt;br /&gt;
** &#039;&#039;Alternative:&#039;&#039; [https://gitler.moe/Wrongthink/paraMatrix paraMatrix] (a fork of ximatrix).&lt;br /&gt;
* &#039;&#039;&#039;Chrome Extensions on Firefox&#039;&#039;&#039;: Firefox has introduced capabilities for importing Chrome extensions. [https://news.slashdot.org/story/23/08/24/2233242/firefox-users-may-import-chrome-extensions-now Read the Slashdot coverage].&lt;br /&gt;
* &#039;&#039;&#039;Extension Restrictions&#039;&#039;&#039;: Mozilla occasionally restricts add-ons on specific domains. To disable these restrictions and allow uBlock Origin to operate aggressively everywhere, read [https://12bytes.org/tech/mozilla-wants-more-control-over-your-add-ons/ 12bytes&#039; analysis] and their [https://12bytes.org/ublock-origin-suggested-settings/ uBlock suggested settings].&lt;br /&gt;
&lt;br /&gt;
== Browser UI &amp;amp; Maintenance Tweaks ==&lt;br /&gt;
&lt;br /&gt;
* &#039;&#039;&#039;Verify Database Integrity&#039;&#039;&#039;: Navigate to &amp;lt;code&amp;gt;about:support&amp;lt;/code&amp;gt; -&amp;gt; Scroll down to &#039;&#039;&#039;Places Database&#039;&#039;&#039; -&amp;gt; Click &#039;&#039;&#039;Verify Integrity&#039;&#039;&#039;.&lt;br /&gt;
* &#039;&#039;&#039;Turn Off Firefox Sidebar&#039;&#039;&#039;: [https://utcc.utoronto.ca/~cks/space/blog/web/FirefoxPdfViewerSidebarOff Guide to disabling the PDF viewer sidebar].&lt;br /&gt;
* &#039;&#039;&#039;Disable Firefox Translator&#039;&#039;&#039;: [https://xnacly.me/posts/2023/disable-firefox-translation/ Guide to disabling built-in local translation].&lt;br /&gt;
* &#039;&#039;&#039;Block Pop-Ups&#039;&#039;&#039;: [https://support.mozilla.org/bm/questions/1369602 Mozilla Support thread on native pop-up blocking].&lt;br /&gt;
* &#039;&#039;&#039;GeckoView Config&#039;&#039;&#039;: You can access deeper settings via [chrome://geckoview/content/config.xhtml chrome://geckoview/content/config.xhtml].&lt;br /&gt;
&lt;br /&gt;
=== Custom GUI Settings ===&lt;br /&gt;
Navigate to the standard Firefox Settings (&amp;lt;code&amp;gt;about:preferences&amp;lt;/code&amp;gt;) to adjust the following:&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;General&#039;&#039;&#039;&lt;br /&gt;
* &#039;&#039;&#039;Tabs:&#039;&#039;&#039; Enable &#039;&#039;Open links in tabs instead of new windows&#039;&#039;. Disable &#039;&#039;Show an image preview when you hover on a tab&#039;&#039; and &#039;&#039;Disable link previews&#039;&#039;.&lt;br /&gt;
* &#039;&#039;&#039;Fonts:&#039;&#039;&#039; Uncheck &#039;&#039;Allow pages to choose their own fonts, instead of your selections above&#039;&#039;.&lt;br /&gt;
* &#039;&#039;&#039;Language:&#039;&#039;&#039; Set to English (US). Enable &#039;&#039;Request English versions of web pages for enhanced privacy&#039;&#039;. Disable &#039;&#039;Enable full page translations&#039;&#039;.&lt;br /&gt;
* &#039;&#039;&#039;Typing:&#039;&#039;&#039; Disable &#039;&#039;Check your spelling as you type&#039;&#039;.&lt;br /&gt;
* &#039;&#039;&#039;Browsing &amp;amp; Media:&#039;&#039;&#039; Disable &#039;&#039;Enable picture-in-picture video controls&#039;&#039; and &#039;&#039;Control media via keyboard, headset, or virtual interface&#039;&#039;.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Home&#039;&#039;&#039;&lt;br /&gt;
* &#039;&#039;&#039;New Windows and Tabs:&#039;&#039;&#039; Set both &#039;&#039;Homepage and new windows&#039;&#039; and &#039;&#039;New tabs&#039;&#039; to &#039;&#039;&#039;Blank Page&#039;&#039;&#039;.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Search&#039;&#039;&#039;&lt;br /&gt;
* &#039;&#039;&#039;Default Search Engine:&#039;&#039;&#039; Switch to a privacy-respecting alternative like &amp;lt;code&amp;gt;lite.duckduckgo.com&amp;lt;/code&amp;gt;, or your own self-hosted &#039;&#039;&#039;SearXNG&#039;&#039;&#039; or &#039;&#039;&#039;4get&#039;&#039;&#039; instance.&lt;br /&gt;
* &#039;&#039;&#039;Search Suggestions:&#039;&#039;&#039; Disable &#039;&#039;Show search suggestions&#039;&#039;.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Privacy &amp;amp; Security&#039;&#039;&#039;&lt;br /&gt;
* &#039;&#039;&#039;Tracking Protection:&#039;&#039;&#039; Set Enhanced Tracking Protection to &#039;&#039;&#039;Strict&#039;&#039;&#039; (disable &#039;&#039;Fix major site issues&#039;&#039; if opting for absolute strictness without exceptions).&lt;br /&gt;
* &#039;&#039;&#039;Global Privacy Control:&#039;&#039;&#039; Enable &#039;&#039;Tell websites not to sell or share my data&#039;&#039;.&lt;br /&gt;
** &#039;&#039;Note:&#039;&#039; You can also explicitly enable the Do Not Track header by setting &amp;lt;code&amp;gt;privacy.donottrackheader.enabled&amp;lt;/code&amp;gt; to &amp;lt;code&amp;gt;true&amp;lt;/code&amp;gt; via the hidden &amp;lt;code&amp;gt;about:config&amp;lt;/code&amp;gt; entry.&lt;br /&gt;
* &#039;&#039;&#039;Cookies and Site Data:&#039;&#039;&#039; Enable &#039;&#039;Delete cookies and site data when Firefox is closed&#039;&#039;.&lt;br /&gt;
* &#039;&#039;&#039;Logins and Passwords:&#039;&#039;&#039; Disable saving passwords, payments, and addresses.&lt;br /&gt;
* &#039;&#039;&#039;History:&#039;&#039;&#039; Set to &#039;&#039;Use custom settings for history&#039;&#039; and enable &#039;&#039;Clear history when Firefox closes&#039;&#039;.&lt;br /&gt;
* &#039;&#039;&#039;Permissions:&#039;&#039;&#039; Disallow all requests (Location, Camera, Microphone, Notifications, etc.). Enable &#039;&#039;Block pop-up windows&#039;&#039; and &#039;&#039;Warn you when websites try to install add-ons&#039;&#039;.&lt;br /&gt;
* &#039;&#039;&#039;Data Collection and Use:&#039;&#039;&#039; Disallow/uncheck all telemetry and data collection options.&lt;br /&gt;
* &#039;&#039;&#039;Security:&#039;&#039;&#039; Enable &#039;&#039;HTTPS-Only Mode in all windows&#039;&#039;.&lt;br /&gt;
* &#039;&#039;&#039;DNS over HTTPS:&#039;&#039;&#039; Set to &#039;&#039;&#039;Max Protection&#039;&#039;&#039; and select a privacy-friendly provider.&lt;br /&gt;
&lt;br /&gt;
== Comprehensive Hardening Guides &amp;amp; Reading ==&lt;br /&gt;
&lt;br /&gt;
* [https://github.com/awesome-windows11/firefox Awesome Firefox]&lt;br /&gt;
* [https://github.com/JArmandoG/Firefox-Hardening JArmandoG&#039;s Firefox Hardening Guide]&lt;br /&gt;
* [https://github.com/drduh/macOS-Security-and-Privacy-Guide#browser drduh&#039;s macOS Browser Privacy Guide]&lt;br /&gt;
* [https://sunknudsen.com/privacy-guides sunknudsen&#039;s Privacy Guides]&lt;br /&gt;
* [https://wrongthink.link/posts/hardened-web-browser/ Wrongthink: Hardened Web Browser]&lt;br /&gt;
* [https://unixsheikh.com/articles/choose-your-browser-carefully.html#tweaking-firefox Unixsheikh: Tweaking Firefox]&lt;br /&gt;
* [https://spyware.neocities.org/guides/firefox Spyware Watchdog: Firefox Mitigation]&lt;br /&gt;
* [https://fingerprint.com/blog/browser-anti-fingerprinting-techniques/ Fingerprint.com: Browser Anti-Fingerprinting Techniques]&lt;br /&gt;
* [https://gist.github.com/atcuno/3425484ac5cce5298932 atcuno&#039;s Privacy Guide] (Outdated but helpful concepts)&lt;br /&gt;
* [https://github.com/CISOfy/privacy-guide/blob/master/browser-security.md CISOfy Browser Security Guide]&lt;br /&gt;
* [http://kb.mozillazine.org/Category:Firefox MozillaZine Firefox Wiki]&lt;br /&gt;
&lt;br /&gt;
[[Category:Hardening]]&lt;br /&gt;
[[Category:Web browsers]]&lt;br /&gt;
[[Category:Privacy]]&lt;br /&gt;
[[Category:Security]]&lt;/div&gt;</summary>
		<author><name>Admin</name></author>
	</entry>
	<entry>
		<id>https://wiki.n216.dedyn.io/index.php?title=My_Firefox_Settings&amp;diff=58</id>
		<title>My Firefox Settings</title>
		<link rel="alternate" type="text/html" href="https://wiki.n216.dedyn.io/index.php?title=My_Firefox_Settings&amp;diff=58"/>
		<updated>2026-05-18T11:06:51Z</updated>

		<summary type="html">&lt;p&gt;Admin: /* Custom GUI Settings */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&amp;lt;blockquote&amp;gt;&#039;&#039;&#039;Note:&#039;&#039;&#039; This article is imported from an old note-taking app and may be outdated.&amp;lt;/blockquote&amp;gt;&lt;br /&gt;
&lt;br /&gt;
== Core Modifications &amp;amp; Bloatware Removal ==&lt;br /&gt;
&lt;br /&gt;
Some guides, such as the [https://spyware.neocities.org/guides/firefox Spyware Watchdog Mitigation Guide], recommend deleting default plugins bundled within the Firefox directory that may introduce privacy concerns or act as bloatware.&lt;br /&gt;
&lt;br /&gt;
Navigate to your Firefox features directory and remove unnecessary add-ons:&lt;br /&gt;
&amp;lt;syntaxhighlight lang=&amp;quot;bash&amp;quot;&amp;gt;&lt;br /&gt;
cd /usr/lib/firefox/browser/features&lt;br /&gt;
doas rm *.xpi&lt;br /&gt;
&amp;lt;/syntaxhighlight&amp;gt;&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;List of bundled plugins commonly removed:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;code&amp;gt;firefox@getpocket.com.xpi&amp;lt;/code&amp;gt; — Pocket&lt;br /&gt;
* &amp;lt;code&amp;gt;followonsearch@mozilla.com.xpi&amp;lt;/code&amp;gt; — Follow-On Search&lt;br /&gt;
* &amp;lt;code&amp;gt;activity-stream@mozilla.org.xpi&amp;lt;/code&amp;gt; — Activity Stream&lt;br /&gt;
* &amp;lt;code&amp;gt;screenshots@mozilla.org.xpi&amp;lt;/code&amp;gt; — Screenshots&lt;br /&gt;
* &amp;lt;code&amp;gt;onboarding@mozilla.org.xpi&amp;lt;/code&amp;gt; — Onboarding&lt;br /&gt;
* &amp;lt;code&amp;gt;formautofill@mozilla.org.xpi&amp;lt;/code&amp;gt; — Autofill&lt;br /&gt;
* &amp;lt;code&amp;gt;webcompat@mozilla.org.xpi&amp;lt;/code&amp;gt; — Web Compatibility Reporter&lt;br /&gt;
&lt;br /&gt;
== Configuration Tweaks (about:config) (if user.js does not cover them) ==&lt;br /&gt;
&lt;br /&gt;
=== Privacy, Security &amp;amp; Networking ===&lt;br /&gt;
; &amp;lt;code&amp;gt;accessibility.blockautorefresh&amp;lt;/code&amp;gt; : Set to &amp;lt;code&amp;gt;true&amp;lt;/code&amp;gt; to disable forced redirections. Combining this with disabled CSS and JS yields raw, unmangled result links. [https://pedantic.software/fxc/blog/why_there_is_no_css_on_my_website.html (via Pedantic Software)]&lt;br /&gt;
; &amp;lt;code&amp;gt;browser.sessionstore.interval&amp;lt;/code&amp;gt; : Set to a very high value to reduce disk writes and SessionStore tracking.&lt;br /&gt;
&lt;br /&gt;
=== Additional Hardening Actions ===&lt;br /&gt;
* &#039;&#039;&#039;Disable Firefox SessionStore&#039;&#039;&#039;: Search for &amp;lt;code&amp;gt;browser.sessionstore&amp;lt;/code&amp;gt; in &amp;lt;code&amp;gt;about:config&amp;lt;/code&amp;gt; and disable relevant telemetry/saving mechanisms.&lt;br /&gt;
* &#039;&#039;&#039;Disable CSS Visited Links&#039;&#039;&#039;: Mitigates history-sniffing vulnerabilities. [https://www.reddit.com/r/privacy/comments/15fddo0/retrieving_your_browsing_history_through_a/juf5br1/ Read the Reddit discussion here.]&lt;br /&gt;
&lt;br /&gt;
== User.js Templates &amp;amp; Generators ==&lt;br /&gt;
&lt;br /&gt;
Instead of manually configuring &amp;lt;code&amp;gt;about:config&amp;lt;/code&amp;gt;, you can use pre-configured &amp;lt;code&amp;gt;user.js&amp;lt;/code&amp;gt; files.&lt;br /&gt;
&lt;br /&gt;
To use a &amp;lt;code&amp;gt;user.js&amp;lt;/code&amp;gt; file, you need to place it in your Firefox profile directory. This file is read every time Firefox starts, overriding any matching settings in &amp;lt;code&amp;gt;about:config&amp;lt;/code&amp;gt; or &amp;lt;code&amp;gt;prefs.js&amp;lt;/code&amp;gt;:&lt;br /&gt;
&lt;br /&gt;
# Navigate to &amp;lt;code&amp;gt;about:support&amp;lt;/code&amp;gt; in your URL bar.&lt;br /&gt;
# Find the &#039;&#039;&#039;Profile Directory&#039;&#039;&#039; row and click the &#039;&#039;&#039;Open Directory&#039;&#039;&#039; button.&lt;br /&gt;
# Create a new text file in this directory and name it exactly &amp;lt;code&amp;gt;user.js&amp;lt;/code&amp;gt;.&lt;br /&gt;
# Open the file using a text editor.&lt;br /&gt;
# Paste your desired configuration settings from the templates below into the file and save it.&lt;br /&gt;
# Restart Firefox for the changes to take effect.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Generators:&#039;&#039;&#039;&lt;br /&gt;
* [https://ffprofile.com ffprofile.com] — Interactive &amp;lt;code&amp;gt;user.js&amp;lt;/code&amp;gt; generator.&lt;br /&gt;
** &#039;&#039;Note on User-Agent Spoofing:&#039;&#039; While you can spoof your user-agent to a more common one (e.g., Chrome), doing so on Firefox can actually make your browser fingerprint [https://deviceinfo.me more unique] ([https://www.billdietrich.me/ComputerPrivacy.html alternative tools list]). Because Firefox&#039;s engine behaves differently than Chromium, mismatched engine/user-agent data is easily detectable. For common agents, see [https://techblog.willshouse.com/2012/01/03/most-common-user-agents/ Willhouse] or [https://www.whatismybrowser.com/guides/the-latest-user-agent/chrome WhatIsMyBrowser].&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Popular Pre-configured Templates:&#039;&#039;&#039;&lt;br /&gt;
# [https://github.com/arkenfox/user.js/raw/master/user.js Arkenfox] (Highly recommended, well-known)&lt;br /&gt;
# [https://raw.githubusercontent.com/pyllyukko/user.js/master/user.js Pyllyukko] (Security focused)&lt;br /&gt;
# [https://git.nixnet.services/Narsil/desktop_user.js/raw/branch/master/user.js Narsil&#039;s user.js] (Privacy focused) (I use this one)&lt;br /&gt;
# [https://codeberg.org/polarhive/vulpes Vulpes]&lt;br /&gt;
# [https://git.nixnet.services/Narsil/palemoon_user.js Narsil&#039;s user.js for Pale Moon] (Privacy focused)&lt;br /&gt;
# [https://git.sr.ht/~krathalan/firefox-complement krathalan config]&lt;br /&gt;
# [https://github.com/simeononsecurity/FireFox-Privacy-Script simeononsec FireFox Script]&lt;br /&gt;
# [https://vermaden.wordpress.com/2024/03/18/sensible-firefox-setup/ vermaden&#039;s Sensible Setup]&lt;br /&gt;
&lt;br /&gt;
== Extensions &amp;amp; Add-ons ==&lt;br /&gt;
&lt;br /&gt;
* &#039;&#039;&#039;ximatrix&#039;&#039;&#039;: A Firefox extension similar to uMatrix capable of blocking inline scripts and advanced requests. [https://github.com/xi/xiMatrix Source code available here]. &lt;br /&gt;
** &#039;&#039;Alternative:&#039;&#039; [https://gitler.moe/Wrongthink/paraMatrix paraMatrix] (a fork of ximatrix).&lt;br /&gt;
* &#039;&#039;&#039;Chrome Extensions on Firefox&#039;&#039;&#039;: Firefox has introduced capabilities for importing Chrome extensions. [https://news.slashdot.org/story/23/08/24/2233242/firefox-users-may-import-chrome-extensions-now Read the Slashdot coverage].&lt;br /&gt;
* &#039;&#039;&#039;Extension Restrictions&#039;&#039;&#039;: Mozilla occasionally restricts add-ons on specific domains. To disable these restrictions and allow uBlock Origin to operate aggressively everywhere, read [https://12bytes.org/tech/mozilla-wants-more-control-over-your-add-ons/ 12bytes&#039; analysis] and their [https://12bytes.org/ublock-origin-suggested-settings/ uBlock suggested settings].&lt;br /&gt;
&lt;br /&gt;
== Browser UI &amp;amp; Maintenance Tweaks ==&lt;br /&gt;
&lt;br /&gt;
* &#039;&#039;&#039;Verify Database Integrity&#039;&#039;&#039;: Navigate to &amp;lt;code&amp;gt;about:support&amp;lt;/code&amp;gt; -&amp;gt; Scroll down to &#039;&#039;&#039;Places Database&#039;&#039;&#039; -&amp;gt; Click &#039;&#039;&#039;Verify Integrity&#039;&#039;&#039;.&lt;br /&gt;
* &#039;&#039;&#039;Turn Off Firefox Sidebar&#039;&#039;&#039;: [https://utcc.utoronto.ca/~cks/space/blog/web/FirefoxPdfViewerSidebarOff Guide to disabling the PDF viewer sidebar].&lt;br /&gt;
* &#039;&#039;&#039;Disable Firefox Translator&#039;&#039;&#039;: [https://xnacly.me/posts/2023/disable-firefox-translation/ Guide to disabling built-in local translation].&lt;br /&gt;
* &#039;&#039;&#039;Block Pop-Ups&#039;&#039;&#039;: [https://support.mozilla.org/bm/questions/1369602 Mozilla Support thread on native pop-up blocking].&lt;br /&gt;
* &#039;&#039;&#039;GeckoView Config&#039;&#039;&#039;: You can access deeper settings via [chrome://geckoview/content/config.xhtml chrome://geckoview/content/config.xhtml].&lt;br /&gt;
&lt;br /&gt;
=== Custom GUI Settings ===&lt;br /&gt;
Navigate to the standard Firefox Settings (&amp;lt;code&amp;gt;about:preferences&amp;lt;/code&amp;gt;) to adjust the following:&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;General&#039;&#039;&#039;&lt;br /&gt;
* &#039;&#039;&#039;Tabs:&#039;&#039;&#039; Enable &#039;&#039;Open links in tabs instead of new windows&#039;&#039;. Disable &#039;&#039;Show an image preview when you hover on a tab&#039;&#039; and &#039;&#039;Disable link previews&#039;&#039;.&lt;br /&gt;
* &#039;&#039;&#039;Fonts:&#039;&#039;&#039; Uncheck &#039;&#039;Allow pages to choose their own fonts, instead of your selections above&#039;&#039;.&lt;br /&gt;
* &#039;&#039;&#039;Language:&#039;&#039;&#039; Set to English (US). Enable &#039;&#039;Request English versions of web pages for enhanced privacy&#039;&#039;. Disable &#039;&#039;Enable full page translations&#039;&#039;.&lt;br /&gt;
* &#039;&#039;&#039;Typing:&#039;&#039;&#039; Disable &#039;&#039;Check your spelling as you type&#039;&#039;.&lt;br /&gt;
* &#039;&#039;&#039;Browsing &amp;amp; Media:&#039;&#039;&#039; Disable &#039;&#039;Enable picture-in-picture video controls&#039;&#039; and &#039;&#039;Control media via keyboard, headset, or virtual interface&#039;&#039;.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Home&#039;&#039;&#039;&lt;br /&gt;
* &#039;&#039;&#039;New Windows and Tabs:&#039;&#039;&#039; Set both &#039;&#039;Homepage and new windows&#039;&#039; and &#039;&#039;New tabs&#039;&#039; to &#039;&#039;&#039;Blank Page&#039;&#039;&#039;.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Search&#039;&#039;&#039;&lt;br /&gt;
* &#039;&#039;&#039;Default Search Engine:&#039;&#039;&#039; Switch to a privacy-respecting alternative like &amp;lt;code&amp;gt;lite.duckduckgo.com&amp;lt;/code&amp;gt;, or your own self-hosted &#039;&#039;&#039;SearXNG&#039;&#039;&#039; or &#039;&#039;&#039;4get&#039;&#039;&#039; instance.&lt;br /&gt;
* &#039;&#039;&#039;Search Suggestions:&#039;&#039;&#039; Disable &#039;&#039;Show search suggestions&#039;&#039;.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Privacy &amp;amp; Security&#039;&#039;&#039;&lt;br /&gt;
* &#039;&#039;&#039;Tracking Protection:&#039;&#039;&#039; Set Enhanced Tracking Protection to &#039;&#039;&#039;Strict&#039;&#039;&#039; (disable &#039;&#039;Fix major site issues&#039;&#039; if opting for absolute strictness without exceptions).&lt;br /&gt;
* &#039;&#039;&#039;Global Privacy Control:&#039;&#039;&#039; Enable &#039;&#039;Tell websites not to sell or share my data&#039;&#039;.&lt;br /&gt;
** &#039;&#039;Note:&#039;&#039; You can also explicitly enable the Do Not Track header by setting &amp;lt;code&amp;gt;privacy.donottrackheader.enabled&amp;lt;/code&amp;gt; to &amp;lt;code&amp;gt;true&amp;lt;/code&amp;gt; via the hidden &amp;lt;code&amp;gt;about:config&amp;lt;/code&amp;gt; entry.&lt;br /&gt;
* &#039;&#039;&#039;Cookies and Site Data:&#039;&#039;&#039; Enable &#039;&#039;Delete cookies and site data when Firefox is closed&#039;&#039;.&lt;br /&gt;
* &#039;&#039;&#039;Logins and Passwords:&#039;&#039;&#039; Disable saving passwords, payments, and addresses.&lt;br /&gt;
* &#039;&#039;&#039;History:&#039;&#039;&#039; Set to &#039;&#039;Use custom settings for history&#039;&#039; and enable &#039;&#039;Clear history when Firefox closes&#039;&#039;.&lt;br /&gt;
* &#039;&#039;&#039;Permissions:&#039;&#039;&#039; Disallow all requests (Location, Camera, Microphone, Notifications, etc.). Enable &#039;&#039;Block pop-up windows&#039;&#039; and &#039;&#039;Warn you when websites try to install add-ons&#039;&#039;.&lt;br /&gt;
* &#039;&#039;&#039;Data Collection and Use:&#039;&#039;&#039; Disallow/uncheck all telemetry and data collection options.&lt;br /&gt;
* &#039;&#039;&#039;Security:&#039;&#039;&#039; Enable &#039;&#039;HTTPS-Only Mode in all windows&#039;&#039;.&lt;br /&gt;
* &#039;&#039;&#039;DNS over HTTPS:&#039;&#039;&#039; Set to &#039;&#039;&#039;Max Protection&#039;&#039;&#039; and select a privacy-friendly provider.&lt;br /&gt;
&lt;br /&gt;
== Comprehensive Hardening Guides &amp;amp; Reading ==&lt;br /&gt;
&lt;br /&gt;
* [https://github.com/awesome-windows11/firefox Awesome Firefox]&lt;br /&gt;
* [https://github.com/JArmandoG/Firefox-Hardening JArmandoG&#039;s Firefox Hardening Guide]&lt;br /&gt;
* [https://github.com/drduh/macOS-Security-and-Privacy-Guide#browser drduh&#039;s macOS Browser Privacy Guide]&lt;br /&gt;
* [https://sunknudsen.com/privacy-guides sunknudsen&#039;s Privacy Guides]&lt;br /&gt;
* [https://wrongthink.link/posts/hardened-web-browser/ Wrongthink: Hardened Web Browser]&lt;br /&gt;
* [https://unixsheikh.com/articles/choose-your-browser-carefully.html#tweaking-firefox Unixsheikh: Tweaking Firefox]&lt;br /&gt;
* [https://spyware.neocities.org/guides/firefox Spyware Watchdog: Firefox Mitigation]&lt;br /&gt;
* [https://fingerprint.com/blog/browser-anti-fingerprinting-techniques/ Fingerprint.com: Browser Anti-Fingerprinting Techniques]&lt;br /&gt;
* [https://gist.github.com/atcuno/3425484ac5cce5298932 atcuno&#039;s Privacy Guide] (Outdated but helpful concepts)&lt;br /&gt;
* [https://github.com/CISOfy/privacy-guide/blob/master/browser-security.md CISOfy Browser Security Guide]&lt;br /&gt;
* [http://kb.mozillazine.org/Category:Firefox MozillaZine Firefox Wiki]&lt;br /&gt;
&lt;br /&gt;
[[Category:Hardening]]&lt;br /&gt;
[[Category:Web browsers]]&lt;br /&gt;
[[Category:Privacy]]&lt;br /&gt;
[[Category:Security]]&lt;/div&gt;</summary>
		<author><name>Admin</name></author>
	</entry>
	<entry>
		<id>https://wiki.n216.dedyn.io/index.php?title=My_Firefox_Settings&amp;diff=57</id>
		<title>My Firefox Settings</title>
		<link rel="alternate" type="text/html" href="https://wiki.n216.dedyn.io/index.php?title=My_Firefox_Settings&amp;diff=57"/>
		<updated>2026-05-18T11:00:01Z</updated>

		<summary type="html">&lt;p&gt;Admin: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&amp;lt;blockquote&amp;gt;&#039;&#039;&#039;Note:&#039;&#039;&#039; This article is imported from an old note-taking app and may be outdated.&amp;lt;/blockquote&amp;gt;&lt;br /&gt;
&lt;br /&gt;
== Core Modifications &amp;amp; Bloatware Removal ==&lt;br /&gt;
&lt;br /&gt;
Some guides, such as the [https://spyware.neocities.org/guides/firefox Spyware Watchdog Mitigation Guide], recommend deleting default plugins bundled within the Firefox directory that may introduce privacy concerns or act as bloatware.&lt;br /&gt;
&lt;br /&gt;
Navigate to your Firefox features directory and remove unnecessary add-ons:&lt;br /&gt;
&amp;lt;syntaxhighlight lang=&amp;quot;bash&amp;quot;&amp;gt;&lt;br /&gt;
cd /usr/lib/firefox/browser/features&lt;br /&gt;
doas rm *.xpi&lt;br /&gt;
&amp;lt;/syntaxhighlight&amp;gt;&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;List of bundled plugins commonly removed:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;code&amp;gt;firefox@getpocket.com.xpi&amp;lt;/code&amp;gt; — Pocket&lt;br /&gt;
* &amp;lt;code&amp;gt;followonsearch@mozilla.com.xpi&amp;lt;/code&amp;gt; — Follow-On Search&lt;br /&gt;
* &amp;lt;code&amp;gt;activity-stream@mozilla.org.xpi&amp;lt;/code&amp;gt; — Activity Stream&lt;br /&gt;
* &amp;lt;code&amp;gt;screenshots@mozilla.org.xpi&amp;lt;/code&amp;gt; — Screenshots&lt;br /&gt;
* &amp;lt;code&amp;gt;onboarding@mozilla.org.xpi&amp;lt;/code&amp;gt; — Onboarding&lt;br /&gt;
* &amp;lt;code&amp;gt;formautofill@mozilla.org.xpi&amp;lt;/code&amp;gt; — Autofill&lt;br /&gt;
* &amp;lt;code&amp;gt;webcompat@mozilla.org.xpi&amp;lt;/code&amp;gt; — Web Compatibility Reporter&lt;br /&gt;
&lt;br /&gt;
== Configuration Tweaks (about:config) (if user.js does not cover them) ==&lt;br /&gt;
&lt;br /&gt;
=== Privacy, Security &amp;amp; Networking ===&lt;br /&gt;
; &amp;lt;code&amp;gt;accessibility.blockautorefresh&amp;lt;/code&amp;gt; : Set to &amp;lt;code&amp;gt;true&amp;lt;/code&amp;gt; to disable forced redirections. Combining this with disabled CSS and JS yields raw, unmangled result links. [https://pedantic.software/fxc/blog/why_there_is_no_css_on_my_website.html (via Pedantic Software)]&lt;br /&gt;
; &amp;lt;code&amp;gt;browser.sessionstore.interval&amp;lt;/code&amp;gt; : Set to a very high value to reduce disk writes and SessionStore tracking.&lt;br /&gt;
&lt;br /&gt;
=== Additional Hardening Actions ===&lt;br /&gt;
* &#039;&#039;&#039;Disable Firefox SessionStore&#039;&#039;&#039;: Search for &amp;lt;code&amp;gt;browser.sessionstore&amp;lt;/code&amp;gt; in &amp;lt;code&amp;gt;about:config&amp;lt;/code&amp;gt; and disable relevant telemetry/saving mechanisms.&lt;br /&gt;
* &#039;&#039;&#039;Disable CSS Visited Links&#039;&#039;&#039;: Mitigates history-sniffing vulnerabilities. [https://www.reddit.com/r/privacy/comments/15fddo0/retrieving_your_browsing_history_through_a/juf5br1/ Read the Reddit discussion here.]&lt;br /&gt;
&lt;br /&gt;
== User.js Templates &amp;amp; Generators ==&lt;br /&gt;
&lt;br /&gt;
Instead of manually configuring &amp;lt;code&amp;gt;about:config&amp;lt;/code&amp;gt;, you can use pre-configured &amp;lt;code&amp;gt;user.js&amp;lt;/code&amp;gt; files.&lt;br /&gt;
&lt;br /&gt;
To use a &amp;lt;code&amp;gt;user.js&amp;lt;/code&amp;gt; file, you need to place it in your Firefox profile directory. This file is read every time Firefox starts, overriding any matching settings in &amp;lt;code&amp;gt;about:config&amp;lt;/code&amp;gt; or &amp;lt;code&amp;gt;prefs.js&amp;lt;/code&amp;gt;:&lt;br /&gt;
&lt;br /&gt;
# Navigate to &amp;lt;code&amp;gt;about:support&amp;lt;/code&amp;gt; in your URL bar.&lt;br /&gt;
# Find the &#039;&#039;&#039;Profile Directory&#039;&#039;&#039; row and click the &#039;&#039;&#039;Open Directory&#039;&#039;&#039; button.&lt;br /&gt;
# Create a new text file in this directory and name it exactly &amp;lt;code&amp;gt;user.js&amp;lt;/code&amp;gt;.&lt;br /&gt;
# Open the file using a text editor.&lt;br /&gt;
# Paste your desired configuration settings from the templates below into the file and save it.&lt;br /&gt;
# Restart Firefox for the changes to take effect.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Generators:&#039;&#039;&#039;&lt;br /&gt;
* [https://ffprofile.com ffprofile.com] — Interactive &amp;lt;code&amp;gt;user.js&amp;lt;/code&amp;gt; generator.&lt;br /&gt;
** &#039;&#039;Note on User-Agent Spoofing:&#039;&#039; While you can spoof your user-agent to a more common one (e.g., Chrome), doing so on Firefox can actually make your browser fingerprint [https://deviceinfo.me more unique] ([https://www.billdietrich.me/ComputerPrivacy.html alternative tools list]). Because Firefox&#039;s engine behaves differently than Chromium, mismatched engine/user-agent data is easily detectable. For common agents, see [https://techblog.willshouse.com/2012/01/03/most-common-user-agents/ Willhouse] or [https://www.whatismybrowser.com/guides/the-latest-user-agent/chrome WhatIsMyBrowser].&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Popular Pre-configured Templates:&#039;&#039;&#039;&lt;br /&gt;
# [https://github.com/arkenfox/user.js/raw/master/user.js Arkenfox] (Highly recommended, well-known)&lt;br /&gt;
# [https://raw.githubusercontent.com/pyllyukko/user.js/master/user.js Pyllyukko] (Security focused)&lt;br /&gt;
# [https://git.nixnet.services/Narsil/desktop_user.js/raw/branch/master/user.js Narsil&#039;s user.js] (Privacy focused) (I use this one)&lt;br /&gt;
# [https://codeberg.org/polarhive/vulpes Vulpes]&lt;br /&gt;
# [https://git.nixnet.services/Narsil/palemoon_user.js Narsil&#039;s user.js for Pale Moon] (Privacy focused)&lt;br /&gt;
# [https://git.sr.ht/~krathalan/firefox-complement krathalan config]&lt;br /&gt;
# [https://github.com/simeononsecurity/FireFox-Privacy-Script simeononsec FireFox Script]&lt;br /&gt;
# [https://vermaden.wordpress.com/2024/03/18/sensible-firefox-setup/ vermaden&#039;s Sensible Setup]&lt;br /&gt;
&lt;br /&gt;
== Extensions &amp;amp; Add-ons ==&lt;br /&gt;
&lt;br /&gt;
* &#039;&#039;&#039;ximatrix&#039;&#039;&#039;: A Firefox extension similar to uMatrix capable of blocking inline scripts and advanced requests. [https://github.com/xi/xiMatrix Source code available here]. &lt;br /&gt;
** &#039;&#039;Alternative:&#039;&#039; [https://gitler.moe/Wrongthink/paraMatrix paraMatrix] (a fork of ximatrix).&lt;br /&gt;
* &#039;&#039;&#039;Chrome Extensions on Firefox&#039;&#039;&#039;: Firefox has introduced capabilities for importing Chrome extensions. [https://news.slashdot.org/story/23/08/24/2233242/firefox-users-may-import-chrome-extensions-now Read the Slashdot coverage].&lt;br /&gt;
* &#039;&#039;&#039;Extension Restrictions&#039;&#039;&#039;: Mozilla occasionally restricts add-ons on specific domains. To disable these restrictions and allow uBlock Origin to operate aggressively everywhere, read [https://12bytes.org/tech/mozilla-wants-more-control-over-your-add-ons/ 12bytes&#039; analysis] and their [https://12bytes.org/ublock-origin-suggested-settings/ uBlock suggested settings].&lt;br /&gt;
&lt;br /&gt;
== Browser UI &amp;amp; Maintenance Tweaks ==&lt;br /&gt;
&lt;br /&gt;
* &#039;&#039;&#039;Verify Database Integrity&#039;&#039;&#039;: Navigate to &amp;lt;code&amp;gt;about:support&amp;lt;/code&amp;gt; -&amp;gt; Scroll down to &#039;&#039;&#039;Places Database&#039;&#039;&#039; -&amp;gt; Click &#039;&#039;&#039;Verify Integrity&#039;&#039;&#039;.&lt;br /&gt;
* &#039;&#039;&#039;Turn Off Firefox Sidebar&#039;&#039;&#039;: [https://utcc.utoronto.ca/~cks/space/blog/web/FirefoxPdfViewerSidebarOff Guide to disabling the PDF viewer sidebar].&lt;br /&gt;
* &#039;&#039;&#039;Disable Firefox Translator&#039;&#039;&#039;: [https://xnacly.me/posts/2023/disable-firefox-translation/ Guide to disabling built-in local translation].&lt;br /&gt;
* &#039;&#039;&#039;Block Pop-Ups&#039;&#039;&#039;: [https://support.mozilla.org/bm/questions/1369602 Mozilla Support thread on native pop-up blocking].&lt;br /&gt;
* &#039;&#039;&#039;GeckoView Config&#039;&#039;&#039;: You can access deeper settings via [chrome://geckoview/content/config.xhtml chrome://geckoview/content/config.xhtml].&lt;br /&gt;
&lt;br /&gt;
=== Custom GUI Settings ===&lt;br /&gt;
Navigate to the standard Firefox Settings (&amp;lt;code&amp;gt;about:preferences&amp;lt;/code&amp;gt;) to adjust the following:&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;General&#039;&#039;&#039;&lt;br /&gt;
* &#039;&#039;&#039;Tabs:&#039;&#039;&#039; Enable &#039;&#039;Open links in tabs instead of new windows&#039;&#039;. Disable &#039;&#039;Show an image preview when you hover on a tab&#039;&#039; and &#039;&#039;Enable link previews&#039;&#039;.&lt;br /&gt;
* &#039;&#039;&#039;Fonts:&#039;&#039;&#039; Uncheck &#039;&#039;Allow pages to choose their own fonts, instead of your selections above&#039;&#039;.&lt;br /&gt;
* &#039;&#039;&#039;Language:&#039;&#039;&#039; Set to English (US). Enable &#039;&#039;Request English versions of web pages for enhanced privacy&#039;&#039;. Disable &#039;&#039;Enable full page translations&#039;&#039;.&lt;br /&gt;
* &#039;&#039;&#039;Typing:&#039;&#039;&#039; Disable &#039;&#039;Check your spelling as you type&#039;&#039;.&lt;br /&gt;
* &#039;&#039;&#039;Browsing &amp;amp; Media:&#039;&#039;&#039; Disable &#039;&#039;Enable picture-in-picture video controls&#039;&#039; and &#039;&#039;Control media via keyboard, headset, or virtual interface&#039;&#039;.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Home&#039;&#039;&#039;&lt;br /&gt;
* &#039;&#039;&#039;New Windows and Tabs:&#039;&#039;&#039; Set both &#039;&#039;Homepage and new windows&#039;&#039; and &#039;&#039;New tabs&#039;&#039; to &#039;&#039;&#039;Blank Page&#039;&#039;&#039;.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Search&#039;&#039;&#039;&lt;br /&gt;
* &#039;&#039;&#039;Default Search Engine:&#039;&#039;&#039; Switch to a privacy-respecting alternative like &amp;lt;code&amp;gt;lite.duckduckgo.com&amp;lt;/code&amp;gt;, or your own self-hosted &#039;&#039;&#039;SearXNG&#039;&#039;&#039; or &#039;&#039;&#039;4get&#039;&#039;&#039; instance.&lt;br /&gt;
* &#039;&#039;&#039;Search Suggestions:&#039;&#039;&#039; Disable &#039;&#039;Show search suggestions&#039;&#039;.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Privacy &amp;amp; Security&#039;&#039;&#039;&lt;br /&gt;
* &#039;&#039;&#039;Tracking Protection:&#039;&#039;&#039; Set Enhanced Tracking Protection to &#039;&#039;&#039;Strict&#039;&#039;&#039; (disable &#039;&#039;Fix major site issues&#039;&#039; if opting for absolute strictness without exceptions).&lt;br /&gt;
* &#039;&#039;&#039;Global Privacy Control:&#039;&#039;&#039; Enable &#039;&#039;Tell websites not to sell or share my data&#039;&#039;.&lt;br /&gt;
** &#039;&#039;Note:&#039;&#039; You can also explicitly enable the Do Not Track header by setting &amp;lt;code&amp;gt;privacy.donottrackheader.enabled&amp;lt;/code&amp;gt; to &amp;lt;code&amp;gt;true&amp;lt;/code&amp;gt; via the hidden &amp;lt;code&amp;gt;about:config&amp;lt;/code&amp;gt; entry.&lt;br /&gt;
* &#039;&#039;&#039;Cookies and Site Data:&#039;&#039;&#039; Enable &#039;&#039;Delete cookies and site data when Firefox is closed&#039;&#039;.&lt;br /&gt;
* &#039;&#039;&#039;Logins and Passwords:&#039;&#039;&#039; Disable saving passwords, payments, and addresses.&lt;br /&gt;
* &#039;&#039;&#039;History:&#039;&#039;&#039; Set to &#039;&#039;Use custom settings for history&#039;&#039; and enable &#039;&#039;Clear history when Firefox closes&#039;&#039;.&lt;br /&gt;
* &#039;&#039;&#039;Permissions:&#039;&#039;&#039; Disallow all requests (Location, Camera, Microphone, Notifications, etc.). Enable &#039;&#039;Block pop-up windows&#039;&#039; and &#039;&#039;Warn you when websites try to install add-ons&#039;&#039;.&lt;br /&gt;
* &#039;&#039;&#039;Data Collection and Use:&#039;&#039;&#039; Disallow/uncheck all telemetry and data collection options.&lt;br /&gt;
* &#039;&#039;&#039;Security:&#039;&#039;&#039; Enable &#039;&#039;HTTPS-Only Mode in all windows&#039;&#039;.&lt;br /&gt;
* &#039;&#039;&#039;DNS over HTTPS:&#039;&#039;&#039; Set to &#039;&#039;&#039;Max Protection&#039;&#039;&#039; and select a privacy-friendly provider.&lt;br /&gt;
&lt;br /&gt;
== Comprehensive Hardening Guides &amp;amp; Reading ==&lt;br /&gt;
&lt;br /&gt;
* [https://github.com/awesome-windows11/firefox Awesome Firefox]&lt;br /&gt;
* [https://github.com/JArmandoG/Firefox-Hardening JArmandoG&#039;s Firefox Hardening Guide]&lt;br /&gt;
* [https://github.com/drduh/macOS-Security-and-Privacy-Guide#browser drduh&#039;s macOS Browser Privacy Guide]&lt;br /&gt;
* [https://sunknudsen.com/privacy-guides sunknudsen&#039;s Privacy Guides]&lt;br /&gt;
* [https://wrongthink.link/posts/hardened-web-browser/ Wrongthink: Hardened Web Browser]&lt;br /&gt;
* [https://unixsheikh.com/articles/choose-your-browser-carefully.html#tweaking-firefox Unixsheikh: Tweaking Firefox]&lt;br /&gt;
* [https://spyware.neocities.org/guides/firefox Spyware Watchdog: Firefox Mitigation]&lt;br /&gt;
* [https://fingerprint.com/blog/browser-anti-fingerprinting-techniques/ Fingerprint.com: Browser Anti-Fingerprinting Techniques]&lt;br /&gt;
* [https://gist.github.com/atcuno/3425484ac5cce5298932 atcuno&#039;s Privacy Guide] (Outdated but helpful concepts)&lt;br /&gt;
* [https://github.com/CISOfy/privacy-guide/blob/master/browser-security.md CISOfy Browser Security Guide]&lt;br /&gt;
* [http://kb.mozillazine.org/Category:Firefox MozillaZine Firefox Wiki]&lt;br /&gt;
&lt;br /&gt;
[[Category:Hardening]]&lt;br /&gt;
[[Category:Web browsers]]&lt;br /&gt;
[[Category:Privacy]]&lt;br /&gt;
[[Category:Security]]&lt;/div&gt;</summary>
		<author><name>Admin</name></author>
	</entry>
	<entry>
		<id>https://wiki.n216.dedyn.io/index.php?title=My_Firefox_Settings&amp;diff=56</id>
		<title>My Firefox Settings</title>
		<link rel="alternate" type="text/html" href="https://wiki.n216.dedyn.io/index.php?title=My_Firefox_Settings&amp;diff=56"/>
		<updated>2026-05-18T10:56:04Z</updated>

		<summary type="html">&lt;p&gt;Admin: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&amp;lt;blockquote&amp;gt;&#039;&#039;&#039;Note:&#039;&#039;&#039; This article is imported from an old note-taking app and may be outdated.&amp;lt;/blockquote&amp;gt;&lt;br /&gt;
&lt;br /&gt;
== Core Modifications &amp;amp; Bloatware Removal ==&lt;br /&gt;
&lt;br /&gt;
Some guides, such as the [https://spyware.neocities.org/guides/firefox Spyware Watchdog Mitigation Guide], recommend deleting default plugins bundled within the Firefox directory that may introduce privacy concerns or act as bloatware.&lt;br /&gt;
&lt;br /&gt;
Navigate to your Firefox features directory and remove unnecessary add-ons:&lt;br /&gt;
&amp;lt;syntaxhighlight lang=&amp;quot;bash&amp;quot;&amp;gt;&lt;br /&gt;
cd /usr/lib/firefox/browser/features&lt;br /&gt;
doas rm *.xpi&lt;br /&gt;
&amp;lt;/syntaxhighlight&amp;gt;&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;List of bundled plugins commonly removed:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;code&amp;gt;firefox@getpocket.com.xpi&amp;lt;/code&amp;gt; — Pocket&lt;br /&gt;
* &amp;lt;code&amp;gt;followonsearch@mozilla.com.xpi&amp;lt;/code&amp;gt; — Follow-On Search&lt;br /&gt;
* &amp;lt;code&amp;gt;activity-stream@mozilla.org.xpi&amp;lt;/code&amp;gt; — Activity Stream&lt;br /&gt;
* &amp;lt;code&amp;gt;screenshots@mozilla.org.xpi&amp;lt;/code&amp;gt; — Screenshots&lt;br /&gt;
* &amp;lt;code&amp;gt;onboarding@mozilla.org.xpi&amp;lt;/code&amp;gt; — Onboarding&lt;br /&gt;
* &amp;lt;code&amp;gt;formautofill@mozilla.org.xpi&amp;lt;/code&amp;gt; — Autofill&lt;br /&gt;
* &amp;lt;code&amp;gt;webcompat@mozilla.org.xpi&amp;lt;/code&amp;gt; — Web Compatibility Reporter&lt;br /&gt;
&lt;br /&gt;
== Configuration Tweaks (about:config) (if user.js does not cover them) ==&lt;br /&gt;
&lt;br /&gt;
=== Privacy, Security &amp;amp; Networking ===&lt;br /&gt;
; &amp;lt;code&amp;gt;accessibility.blockautorefresh&amp;lt;/code&amp;gt; : Set to &amp;lt;code&amp;gt;true&amp;lt;/code&amp;gt; to disable forced redirections. Combining this with disabled CSS and JS yields raw, unmangled result links. [https://pedantic.software/fxc/blog/why_there_is_no_css_on_my_website.html (via Pedantic Software)]&lt;br /&gt;
; &amp;lt;code&amp;gt;browser.sessionstore.interval&amp;lt;/code&amp;gt; : Set to a very high value to reduce disk writes and SessionStore tracking.&lt;br /&gt;
&lt;br /&gt;
=== Additional Hardening Actions ===&lt;br /&gt;
* &#039;&#039;&#039;Disable Firefox SessionStore&#039;&#039;&#039;: Search for &amp;lt;code&amp;gt;browser.sessionstore&amp;lt;/code&amp;gt; in &amp;lt;code&amp;gt;about:config&amp;lt;/code&amp;gt; and disable relevant telemetry/saving mechanisms.&lt;br /&gt;
* &#039;&#039;&#039;Disable CSS Visited Links&#039;&#039;&#039;: Mitigates history-sniffing vulnerabilities. [https://www.reddit.com/r/privacy/comments/15fddo0/retrieving_your_browsing_history_through_a/juf5br1/ Read the Reddit discussion here.]&lt;br /&gt;
&lt;br /&gt;
== User.js Templates &amp;amp; Generators ==&lt;br /&gt;
&lt;br /&gt;
Instead of manually configuring &amp;lt;code&amp;gt;about:config&amp;lt;/code&amp;gt;, you can use pre-configured &amp;lt;code&amp;gt;user.js&amp;lt;/code&amp;gt; files.&lt;br /&gt;
&lt;br /&gt;
To use a &amp;lt;code&amp;gt;user.js&amp;lt;/code&amp;gt; file, you need to place it in your Firefox profile directory. This file is read every time Firefox starts, overriding any matching settings in &amp;lt;code&amp;gt;about:config&amp;lt;/code&amp;gt; or &amp;lt;code&amp;gt;prefs.js&amp;lt;/code&amp;gt;:&lt;br /&gt;
&lt;br /&gt;
# Navigate to &amp;lt;code&amp;gt;about:support&amp;lt;/code&amp;gt; in your URL bar.&lt;br /&gt;
# Find the &#039;&#039;&#039;Profile Directory&#039;&#039;&#039; row and click the &#039;&#039;&#039;Open Directory&#039;&#039;&#039; button.&lt;br /&gt;
# Create a new text file in this directory and name it exactly &amp;lt;code&amp;gt;user.js&amp;lt;/code&amp;gt;.&lt;br /&gt;
# Open the file using a text editor (e.g., &amp;lt;code&amp;gt;micro&amp;lt;/code&amp;gt; on Arch Linux or &amp;lt;code&amp;gt;vim&amp;lt;/code&amp;gt; on OpenBSD).&lt;br /&gt;
# Paste your desired configuration settings from the templates below into the file and save it.&lt;br /&gt;
# Restart Firefox for the changes to take effect.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Generators:&#039;&#039;&#039;&lt;br /&gt;
* [https://ffprofile.com ffprofile.com] — Interactive &amp;lt;code&amp;gt;user.js&amp;lt;/code&amp;gt; generator.&lt;br /&gt;
** &#039;&#039;Note on User-Agent Spoofing:&#039;&#039; While you can spoof your user-agent to a more common one (e.g., Chrome), doing so on Firefox can actually make your browser fingerprint [https://deviceinfo.me more unique] ([https://www.billdietrich.me/ComputerPrivacy.html alternative tools list]). Because Firefox&#039;s engine behaves differently than Chromium, mismatched engine/user-agent data is easily detectable. For common agents, see [https://techblog.willshouse.com/2012/01/03/most-common-user-agents/ Willhouse] or [https://www.whatismybrowser.com/guides/the-latest-user-agent/chrome WhatIsMyBrowser].&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Popular Pre-configured Templates:&#039;&#039;&#039;&lt;br /&gt;
# [https://github.com/arkenfox/user.js/raw/master/user.js Arkenfox] (Highly recommended, well-known)&lt;br /&gt;
# [https://raw.githubusercontent.com/pyllyukko/user.js/master/user.js Pyllyukko] (Security focused)&lt;br /&gt;
# [https://git.nixnet.services/Narsil/desktop_user.js/raw/branch/master/user.js Narsil&#039;s user.js] (Privacy focused) (I use this one)&lt;br /&gt;
# [https://codeberg.org/polarhive/vulpes Vulpes]&lt;br /&gt;
# [https://git.nixnet.services/Narsil/palemoon_user.js Narsil&#039;s user.js for Pale Moon] (Privacy focused)&lt;br /&gt;
# [https://git.sr.ht/~krathalan/firefox-complement krathalan config]&lt;br /&gt;
# [https://github.com/simeononsecurity/FireFox-Privacy-Script simeononsec FireFox Script]&lt;br /&gt;
# [https://vermaden.wordpress.com/2024/03/18/sensible-firefox-setup/ vermaden&#039;s Sensible Setup]&lt;br /&gt;
&lt;br /&gt;
== Extensions &amp;amp; Add-ons ==&lt;br /&gt;
&lt;br /&gt;
* &#039;&#039;&#039;ximatrix&#039;&#039;&#039;: A Firefox extension similar to uMatrix capable of blocking inline scripts and advanced requests. [https://github.com/xi/xiMatrix Source code available here]. &lt;br /&gt;
** &#039;&#039;Alternative:&#039;&#039; [https://gitler.moe/Wrongthink/paraMatrix paraMatrix] (a fork of ximatrix).&lt;br /&gt;
* &#039;&#039;&#039;Chrome Extensions on Firefox&#039;&#039;&#039;: Firefox has introduced capabilities for importing Chrome extensions. [https://news.slashdot.org/story/23/08/24/2233242/firefox-users-may-import-chrome-extensions-now Read the Slashdot coverage].&lt;br /&gt;
* &#039;&#039;&#039;Extension Restrictions&#039;&#039;&#039;: Mozilla occasionally restricts add-ons on specific domains. To disable these restrictions and allow uBlock Origin to operate aggressively everywhere, read [https://12bytes.org/tech/mozilla-wants-more-control-over-your-add-ons/ 12bytes&#039; analysis] and their [https://12bytes.org/ublock-origin-suggested-settings/ uBlock suggested settings].&lt;br /&gt;
&lt;br /&gt;
== Browser UI &amp;amp; Maintenance Tweaks ==&lt;br /&gt;
&lt;br /&gt;
* &#039;&#039;&#039;Verify Database Integrity&#039;&#039;&#039;: Navigate to &amp;lt;code&amp;gt;about:support&amp;lt;/code&amp;gt; -&amp;gt; Scroll down to &#039;&#039;&#039;Places Database&#039;&#039;&#039; -&amp;gt; Click &#039;&#039;&#039;Verify Integrity&#039;&#039;&#039;.&lt;br /&gt;
* &#039;&#039;&#039;Turn Off Firefox Sidebar&#039;&#039;&#039;: [https://utcc.utoronto.ca/~cks/space/blog/web/FirefoxPdfViewerSidebarOff Guide to disabling the PDF viewer sidebar].&lt;br /&gt;
* &#039;&#039;&#039;Disable Firefox Translator&#039;&#039;&#039;: [https://xnacly.me/posts/2023/disable-firefox-translation/ Guide to disabling built-in local translation].&lt;br /&gt;
* &#039;&#039;&#039;Block Pop-Ups&#039;&#039;&#039;: [https://support.mozilla.org/bm/questions/1369602 Mozilla Support thread on native pop-up blocking].&lt;br /&gt;
* &#039;&#039;&#039;GeckoView Config&#039;&#039;&#039;: You can access deeper settings via [chrome://geckoview/content/config.xhtml chrome://geckoview/content/config.xhtml].&lt;br /&gt;
&lt;br /&gt;
=== Custom GUI Settings ===&lt;br /&gt;
Navigate to the standard Firefox Settings (&amp;lt;code&amp;gt;about:preferences&amp;lt;/code&amp;gt;) to adjust the following:&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;General&#039;&#039;&#039;&lt;br /&gt;
* &#039;&#039;&#039;Tabs:&#039;&#039;&#039; Enable &#039;&#039;Open links in tabs instead of new windows&#039;&#039;. Disable &#039;&#039;Show an image preview when you hover on a tab&#039;&#039; and &#039;&#039;Enable link previews&#039;&#039;.&lt;br /&gt;
* &#039;&#039;&#039;Fonts:&#039;&#039;&#039; Uncheck &#039;&#039;Allow pages to choose their own fonts, instead of your selections above&#039;&#039;.&lt;br /&gt;
* &#039;&#039;&#039;Language:&#039;&#039;&#039; Set to English (US). Enable &#039;&#039;Request English versions of web pages for enhanced privacy&#039;&#039;. Disable &#039;&#039;Enable full page translations&#039;&#039;.&lt;br /&gt;
* &#039;&#039;&#039;Typing:&#039;&#039;&#039; Disable &#039;&#039;Check your spelling as you type&#039;&#039;.&lt;br /&gt;
* &#039;&#039;&#039;Browsing &amp;amp; Media:&#039;&#039;&#039; Disable &#039;&#039;Enable picture-in-picture video controls&#039;&#039; and &#039;&#039;Control media via keyboard, headset, or virtual interface&#039;&#039;.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Home&#039;&#039;&#039;&lt;br /&gt;
* &#039;&#039;&#039;New Windows and Tabs:&#039;&#039;&#039; Set both &#039;&#039;Homepage and new windows&#039;&#039; and &#039;&#039;New tabs&#039;&#039; to &#039;&#039;&#039;Blank Page&#039;&#039;&#039;.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Search&#039;&#039;&#039;&lt;br /&gt;
* &#039;&#039;&#039;Default Search Engine:&#039;&#039;&#039; Switch to a privacy-respecting alternative like &amp;lt;code&amp;gt;lite.duckduckgo.com&amp;lt;/code&amp;gt;, or your own self-hosted &#039;&#039;&#039;SearXNG&#039;&#039;&#039; or &#039;&#039;&#039;4get&#039;&#039;&#039; instance.&lt;br /&gt;
* &#039;&#039;&#039;Search Suggestions:&#039;&#039;&#039; Disable &#039;&#039;Show search suggestions&#039;&#039;.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Privacy &amp;amp; Security&#039;&#039;&#039;&lt;br /&gt;
* &#039;&#039;&#039;Tracking Protection:&#039;&#039;&#039; Set Enhanced Tracking Protection to &#039;&#039;&#039;Strict&#039;&#039;&#039; (disable &#039;&#039;Fix major site issues&#039;&#039; if opting for absolute strictness without exceptions).&lt;br /&gt;
* &#039;&#039;&#039;Global Privacy Control:&#039;&#039;&#039; Enable &#039;&#039;Tell websites not to sell or share my data&#039;&#039;.&lt;br /&gt;
** &#039;&#039;Note:&#039;&#039; You can also explicitly enable the Do Not Track header by setting &amp;lt;code&amp;gt;privacy.donottrackheader.enabled&amp;lt;/code&amp;gt; to &amp;lt;code&amp;gt;true&amp;lt;/code&amp;gt; via the hidden &amp;lt;code&amp;gt;about:config&amp;lt;/code&amp;gt; entry.&lt;br /&gt;
* &#039;&#039;&#039;Cookies and Site Data:&#039;&#039;&#039; Enable &#039;&#039;Delete cookies and site data when Firefox is closed&#039;&#039;.&lt;br /&gt;
* &#039;&#039;&#039;Logins and Passwords:&#039;&#039;&#039; Disable saving passwords, payments, and addresses.&lt;br /&gt;
* &#039;&#039;&#039;History:&#039;&#039;&#039; Set to &#039;&#039;Use custom settings for history&#039;&#039; and enable &#039;&#039;Clear history when Firefox closes&#039;&#039;.&lt;br /&gt;
* &#039;&#039;&#039;Permissions:&#039;&#039;&#039; Disallow all requests (Location, Camera, Microphone, Notifications, etc.). Enable &#039;&#039;Block pop-up windows&#039;&#039; and &#039;&#039;Warn you when websites try to install add-ons&#039;&#039;.&lt;br /&gt;
* &#039;&#039;&#039;Data Collection and Use:&#039;&#039;&#039; Disallow/uncheck all telemetry and data collection options.&lt;br /&gt;
* &#039;&#039;&#039;Security:&#039;&#039;&#039; Enable &#039;&#039;HTTPS-Only Mode in all windows&#039;&#039;.&lt;br /&gt;
* &#039;&#039;&#039;DNS over HTTPS:&#039;&#039;&#039; Set to &#039;&#039;&#039;Max Protection&#039;&#039;&#039; and select a privacy-friendly provider.&lt;br /&gt;
&lt;br /&gt;
== Comprehensive Hardening Guides &amp;amp; Reading ==&lt;br /&gt;
&lt;br /&gt;
* [https://github.com/awesome-windows11/firefox Awesome Firefox]&lt;br /&gt;
* [https://github.com/JArmandoG/Firefox-Hardening JArmandoG&#039;s Firefox Hardening Guide]&lt;br /&gt;
* [https://github.com/drduh/macOS-Security-and-Privacy-Guide#browser drduh&#039;s macOS Browser Privacy Guide]&lt;br /&gt;
* [https://sunknudsen.com/privacy-guides sunknudsen&#039;s Privacy Guides]&lt;br /&gt;
* [https://wrongthink.link/posts/hardened-web-browser/ Wrongthink: Hardened Web Browser]&lt;br /&gt;
* [https://unixsheikh.com/articles/choose-your-browser-carefully.html#tweaking-firefox Unixsheikh: Tweaking Firefox]&lt;br /&gt;
* [https://spyware.neocities.org/guides/firefox Spyware Watchdog: Firefox Mitigation]&lt;br /&gt;
* [https://fingerprint.com/blog/browser-anti-fingerprinting-techniques/ Fingerprint.com: Browser Anti-Fingerprinting Techniques]&lt;br /&gt;
* [https://gist.github.com/atcuno/3425484ac5cce5298932 atcuno&#039;s Privacy Guide] (Outdated but helpful concepts)&lt;br /&gt;
* [https://github.com/CISOfy/privacy-guide/blob/master/browser-security.md CISOfy Browser Security Guide]&lt;br /&gt;
* [http://kb.mozillazine.org/Category:Firefox MozillaZine Firefox Wiki]&lt;br /&gt;
&lt;br /&gt;
[[Category:Hardening]]&lt;br /&gt;
[[Category:Web browsers]]&lt;br /&gt;
[[Category:Privacy]]&lt;br /&gt;
[[Category:Security]]&lt;/div&gt;</summary>
		<author><name>Admin</name></author>
	</entry>
	<entry>
		<id>https://wiki.n216.dedyn.io/index.php?title=My_Firefox_Settings&amp;diff=55</id>
		<title>My Firefox Settings</title>
		<link rel="alternate" type="text/html" href="https://wiki.n216.dedyn.io/index.php?title=My_Firefox_Settings&amp;diff=55"/>
		<updated>2026-05-18T10:54:28Z</updated>

		<summary type="html">&lt;p&gt;Admin: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&amp;lt;blockquote&amp;gt;&#039;&#039;&#039;Note:&#039;&#039;&#039; This article is imported from an old note-taking app and may be outdated.&amp;lt;/blockquote&amp;gt;&lt;br /&gt;
&lt;br /&gt;
== Core Modifications &amp;amp; Bloatware Removal ==&lt;br /&gt;
&lt;br /&gt;
Some guides, such as the [https://spyware.neocities.org/guides/firefox Spyware Watchdog Mitigation Guide], recommend deleting default plugins bundled within the Firefox directory that may introduce privacy concerns or act as bloatware.&lt;br /&gt;
&lt;br /&gt;
Navigate to your Firefox features directory and remove unnecessary add-ons:&lt;br /&gt;
&amp;lt;syntaxhighlight lang=&amp;quot;bash&amp;quot;&amp;gt;&lt;br /&gt;
cd /usr/lib/firefox/browser/features&lt;br /&gt;
doas rm *.xpi&lt;br /&gt;
&amp;lt;/syntaxhighlight&amp;gt;&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;List of bundled plugins commonly removed:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;code&amp;gt;firefox@getpocket.com.xpi&amp;lt;/code&amp;gt; — Pocket&lt;br /&gt;
* &amp;lt;code&amp;gt;followonsearch@mozilla.com.xpi&amp;lt;/code&amp;gt; — Follow-On Search&lt;br /&gt;
* &amp;lt;code&amp;gt;activity-stream@mozilla.org.xpi&amp;lt;/code&amp;gt; — Activity Stream&lt;br /&gt;
* &amp;lt;code&amp;gt;screenshots@mozilla.org.xpi&amp;lt;/code&amp;gt; — Screenshots&lt;br /&gt;
* &amp;lt;code&amp;gt;onboarding@mozilla.org.xpi&amp;lt;/code&amp;gt; — Onboarding&lt;br /&gt;
* &amp;lt;code&amp;gt;formautofill@mozilla.org.xpi&amp;lt;/code&amp;gt; — Autofill&lt;br /&gt;
* &amp;lt;code&amp;gt;webcompat@mozilla.org.xpi&amp;lt;/code&amp;gt; — Web Compatibility Reporter&lt;br /&gt;
&lt;br /&gt;
== Configuration Tweaks (about:config) (if user.js does not cover them) ==&lt;br /&gt;
&lt;br /&gt;
=== Privacy, Security &amp;amp; Networking ===&lt;br /&gt;
; &amp;lt;code&amp;gt;accessibility.blockautorefresh&amp;lt;/code&amp;gt; : Set to &amp;lt;code&amp;gt;true&amp;lt;/code&amp;gt; to disable forced redirections. Combining this with disabled CSS and JS yields raw, unmangled result links. [https://pedantic.software/fxc/blog/why_there_is_no_css_on_my_website.html (via Pedantic Software)]&lt;br /&gt;
; &amp;lt;code&amp;gt;browser.sessionstore.interval&amp;lt;/code&amp;gt; : Set to a very high value to reduce disk writes and SessionStore tracking.&lt;br /&gt;
&lt;br /&gt;
=== Additional Hardening Actions ===&lt;br /&gt;
* &#039;&#039;&#039;Disable Firefox SessionStore&#039;&#039;&#039;: Search for &amp;lt;code&amp;gt;browser.sessionstore&amp;lt;/code&amp;gt; in &amp;lt;code&amp;gt;about:config&amp;lt;/code&amp;gt; and disable relevant telemetry/saving mechanisms.&lt;br /&gt;
* &#039;&#039;&#039;Disable CSS Visited Links&#039;&#039;&#039;: Mitigates history-sniffing vulnerabilities. [https://www.reddit.com/r/privacy/comments/15fddo0/retrieving_your_browsing_history_through_a/juf5br1/ Read the Reddit discussion here.]&lt;br /&gt;
&lt;br /&gt;
== User.js Templates &amp;amp; Generators ==&lt;br /&gt;
&lt;br /&gt;
Instead of manually configuring &amp;lt;code&amp;gt;about:config&amp;lt;/code&amp;gt;, you can use pre-configured &amp;lt;code&amp;gt;user.js&amp;lt;/code&amp;gt; files.&lt;br /&gt;
&lt;br /&gt;
TODO: Add information about how to set up user.js here.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Generators:&#039;&#039;&#039;&lt;br /&gt;
* [https://ffprofile.com ffprofile.com] — Interactive &amp;lt;code&amp;gt;user.js&amp;lt;/code&amp;gt; generator.&lt;br /&gt;
** &#039;&#039;Note on User-Agent Spoofing:&#039;&#039; While you can spoof your user-agent to a more common one (e.g., Chrome), doing so on Firefox can actually make your browser fingerprint [https://deviceinfo.me more unique] ([https://www.billdietrich.me/ComputerPrivacy.html alternative tools list]). Because Firefox&#039;s engine behaves differently than Chromium, mismatched engine/user-agent data is easily detectable. For common agents, see [https://techblog.willshouse.com/2012/01/03/most-common-user-agents/ Willhouse] or [https://www.whatismybrowser.com/guides/the-latest-user-agent/chrome WhatIsMyBrowser].&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Popular Pre-configured Templates:&#039;&#039;&#039;&lt;br /&gt;
# [https://github.com/arkenfox/user.js/raw/master/user.js Arkenfox] (Highly recommended, well-known)&lt;br /&gt;
# [https://raw.githubusercontent.com/pyllyukko/user.js/master/user.js Pyllyukko] (Security focused)&lt;br /&gt;
# [https://git.nixnet.services/Narsil/desktop_user.js/raw/branch/master/user.js Narsil&#039;s user.js] (Privacy focused) (I use this one)&lt;br /&gt;
# [https://codeberg.org/polarhive/vulpes Vulpes]&lt;br /&gt;
# [https://git.nixnet.services/Narsil/palemoon_user.js Narsil&#039;s user.js for Pale Moon] (Privacy focused)&lt;br /&gt;
# [https://git.sr.ht/~krathalan/firefox-complement krathalan config]&lt;br /&gt;
# [https://github.com/simeononsecurity/FireFox-Privacy-Script simeononsec FireFox Script]&lt;br /&gt;
# [https://vermaden.wordpress.com/2024/03/18/sensible-firefox-setup/ vermaden&#039;s Sensible Setup]&lt;br /&gt;
&lt;br /&gt;
== Extensions &amp;amp; Add-ons ==&lt;br /&gt;
&lt;br /&gt;
* &#039;&#039;&#039;ximatrix&#039;&#039;&#039;: A Firefox extension similar to uMatrix capable of blocking inline scripts and advanced requests. [https://github.com/xi/xiMatrix Source code available here]. &lt;br /&gt;
** &#039;&#039;Alternative:&#039;&#039; [https://gitler.moe/Wrongthink/paraMatrix paraMatrix] (a fork of ximatrix).&lt;br /&gt;
* &#039;&#039;&#039;Chrome Extensions on Firefox&#039;&#039;&#039;: Firefox has introduced capabilities for importing Chrome extensions. [https://news.slashdot.org/story/23/08/24/2233242/firefox-users-may-import-chrome-extensions-now Read the Slashdot coverage].&lt;br /&gt;
* &#039;&#039;&#039;Extension Restrictions&#039;&#039;&#039;: Mozilla occasionally restricts add-ons on specific domains. To disable these restrictions and allow uBlock Origin to operate aggressively everywhere, read [https://12bytes.org/tech/mozilla-wants-more-control-over-your-add-ons/ 12bytes&#039; analysis] and their [https://12bytes.org/ublock-origin-suggested-settings/ uBlock suggested settings].&lt;br /&gt;
&lt;br /&gt;
== Browser UI &amp;amp; Maintenance Tweaks ==&lt;br /&gt;
&lt;br /&gt;
* &#039;&#039;&#039;Verify Database Integrity&#039;&#039;&#039;: Navigate to &amp;lt;code&amp;gt;about:support&amp;lt;/code&amp;gt; -&amp;gt; Scroll down to &#039;&#039;&#039;Places Database&#039;&#039;&#039; -&amp;gt; Click &#039;&#039;&#039;Verify Integrity&#039;&#039;&#039;.&lt;br /&gt;
* &#039;&#039;&#039;Turn Off Firefox Sidebar&#039;&#039;&#039;: [https://utcc.utoronto.ca/~cks/space/blog/web/FirefoxPdfViewerSidebarOff Guide to disabling the PDF viewer sidebar].&lt;br /&gt;
* &#039;&#039;&#039;Disable Firefox Translator&#039;&#039;&#039;: [https://xnacly.me/posts/2023/disable-firefox-translation/ Guide to disabling built-in local translation].&lt;br /&gt;
* &#039;&#039;&#039;Block Pop-Ups&#039;&#039;&#039;: [https://support.mozilla.org/bm/questions/1369602 Mozilla Support thread on native pop-up blocking].&lt;br /&gt;
* &#039;&#039;&#039;GeckoView Config&#039;&#039;&#039;: You can access deeper settings via [chrome://geckoview/content/config.xhtml chrome://geckoview/content/config.xhtml].&lt;br /&gt;
TODO update this part with my settings My settings are&lt;br /&gt;
&lt;br /&gt;
Going to settings and.&lt;br /&gt;
&lt;br /&gt;
General:&lt;br /&gt;
&lt;br /&gt;
Open links in tabs instead of new windows -&amp;gt; enabled&lt;br /&gt;
&lt;br /&gt;
Show an image preview when you hover on a tab -&amp;gt; disabled&lt;br /&gt;
&lt;br /&gt;
Fonts -&amp;gt; Allow pages to choose their own fonts instead of your selections above -&amp;gt; disabled&lt;br /&gt;
&lt;br /&gt;
Language -&amp;gt; English US&lt;br /&gt;
&lt;br /&gt;
Webpage language -&amp;gt; Request English versions of web pages for enhanced privacy -&amp;gt; True&lt;br /&gt;
&lt;br /&gt;
Enable full page translations -&amp;gt; disabled&lt;br /&gt;
&lt;br /&gt;
Check spelling as you type -&amp;gt; false&lt;br /&gt;
&lt;br /&gt;
Enable PiP video controls -&amp;gt; false&lt;br /&gt;
&lt;br /&gt;
control media via keyboard headset or virtual interface -&amp;gt; false&lt;br /&gt;
&lt;br /&gt;
enable link previews -&amp;gt; disabled&lt;br /&gt;
&lt;br /&gt;
Home:&lt;br /&gt;
&lt;br /&gt;
Homepage and new windows -&amp;gt; blank page&lt;br /&gt;
&lt;br /&gt;
new tabs -&amp;gt; blank page&lt;br /&gt;
&lt;br /&gt;
Search:&lt;br /&gt;
&lt;br /&gt;
Switch to a better search engine (lite.duckduckgo.com or my own searxng and 4get instances)&lt;br /&gt;
&lt;br /&gt;
Show search suggestions -&amp;gt; disabled&lt;br /&gt;
&lt;br /&gt;
Privacy and Security:&lt;br /&gt;
&lt;br /&gt;
Strict tracking protection -&amp;gt; fix major site issues -&amp;gt; disabled&lt;br /&gt;
&lt;br /&gt;
Tell websites to not to sell or share my data -&amp;gt; enabled (enabled DNT too by using the secret about config entry)&lt;br /&gt;
&lt;br /&gt;
Clear cookies and site data every time you close firefox -&amp;gt; true&lt;br /&gt;
&lt;br /&gt;
do not save passwords, payment, address&lt;br /&gt;
&lt;br /&gt;
clear history when firefox closes -&amp;gt; true&lt;br /&gt;
&lt;br /&gt;
permissions -&amp;gt; disallow everything&lt;br /&gt;
&lt;br /&gt;
block popups and 3rd party redirect -&amp;gt; true&lt;br /&gt;
&lt;br /&gt;
warn if websites install extensions -&amp;gt; true&lt;br /&gt;
&lt;br /&gt;
data collection -&amp;gt; disallow everything&lt;br /&gt;
&lt;br /&gt;
https only mode -&amp;gt; enable&lt;br /&gt;
&lt;br /&gt;
dns over https -&amp;gt; max protection with a privacy friendly provider&lt;br /&gt;
&lt;br /&gt;
== Comprehensive Hardening Guides &amp;amp; Reading ==&lt;br /&gt;
&lt;br /&gt;
* [https://github.com/awesome-windows11/firefox Awesome Firefox]&lt;br /&gt;
* [https://github.com/JArmandoG/Firefox-Hardening JArmandoG&#039;s Firefox Hardening Guide]&lt;br /&gt;
* [https://github.com/drduh/macOS-Security-and-Privacy-Guide#browser drduh&#039;s macOS Browser Privacy Guide]&lt;br /&gt;
* [https://sunknudsen.com/privacy-guides sunknudsen&#039;s Privacy Guides]&lt;br /&gt;
* [https://wrongthink.link/posts/hardened-web-browser/ Wrongthink: Hardened Web Browser]&lt;br /&gt;
* [https://unixsheikh.com/articles/choose-your-browser-carefully.html#tweaking-firefox Unixsheikh: Tweaking Firefox]&lt;br /&gt;
* [https://spyware.neocities.org/guides/firefox Spyware Watchdog: Firefox Mitigation]&lt;br /&gt;
* [https://fingerprint.com/blog/browser-anti-fingerprinting-techniques/ Fingerprint.com: Browser Anti-Fingerprinting Techniques]&lt;br /&gt;
* [https://gist.github.com/atcuno/3425484ac5cce5298932 atcuno&#039;s Privacy Guide] (Outdated but helpful concepts)&lt;br /&gt;
* [https://github.com/CISOfy/privacy-guide/blob/master/browser-security.md CISOfy Browser Security Guide]&lt;br /&gt;
* [http://kb.mozillazine.org/Category:Firefox MozillaZine Firefox Wiki]&lt;br /&gt;
&lt;br /&gt;
[[Category:Hardening]]&lt;br /&gt;
[[Category:Web browsers]]&lt;br /&gt;
[[Category:Privacy]]&lt;br /&gt;
[[Category:Security]]&lt;/div&gt;</summary>
		<author><name>Admin</name></author>
	</entry>
	<entry>
		<id>https://wiki.n216.dedyn.io/index.php?title=The_Offline-First_Mobile_Setup&amp;diff=54</id>
		<title>The Offline-First Mobile Setup</title>
		<link rel="alternate" type="text/html" href="https://wiki.n216.dedyn.io/index.php?title=The_Offline-First_Mobile_Setup&amp;diff=54"/>
		<updated>2026-05-18T10:39:15Z</updated>

		<summary type="html">&lt;p&gt;Admin: /* What do you need from a phone? */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== Offline-First Emergency and Private Phone Setup ==&lt;br /&gt;
Most of the tracking by companies are done using online connections. So the fastest and easiest way to prevent that is to take your phone into airplane mode, assuming your phone manufacturer didn&#039;t put any backdoors in airplane mode function (they probably did, but it is still a valuable feature).&lt;br /&gt;
&lt;br /&gt;
If you have root, you can use a feature of [https://github.com/ukanth/afwall AFWall+] to prevent apps from accessing internet without having to give VPN slot to it or its alternatives. Alternatively you can use root to remove the internet permission from apps. Some ROMs like [https://www.mi.com/global/hyperos/ HyperOS] (aka MIUI) and [https://grapheneos.org/ Graphene OS] allows you to do this without having root. It also reduces mobile data usage and cost.&lt;br /&gt;
&lt;br /&gt;
The second use case for going offline-first is being able to use your phone in an emergency when internet services are not available (examples include earthquakes and regular service disruptions an ISP/GSM can have).&lt;br /&gt;
&lt;br /&gt;
Third use case is you are guaranteeing being able to access what is necessary for you in a censorship situation. What you already downloaded can not be deleted remotely in most cases (there was a case when Huawei phones deleted photos from peoples gallery to censor info related to protests).&lt;br /&gt;
&lt;br /&gt;
=== What do you need from a phone? ===&lt;br /&gt;
Put your phone away and think what will you miss first if it didn&#039;t even existed. Here is a table of what I thought and solutions I found:&lt;br /&gt;
{| class=&amp;quot;wikitable sortable&amp;quot;&lt;br /&gt;
|+&lt;br /&gt;
!What do I need?&lt;br /&gt;
!Description and Solution&lt;br /&gt;
!Download Link&lt;br /&gt;
|-&lt;br /&gt;
|Being able to research information&lt;br /&gt;
|Internet is a valuable research tool. We will download the information before requiring it to solve this issue. Download [https://kiwix.org/en/download/ Kiwix] in your phone. Then download sources which you think it will be useful. My recommendations are:&lt;br /&gt;
&lt;br /&gt;
* Wikipedia: Try to download the largest edition of Wikipedia from the list. It will cost a lot of storage. But it worths it since you can use it as a dictionary too. You can download Wiktionary too if you want a separate dictionary.&lt;br /&gt;
* Gutenberg Project: Collection of books in a single file.&lt;br /&gt;
* Stack Overflow/Stack Exchange collection: If you have a computer you need to fix, consider adding them to help you.&lt;br /&gt;
* Arch/Alpine/Gentoo Wiki: Specialized wikis when you need Linux manuals.&lt;br /&gt;
* iFixit: Hardware repair guides.&lt;br /&gt;
* Xkcd: Nerdy comics.&lt;br /&gt;
&lt;br /&gt;
This should cover most needs. You can always download more resources afterward.&lt;br /&gt;
&lt;br /&gt;
If you want to have a separate dictionary app, consider installing [https://github.com/itkach/aard2-android Aard2] or [https://github.com/rdoeffinger/Dictionary QuickDic]. They are faster for day to day use.&lt;br /&gt;
&lt;br /&gt;
You may want to download [https://linuxcommandlibrary.com/ Linux Command Library] app to look up useful commands faster.&lt;br /&gt;
&lt;br /&gt;
There is a dedicated app called [https://f-droid.org/en/packages/de.naturalnet.mirwtfapp/ WTF] for checking abbreviations meaning.&lt;br /&gt;
|&lt;br /&gt;
* [https://kiwix.org/en/download/ Kiwix]&lt;br /&gt;
* [https://github.com/itkach/aard2-android Aard2]&lt;br /&gt;
* [https://github.com/rdoeffinger/Dictionary QuickDic]&lt;br /&gt;
* [https://linuxcommandlibrary.com/ Linux Command Library]&lt;br /&gt;
* [https://f-droid.org/en/packages/de.naturalnet.mirwtfapp/ WTF]&lt;br /&gt;
|-&lt;br /&gt;
|Communication&lt;br /&gt;
|Phones original reason to exist. Connecting people. &lt;br /&gt;
You can use [https://briarproject.org/ Briar] to send messages without requiring internet, but you will need to convince other people to install it too. [https://briarproject.org/ Briar] can send messages using Wi-Fi, Bluetooth, and Tor (if you want internet as a fallback). If your city has many people using [https://briarproject.org/ Briar], the coverage, and range will be better.  &lt;br /&gt;
&lt;br /&gt;
Alternatively you can use [https://meshtastic.org/ Meshtastic] devices paired to your phone if there are volunteer-run [https://meshtastic.org/ Meshtastic] antennas near you. &lt;br /&gt;
&lt;br /&gt;
If you are not sure about coverage of [https://briarproject.org/ Briar]/[https://meshtastic.org/ Meshtastic] or just want a fallback, consider RCS or encrypted SMS. They are not the most secure or private methods. But as long as you have a signal they will work. DO NOT use SMS without encryption if you want contents of the message to be private. RCS sadly only works on proprietary messengers like [https://play.google.com/store/apps/details?id=com.google.android.apps.messaging Google Messages] or [https://play.google.com/store/apps/details?id=com.samsung.android.messaging Samsung Messages]. Encrypted SMS can be used by installing one of these apps (you will need to convince your contacts to install these apps too):&lt;br /&gt;
&lt;br /&gt;
* [https://dekusms.com/ DekuSMS]: E2EE for SMS messages. Needs Android 7 or later. Image sharing over SMS (not MMS)&lt;br /&gt;
* [https://f-droid.org/packages/org.smssecure.smssecure/ Silence]: Not updated anymore. Fork of an old [https://signal.org/ Signal] version. E2EE SMS. Supports SMS over VoWiFi. Android 6 or later. Latest version is crashing so download an older build.&lt;br /&gt;
* [https://github.com/amnesica/KryptEY KryptEY]: If any of these apps don&#039;t work for you, there is [https://github.com/amnesica/KryptEY KryptEY]. It is an innovative app that can turn any chat app into an E2EE one by auto encrypting/decrypting messages and being your secondary keyboard. Uses [https://signal.org/ Signal] encryption too. Switching between keyboards may be exhausting for your contacts so choose if there are no other options.&lt;br /&gt;
|&lt;br /&gt;
* [https://briarproject.org/ Briar]&lt;br /&gt;
* [https://meshtastic.org/ Meshtastic]&lt;br /&gt;
* [https://play.google.com/store/apps/details?id=com.google.android.apps.messaging Google Messages]&lt;br /&gt;
* [https://play.google.com/store/apps/details?id=com.samsung.android.messaging Samsung Messages]&lt;br /&gt;
* [https://dekusms.com/ DekuSMS]&lt;br /&gt;
* [https://f-droid.org/packages/org.smssecure.smssecure/ Silence]&lt;br /&gt;
* [https://github.com/amnesica/KryptEY KryptEY]&lt;br /&gt;
* [https://signal.org/ Signal]&lt;br /&gt;
|-&lt;br /&gt;
|Navigation&lt;br /&gt;
|Being able to navigate without doxxing yourself to GSM towers is important. This means your location will be known by one less entity. Also do not trust coverage of your GSM, it can just fail (only trust it as a fallback). Use [https://www.comaps.app/ CoMaps] (fork of [https://organicmaps.app/ Organic Maps]) or [https://osmand.net/ OsmAnd+] and download maps for your city and other places you can be in. [https://www.comaps.app/ CoMaps] doesn&#039;t have bus routes support still AFAIK, so I keep both apps installed just in case. If you need a nice UI and bus support, you can try using [https://maps.me/ MAPS.ME], but it is proprietary.&lt;br /&gt;
|&lt;br /&gt;
* [https://www.comaps.app/ CoMaps]&lt;br /&gt;
* [https://organicmaps.app/ Organic Maps]&lt;br /&gt;
* [https://osmand.net/ OsmAnd+]&lt;br /&gt;
* [https://maps.me/ MAPS.ME]&lt;br /&gt;
|-&lt;br /&gt;
|Using LLMs (maybe)&lt;br /&gt;
|If your phone has a powerful CPU and plenty of RAM you can try running LLMs on it. It can be sometimes faster to ask an LLM instead of searching inside archives. The con here being heavy battery usage and risk of hallucination by LLM software. Install [https://github.com/Mobile-Artificial-Intelligence/maid Maid] app.&lt;br /&gt;
|&lt;br /&gt;
* [https://github.com/Mobile-Artificial-Intelligence/maid Maid]&lt;br /&gt;
|-&lt;br /&gt;
|Translation&lt;br /&gt;
|Translators are useful especially between English and your main tongue. You can use [https://github.com/DavidVentura/offline-translator Offline Translator]. It is not the best, but it will do the job. &lt;br /&gt;
You can still use [https://translate.google.com/ Google Translate] / [https://translate.yandex.com/ Yandex Translate] offline translation feature, but they are proprietary.&lt;br /&gt;
|&lt;br /&gt;
* [https://github.com/DavidVentura/offline-translator Offline Translator]&lt;br /&gt;
* [https://translate.google.com/ Google Translate]&lt;br /&gt;
* [https://translate.yandex.com/ Yandex Translate]&lt;br /&gt;
|-&lt;br /&gt;
|Entertainment&lt;br /&gt;
|I use [https://gitlab.com/proninyaroslav/libretorrent LibreTorrent] to download movies into my phone for later viewing. If there are no torrents for them, I use [https://play.google.com/store/apps/details?id=idm.internet.download.manager 1DM] (proprietary) to scrape movie websites. &lt;br /&gt;
For games, I have [https://www.retroarch.com/ RetroArch] with several game packs installed for several emulators. You can download other games like [https://f-droid.org/packages/org.petero.droidfish/ Droid Fish] (Chess Engine) and [https://www.luanti.org/ Luanti] too. I try to choose sandbox or board games since they are replayable anytime.&lt;br /&gt;
&lt;br /&gt;
You may download news articles that interests you to read. I was using [https://github.com/Livinglist/Hacki Hacki] (Hacker News client) to download tech related news and read when I need to pass time outside. Most RSS readers (I recommend [https://f-droid.org/packages/com.nononsenseapps.feeder/ Feeder] and [https://github.com/readrops/Readrops Readrops]) allow you to read articles offline and then sync read status with your computers.&lt;br /&gt;
&lt;br /&gt;
You can use your phone as an e-book reader too. I was using [https://koreader.rocks/ KOReader] and [https://play.google.com/store/apps/details?id=org.readera ReadEra] (proprietary) to read my e-books.&lt;br /&gt;
&lt;br /&gt;
Download local music onto your phone. So you can listen anytime. [https://music.youtube.com/ YouTube Music] (proprietary) has a feature called “Smart Downloads” that automatically downloads songs you may like. [https://github.com/knighthat/Kreate Kreate] caches the songs you have listened to for offline listening. But the best method is just downloading songs using tools like [https://lucida.to/ Lucida] or [https://squid.wtf/ Squid WTF] into your phone. You can use [https://newpipe.net/ NewPipe] or [https://github.com/deniscerri/ytdlnis YTDLnis]/[https://github.com/JunkFood02/Seal Seal] to download songs from YouTube. Then install a player like [https://www.videolan.org/vlc/download-android.html VLC] to listen to them. Other proprietary apps like [https://open.spotify.com/ Spotify] can remove songs from your device if you connect to their servers at any time for copyright and other purposes.&lt;br /&gt;
&lt;br /&gt;
Download podcasts that interest you. [https://antennapod.org/ AntennaPod] has a feature that can auto-download content when they are available.&lt;br /&gt;
|&lt;br /&gt;
* [https://gitlab.com/proninyaroslav/libretorrent LibreTorrent]&lt;br /&gt;
* [https://play.google.com/store/apps/details?id=idm.internet.download.manager 1DM]&lt;br /&gt;
* [https://www.retroarch.com/ RetroArch]&lt;br /&gt;
* [https://f-droid.org/packages/org.petero.droidfish/ Droid Fish]&lt;br /&gt;
* [https://www.luanti.org/ Luanti]&lt;br /&gt;
* [https://github.com/Livinglist/Hacki Hacki]&lt;br /&gt;
* [https://f-droid.org/packages/com.nononsenseapps.feeder/ Feeder]&lt;br /&gt;
* [https://github.com/readrops/Readrops Readrops]&lt;br /&gt;
* [https://koreader.rocks/ KOReader]&lt;br /&gt;
* [https://play.google.com/store/apps/details?id=org.readera ReadEra]&lt;br /&gt;
* [https://music.youtube.com/ YouTube Music]&lt;br /&gt;
* [https://github.com/knighthat/Kreate Kreate]&lt;br /&gt;
* [https://lucida.to/ Lucida]&lt;br /&gt;
* [https://squid.wtf/ Squid WTF]&lt;br /&gt;
* [https://newpipe.net/ NewPipe]&lt;br /&gt;
* [https://github.com/deniscerri/ytdlnis YTDLnis]&lt;br /&gt;
* [https://github.com/JunkFood02/Seal Seal]&lt;br /&gt;
* [https://www.videolan.org/vlc/download-android.html VLC]&lt;br /&gt;
* [https://open.spotify.com/ Spotify]&lt;br /&gt;
* [https://antennapod.org/ AntennaPod]&lt;br /&gt;
|-&lt;br /&gt;
|General Real Life Helpers&lt;br /&gt;
|You can download the multipurpose [https://kylecorry.com/Trail-Sense/ Trail Sense] app. It has features you will need when outside. Compass, turning paper maps into digital ones with GPS, checking whatever a surface is really flat, convert between units, metal detector, mirror mode (so you do not take accidental selfies), save the path you walked, ruler, QR scanner, white noise and more. It has a built-in survival guide too for emergencies.&lt;br /&gt;
There is an app similar to [https://kylecorry.com/Trail-Sense/ Trail Sense] called [https://phyphox.org/ Phyphox]. It is mostly intended for science experiments. It allows you to use your phone sensors to measure anything your phone supports.&lt;br /&gt;
&lt;br /&gt;
The other useful app is [https://github.com/ligi/SurvivalManual Survival Manual]. The name explains all.&lt;br /&gt;
&lt;br /&gt;
Also, there are many apps that extend the core features of a phone. [https://f-droid.org/en/packages/org.woheller69.arity/ Arity calculator] has a 3D graph feature which might be useful for visualizing data. Some calculator apps offer currency conversion even when you are offline by caching up-to-date indexes automatically. &lt;br /&gt;
&lt;br /&gt;
Another thing you may need is an app that shows you Wi-Fi passwords of nearby shops and buildings. Unfortunately all Wi-Fi password apps are proprietary and may not include up-to-date passwords. &lt;br /&gt;
|&lt;br /&gt;
* [https://kylecorry.com/Trail-Sense/ Trail Sense]&lt;br /&gt;
* [https://phyphox.org/ Phyphox]&lt;br /&gt;
* [https://github.com/ligi/SurvivalManual Survival Manual]&lt;br /&gt;
* [https://f-droid.org/en/packages/org.woheller69.arity/ Arity calculator]&lt;br /&gt;
|-&lt;br /&gt;
|Memory Helpers&lt;br /&gt;
|A note-taking app and a password manager is very helpful outside. For noting I use [https://github.com/quillpad/quillpad Quill Pad]. For passwords, I use [https://www.keepassdx.com/ KeepassDX]. You can prefer [https://bitwarden.com/ Bitwarden] for easier sync. They should be able to run offline and sync only when you connect to a network.&lt;br /&gt;
|&lt;br /&gt;
* [https://github.com/quillpad/quillpad Quill Pad]&lt;br /&gt;
* [https://www.keepassdx.com/ KeepassDX]&lt;br /&gt;
* [https://bitwarden.com/ Bitwarden]&lt;br /&gt;
|-&lt;br /&gt;
|Wallet App&lt;br /&gt;
|You can use [https://apt.izzysoft.de/fdroid/index/apk/com.akylas.cardwallet OSS Card Wallet] to remember your card details even if you don&#039;t have them outside.&lt;br /&gt;
|&lt;br /&gt;
* [https://apt.izzysoft.de/fdroid/index/apk/com.akylas.cardwallet OSS Card Wallet]&lt;br /&gt;
|-&lt;br /&gt;
|File transfer&lt;br /&gt;
|Consider installing [https://localsend.org/ Local Send] to you and your friends phones. So you can transfer files easily if you are on same Wi-Fi network (you can always use your hotspot too).&lt;br /&gt;
|&lt;br /&gt;
* [https://localsend.org/ Local Send]&lt;br /&gt;
|}&lt;/div&gt;</summary>
		<author><name>Admin</name></author>
	</entry>
	<entry>
		<id>https://wiki.n216.dedyn.io/index.php?title=Minecraft_Setup&amp;diff=53</id>
		<title>Minecraft Setup</title>
		<link rel="alternate" type="text/html" href="https://wiki.n216.dedyn.io/index.php?title=Minecraft_Setup&amp;diff=53"/>
		<updated>2026-05-18T10:33:29Z</updated>

		<summary type="html">&lt;p&gt;Admin: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== Installing and Optimizing Minecraft 1.8 (and later versions) ==&lt;br /&gt;
[[File:PrismLauncher.png|thumb|339x339px|Screenshot of the Prism Launcher]]&lt;br /&gt;
&lt;br /&gt;
Firstly, do not use the [https://www.minecraft.net/en-us/download official client]. It is harder to manage your mod packs that way. Instead, use something like &#039;&#039;&#039;[https://prismlauncher.org/ Prism Launcher]&#039;&#039;&#039; or its forks that pop up occasionally that bypasses the account checks and allows you to use 3rd party skin providers. The most recent one I know is &#039;&#039;&#039;[https://github.com/FreesmTeam/FreesmLauncher Freesm Launcher]&#039;&#039;&#039;.&lt;br /&gt;
&lt;br /&gt;
&amp;lt;pre&amp;gt;sudo pacman -S prismlauncher&amp;lt;/pre&amp;gt;&lt;br /&gt;
&lt;br /&gt;
After you set up the launcher, you need to create an instance. I prefer &#039;&#039;&#039;[https://www.minecraft.net/en-us Minecraft]&#039;&#039;&#039; 1.8 for casual play because it is simpler. I like playing multiplayer on PVP servers. After choosing the version, select &#039;&#039;&#039;[https://files.minecraftforge.net/ Forge]&#039;&#039;&#039; in mod loader section. You might have luck with &#039;&#039;&#039;[https://neoforged.net/ NeoForge]&#039;&#039;&#039; (the Forge fork) but they mentioned they might be removing backwards compatibility with Forge.&amp;lt;ref&amp;gt;NeoForge actively maintained backwards compatibility with Forge solely for Minecraft 1.20.1. From 1.20.2 onward, they introduced breaking changes to the API, essentially dropping direct drop-in compatibility. Source: [https://neoforged.net/news/26.1release/ NeoForge Release Notes]&amp;lt;/ref&amp;gt; If you are going to play recent versions of the game (anything that is &amp;gt;=1.14) prefer the &#039;&#039;&#039;[https://fabricmc.net/ Fabric]&#039;&#039;&#039; mod loader and the &#039;&#039;&#039;[https://modrinth.com/modpack/fabulously-optimized Fabulously Optimized]&#039;&#039;&#039; mod pack which handles most optimizations we are going to do by itself. Try to pick the latest version on &#039;&#039;&#039;[https://www.lwjgl.org/ LWJGL]&#039;&#039;&#039; stuff if it asks.&lt;br /&gt;
&lt;br /&gt;
After being sure the game launches correctly, it is time to optimize it further. Firstly try to install &#039;&#039;&#039;[https://www.azul.com/downloads/?package=jre#zulu Zulu Java]&#039;&#039;&#039;. It is a modified version of Java from a company called Azul.&amp;lt;ref&amp;gt;Azul Zulu builds of OpenJDK are certified, open source, and 100% compliant Java Development Kit (JDK) and Java Runtime Environment (JRE) implementations optimized for performance. Source: [https://www.azul.com/downloads/?package=jre#zulu Azul Zulu Downloads]&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
&amp;lt;pre&amp;gt;paru -S zulu-8-bin&amp;lt;/pre&amp;gt;&lt;br /&gt;
&lt;br /&gt;
After that give the game more RAM and try using different Java command line arguments. [https://birdflop.com/resources/flags/ Here] is a command line argument generator with most widely used settings by others. Install and enable &#039;&#039;&#039;[https://wiki.archlinux.org/title/GameMode Game Mode]&#039;&#039;&#039;. It makes your OS prioritize Minecraft instead of other software that may not need immediate processing power.&amp;lt;ref&amp;gt;GameMode is a daemon/library combo for Linux that allows games to request a set of optimisations be temporarily applied to the host OS, such as adjusting the CPU governor, I/O priority, and kernel scheduler. Source: [https://github.com/FeralInteractive/gamemode Feral Interactive GameMode GitHub]&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
&amp;lt;pre&amp;gt;sudo pacman -S gamemode lib32-gamemode&amp;lt;/pre&amp;gt;&lt;br /&gt;
&lt;br /&gt;
Test if game launches with the new settings you did. If it does not work you can always check logs to see what is wrong. Then try to install these mods:&lt;br /&gt;
&lt;br /&gt;
{| class=&amp;quot;wikitable&amp;quot;&lt;br /&gt;
|-&lt;br /&gt;
! Mod Name !! Description&lt;br /&gt;
|-&lt;br /&gt;
| &#039;&#039;&#039;[https://optifine.net/ OptiFine]&#039;&#039;&#039; || The most essential mod you will need. It handles so many things I can&#039;t explain everything in this list.&lt;br /&gt;
|-&lt;br /&gt;
| &#039;&#039;&#039;[https://sk1er.club/ Patcher]&#039;&#039;&#039; || Closes the gap where OptiFine isn&#039;t enough. Like OptiFine, it has so many options. It brings another mod with itself called &#039;&#039;&#039;[https://essential.gg/ Essential]&#039;&#039;&#039;, but it is just bloat so you may need to disable it from its settings or set up the &#039;&#039;&#039;[https://modrinth.com/mod/notsoessential Not So Essential]&#039;&#039;&#039; mod.&lt;br /&gt;
|-&lt;br /&gt;
| &#039;&#039;&#039;[https://modrinth.com/mod/foamfix Foam Fix]&#039;&#039;&#039; || It fixes memory usage especially on mod packs with many mods.&lt;br /&gt;
|-&lt;br /&gt;
| &#039;&#039;&#039;[https://modrinth.com/mod/texfix Tex Fix]&#039;&#039;&#039; || It reduces the memory footprint of Minecraft textures.&lt;br /&gt;
|-&lt;br /&gt;
| &#039;&#039;&#039;[https://modrinth.com/mod/phosphorlegacyforge/ Phosphor Legacy]&#039;&#039;&#039; || Port of Phosphor from recent versions of the game to 1.8. It reduces the heavy load of lightning mechanics in the game.&lt;br /&gt;
|-&lt;br /&gt;
| &#039;&#039;&#039;[https://www.curseforge.com/minecraft/mc-mods/betterfps Better FPS]&#039;&#039;&#039; || The name already describes it.&lt;br /&gt;
|-&lt;br /&gt;
| &#039;&#039;&#039;[https://github.com/ghast/HitDelayFixMod/ HitDelayFix]&#039;&#039;&#039; || Fixes your hits not registering because of a 1.8 change. It may be counted as cheating in some servers so always check if it is allowed. (&#039;&#039;&#039;[https://www.lunarclient.com/ Lunar Client]&#039;&#039;&#039; enables it by default). The mod is kinda suspicious, so I can&#039;t guarantee the dev will not add malicious behavior to it in the future.&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
Read the descriptions of all mods from their official pages. Check their settings and modify it to your liking. Research about the decisions you can make. And after all of that, &#039;&#039;&#039;BACKUP YOUR CONFIGS&#039;&#039;&#039; to be able to move between setups easier.&lt;br /&gt;
&lt;br /&gt;
[[File:Official-Huahwi-PvP-Texture-Pack.webp|thumb|261x261px|Huahwi texture pack]]&lt;br /&gt;
&lt;br /&gt;
After setting up everything as you like. It is time to install a texture pack. Based on your use case there are many texture packs you can use. &lt;br /&gt;
&lt;br /&gt;
* &#039;&#039;&#039;[https://www.mediafire.com/file/7o9vft776n1jjv2/A+Huahwi+Pack+64x+%28HL+Ores%29.zip Huahwi Texture Pack]&#039;&#039;&#039;: One of the best and most nostalgic PVP packs to ever exist. It is my favorite.&lt;br /&gt;
* &#039;&#039;&#039;[https://faithfulpack.net/ Faithful 32x/64x]&#039;&#039;&#039;: Mostly suited for survival. It makes Minecraft&#039;s default look a bit better to look to.&lt;br /&gt;
* &#039;&#039;&#039;[https://modrinth.com/resourcepack/f8thful F8thful]&#039;&#039;&#039;: For potato PCs. You can combine it with 1×1 block texture packs if you want. Texture packs don&#039;t make a big difference in FPS, but you can try.&amp;lt;ref&amp;gt;Texture packs predominantly consume VRAM (Video RAM) rather than placing a direct computational load on the GPU core. As long as your graphics card has enough VRAM to load the textures without swapping to system memory, your framerate will remain largely unaffected. Source: [https://forum.feed-the-beast.com/threads/texture-packs-and-fps.13170/ Feed The Beast Forums - Texture Packs and FPS]&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
Now you are ready to play the game without any stuttering and better visuals. :D&lt;br /&gt;
&lt;br /&gt;
== References ==&lt;br /&gt;
&amp;lt;references /&amp;gt;&lt;/div&gt;</summary>
		<author><name>Admin</name></author>
	</entry>
	<entry>
		<id>https://wiki.n216.dedyn.io/index.php?title=How_to_bypass_ISP_censorship&amp;diff=52</id>
		<title>How to bypass ISP censorship</title>
		<link rel="alternate" type="text/html" href="https://wiki.n216.dedyn.io/index.php?title=How_to_bypass_ISP_censorship&amp;diff=52"/>
		<updated>2026-05-18T10:32:03Z</updated>

		<summary type="html">&lt;p&gt;Admin: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&#039;&#039;A curated list of tools, protocols, and technologies for bypassing internet blocks, inspired by [https://github.com/danoctavian/awesome-anti-censorship this] project.&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
This list focuses on tools and strategies designed to defeat active network-level filtering, such as Deep Packet Inspection (DPI), DNS blocking, and protocol-level blacklisting.&lt;br /&gt;
&lt;br /&gt;
__TOC__&lt;br /&gt;
&lt;br /&gt;
= How Online Content is Blocked =&lt;br /&gt;
Internet blocks are multi-layered systems and not simple on/off switches. Bypassing them is similar to a cat-and-mouse game.&lt;br /&gt;
&lt;br /&gt;
Filtering mechanisms primarily include:&lt;br /&gt;
&lt;br /&gt;
; DNS Filtering / Poisoning / Hijacking&lt;br /&gt;
: The censor intercepts requests to resolve a domain name and either returns no answer or a false IP address. This is the simplest and most common form of blocking, but also the easiest to bypass in some cases. To bypass it, a third party (not from your ISP) DNS server should be used with a DNS protocol supporting encryption like DNS over HTTPS. If blocks are still in place, your ISP may be using DPI.&lt;br /&gt;
; Deep Packet Inspection (DPI)&lt;br /&gt;
: This is a more advanced method. State-level “middle boxes” (like Russia&#039;s TSPU or China&#039;s Great Firewall (GFW)) actively inspect the content of unencrypted (or encrypted for their own certificate authority) traffic. For encrypted traffic, they inspect the “metadata,” such as the Server Name Indication (SNI) in a TLS handshake. The SNI field, which states the domain you are visiting, is unencrypted and provides a simple way for censors to identify and block HTTPS connections. However, even when SNI is encrypted or absent, advanced middle boxes can infer your destination through non-SNI leaks. They achieve this by analyzing TLS fingerprints (like JA4 signatures), monitoring packet sizes and timing patterns to profile websites. Even if a client successfully hides the destination domain during the initial handshake (for instance, by omitting the SNI), censors can simply look at the plaintext certificate returned by the server in some cases. In standard TLS connections below version 1.3, the server sends its X.509 certificate completely unencrypted. Censors intercepting this packet instantly know exactly which website you are communicating with. Bypassing this requires specialized programs. If blocks are still in place, your ISP may be using IP blacklisting.&lt;br /&gt;
; IP Blacklisting&lt;br /&gt;
: The censor blocks all network traffic to and from known IP addresses associated with a “forbidden” service (e.g., a VPN provider&#039;s servers or a specific website). Bypassing this is harder and requires connecting to a proxy/VPN server that doesn&#039;t have these restrictions. This can create a chicken-and-egg problem, like a proxy/VPN service being IP blocked but needing a proxy/VPN to bypass it.&lt;br /&gt;
; Protocol Filtering&lt;br /&gt;
: The DPI system is configured to identify and block the “fingerprints” of circumvention protocols themselves. Standard OpenVPN and WireGuard traffic is easily identifiable and is a primary target for blocking. Ports of commonly used protocols can be blocked too (e.g., port 51820 can be blocked to prevent a WireGuard connection if there are no alternative ports).&lt;br /&gt;
&lt;br /&gt;
The tools in this list are all solutions to one or more of these methods. They either:&lt;br /&gt;
# Manipulate packets at a low level to confuse the DPI,&lt;br /&gt;
# Obfuscate (disguise) traffic to look like something benign and unblockable (like standard web traffic), or&lt;br /&gt;
# Decentralize content, so there is no single server to block.&lt;br /&gt;
&lt;br /&gt;
= Censorship Measurement Tools =&lt;br /&gt;
This is a “meta” category. Before you can bypass censorship, you must prove it is happening and understand how. These tools are not for circumvention, but for detection. They are critical for activists, journalists, and researchers.&lt;br /&gt;
&lt;br /&gt;
== [https://ooni.org/ OONI Probe] ==&lt;br /&gt;
The Open Observatory of Network Interference. A free, open-source software and global network for measuring internet censorship. A project born out of The Tor Project, now an independent non-profit. Volunteers run the OONI Probe app on their mobile devices or computers from within 241 countries. The results are aggregated and published on the public OONI Explorer website. It is used to increase transparency, document censorship events globally, and provide hard, verifiable evidence of network interference and blocking.&lt;br /&gt;
&lt;br /&gt;
The app runs a series of tests to check for censorship:&lt;br /&gt;
* &#039;&#039;&#039;Web Connectivity:&#039;&#039;&#039; It tries to access a list of websites (including globally and locally sensitive ones) from the user&#039;s network and from a control network, then compares the results.&lt;br /&gt;
* &#039;&#039;&#039;App Blocking:&#039;&#039;&#039; It tests for blocks on specific apps like WhatsApp, Telegram, and Signal.&lt;br /&gt;
* &#039;&#039;&#039;Circumvention Tool Blocking:&#039;&#039;&#039; It tests if circumvention tools themselves (like Tor, Psiphon, and Lantern) are reachable.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Provides Hard Evidence:&#039;&#039;&#039;&amp;lt;/span&amp;gt; It is the best tool for scientifically proving how and what is being censored on a specific network.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Global &amp;amp; Open Data:&#039;&#039;&#039;&amp;lt;/span&amp;gt; All data is publicly available for analysis, which is an invaluable resource for researchers, journalists, and human rights organizations.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Easy to Use:&#039;&#039;&#039;&amp;lt;/span&amp;gt; The mobile app is simple for non-technical volunteers to run.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Potential Risk to User:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Running OONI Probe is not anonymous. Your ISP and any network monitor can see that you are running it. While OONI states the risk is “theoretical” and no user has faced consequences, this is a real risk in high-stakes environments.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Provocative Tests:&#039;&#039;&#039;&amp;lt;/span&amp;gt; The app intentionally tests “provocative or objectionable sites (e.g., pornography)”, which might be illegal to even attempt to access in some countries, regardless of intent.&lt;br /&gt;
&lt;br /&gt;
= TLDR: I need a tool now! What should I use? =&lt;br /&gt;
&#039;&#039;If you are in a risky situation, please do your research and do not trust any single source (including this one). These quick recommendations are for people with less sensitive threat models.&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
{| class=&amp;quot;wikitable&amp;quot;&lt;br /&gt;
|-&lt;br /&gt;
! Level !! Recommendation&lt;br /&gt;
|-&lt;br /&gt;
| &#039;&#039;&#039;Level 1&#039;&#039;&#039; || DNS over HTTPS (DNS over TLS can be blocked but it may be an easier solution if you use Android &amp;gt;9 since it is built-in) + Encrypted Client Hello (supported by most modern browsers)&lt;br /&gt;
|-&lt;br /&gt;
| &#039;&#039;&#039;Level 2&#039;&#039;&#039; || Level 1 + DPI bypassing (Zapret/GoodbyeDPI/DPI Tunnel v2/PowerTunnel)&lt;br /&gt;
|-&lt;br /&gt;
| &#039;&#039;&#039;Level 3&#039;&#039;&#039; || Level 2 + WireGuard (preferably with AmneziaWG protocol)&lt;br /&gt;
|-&lt;br /&gt;
| &#039;&#039;&#039;Level 4&#039;&#039;&#039; || Level 3 + tools similar to V2Ray or DNS tunneling (slow)&lt;br /&gt;
|-&lt;br /&gt;
| &#039;&#039;&#039;Level 5&#039;&#039;&#039; || &#039;&#039;&#039;Do Your Own Research If You Still Can&#039;t Connect to Websites&#039;&#039;&#039;&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
= Local DPI Bypass Tools =&lt;br /&gt;
This category of tools is fundamentally different from VPNs. They allow access to specific blocked services without the disruptive side effects of a VPN, such as changing your IP address. They also don&#039;t bypass IP blacklisting. &lt;br /&gt;
&lt;br /&gt;
These tools work by “desynchronizing” the censor&#039;s view of the network connection from the server&#039;s, causing the inspection to fail while allowing the real connection to proceed. They provide no extra encryption or anonymity; your ISP can still see what sites you are visiting, but their automated blocking mechanism is fooled.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/bol-van/zapret Zapret] ==&lt;br /&gt;
A stand-alone, high-performance DPI circumvention tool designed to “desynchronize” DPI systems by manipulating network packets at a low level. Zapret was created primarily to target the “Sovereign Internet” (RuNet) blocking system in Russia.&lt;br /&gt;
&lt;br /&gt;
Zapret is designed to run on a Linux-based gateway, such as a home router running OpenWrt or directly on a user&#039;s Linux desktop.&lt;br /&gt;
&lt;br /&gt;
Zapret uses low-level packet manipulation via components like &amp;lt;code&amp;gt;nfqws&amp;lt;/code&amp;gt; and &amp;lt;code&amp;gt;tpws&amp;lt;/code&amp;gt;. It employs a variety of “DPI desync” techniques, which can be configured by the user. These include sending fake packets (e.g., with the &amp;lt;code&amp;gt;--dpi-desync=fake&amp;lt;/code&amp;gt; parameter), fragmenting packets (&amp;lt;code&amp;gt;--dpi-desync=fakedsplit&amp;lt;/code&amp;gt;), and modifying packet checksums or TTLs to “fool” the inspection system (&amp;lt;code&amp;gt;--dpi-desync-fooling=badsum&amp;lt;/code&amp;gt;). The tool includes a &amp;lt;code&amp;gt;blockcheck.sh&amp;lt;/code&amp;gt; script that a user can run to test and identify the most effective desync parameters for their specific ISP.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;High Performance:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Adds negligible latency. Because it typically only manipulates the first few packets of a connection to break the DPI&#039;s state, it is significantly faster than a full tunnel.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;No IP Change:&#039;&#039;&#039;&amp;lt;/span&amp;gt; This is its most significant advantage. It does not change your public IP address, making it ideal for accessing local, geo-restricted services (like banking, streaming, or city services) that would be broken by a VPN. It also does not need to trust any third party servers.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Transparent:&#039;&#039;&#039;&amp;lt;/span&amp;gt; When installed on a router, it works transparently for all devices on the network (phones, computers, consoles) with no client-side software required.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Adaptive:&#039;&#039;&#039;&amp;lt;/span&amp;gt; It is highly configurable to adapt to the specific, evolving DPI strategies used by different ISPs and nation-states.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;No Extra Privacy or Anonymity:&#039;&#039;&#039;&amp;lt;/span&amp;gt; This is critical to understand. Zapret does not provide extra privacy or anonymity. Your ISP can still see which sites you are visiting; the tool just prevents the automated block to provide access.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Specific Use Case:&#039;&#039;&#039;&amp;lt;/span&amp;gt; It only defeats DPI. It does not bypass DNS-level blocking (it must be paired with an encrypted DNS service like DoH/DoT) or IP-address-level bans.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/ValdikSS/GoodbyeDPI Goodbye DPI] ==&lt;br /&gt;
A user-friendly DPI circumvention utility designed specifically for the Windows operating system. It runs on a user&#039;s local Windows PC (versions 7 through 11 are supported). It works by installing a Windows filter driver to intercept and modify packets as they leave the machine. It employs multiple methods simultaneously to be effective against a wide range of DPI systems. These methods include: TCP-level fragmentation, HTTP header manipulation (e.g., replacing Host with hoSt, or removing spaces), and sending fake packets with low TTLs to “poison” the DPI&#039;s state and cause it to fail. It also includes modes to redirect DNS requests to non-standard ports to bypass simple DNS poisoning.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Easy to Use:&#039;&#039;&#039;&amp;lt;/span&amp;gt; This is its primary advantage. It is ideal for non-technical Windows users. The most common use case involves just running a single &amp;lt;code&amp;gt;.cmd&amp;lt;/code&amp;gt; script.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;No IP Change:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Shares the same benefits as Zapret; it does not interfere with local, geo-restricted services. Also, no third party to trust.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Effective:&#039;&#039;&#039;&amp;lt;/span&amp;gt; It is designed to actively bypass both “Passive DPI” (which tries to “race” the real server with a fake reset packet) and “Active DPI” (which sits in-line and modifies traffic).&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;No Extra Privacy or Anonymity:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Like Zapret, this provides no extra encryption and is not a privacy tool. It is for access only.&lt;br /&gt;
&lt;br /&gt;
== Mobile DPI Bypass Tools ==&lt;br /&gt;
Stand-alone, open-source DPI circumvention tools exists on mobile devices too. They are mostly inspired by Zapret. The catch being not being capable as tools designed for computers. They mostly rely on 3 ways to see the packets. Having root, giving the VPN slot to the app, setting up a proxy inside your phone. You will usually have to set the bypass rules manually. Most popular ones are “DPI Tunnel v2”, “Bye DPI”, “Power Tunnel”. They don&#039;t increase battery usage that much compared to VPNs.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;High Performance:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Adds negligible latency. It is significantly faster than a full tunnel. &lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;No IP Change:&#039;&#039;&#039;&amp;lt;/span&amp;gt; It does not change your public IP address, making it ideal for accessing local, geo-restricted services (like banking, streaming, or city services) that would be broken by a VPN. It also does not need to trust any third party servers.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Easy to Use:&#039;&#039;&#039;&amp;lt;/span&amp;gt; After initial configuration, enabling or disabling is only one press.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;No Extra Privacy or Anonymity:&#039;&#039;&#039;&amp;lt;/span&amp;gt; These tools don&#039;t provide extra privacy or anonymity. Your ISP/GSM can still see which sites you are visiting; the tool just prevents the automated block to provide access.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Needs either root or a VPN slot:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Android only allows one active VPN slot at a time. If you are running a DPI bypass app, you cannot simultaneously run a standard VPN or a system-wide ad blocker without root.&lt;br /&gt;
&lt;br /&gt;
= Standard (Non-Obfuscated) Protocols =&lt;br /&gt;
This category includes the standard, “baseline” protocols for proxies and VPNs. These tools are not designed for censorship circumvention and are the primary targets for blocking. Their distinct protocol “fingerprints” make them easy for DPI systems to identify and filter. They are included here as a baseline to illustrate why the more advanced, obfuscated tools in the next section are necessary.&lt;br /&gt;
&lt;br /&gt;
== [https://www.wireguard.com/ WireGuard] ==&lt;br /&gt;
An extremely simple, fast, and modern VPN (Virtual Private Network) protocol. A modern protocol (initial release 2015) that is now part of the Linux kernel. Runs on client and server machines, supported natively or via apps on all major operating systems. It uses state-of-the-art cryptography and has a very small, auditable code base (under 4,000 lines of code). It operates over UDP.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Extremely Fast:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Significantly higher performance and lower latency compared to OpenVPN, due to its lightweight code and modern encryption.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Simple &amp;amp; Secure:&#039;&#039;&#039;&amp;lt;/span&amp;gt; A small code base makes it easier to audit and less susceptible to attack.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Quick Reconnects:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Connects and reconnects almost instantly, making it ideal for mobile devices switching between Wi-Fi and cellular data.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Easily Blocked:&#039;&#039;&#039;&amp;lt;/span&amp;gt; This is its key weakness for censorship. It has a distinct, recognizable protocol fingerprint. It is not designed to bypass DPI and is actively blocked in countries like China and Russia. Protocols like AmneziaWG (modified version of WireGuard designed to prevent DPI) should be used when possible.&lt;br /&gt;
&lt;br /&gt;
== [https://openvpn.net/ OpenVPN] ==&lt;br /&gt;
A mature, open-source, and highly configurable VPN protocol. First released in 2001, it has been the industry standard for over two decades. It uses a custom security protocol based on SSL/TLS. It can run over either TCP or UDP, which makes it flexible.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Mature:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Battle-tested and thoroughly audited for decades.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Flexible:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Can be configured to run over any port and use either TCP or UDP.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Easily Blocked:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Like WireGuard, its handshake is very distinct and easily identified and blocked by DPI systems.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Slow:&#039;&#039;&#039;&amp;lt;/span&amp;gt; It is much slower and has higher latency than WireGuard. Its code base is big (400,000+ lines).&lt;br /&gt;
&lt;br /&gt;
== [https://en.wikipedia.org/wiki/IKEv2 IKEv2/IPsec] ==&lt;br /&gt;
A secure, standards-based VPN protocol (Internet Key Exchange version 2). Developed by Microsoft and Cisco, and standardized by the IETF. Native to most modern operating systems. It is often used in self-hosted setups (like Algo).&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Native Support:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Supported “out of the box” by Windows, Android, macOS, and iOS.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Stable:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Very good at re-establishing a connection quickly when a network drops.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Easily Blocked:&#039;&#039;&#039;&amp;lt;/span&amp;gt; It is not a circumvention tool and is easily detected and blocked by DPI.&lt;br /&gt;
&lt;br /&gt;
== [https://en.wikipedia.org/wiki/SOCKS SOCKS] ==&lt;br /&gt;
A low-level proxy protocol that can route virtually any type of network traffic from any application (SOCKS5 since 1996). A client application sends traffic to a SOCKS5 server, which then forwards it to the final destination. It operates at Layer 5 (the Session Layer).&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Extremely Versatile:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Can handle any type of traffic, including web, P2P, gaming, and email.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not Encrypted:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Provides zero encryption by itself. All traffic is sent in the clear and is fully visible to an ISP.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Trivially Blocked:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Unencrypted, identifiable traffic is extremely easy for any DPI system to inspect and block.&lt;br /&gt;
&lt;br /&gt;
== [https://en.wikipedia.org/wiki/Proxy_server HTTP(S) Proxies / Web Proxies] ==&lt;br /&gt;
A basic, high-level proxy protocol designed exclusively for web (HTTP and HTTPS) traffic. Primarily used by web browsers. It operates at Layer 7 (the Application Layer).&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Simple:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Easy to set up and widely supported by all browsers.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Extremely Limited:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Only works for web traffic.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not Encrypted:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Provides no encryption for your connection to the proxy (when no HTTPS).&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not Anonymous:&#039;&#039;&#039;&amp;lt;/span&amp;gt; HTTP proxies typically add headers (like X-Forwarded-For) that identify the original user&#039;s IP address.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Trivially Blocked:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Very easy to detect and block.&lt;br /&gt;
&lt;br /&gt;
= Obfuscated Proxy Protocols &amp;amp; Platforms =&lt;br /&gt;
This category represents the “engine” for most modern, robust circumvention. The development of these protocols illustrates the “cat-and-mouse” arms race.&lt;br /&gt;
&lt;br /&gt;
# &#039;&#039;&#039;Phase 1 (Encrypt):&#039;&#039;&#039; Standard VPNs (OpenVPN, WireGuard) are encrypted but have obvious “fingerprints”.&lt;br /&gt;
# &#039;&#039;&#039;Phase 2 (Scramble):&#039;&#039;&#039; Tools like Shadowsocks and obfs4 encrypt and “scramble” traffic to look like “random” data.&lt;br /&gt;
# &#039;&#039;&#039;Phase 3 (Mimic):&#039;&#039;&#039; Tools like V2Ray (VLESS+TLS) and Trojan are designed to mimic standard, benign HTTPS traffic.&lt;br /&gt;
# &#039;&#039;&#039;Phase 4 (Be Indistinguishable):&#039;&#039;&#039; Tools like Naïve Proxy reuse the actual network stack from a real browser (Chrome) to be bit-for-bit indistinguishable.&lt;br /&gt;
&lt;br /&gt;
== [https://shadowsocks.org/ Shadow Socks] ==&lt;br /&gt;
A fast, encrypted SOCKS5 proxy. It is not a full VPN. Originally created in 2012 by “clowwindy” specifically to bypass the Great Firewall (GFW) of China. Its strength is its simplicity and its use of modern AEAD ciphers. It “disguises” traffic to look like HTTPS but does not explicitly mimic another protocol.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Fast and Lightweight:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Generally faster than full VPNs and complex multi-layered tools.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Selective:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Easy to configure which traffic goes through it (e.g., using a PAC file).&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Detectable by Advanced DPI:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Advanced DPI can detect Shadowsocks traffic through traffic analysis and active probing.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not a Full VPN:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Does not tunnel all system traffic by default, leading to potential “leaks”.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/v2fly/v2ray-core V2Ray] ==&lt;br /&gt;
A platform or framework for building proxies. It is not a single protocol, but a “box” that can manage multiple inbound and outbound protocols, transports, and advanced routing rules. By wrapping its proxy traffic inside Web Socket and TLS, it makes the traffic appear as standard, indistinguishable HTTPS traffic.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Extremely Flexible:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Can be configured to mimic HTTPS, run over Web Sockets, use QUIC, etc.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Resilient:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Its multiprotocol nature means it can be reconfigured if one method is blocked.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Advanced Routing:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Can selectively route traffic based on domain or IP.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Complex:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Requires understanding of its complex concepts of inbounds, outbounds, and transports.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Performance Overhead:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Layered encryption adds significant latency.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;VMess is Detectable:&#039;&#039;&#039;&amp;lt;/span&amp;gt; The original VMess protocol is now considered detectable by advanced GFW packet sniffing.&lt;br /&gt;
&lt;br /&gt;
=== V2Ray Protocols: VMess vs. VLESS ===&lt;br /&gt;
* &#039;&#039;&#039;VMess:&#039;&#039;&#039; The original, feature-rich protocol for V2Ray. It has its own built-in encryption and authentication methods. It is considered more “heavy” and less safe against modern GFW probing.&lt;br /&gt;
* &#039;&#039;&#039;VLESS:&#039;&#039;&#039; A newer, lightweight protocol. It removes VMess&#039;s built-in encryption layer and delegates security to the underlying transport layer, such as TLS. This simplifies the handshake, improves speed, and makes it more indistinguishable from a standard HTTPS website.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/XTLS/Xray-core X-ray] ==&lt;br /&gt;
A high-performance, open-source proxy platform and a fork of V2Ray. Developed by the XTLS community. Xray-core supports all of V2Ray&#039;s protocols and adds XTLS. XTLS is a “direct encryption” technology that avoids the performance-draining “TLS-in-TLS” problem, resulting in lower latency and higher speeds than VLESS+TLS.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Faster:&#039;&#039;&#039;&amp;lt;/span&amp;gt; X-ray with its XTLS protocol is generally considered faster and more efficient.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Backward Compatible:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Acts as a drop-in, enhanced replacement for V2Ray-core.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Advanced Protocols:&#039;&#039;&#039;&amp;lt;/span&amp;gt; VLESS and XTLS are highly effective at mimicking standard web traffic.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Complexity:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Inherits all of V2Ray&#039;s complexity.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Less Documentation:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Newer technology with poorer documentation than established setups.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/trojan-gfw/trojan Trojan] ==&lt;br /&gt;
A proxy protocol that is specifically designed to perfectly imitate a real HTTPS server. It runs on a server, binds to port 443, and simultaneously serves a real, working website. This makes it highly resistant to the “active probing” techniques.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Extremely Stealthy:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Mimics HTTPS perfectly and serves a real website as a disguise.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;High Performance:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Simpler protocol that uses TLS directly.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Requires a Domain Name:&#039;&#039;&#039;&amp;lt;/span&amp;gt; You must have a registered domain name and a valid SSL/TLS certificate.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Vulnerable to TLS-in-TLS Detection:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Censors have started detecting the “TLS-in-TLS” pattern.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/klzgrad/naiveproxy Naïve Proxy] ==&lt;br /&gt;
A proxy that re-uses the network stack from the Chromium browser to camouflage its traffic. A “Phase 4” tool. It uses HTTP/2 multiplexing, HTTP/2 traffic padding, and the exact TLS handshake of a real Chrome browser.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;The “Most” Stealthy:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Arguably the most advanced tool for defeating traffic analysis and fingerprinting.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;High Performance:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Leverages Chrome&#039;s high-performance HTTP/2 stack.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Complex:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Requires a Caddy server with a specific plugin, domain name, and TLS cert.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Still a Proxy:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Not a full system-wide VPN.&lt;br /&gt;
&lt;br /&gt;
= Self-Hosted VPN/Proxy Suites =&lt;br /&gt;
Instead of trusting a commercial VPN, these scripts automate the setup of a private server on a cloud provider.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/trailofbits/algo Algo] ==&lt;br /&gt;
A set of Ansible scripts that automates the deployment of a minimalist, secure personal VPN. Created by Trail of Bits. It installs WireGuard and IKEv2/IPsec, deliberately excluding obfuscation tools.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Secure by Default:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Uses modern, strong protocols with secure ciphers.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Minimalist:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Includes only the minimal software you need.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Clientless (IKEv2):&#039;&#039;&#039;&amp;lt;/span&amp;gt; Supported natively by most OS.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not for Censorship Bypass:&#039;&#039;&#039;&amp;lt;/span&amp;gt; WireGuard and IKEv2 are easily detected and blocked by DPI.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Security Vulnerabilities:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Theoretical risk of MitM if the VPS is compromised due to self-signed certs.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/StreisandEffect/streisand Streisand] ==&lt;br /&gt;
Automates the deployment of a full suite of anti-censorship tools (“kitchen sink” approach). Installs WireGuard, OpenVPN, Shadowsocks, Trojan, Tor bridges, and more.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Extremely Versatile:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Gives the user many options to try if one is blocked.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Designed for Censorship:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Specifically designed for circumvention.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;“Kitchen Sink” Risk:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Dramatically increases the potential attack surface.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Less Secure Defaults:&#039;&#039;&#039;&amp;lt;/span&amp;gt; More permissive defaults than Algo.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Outdated:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Did not get updated for a long time.&lt;br /&gt;
&lt;br /&gt;
= Anonymity Networks &amp;amp; Pluggable Transports =&lt;br /&gt;
Designed for anonymity. However, to be anonymous, you first must be able to connect.&lt;br /&gt;
&lt;br /&gt;
== [https://www.torproject.org/ Tor Project] ==&lt;br /&gt;
A free, open-source network and browser that provides anonymity by routing traffic through a three-layer “onion” of volunteer-run relays.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Strong Anonymity:&#039;&#039;&#039;&amp;lt;/span&amp;gt; The most-studied tool for public-internet anonymity.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Pluggable Transports:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Built-in system to bypass blocking.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Easy to Use:&#039;&#039;&#039;&amp;lt;/span&amp;gt; The Tor Browser is a simple, all-in-one application.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Very Slow:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Impractical for streaming or large downloads.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Blocked by Default:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Relay lists are public and easily blocked.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Stigma:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Can attract suspicion from ISPs or law enforcement.&lt;br /&gt;
&lt;br /&gt;
=== Tor Pluggable Transports (PTs) ===&lt;br /&gt;
; obfs4&lt;br /&gt;
: The modern “scrambler” (Phase 2). Makes Tor traffic “look random, like nothing”. Can be blocked by whitelists.&lt;br /&gt;
; meek&lt;br /&gt;
: The “domain fronting” transport (Phase 3). Makes Tor traffic look like it&#039;s going to a major CDN. Very slow and fragile; major providers blocked it.&lt;br /&gt;
; Web Tunnel&lt;br /&gt;
: A newer transport that masks Tor traffic as a standard HTTPS connection.&lt;br /&gt;
; Snowflake&lt;br /&gt;
: A peer-to-peer transport. Connects to ephemeral proxies run by volunteers in their web browsers.&lt;br /&gt;
&lt;br /&gt;
== I2P (Invisible Internet Project) ==&lt;br /&gt;
A decentralized, anonymous network layer. Uses “Garlic Routing” which bundles multiple messages together and sends them through unidirectional tunnels.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Excellent for Hidden Services:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Optimized for “eepsites”.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Decentralized &amp;amp; Resilient:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Distributed and P2P-friendly.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Harder Analysis:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Unidirectional tunnels make traffic analysis harder.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not for Public Web Access:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Relies on volunteer-run “out proxies” which are few and slow.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Slow:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Complex P2P routing.&lt;br /&gt;
&lt;br /&gt;
= Decentralized &amp;amp; Federated &amp;amp; P2P Networks =&lt;br /&gt;
Censorship-resistance-by-design. If there is no single server, there is no single point to block.&lt;br /&gt;
&lt;br /&gt;
== [https://github.com/HelloZeroNet/ZeroNet Zero Net] ==&lt;br /&gt;
A decentralized, peer-to-peer web-like network. Uses Bitcoin cryptography for identity and BitTorrent to distribute content.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Extremely Censorship-Resistant:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Cannot be taken down by DMCA or government order.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Zero Hosting Cost:&#039;&#039;&#039;&amp;lt;/span&amp;gt; The audience provides the infrastructure.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Works Offline:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Browse “seeded” sites without internet.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not Anonymous by Default:&#039;&#039;&#039;&amp;lt;/span&amp;gt; IP is visible to peers.&lt;br /&gt;
&lt;br /&gt;
== [[wikipedia:Hyphanet|Hypha net (formerly Freenet)]] ==&lt;br /&gt;
A decentralized, P2P network where all users contribute disk space and bandwidth. Content is retrieved by a key, not a location. Nodes do not know what content they are storing.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Anonymous by Design:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Anonymity built-in for publishers and consumers.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Deniable Storage:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Plausible deniability for hosts.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;“Forgets” Content:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Unpopular data is eventually dropped.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Static Content Only:&#039;&#039;&#039;&amp;lt;/span&amp;gt; No dynamic sites.&lt;br /&gt;
&lt;br /&gt;
== [https://ipfs.tech/ IPFS] ==&lt;br /&gt;
A decentralized, peer-to-peer protocol. Uses content-based addressing (CID) instead of location-based addressing.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Highly Censorship-Resistant:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Content itself cannot be blocked.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Data Integrity:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Cryptographic CIDs guarantee the exact file.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not Anonymous by Default:&#039;&#039;&#039;&amp;lt;/span&amp;gt; IP is visible.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Content is Not Permanent:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Files disappear if not “pinned”.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Censorable at the Gateway:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Public gateways can filter content.&lt;br /&gt;
&lt;br /&gt;
== Torrenting ==&lt;br /&gt;
Files are distributed across thousands of users&#039; computers. Extremely resilient against takedowns.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Distributed &amp;amp; Fast:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Speeds up as more people host.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;No Central Logs:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Makes surveillance resource-intensive.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not Anonymous by Default:&#039;&#039;&#039;&amp;lt;/span&amp;gt; IPs are public.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Stigma:&#039;&#039;&#039;&amp;lt;/span&amp;gt; ISPs actively throttle or block torrents.&lt;br /&gt;
&lt;br /&gt;
= Emerging Privacy Protocols (DNS/TLS) =&lt;br /&gt;
&lt;br /&gt;
== DNS-over-HTTPS (DoH) / DNS-over-TLS (DoT) / DNS Crypt ==&lt;br /&gt;
Protocols that encrypt DNS queries to prevent tracking and poisoning.&lt;br /&gt;
* &#039;&#039;&#039;DoT:&#039;&#039;&#039; Dedicated port 853.&lt;br /&gt;
* &#039;&#039;&#039;DoH:&#039;&#039;&#039; Uses port 443 (standard web traffic).&lt;br /&gt;
* &#039;&#039;&#039;DNS Crypt:&#039;&#039;&#039; Encrypts payloads using public keys.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Bypasses DNS Filtering:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Primary benefit.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Stealthy (DoH):&#039;&#039;&#039;&amp;lt;/span&amp;gt; Indistinguishable from HTTPS.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;DoT is Easily Blocked:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Port 853 can be blocked.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Does Not Bypass DPI:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Useless if SNI or IP is blocked.&lt;br /&gt;
&lt;br /&gt;
== Encrypted Client Hello (ECH) ==&lt;br /&gt;
A TLS 1.3 extension that encrypts the SNI, closing the metadata leak in HTTPS.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;PROs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Defeats SNI-Based DPI:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Makes this class of censorship obsolete.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:green&amp;quot;&amp;gt;&#039;&#039;&#039;Proactive &amp;amp; Native:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Protects all users by default when adopted.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;CONs:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Not Yet Standard:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Not universally deployed.&lt;br /&gt;
* &amp;lt;span style=&amp;quot;color:red&amp;quot;&amp;gt;&#039;&#039;&#039;Already Being Blocked:&#039;&#039;&#039;&amp;lt;/span&amp;gt; Russia blocks ECH directly; China blocks encrypted DNS to prevent ECH.&lt;br /&gt;
&lt;br /&gt;
= Other Workarounds =&lt;br /&gt;
; Privacy Frontends&lt;br /&gt;
: Proxy traffic to upstream services. Upstream doesn&#039;t see your IP, but usually limited to specific websites and can be unstable.&lt;br /&gt;
; Website Mirrors&lt;br /&gt;
: Viewing alternative hosted versions of sites. Only some content has mirrors.&lt;br /&gt;
; Federated Services&lt;br /&gt;
: Distributed alternatives to centralized platforms. Can leak metadata.&lt;br /&gt;
&lt;br /&gt;
= Do you need a VPN? =&lt;br /&gt;
If one or more of these are true, a VPN may be necessary:&lt;br /&gt;
* Connecting to untrusted hotspots.&lt;br /&gt;
* Untrusted websites (IP loggers).&lt;br /&gt;
* Geo-blocked regularly.&lt;br /&gt;
* ISP blocks content.&lt;br /&gt;
* Lack of trust in ISP.&lt;br /&gt;
* Need servers in specific countries.&lt;br /&gt;
* ISP throttling.&lt;br /&gt;
&lt;br /&gt;
= Inclusion Criteria =&lt;br /&gt;
* &#039;&#039;&#039;Source Availability:&#039;&#039;&#039; Open-source projects preferred.&lt;br /&gt;
* &#039;&#039;&#039;Security:&#039;&#039;&#039; Strong security practices, audited code.&lt;br /&gt;
* &#039;&#039;&#039;Community Support:&#039;&#039;&#039; Active forums and issue trackers.&lt;br /&gt;
* &#039;&#039;&#039;Cost-Effectiveness:&#039;&#039;&#039; Fits budget requirements.&lt;br /&gt;
* &#039;&#039;&#039;No Walled Gardens:&#039;&#039;&#039; Prefer self-hosted or alternative client capable software.&lt;br /&gt;
* &#039;&#039;&#039;Proven Track Record:&#039;&#039;&#039; Mature projects.&lt;br /&gt;
&lt;br /&gt;
= Tor vs. I2P Comparison =&lt;br /&gt;
&#039;&#039;This part of the guide is taken from the [https://geti2p.net/en/comparison/tor i2p projects comparison page].&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
{| class=&amp;quot;wikitable&amp;quot; style=&amp;quot;width:100%; vertical-align:top;&amp;quot;&lt;br /&gt;
|-&lt;br /&gt;
! Benefits of Tor over I2P !! Benefits of I2P over Tor&lt;br /&gt;
|- style=&amp;quot;vertical-align:top;&amp;quot;&lt;br /&gt;
|&lt;br /&gt;
* Much bigger user base; highly visible academic and hacker community support.&lt;br /&gt;
* Solved scaling issues I2P hasn&#039;t addressed.&lt;br /&gt;
* Significant funding and funded developers.&lt;br /&gt;
* More resistant to state-level blocking due to TLS transport layer and bridges.&lt;br /&gt;
* Designed and optimized for exit traffic (large number of exit nodes).&lt;br /&gt;
* Better documentation, formal papers, and translations.&lt;br /&gt;
* More efficient memory usage.&lt;br /&gt;
* Low bandwidth overhead for client nodes.&lt;br /&gt;
* Centralized control efficiently addresses Sybil attacks.&lt;br /&gt;
* High capacity core nodes provide higher throughput and lower latency.&lt;br /&gt;
* Written in C.&lt;br /&gt;
|&lt;br /&gt;
* Designed and optimized for hidden services, which are much faster than in Tor.&lt;br /&gt;
* Fully distributed and self-organizing.&lt;br /&gt;
* Peers selected by continuous profiling rather than trusted claims.&lt;br /&gt;
* Floodfill peers (&amp;quot;directory servers&amp;quot;) are untrusted and vary.&lt;br /&gt;
* Small enough that it hasn&#039;t been blocked or DOSed much.&lt;br /&gt;
* Peer-to-peer friendly.&lt;br /&gt;
* Packet switched instead of circuit switched (transparent load balancing, resilience via parallel tunnels).&lt;br /&gt;
* Unidirectional tunnels instead of bidirectional circuits (doubles nodes an attacker must compromise).&lt;br /&gt;
* Short-lived tunnels decrease active attack vectors compared to Tor circuits.&lt;br /&gt;
* Essentially all peers participate in routing.&lt;br /&gt;
* Written in Java.&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
= See also (Resources) =&lt;br /&gt;
* [[wikipedia:Internet_censorship_circumvention|Internet censorship circumvention: Wikipedia]]&lt;br /&gt;
* [https://github.com/bol-van/zapret Zapret Documentation]&lt;br /&gt;
* [https://github.com/ValdikSS/GoodbyeDPI Goodbye DPI GitHub]&lt;br /&gt;
* [https://shadowsocks.org/ Shadowsocks Official]&lt;br /&gt;
* [https://github.com/v2fly/v2ray-core V2Ray Core]&lt;br /&gt;
* [https://github.com/XTLS/Xray-core X-ray Core]&lt;br /&gt;
* [https://tb-manual.torproject.org/circumvention/ Tor Circumvention Manual]&lt;br /&gt;
* [https://geti2p.net/ I2P Anonymous Network]&lt;br /&gt;
* [https://ooni.org/ OONI Open Observatory of Network Interference]&lt;br /&gt;
&lt;br /&gt;
[[Category:Internet Censorship]]&lt;br /&gt;
[[Category:Privacy Software]]&lt;br /&gt;
[[Category:Circumvention]]&lt;/div&gt;</summary>
		<author><name>Admin</name></author>
	</entry>
	<entry>
		<id>https://wiki.n216.dedyn.io/index.php?title=My_Firefox_Settings&amp;diff=51</id>
		<title>My Firefox Settings</title>
		<link rel="alternate" type="text/html" href="https://wiki.n216.dedyn.io/index.php?title=My_Firefox_Settings&amp;diff=51"/>
		<updated>2026-05-17T21:04:49Z</updated>

		<summary type="html">&lt;p&gt;Admin: /* Privacy, Security &amp;amp; Networking */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&amp;lt;blockquote&amp;gt;&#039;&#039;&#039;Note:&#039;&#039;&#039; This article is imported from an old note-taking app and may be outdated.&amp;lt;/blockquote&amp;gt;&lt;br /&gt;
&lt;br /&gt;
== Core Modifications &amp;amp; Bloatware Removal ==&lt;br /&gt;
&lt;br /&gt;
Some guides, such as the [https://spyware.neocities.org/guides/firefox Spyware Watchdog Mitigation Guide], recommend deleting default plugins bundled within the Firefox directory that may introduce privacy concerns or act as bloatware.&lt;br /&gt;
&lt;br /&gt;
Navigate to your Firefox features directory and remove unnecessary add-ons:&lt;br /&gt;
&amp;lt;syntaxhighlight lang=&amp;quot;bash&amp;quot;&amp;gt;&lt;br /&gt;
cd /usr/lib/firefox/browser/features&lt;br /&gt;
doas rm *.xpi&lt;br /&gt;
&amp;lt;/syntaxhighlight&amp;gt;&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;List of bundled plugins commonly removed:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;code&amp;gt;firefox@getpocket.com.xpi&amp;lt;/code&amp;gt; — Pocket&lt;br /&gt;
* &amp;lt;code&amp;gt;followonsearch@mozilla.com.xpi&amp;lt;/code&amp;gt; — Follow-On Search&lt;br /&gt;
* &amp;lt;code&amp;gt;activity-stream@mozilla.org.xpi&amp;lt;/code&amp;gt; — Activity Stream&lt;br /&gt;
* &amp;lt;code&amp;gt;screenshots@mozilla.org.xpi&amp;lt;/code&amp;gt; — Screenshots&lt;br /&gt;
* &amp;lt;code&amp;gt;onboarding@mozilla.org.xpi&amp;lt;/code&amp;gt; — Onboarding&lt;br /&gt;
* &amp;lt;code&amp;gt;formautofill@mozilla.org.xpi&amp;lt;/code&amp;gt; — Autofill&lt;br /&gt;
* &amp;lt;code&amp;gt;webcompat@mozilla.org.xpi&amp;lt;/code&amp;gt; — Web Compatibility Reporter&lt;br /&gt;
&lt;br /&gt;
== Configuration Tweaks (about:config) (if user.js does not cover them) ==&lt;br /&gt;
&lt;br /&gt;
=== Privacy, Security &amp;amp; Networking ===&lt;br /&gt;
; &amp;lt;code&amp;gt;accessibility.blockautorefresh&amp;lt;/code&amp;gt; : Set to &amp;lt;code&amp;gt;true&amp;lt;/code&amp;gt; to disable forced redirections. Combining this with disabled CSS and JS yields raw, unmangled result links. [https://pedantic.software/fxc/blog/why_there_is_no_css_on_my_website.html (via Pedantic Software)]&lt;br /&gt;
; &amp;lt;code&amp;gt;browser.sessionstore.interval&amp;lt;/code&amp;gt; : Set to a very high value to reduce disk writes and SessionStore tracking.&lt;br /&gt;
&lt;br /&gt;
=== Additional Hardening Actions ===&lt;br /&gt;
* &#039;&#039;&#039;Disable Firefox SessionStore&#039;&#039;&#039;: Search for &amp;lt;code&amp;gt;browser.sessionstore&amp;lt;/code&amp;gt; in &amp;lt;code&amp;gt;about:config&amp;lt;/code&amp;gt; and disable relevant telemetry/saving mechanisms.&lt;br /&gt;
* &#039;&#039;&#039;Disable CSS Visited Links&#039;&#039;&#039;: Mitigates history-sniffing vulnerabilities. [https://www.reddit.com/r/privacy/comments/15fddo0/retrieving_your_browsing_history_through_a/juf5br1/ Read the Reddit discussion here.]&lt;br /&gt;
&lt;br /&gt;
== User.js Templates &amp;amp; Generators ==&lt;br /&gt;
&lt;br /&gt;
Instead of manually configuring &amp;lt;code&amp;gt;about:config&amp;lt;/code&amp;gt;, you can use pre-configured &amp;lt;code&amp;gt;user.js&amp;lt;/code&amp;gt; files.&lt;br /&gt;
&lt;br /&gt;
TODO: Add information about how to set up user.js here.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Generators:&#039;&#039;&#039;&lt;br /&gt;
* [https://ffprofile.com ffprofile.com] — Interactive &amp;lt;code&amp;gt;user.js&amp;lt;/code&amp;gt; generator.&lt;br /&gt;
** &#039;&#039;Note on User-Agent Spoofing:&#039;&#039; While you can spoof your user-agent to a more common one (e.g., Chrome), doing so on Firefox can actually make your browser fingerprint [https://deviceinfo.me more unique] ([https://www.billdietrich.me/ComputerPrivacy.html alternative tools list]). Because Firefox&#039;s engine behaves differently than Chromium, mismatched engine/user-agent data is easily detectable. For common agents, see [https://techblog.willshouse.com/2012/01/03/most-common-user-agents/ Willhouse] or [https://www.whatismybrowser.com/guides/the-latest-user-agent/chrome WhatIsMyBrowser].&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Popular Pre-configured Templates:&#039;&#039;&#039;&lt;br /&gt;
# [https://github.com/arkenfox/user.js/raw/master/user.js Arkenfox] (Highly recommended, well-known)&lt;br /&gt;
# [https://raw.githubusercontent.com/pyllyukko/user.js/master/user.js Pyllyukko] (Security focused)&lt;br /&gt;
# [https://git.nixnet.services/Narsil/desktop_user.js/raw/branch/master/user.js Narsil&#039;s user.js] (Privacy focused) (I use this one)&lt;br /&gt;
# [https://codeberg.org/polarhive/vulpes Vulpes]&lt;br /&gt;
# [https://git.nixnet.services/Narsil/palemoon_user.js Narsil&#039;s user.js for Pale Moon] (Privacy focused)&lt;br /&gt;
# [https://git.sr.ht/~krathalan/firefox-complement krathalan config]&lt;br /&gt;
# [https://github.com/simeononsecurity/FireFox-Privacy-Script simeononsec FireFox Script]&lt;br /&gt;
# [https://vermaden.wordpress.com/2024/03/18/sensible-firefox-setup/ vermaden&#039;s Sensible Setup]&lt;br /&gt;
&lt;br /&gt;
== Extensions &amp;amp; Add-ons ==&lt;br /&gt;
&lt;br /&gt;
* &#039;&#039;&#039;ximatrix&#039;&#039;&#039;: A Firefox extension similar to uMatrix capable of blocking inline scripts and advanced requests. [https://github.com/xi/xiMatrix Source code available here]. &lt;br /&gt;
** &#039;&#039;Alternative:&#039;&#039; [https://gitler.moe/Wrongthink/paraMatrix paraMatrix] (a fork of ximatrix).&lt;br /&gt;
* &#039;&#039;&#039;Chrome Extensions on Firefox&#039;&#039;&#039;: Firefox has introduced capabilities for importing Chrome extensions. [https://news.slashdot.org/story/23/08/24/2233242/firefox-users-may-import-chrome-extensions-now Read the Slashdot coverage].&lt;br /&gt;
* &#039;&#039;&#039;Extension Restrictions&#039;&#039;&#039;: Mozilla occasionally restricts add-ons on specific domains. To disable these restrictions and allow uBlock Origin to operate aggressively everywhere, read [https://12bytes.org/tech/mozilla-wants-more-control-over-your-add-ons/ 12bytes&#039; analysis] and their [https://12bytes.org/ublock-origin-suggested-settings/ uBlock suggested settings].&lt;br /&gt;
&lt;br /&gt;
== Browser UI &amp;amp; Maintenance Tweaks ==&lt;br /&gt;
&lt;br /&gt;
* &#039;&#039;&#039;Verify Database Integrity&#039;&#039;&#039;: Navigate to &amp;lt;code&amp;gt;about:support&amp;lt;/code&amp;gt; -&amp;gt; Scroll down to &#039;&#039;&#039;Places Database&#039;&#039;&#039; -&amp;gt; Click &#039;&#039;&#039;Verify Integrity&#039;&#039;&#039;.&lt;br /&gt;
* &#039;&#039;&#039;Turn Off Firefox Sidebar&#039;&#039;&#039;: [https://utcc.utoronto.ca/~cks/space/blog/web/FirefoxPdfViewerSidebarOff Guide to disabling the PDF viewer sidebar].&lt;br /&gt;
* &#039;&#039;&#039;Disable Firefox Translator&#039;&#039;&#039;: [https://xnacly.me/posts/2023/disable-firefox-translation/ Guide to disabling built-in local translation].&lt;br /&gt;
* &#039;&#039;&#039;Block Pop-Ups&#039;&#039;&#039;: [https://support.mozilla.org/bm/questions/1369602 Mozilla Support thread on native pop-up blocking].&lt;br /&gt;
* &#039;&#039;&#039;GeckoView Config&#039;&#039;&#039;: You can access deeper settings via [chrome://geckoview/content/config.xhtml chrome://geckoview/content/config.xhtml].&lt;br /&gt;
TODO update this part with my settings&lt;br /&gt;
&lt;br /&gt;
== Comprehensive Hardening Guides &amp;amp; Reading ==&lt;br /&gt;
&lt;br /&gt;
* [https://github.com/awesome-windows11/firefox Awesome Firefox]&lt;br /&gt;
* [https://github.com/JArmandoG/Firefox-Hardening JArmandoG&#039;s Firefox Hardening Guide]&lt;br /&gt;
* [https://github.com/drduh/macOS-Security-and-Privacy-Guide#browser drduh&#039;s macOS Browser Privacy Guide]&lt;br /&gt;
* [https://sunknudsen.com/privacy-guides sunknudsen&#039;s Privacy Guides]&lt;br /&gt;
* [https://wrongthink.link/posts/hardened-web-browser/ Wrongthink: Hardened Web Browser]&lt;br /&gt;
* [https://unixsheikh.com/articles/choose-your-browser-carefully.html#tweaking-firefox Unixsheikh: Tweaking Firefox]&lt;br /&gt;
* [https://spyware.neocities.org/guides/firefox Spyware Watchdog: Firefox Mitigation]&lt;br /&gt;
* [https://fingerprint.com/blog/browser-anti-fingerprinting-techniques/ Fingerprint.com: Browser Anti-Fingerprinting Techniques]&lt;br /&gt;
* [https://gist.github.com/atcuno/3425484ac5cce5298932 atcuno&#039;s Privacy Guide] (Outdated but helpful concepts)&lt;br /&gt;
* [https://github.com/CISOfy/privacy-guide/blob/master/browser-security.md CISOfy Browser Security Guide]&lt;br /&gt;
* [http://kb.mozillazine.org/Category:Firefox MozillaZine Firefox Wiki]&lt;br /&gt;
&lt;br /&gt;
[[Category:Hardening]]&lt;br /&gt;
[[Category:Web browsers]]&lt;br /&gt;
[[Category:Privacy]]&lt;br /&gt;
[[Category:Security]]&lt;/div&gt;</summary>
		<author><name>Admin</name></author>
	</entry>
	<entry>
		<id>https://wiki.n216.dedyn.io/index.php?title=My_Firefox_Settings&amp;diff=50</id>
		<title>My Firefox Settings</title>
		<link rel="alternate" type="text/html" href="https://wiki.n216.dedyn.io/index.php?title=My_Firefox_Settings&amp;diff=50"/>
		<updated>2026-05-17T20:55:59Z</updated>

		<summary type="html">&lt;p&gt;Admin: /* Privacy, Security &amp;amp; Networking */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&amp;lt;blockquote&amp;gt;&#039;&#039;&#039;Note:&#039;&#039;&#039; This article is imported from an old note-taking app and may be outdated.&amp;lt;/blockquote&amp;gt;&lt;br /&gt;
&lt;br /&gt;
== Core Modifications &amp;amp; Bloatware Removal ==&lt;br /&gt;
&lt;br /&gt;
Some guides, such as the [https://spyware.neocities.org/guides/firefox Spyware Watchdog Mitigation Guide], recommend deleting default plugins bundled within the Firefox directory that may introduce privacy concerns or act as bloatware.&lt;br /&gt;
&lt;br /&gt;
Navigate to your Firefox features directory and remove unnecessary add-ons:&lt;br /&gt;
&amp;lt;syntaxhighlight lang=&amp;quot;bash&amp;quot;&amp;gt;&lt;br /&gt;
cd /usr/lib/firefox/browser/features&lt;br /&gt;
doas rm *.xpi&lt;br /&gt;
&amp;lt;/syntaxhighlight&amp;gt;&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;List of bundled plugins commonly removed:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;code&amp;gt;firefox@getpocket.com.xpi&amp;lt;/code&amp;gt; — Pocket&lt;br /&gt;
* &amp;lt;code&amp;gt;followonsearch@mozilla.com.xpi&amp;lt;/code&amp;gt; — Follow-On Search&lt;br /&gt;
* &amp;lt;code&amp;gt;activity-stream@mozilla.org.xpi&amp;lt;/code&amp;gt; — Activity Stream&lt;br /&gt;
* &amp;lt;code&amp;gt;screenshots@mozilla.org.xpi&amp;lt;/code&amp;gt; — Screenshots&lt;br /&gt;
* &amp;lt;code&amp;gt;onboarding@mozilla.org.xpi&amp;lt;/code&amp;gt; — Onboarding&lt;br /&gt;
* &amp;lt;code&amp;gt;formautofill@mozilla.org.xpi&amp;lt;/code&amp;gt; — Autofill&lt;br /&gt;
* &amp;lt;code&amp;gt;webcompat@mozilla.org.xpi&amp;lt;/code&amp;gt; — Web Compatibility Reporter&lt;br /&gt;
&lt;br /&gt;
== Configuration Tweaks (about:config) (if user.js does not cover them) ==&lt;br /&gt;
&lt;br /&gt;
=== Privacy, Security &amp;amp; Networking ===&lt;br /&gt;
; &amp;lt;code&amp;gt;network.http.referrer.spoofSource&amp;lt;/code&amp;gt; : Set to &amp;lt;code&amp;gt;true&amp;lt;/code&amp;gt;.&lt;br /&gt;
; &amp;lt;code&amp;gt;accessibility.blockautorefresh&amp;lt;/code&amp;gt; : Set to &amp;lt;code&amp;gt;true&amp;lt;/code&amp;gt; to disable forced redirections. Combining this with disabled CSS and JS yields raw, unmangled result links. [https://pedantic.software/fxc/blog/why_there_is_no_css_on_my_website.html (via Pedantic Software)]&lt;br /&gt;
; &amp;lt;code&amp;gt;browser.sessionstore.interval&amp;lt;/code&amp;gt; : Set to a very high value to reduce disk writes and SessionStore tracking.&lt;br /&gt;
&lt;br /&gt;
=== Additional Hardening Actions ===&lt;br /&gt;
* &#039;&#039;&#039;Disable Firefox SessionStore&#039;&#039;&#039;: Search for &amp;lt;code&amp;gt;browser.sessionstore&amp;lt;/code&amp;gt; in &amp;lt;code&amp;gt;about:config&amp;lt;/code&amp;gt; and disable relevant telemetry/saving mechanisms.&lt;br /&gt;
* &#039;&#039;&#039;Disable CSS Visited Links&#039;&#039;&#039;: Mitigates history-sniffing vulnerabilities. [https://www.reddit.com/r/privacy/comments/15fddo0/retrieving_your_browsing_history_through_a/juf5br1/ Read the Reddit discussion here.]&lt;br /&gt;
&lt;br /&gt;
== User.js Templates &amp;amp; Generators ==&lt;br /&gt;
&lt;br /&gt;
Instead of manually configuring &amp;lt;code&amp;gt;about:config&amp;lt;/code&amp;gt;, you can use pre-configured &amp;lt;code&amp;gt;user.js&amp;lt;/code&amp;gt; files.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Generators:&#039;&#039;&#039;&lt;br /&gt;
* [https://ffprofile.com ffprofile.com] — Interactive &amp;lt;code&amp;gt;user.js&amp;lt;/code&amp;gt; generator.&lt;br /&gt;
** &#039;&#039;Note on User-Agent Spoofing:&#039;&#039; While you can spoof your user-agent to a more common one (e.g., Chrome), doing so on Firefox can actually make your browser fingerprint [https://deviceinfo.me more unique] ([https://www.billdietrich.me/ComputerPrivacy.html alternative tools list]). Because Firefox&#039;s engine behaves differently than Chromium, mismatched engine/user-agent data is easily detectable. For common agents, see [https://techblog.willshouse.com/2012/01/03/most-common-user-agents/ Willhouse] or [https://www.whatismybrowser.com/guides/the-latest-user-agent/chrome WhatIsMyBrowser].&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Popular Pre-configured Templates:&#039;&#039;&#039;&lt;br /&gt;
# [https://github.com/arkenfox/user.js/raw/master/user.js Arkenfox] (Highly recommended, well-known)&lt;br /&gt;
# [https://raw.githubusercontent.com/pyllyukko/user.js/master/user.js Pyllyukko] (Security focused)&lt;br /&gt;
# [https://git.nixnet.services/Narsil/desktop_user.js/raw/branch/master/user.js Narsil&#039;s user.js] (Privacy focused)&lt;br /&gt;
# [https://codeberg.org/polarhive/vulpes Vulpes]&lt;br /&gt;
# [https://git.nixnet.services/Narsil/palemoon_user.js Narsil&#039;s user.js for Pale Moon] (Privacy focused)&lt;br /&gt;
# [https://git.sr.ht/~krathalan/firefox-complement krathalan config]&lt;br /&gt;
# [https://github.com/simeononsecurity/FireFox-Privacy-Script simeononsec FireFox Script]&lt;br /&gt;
# [https://vermaden.wordpress.com/2024/03/18/sensible-firefox-setup/ vermaden&#039;s Sensible Setup]&lt;br /&gt;
&lt;br /&gt;
== Extensions &amp;amp; Add-ons ==&lt;br /&gt;
&lt;br /&gt;
* &#039;&#039;&#039;ximatrix&#039;&#039;&#039;: A Firefox extension similar to uMatrix capable of blocking inline scripts and advanced requests. [https://github.com/xi/xiMatrix Source code available here]. &lt;br /&gt;
** &#039;&#039;Alternative:&#039;&#039; [https://gitler.moe/Wrongthink/paraMatrix paraMatrix] (a fork of ximatrix).&lt;br /&gt;
* &#039;&#039;&#039;Chrome Extensions on Firefox&#039;&#039;&#039;: Firefox has introduced capabilities for importing Chrome extensions. [https://news.slashdot.org/story/23/08/24/2233242/firefox-users-may-import-chrome-extensions-now Read the Slashdot coverage].&lt;br /&gt;
* &#039;&#039;&#039;Extension Restrictions&#039;&#039;&#039;: Mozilla occasionally restricts add-ons on specific domains. To disable these restrictions and allow uBlock Origin to operate aggressively everywhere, read [https://12bytes.org/tech/mozilla-wants-more-control-over-your-add-ons/ 12bytes&#039; analysis] and their [https://12bytes.org/ublock-origin-suggested-settings/ uBlock suggested settings].&lt;br /&gt;
&lt;br /&gt;
== Browser UI &amp;amp; Maintenance Tweaks ==&lt;br /&gt;
&lt;br /&gt;
* &#039;&#039;&#039;Verify Database Integrity&#039;&#039;&#039;: Navigate to &amp;lt;code&amp;gt;about:support&amp;lt;/code&amp;gt; -&amp;gt; Scroll down to &#039;&#039;&#039;Places Database&#039;&#039;&#039; -&amp;gt; Click &#039;&#039;&#039;Verify Integrity&#039;&#039;&#039;.&lt;br /&gt;
* &#039;&#039;&#039;Turn Off Firefox Sidebar&#039;&#039;&#039;: [https://utcc.utoronto.ca/~cks/space/blog/web/FirefoxPdfViewerSidebarOff Guide to disabling the PDF viewer sidebar].&lt;br /&gt;
* &#039;&#039;&#039;Disable Firefox Translator&#039;&#039;&#039;: [https://xnacly.me/posts/2023/disable-firefox-translation/ Guide to disabling built-in local translation].&lt;br /&gt;
* &#039;&#039;&#039;Block Pop-Ups&#039;&#039;&#039;: [https://support.mozilla.org/bm/questions/1369602 Mozilla Support thread on native pop-up blocking].&lt;br /&gt;
* &#039;&#039;&#039;GeckoView Config&#039;&#039;&#039;: You can access deeper settings via [chrome://geckoview/content/config.xhtml chrome://geckoview/content/config.xhtml].&lt;br /&gt;
&lt;br /&gt;
== Comprehensive Hardening Guides &amp;amp; Reading ==&lt;br /&gt;
&lt;br /&gt;
* [https://github.com/awesome-windows11/firefox Awesome Firefox]&lt;br /&gt;
* [https://github.com/JArmandoG/Firefox-Hardening JArmandoG&#039;s Firefox Hardening Guide]&lt;br /&gt;
* [https://github.com/drduh/macOS-Security-and-Privacy-Guide#browser drduh&#039;s macOS Browser Privacy Guide]&lt;br /&gt;
* [https://sunknudsen.com/privacy-guides sunknudsen&#039;s Privacy Guides]&lt;br /&gt;
* [https://wrongthink.link/posts/hardened-web-browser/ Wrongthink: Hardened Web Browser]&lt;br /&gt;
* [https://unixsheikh.com/articles/choose-your-browser-carefully.html#tweaking-firefox Unixsheikh: Tweaking Firefox]&lt;br /&gt;
* [https://spyware.neocities.org/guides/firefox Spyware Watchdog: Firefox Mitigation]&lt;br /&gt;
* [https://fingerprint.com/blog/browser-anti-fingerprinting-techniques/ Fingerprint.com: Browser Anti-Fingerprinting Techniques]&lt;br /&gt;
* [https://gist.github.com/atcuno/3425484ac5cce5298932 atcuno&#039;s Privacy Guide] (Outdated but helpful concepts)&lt;br /&gt;
* [https://github.com/CISOfy/privacy-guide/blob/master/browser-security.md CISOfy Browser Security Guide]&lt;br /&gt;
* [http://kb.mozillazine.org/Category:Firefox MozillaZine Firefox Wiki]&lt;br /&gt;
&lt;br /&gt;
[[Category:Hardening]]&lt;br /&gt;
[[Category:Web browsers]]&lt;br /&gt;
[[Category:Privacy]]&lt;br /&gt;
[[Category:Security]]&lt;/div&gt;</summary>
		<author><name>Admin</name></author>
	</entry>
	<entry>
		<id>https://wiki.n216.dedyn.io/index.php?title=My_Firefox_Settings&amp;diff=49</id>
		<title>My Firefox Settings</title>
		<link rel="alternate" type="text/html" href="https://wiki.n216.dedyn.io/index.php?title=My_Firefox_Settings&amp;diff=49"/>
		<updated>2026-05-17T20:55:11Z</updated>

		<summary type="html">&lt;p&gt;Admin: /* Privacy, Security &amp;amp; Networking */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&amp;lt;blockquote&amp;gt;&#039;&#039;&#039;Note:&#039;&#039;&#039; This article is imported from an old note-taking app and may be outdated.&amp;lt;/blockquote&amp;gt;&lt;br /&gt;
&lt;br /&gt;
== Core Modifications &amp;amp; Bloatware Removal ==&lt;br /&gt;
&lt;br /&gt;
Some guides, such as the [https://spyware.neocities.org/guides/firefox Spyware Watchdog Mitigation Guide], recommend deleting default plugins bundled within the Firefox directory that may introduce privacy concerns or act as bloatware.&lt;br /&gt;
&lt;br /&gt;
Navigate to your Firefox features directory and remove unnecessary add-ons:&lt;br /&gt;
&amp;lt;syntaxhighlight lang=&amp;quot;bash&amp;quot;&amp;gt;&lt;br /&gt;
cd /usr/lib/firefox/browser/features&lt;br /&gt;
doas rm *.xpi&lt;br /&gt;
&amp;lt;/syntaxhighlight&amp;gt;&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;List of bundled plugins commonly removed:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;code&amp;gt;firefox@getpocket.com.xpi&amp;lt;/code&amp;gt; — Pocket&lt;br /&gt;
* &amp;lt;code&amp;gt;followonsearch@mozilla.com.xpi&amp;lt;/code&amp;gt; — Follow-On Search&lt;br /&gt;
* &amp;lt;code&amp;gt;activity-stream@mozilla.org.xpi&amp;lt;/code&amp;gt; — Activity Stream&lt;br /&gt;
* &amp;lt;code&amp;gt;screenshots@mozilla.org.xpi&amp;lt;/code&amp;gt; — Screenshots&lt;br /&gt;
* &amp;lt;code&amp;gt;onboarding@mozilla.org.xpi&amp;lt;/code&amp;gt; — Onboarding&lt;br /&gt;
* &amp;lt;code&amp;gt;formautofill@mozilla.org.xpi&amp;lt;/code&amp;gt; — Autofill&lt;br /&gt;
* &amp;lt;code&amp;gt;webcompat@mozilla.org.xpi&amp;lt;/code&amp;gt; — Web Compatibility Reporter&lt;br /&gt;
&lt;br /&gt;
== Configuration Tweaks (about:config) (if user.js does not cover them) ==&lt;br /&gt;
&lt;br /&gt;
=== Privacy, Security &amp;amp; Networking ===&lt;br /&gt;
; &amp;lt;code&amp;gt;network.http.referrer.spoofSource&amp;lt;/code&amp;gt; : Set to &amp;lt;code&amp;gt;true&amp;lt;/code&amp;gt;.&lt;br /&gt;
; &amp;lt;code&amp;gt;browser.display.use_document_fonts&amp;lt;/code&amp;gt; : Set to &amp;lt;code&amp;gt;0&amp;lt;/code&amp;gt; to mitigate font fingerprinting.&lt;br /&gt;
; &amp;lt;code&amp;gt;accessibility.blockautorefresh&amp;lt;/code&amp;gt; : Set to &amp;lt;code&amp;gt;true&amp;lt;/code&amp;gt; to disable forced redirections. Combining this with disabled CSS and JS yields raw, unmangled result links. [https://pedantic.software/fxc/blog/why_there_is_no_css_on_my_website.html (via Pedantic Software)]&lt;br /&gt;
; &amp;lt;code&amp;gt;browser.sessionstore.interval&amp;lt;/code&amp;gt; : Set to a very high value to reduce disk writes and SessionStore tracking.&lt;br /&gt;
&lt;br /&gt;
=== Additional Hardening Actions ===&lt;br /&gt;
* &#039;&#039;&#039;Disable Firefox SessionStore&#039;&#039;&#039;: Search for &amp;lt;code&amp;gt;browser.sessionstore&amp;lt;/code&amp;gt; in &amp;lt;code&amp;gt;about:config&amp;lt;/code&amp;gt; and disable relevant telemetry/saving mechanisms.&lt;br /&gt;
* &#039;&#039;&#039;Disable CSS Visited Links&#039;&#039;&#039;: Mitigates history-sniffing vulnerabilities. [https://www.reddit.com/r/privacy/comments/15fddo0/retrieving_your_browsing_history_through_a/juf5br1/ Read the Reddit discussion here.]&lt;br /&gt;
&lt;br /&gt;
== User.js Templates &amp;amp; Generators ==&lt;br /&gt;
&lt;br /&gt;
Instead of manually configuring &amp;lt;code&amp;gt;about:config&amp;lt;/code&amp;gt;, you can use pre-configured &amp;lt;code&amp;gt;user.js&amp;lt;/code&amp;gt; files.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Generators:&#039;&#039;&#039;&lt;br /&gt;
* [https://ffprofile.com ffprofile.com] — Interactive &amp;lt;code&amp;gt;user.js&amp;lt;/code&amp;gt; generator.&lt;br /&gt;
** &#039;&#039;Note on User-Agent Spoofing:&#039;&#039; While you can spoof your user-agent to a more common one (e.g., Chrome), doing so on Firefox can actually make your browser fingerprint [https://deviceinfo.me more unique] ([https://www.billdietrich.me/ComputerPrivacy.html alternative tools list]). Because Firefox&#039;s engine behaves differently than Chromium, mismatched engine/user-agent data is easily detectable. For common agents, see [https://techblog.willshouse.com/2012/01/03/most-common-user-agents/ Willhouse] or [https://www.whatismybrowser.com/guides/the-latest-user-agent/chrome WhatIsMyBrowser].&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Popular Pre-configured Templates:&#039;&#039;&#039;&lt;br /&gt;
# [https://github.com/arkenfox/user.js/raw/master/user.js Arkenfox] (Highly recommended, well-known)&lt;br /&gt;
# [https://raw.githubusercontent.com/pyllyukko/user.js/master/user.js Pyllyukko] (Security focused)&lt;br /&gt;
# [https://git.nixnet.services/Narsil/desktop_user.js/raw/branch/master/user.js Narsil&#039;s user.js] (Privacy focused)&lt;br /&gt;
# [https://codeberg.org/polarhive/vulpes Vulpes]&lt;br /&gt;
# [https://git.nixnet.services/Narsil/palemoon_user.js Narsil&#039;s user.js for Pale Moon] (Privacy focused)&lt;br /&gt;
# [https://git.sr.ht/~krathalan/firefox-complement krathalan config]&lt;br /&gt;
# [https://github.com/simeononsecurity/FireFox-Privacy-Script simeononsec FireFox Script]&lt;br /&gt;
# [https://vermaden.wordpress.com/2024/03/18/sensible-firefox-setup/ vermaden&#039;s Sensible Setup]&lt;br /&gt;
&lt;br /&gt;
== Extensions &amp;amp; Add-ons ==&lt;br /&gt;
&lt;br /&gt;
* &#039;&#039;&#039;ximatrix&#039;&#039;&#039;: A Firefox extension similar to uMatrix capable of blocking inline scripts and advanced requests. [https://github.com/xi/xiMatrix Source code available here]. &lt;br /&gt;
** &#039;&#039;Alternative:&#039;&#039; [https://gitler.moe/Wrongthink/paraMatrix paraMatrix] (a fork of ximatrix).&lt;br /&gt;
* &#039;&#039;&#039;Chrome Extensions on Firefox&#039;&#039;&#039;: Firefox has introduced capabilities for importing Chrome extensions. [https://news.slashdot.org/story/23/08/24/2233242/firefox-users-may-import-chrome-extensions-now Read the Slashdot coverage].&lt;br /&gt;
* &#039;&#039;&#039;Extension Restrictions&#039;&#039;&#039;: Mozilla occasionally restricts add-ons on specific domains. To disable these restrictions and allow uBlock Origin to operate aggressively everywhere, read [https://12bytes.org/tech/mozilla-wants-more-control-over-your-add-ons/ 12bytes&#039; analysis] and their [https://12bytes.org/ublock-origin-suggested-settings/ uBlock suggested settings].&lt;br /&gt;
&lt;br /&gt;
== Browser UI &amp;amp; Maintenance Tweaks ==&lt;br /&gt;
&lt;br /&gt;
* &#039;&#039;&#039;Verify Database Integrity&#039;&#039;&#039;: Navigate to &amp;lt;code&amp;gt;about:support&amp;lt;/code&amp;gt; -&amp;gt; Scroll down to &#039;&#039;&#039;Places Database&#039;&#039;&#039; -&amp;gt; Click &#039;&#039;&#039;Verify Integrity&#039;&#039;&#039;.&lt;br /&gt;
* &#039;&#039;&#039;Turn Off Firefox Sidebar&#039;&#039;&#039;: [https://utcc.utoronto.ca/~cks/space/blog/web/FirefoxPdfViewerSidebarOff Guide to disabling the PDF viewer sidebar].&lt;br /&gt;
* &#039;&#039;&#039;Disable Firefox Translator&#039;&#039;&#039;: [https://xnacly.me/posts/2023/disable-firefox-translation/ Guide to disabling built-in local translation].&lt;br /&gt;
* &#039;&#039;&#039;Block Pop-Ups&#039;&#039;&#039;: [https://support.mozilla.org/bm/questions/1369602 Mozilla Support thread on native pop-up blocking].&lt;br /&gt;
* &#039;&#039;&#039;GeckoView Config&#039;&#039;&#039;: You can access deeper settings via [chrome://geckoview/content/config.xhtml chrome://geckoview/content/config.xhtml].&lt;br /&gt;
&lt;br /&gt;
== Comprehensive Hardening Guides &amp;amp; Reading ==&lt;br /&gt;
&lt;br /&gt;
* [https://github.com/awesome-windows11/firefox Awesome Firefox]&lt;br /&gt;
* [https://github.com/JArmandoG/Firefox-Hardening JArmandoG&#039;s Firefox Hardening Guide]&lt;br /&gt;
* [https://github.com/drduh/macOS-Security-and-Privacy-Guide#browser drduh&#039;s macOS Browser Privacy Guide]&lt;br /&gt;
* [https://sunknudsen.com/privacy-guides sunknudsen&#039;s Privacy Guides]&lt;br /&gt;
* [https://wrongthink.link/posts/hardened-web-browser/ Wrongthink: Hardened Web Browser]&lt;br /&gt;
* [https://unixsheikh.com/articles/choose-your-browser-carefully.html#tweaking-firefox Unixsheikh: Tweaking Firefox]&lt;br /&gt;
* [https://spyware.neocities.org/guides/firefox Spyware Watchdog: Firefox Mitigation]&lt;br /&gt;
* [https://fingerprint.com/blog/browser-anti-fingerprinting-techniques/ Fingerprint.com: Browser Anti-Fingerprinting Techniques]&lt;br /&gt;
* [https://gist.github.com/atcuno/3425484ac5cce5298932 atcuno&#039;s Privacy Guide] (Outdated but helpful concepts)&lt;br /&gt;
* [https://github.com/CISOfy/privacy-guide/blob/master/browser-security.md CISOfy Browser Security Guide]&lt;br /&gt;
* [http://kb.mozillazine.org/Category:Firefox MozillaZine Firefox Wiki]&lt;br /&gt;
&lt;br /&gt;
[[Category:Hardening]]&lt;br /&gt;
[[Category:Web browsers]]&lt;br /&gt;
[[Category:Privacy]]&lt;br /&gt;
[[Category:Security]]&lt;/div&gt;</summary>
		<author><name>Admin</name></author>
	</entry>
	<entry>
		<id>https://wiki.n216.dedyn.io/index.php?title=My_Firefox_Settings&amp;diff=48</id>
		<title>My Firefox Settings</title>
		<link rel="alternate" type="text/html" href="https://wiki.n216.dedyn.io/index.php?title=My_Firefox_Settings&amp;diff=48"/>
		<updated>2026-05-17T20:52:57Z</updated>

		<summary type="html">&lt;p&gt;Admin: /* Configuration Tweaks (about:config) */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&amp;lt;blockquote&amp;gt;&#039;&#039;&#039;Note:&#039;&#039;&#039; This article is imported from an old note-taking app and may be outdated.&amp;lt;/blockquote&amp;gt;&lt;br /&gt;
&lt;br /&gt;
== Core Modifications &amp;amp; Bloatware Removal ==&lt;br /&gt;
&lt;br /&gt;
Some guides, such as the [https://spyware.neocities.org/guides/firefox Spyware Watchdog Mitigation Guide], recommend deleting default plugins bundled within the Firefox directory that may introduce privacy concerns or act as bloatware.&lt;br /&gt;
&lt;br /&gt;
Navigate to your Firefox features directory and remove unnecessary add-ons:&lt;br /&gt;
&amp;lt;syntaxhighlight lang=&amp;quot;bash&amp;quot;&amp;gt;&lt;br /&gt;
cd /usr/lib/firefox/browser/features&lt;br /&gt;
doas rm *.xpi&lt;br /&gt;
&amp;lt;/syntaxhighlight&amp;gt;&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;List of bundled plugins commonly removed:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;code&amp;gt;firefox@getpocket.com.xpi&amp;lt;/code&amp;gt; — Pocket&lt;br /&gt;
* &amp;lt;code&amp;gt;followonsearch@mozilla.com.xpi&amp;lt;/code&amp;gt; — Follow-On Search&lt;br /&gt;
* &amp;lt;code&amp;gt;activity-stream@mozilla.org.xpi&amp;lt;/code&amp;gt; — Activity Stream&lt;br /&gt;
* &amp;lt;code&amp;gt;screenshots@mozilla.org.xpi&amp;lt;/code&amp;gt; — Screenshots&lt;br /&gt;
* &amp;lt;code&amp;gt;onboarding@mozilla.org.xpi&amp;lt;/code&amp;gt; — Onboarding&lt;br /&gt;
* &amp;lt;code&amp;gt;formautofill@mozilla.org.xpi&amp;lt;/code&amp;gt; — Autofill&lt;br /&gt;
* &amp;lt;code&amp;gt;webcompat@mozilla.org.xpi&amp;lt;/code&amp;gt; — Web Compatibility Reporter&lt;br /&gt;
&lt;br /&gt;
== Configuration Tweaks (about:config) ==&lt;br /&gt;
&lt;br /&gt;
=== Privacy, Security &amp;amp; Networking ===&lt;br /&gt;
; &amp;lt;code&amp;gt;security.tls.version.min&amp;lt;/code&amp;gt; : Set to &amp;lt;code&amp;gt;3&amp;lt;/code&amp;gt; to enforce strict TLS standards.&lt;br /&gt;
; &amp;lt;code&amp;gt;network.http.referrer.spoofSource&amp;lt;/code&amp;gt; : Set to &amp;lt;code&amp;gt;true&amp;lt;/code&amp;gt;.&lt;br /&gt;
; &amp;lt;code&amp;gt;browser.display.use_document_fonts&amp;lt;/code&amp;gt; : Set to &amp;lt;code&amp;gt;0&amp;lt;/code&amp;gt; to mitigate font fingerprinting.&lt;br /&gt;
; &amp;lt;code&amp;gt;browser.urlbar.maxRichResults&amp;lt;/code&amp;gt; : Set to &amp;lt;code&amp;gt;0&amp;lt;/code&amp;gt; (or desired low number) to limit URL bar suggestions.&lt;br /&gt;
; &amp;lt;code&amp;gt;accessibility.blockautorefresh&amp;lt;/code&amp;gt; : Set to &amp;lt;code&amp;gt;true&amp;lt;/code&amp;gt; to disable forced redirections. Combining this with disabled CSS and JS yields raw, unmangled result links. [https://pedantic.software/fxc/blog/why_there_is_no_css_on_my_website.html (via Pedantic Software)]&lt;br /&gt;
; &amp;lt;code&amp;gt;browser.sessionstore.interval&amp;lt;/code&amp;gt; : Set to a very high value to reduce disk writes and SessionStore tracking.&lt;br /&gt;
&lt;br /&gt;
=== Additional Hardening Actions ===&lt;br /&gt;
* &#039;&#039;&#039;Disable Firefox SessionStore&#039;&#039;&#039;: Search for &amp;lt;code&amp;gt;browser.sessionstore&amp;lt;/code&amp;gt; in &amp;lt;code&amp;gt;about:config&amp;lt;/code&amp;gt; and disable relevant telemetry/saving mechanisms.&lt;br /&gt;
* &#039;&#039;&#039;Disable CSS Visited Links&#039;&#039;&#039;: Mitigates history-sniffing vulnerabilities. [https://www.reddit.com/r/privacy/comments/15fddo0/retrieving_your_browsing_history_through_a/juf5br1/ Read the Reddit discussion here.]&lt;br /&gt;
&lt;br /&gt;
== User.js Templates &amp;amp; Generators ==&lt;br /&gt;
&lt;br /&gt;
Instead of manually configuring &amp;lt;code&amp;gt;about:config&amp;lt;/code&amp;gt;, you can use pre-configured &amp;lt;code&amp;gt;user.js&amp;lt;/code&amp;gt; files.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Generators:&#039;&#039;&#039;&lt;br /&gt;
* [https://ffprofile.com ffprofile.com] — Interactive &amp;lt;code&amp;gt;user.js&amp;lt;/code&amp;gt; generator.&lt;br /&gt;
** &#039;&#039;Note on User-Agent Spoofing:&#039;&#039; While you can spoof your user-agent to a more common one (e.g., Chrome), doing so on Firefox can actually make your browser fingerprint [https://deviceinfo.me more unique] ([https://www.billdietrich.me/ComputerPrivacy.html alternative tools list]). Because Firefox&#039;s engine behaves differently than Chromium, mismatched engine/user-agent data is easily detectable. For common agents, see [https://techblog.willshouse.com/2012/01/03/most-common-user-agents/ Willhouse] or [https://www.whatismybrowser.com/guides/the-latest-user-agent/chrome WhatIsMyBrowser].&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Popular Pre-configured Templates:&#039;&#039;&#039;&lt;br /&gt;
# [https://github.com/arkenfox/user.js/raw/master/user.js Arkenfox] (Highly recommended, well-known)&lt;br /&gt;
# [https://raw.githubusercontent.com/pyllyukko/user.js/master/user.js Pyllyukko] (Security focused)&lt;br /&gt;
# [https://git.nixnet.services/Narsil/desktop_user.js/raw/branch/master/user.js Narsil&#039;s user.js] (Privacy focused)&lt;br /&gt;
# [https://codeberg.org/polarhive/vulpes Vulpes]&lt;br /&gt;
# [https://git.nixnet.services/Narsil/palemoon_user.js Narsil&#039;s user.js for Pale Moon] (Privacy focused)&lt;br /&gt;
# [https://git.sr.ht/~krathalan/firefox-complement krathalan config]&lt;br /&gt;
# [https://github.com/simeononsecurity/FireFox-Privacy-Script simeononsec FireFox Script]&lt;br /&gt;
# [https://vermaden.wordpress.com/2024/03/18/sensible-firefox-setup/ vermaden&#039;s Sensible Setup]&lt;br /&gt;
&lt;br /&gt;
== Extensions &amp;amp; Add-ons ==&lt;br /&gt;
&lt;br /&gt;
* &#039;&#039;&#039;ximatrix&#039;&#039;&#039;: A Firefox extension similar to uMatrix capable of blocking inline scripts and advanced requests. [https://github.com/xi/xiMatrix Source code available here]. &lt;br /&gt;
** &#039;&#039;Alternative:&#039;&#039; [https://gitler.moe/Wrongthink/paraMatrix paraMatrix] (a fork of ximatrix).&lt;br /&gt;
* &#039;&#039;&#039;Chrome Extensions on Firefox&#039;&#039;&#039;: Firefox has introduced capabilities for importing Chrome extensions. [https://news.slashdot.org/story/23/08/24/2233242/firefox-users-may-import-chrome-extensions-now Read the Slashdot coverage].&lt;br /&gt;
* &#039;&#039;&#039;Extension Restrictions&#039;&#039;&#039;: Mozilla occasionally restricts add-ons on specific domains. To disable these restrictions and allow uBlock Origin to operate aggressively everywhere, read [https://12bytes.org/tech/mozilla-wants-more-control-over-your-add-ons/ 12bytes&#039; analysis] and their [https://12bytes.org/ublock-origin-suggested-settings/ uBlock suggested settings].&lt;br /&gt;
&lt;br /&gt;
== Browser UI &amp;amp; Maintenance Tweaks ==&lt;br /&gt;
&lt;br /&gt;
* &#039;&#039;&#039;Verify Database Integrity&#039;&#039;&#039;: Navigate to &amp;lt;code&amp;gt;about:support&amp;lt;/code&amp;gt; -&amp;gt; Scroll down to &#039;&#039;&#039;Places Database&#039;&#039;&#039; -&amp;gt; Click &#039;&#039;&#039;Verify Integrity&#039;&#039;&#039;.&lt;br /&gt;
* &#039;&#039;&#039;Turn Off Firefox Sidebar&#039;&#039;&#039;: [https://utcc.utoronto.ca/~cks/space/blog/web/FirefoxPdfViewerSidebarOff Guide to disabling the PDF viewer sidebar].&lt;br /&gt;
* &#039;&#039;&#039;Disable Firefox Translator&#039;&#039;&#039;: [https://xnacly.me/posts/2023/disable-firefox-translation/ Guide to disabling built-in local translation].&lt;br /&gt;
* &#039;&#039;&#039;Block Pop-Ups&#039;&#039;&#039;: [https://support.mozilla.org/bm/questions/1369602 Mozilla Support thread on native pop-up blocking].&lt;br /&gt;
* &#039;&#039;&#039;GeckoView Config&#039;&#039;&#039;: You can access deeper settings via [chrome://geckoview/content/config.xhtml chrome://geckoview/content/config.xhtml].&lt;br /&gt;
&lt;br /&gt;
== Comprehensive Hardening Guides &amp;amp; Reading ==&lt;br /&gt;
&lt;br /&gt;
* [https://github.com/awesome-windows11/firefox Awesome Firefox]&lt;br /&gt;
* [https://github.com/JArmandoG/Firefox-Hardening JArmandoG&#039;s Firefox Hardening Guide]&lt;br /&gt;
* [https://github.com/drduh/macOS-Security-and-Privacy-Guide#browser drduh&#039;s macOS Browser Privacy Guide]&lt;br /&gt;
* [https://sunknudsen.com/privacy-guides sunknudsen&#039;s Privacy Guides]&lt;br /&gt;
* [https://wrongthink.link/posts/hardened-web-browser/ Wrongthink: Hardened Web Browser]&lt;br /&gt;
* [https://unixsheikh.com/articles/choose-your-browser-carefully.html#tweaking-firefox Unixsheikh: Tweaking Firefox]&lt;br /&gt;
* [https://spyware.neocities.org/guides/firefox Spyware Watchdog: Firefox Mitigation]&lt;br /&gt;
* [https://fingerprint.com/blog/browser-anti-fingerprinting-techniques/ Fingerprint.com: Browser Anti-Fingerprinting Techniques]&lt;br /&gt;
* [https://gist.github.com/atcuno/3425484ac5cce5298932 atcuno&#039;s Privacy Guide] (Outdated but helpful concepts)&lt;br /&gt;
* [https://github.com/CISOfy/privacy-guide/blob/master/browser-security.md CISOfy Browser Security Guide]&lt;br /&gt;
* [http://kb.mozillazine.org/Category:Firefox MozillaZine Firefox Wiki]&lt;br /&gt;
&lt;br /&gt;
[[Category:Hardening]]&lt;br /&gt;
[[Category:Web browsers]]&lt;br /&gt;
[[Category:Privacy]]&lt;br /&gt;
[[Category:Security]]&lt;/div&gt;</summary>
		<author><name>Admin</name></author>
	</entry>
	<entry>
		<id>https://wiki.n216.dedyn.io/index.php?title=My_Firefox_Settings&amp;diff=47</id>
		<title>My Firefox Settings</title>
		<link rel="alternate" type="text/html" href="https://wiki.n216.dedyn.io/index.php?title=My_Firefox_Settings&amp;diff=47"/>
		<updated>2026-05-17T20:50:24Z</updated>

		<summary type="html">&lt;p&gt;Admin: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&amp;lt;blockquote&amp;gt;&#039;&#039;&#039;Note:&#039;&#039;&#039; This article is imported from an old note-taking app and may be outdated.&amp;lt;/blockquote&amp;gt;&lt;br /&gt;
&lt;br /&gt;
== Core Modifications &amp;amp; Bloatware Removal ==&lt;br /&gt;
&lt;br /&gt;
Some guides, such as the [https://spyware.neocities.org/guides/firefox Spyware Watchdog Mitigation Guide], recommend deleting default plugins bundled within the Firefox directory that may introduce privacy concerns or act as bloatware.&lt;br /&gt;
&lt;br /&gt;
Navigate to your Firefox features directory and remove unnecessary add-ons:&lt;br /&gt;
&amp;lt;syntaxhighlight lang=&amp;quot;bash&amp;quot;&amp;gt;&lt;br /&gt;
cd /usr/lib/firefox/browser/features&lt;br /&gt;
doas rm *.xpi&lt;br /&gt;
&amp;lt;/syntaxhighlight&amp;gt;&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;List of bundled plugins commonly removed:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;code&amp;gt;firefox@getpocket.com.xpi&amp;lt;/code&amp;gt; — Pocket&lt;br /&gt;
* &amp;lt;code&amp;gt;followonsearch@mozilla.com.xpi&amp;lt;/code&amp;gt; — Follow-On Search&lt;br /&gt;
* &amp;lt;code&amp;gt;activity-stream@mozilla.org.xpi&amp;lt;/code&amp;gt; — Activity Stream&lt;br /&gt;
* &amp;lt;code&amp;gt;screenshots@mozilla.org.xpi&amp;lt;/code&amp;gt; — Screenshots&lt;br /&gt;
* &amp;lt;code&amp;gt;onboarding@mozilla.org.xpi&amp;lt;/code&amp;gt; — Onboarding&lt;br /&gt;
* &amp;lt;code&amp;gt;formautofill@mozilla.org.xpi&amp;lt;/code&amp;gt; — Autofill&lt;br /&gt;
* &amp;lt;code&amp;gt;webcompat@mozilla.org.xpi&amp;lt;/code&amp;gt; — Web Compatibility Reporter&lt;br /&gt;
&lt;br /&gt;
== Configuration Tweaks (about:config) ==&lt;br /&gt;
&lt;br /&gt;
=== Privacy, Security &amp;amp; Networking ===&lt;br /&gt;
; &amp;lt;code&amp;gt;network.trr.mode&amp;lt;/code&amp;gt; : Set to &amp;lt;code&amp;gt;3&amp;lt;/code&amp;gt; to force DNS over HTTPS (DoH) every time you make a DNS request, even if your DNS server doesn&#039;t respond. (Alternatively, change the &amp;quot;DNS protection&amp;quot; preference in Settings).&lt;br /&gt;
; &amp;lt;code&amp;gt;security.tls.version.min&amp;lt;/code&amp;gt; : Set to &amp;lt;code&amp;gt;3&amp;lt;/code&amp;gt; to enforce strict TLS standards.&lt;br /&gt;
; &amp;lt;code&amp;gt;network.http.referrer.spoofSource&amp;lt;/code&amp;gt; : Set to &amp;lt;code&amp;gt;true&amp;lt;/code&amp;gt;.&lt;br /&gt;
; &amp;lt;code&amp;gt;browser.display.use_document_fonts&amp;lt;/code&amp;gt; : Set to &amp;lt;code&amp;gt;0&amp;lt;/code&amp;gt; to mitigate font fingerprinting.&lt;br /&gt;
; &amp;lt;code&amp;gt;browser.urlbar.maxRichResults&amp;lt;/code&amp;gt; : Set to &amp;lt;code&amp;gt;0&amp;lt;/code&amp;gt; (or desired low number) to limit URL bar suggestions.&lt;br /&gt;
; &amp;lt;code&amp;gt;accessibility.blockautorefresh&amp;lt;/code&amp;gt; : Set to &amp;lt;code&amp;gt;true&amp;lt;/code&amp;gt; to disable forced redirections. Combining this with disabled CSS and JS yields raw, unmangled result links. [https://pedantic.software/fxc/blog/why_there_is_no_css_on_my_website.html (via Pedantic Software)]&lt;br /&gt;
; &amp;lt;code&amp;gt;browser.sessionstore.interval&amp;lt;/code&amp;gt; : Set to a very high value to reduce disk writes and SessionStore tracking.&lt;br /&gt;
&lt;br /&gt;
=== Media &amp;amp; Autoplay Limitations ===&lt;br /&gt;
To disable autoplay and drastically reduce background video caching, apply the following:&lt;br /&gt;
* &amp;lt;code&amp;gt;media.autoplay.enabled&amp;lt;/code&amp;gt; = &amp;lt;code&amp;gt;false&amp;lt;/code&amp;gt;&lt;br /&gt;
* &amp;lt;code&amp;gt;media.cache_readahead_limit&amp;lt;/code&amp;gt; = &amp;lt;code&amp;gt;0&amp;lt;/code&amp;gt;&lt;br /&gt;
* &amp;lt;code&amp;gt;media.cache_resume_threshold&amp;lt;/code&amp;gt; = &amp;lt;code&amp;gt;10&amp;lt;/code&amp;gt;&lt;br /&gt;
* &amp;lt;code&amp;gt;media.autoplay.blocking_policy&amp;lt;/code&amp;gt; = &amp;lt;code&amp;gt;1&amp;lt;/code&amp;gt;&lt;br /&gt;
* &amp;lt;code&amp;gt;media.autoplay.allow-muted&amp;lt;/code&amp;gt; = &amp;lt;code&amp;gt;false&amp;lt;/code&amp;gt;&lt;br /&gt;
&lt;br /&gt;
=== Additional Hardening Actions ===&lt;br /&gt;
* &#039;&#039;&#039;Disable Firefox SessionStore&#039;&#039;&#039;: Search for &amp;lt;code&amp;gt;browser.sessionstore&amp;lt;/code&amp;gt; in &amp;lt;code&amp;gt;about:config&amp;lt;/code&amp;gt; and disable relevant telemetry/saving mechanisms.&lt;br /&gt;
* &#039;&#039;&#039;Disable CSS Visited Links&#039;&#039;&#039;: Mitigates history-sniffing vulnerabilities. [https://www.reddit.com/r/privacy/comments/15fddo0/retrieving_your_browsing_history_through_a/juf5br1/ Read the Reddit discussion here.]&lt;br /&gt;
&lt;br /&gt;
== User.js Templates &amp;amp; Generators ==&lt;br /&gt;
&lt;br /&gt;
Instead of manually configuring &amp;lt;code&amp;gt;about:config&amp;lt;/code&amp;gt;, you can use pre-configured &amp;lt;code&amp;gt;user.js&amp;lt;/code&amp;gt; files.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Generators:&#039;&#039;&#039;&lt;br /&gt;
* [https://ffprofile.com ffprofile.com] — Interactive &amp;lt;code&amp;gt;user.js&amp;lt;/code&amp;gt; generator.&lt;br /&gt;
** &#039;&#039;Note on User-Agent Spoofing:&#039;&#039; While you can spoof your user-agent to a more common one (e.g., Chrome), doing so on Firefox can actually make your browser fingerprint [https://deviceinfo.me more unique] ([https://www.billdietrich.me/ComputerPrivacy.html alternative tools list]). Because Firefox&#039;s engine behaves differently than Chromium, mismatched engine/user-agent data is easily detectable. For common agents, see [https://techblog.willshouse.com/2012/01/03/most-common-user-agents/ Willhouse] or [https://www.whatismybrowser.com/guides/the-latest-user-agent/chrome WhatIsMyBrowser].&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Popular Pre-configured Templates:&#039;&#039;&#039;&lt;br /&gt;
# [https://github.com/arkenfox/user.js/raw/master/user.js Arkenfox] (Highly recommended, well-known)&lt;br /&gt;
# [https://raw.githubusercontent.com/pyllyukko/user.js/master/user.js Pyllyukko] (Security focused)&lt;br /&gt;
# [https://git.nixnet.services/Narsil/desktop_user.js/raw/branch/master/user.js Narsil&#039;s user.js] (Privacy focused)&lt;br /&gt;
# [https://codeberg.org/polarhive/vulpes Vulpes]&lt;br /&gt;
# [https://git.nixnet.services/Narsil/palemoon_user.js Narsil&#039;s user.js for Pale Moon] (Privacy focused)&lt;br /&gt;
# [https://git.sr.ht/~krathalan/firefox-complement krathalan config]&lt;br /&gt;
# [https://github.com/simeononsecurity/FireFox-Privacy-Script simeononsec FireFox Script]&lt;br /&gt;
# [https://vermaden.wordpress.com/2024/03/18/sensible-firefox-setup/ vermaden&#039;s Sensible Setup]&lt;br /&gt;
&lt;br /&gt;
== Extensions &amp;amp; Add-ons ==&lt;br /&gt;
&lt;br /&gt;
* &#039;&#039;&#039;ximatrix&#039;&#039;&#039;: A Firefox extension similar to uMatrix capable of blocking inline scripts and advanced requests. [https://github.com/xi/xiMatrix Source code available here]. &lt;br /&gt;
** &#039;&#039;Alternative:&#039;&#039; [https://gitler.moe/Wrongthink/paraMatrix paraMatrix] (a fork of ximatrix).&lt;br /&gt;
* &#039;&#039;&#039;Chrome Extensions on Firefox&#039;&#039;&#039;: Firefox has introduced capabilities for importing Chrome extensions. [https://news.slashdot.org/story/23/08/24/2233242/firefox-users-may-import-chrome-extensions-now Read the Slashdot coverage].&lt;br /&gt;
* &#039;&#039;&#039;Extension Restrictions&#039;&#039;&#039;: Mozilla occasionally restricts add-ons on specific domains. To disable these restrictions and allow uBlock Origin to operate aggressively everywhere, read [https://12bytes.org/tech/mozilla-wants-more-control-over-your-add-ons/ 12bytes&#039; analysis] and their [https://12bytes.org/ublock-origin-suggested-settings/ uBlock suggested settings].&lt;br /&gt;
&lt;br /&gt;
== Browser UI &amp;amp; Maintenance Tweaks ==&lt;br /&gt;
&lt;br /&gt;
* &#039;&#039;&#039;Verify Database Integrity&#039;&#039;&#039;: Navigate to &amp;lt;code&amp;gt;about:support&amp;lt;/code&amp;gt; -&amp;gt; Scroll down to &#039;&#039;&#039;Places Database&#039;&#039;&#039; -&amp;gt; Click &#039;&#039;&#039;Verify Integrity&#039;&#039;&#039;.&lt;br /&gt;
* &#039;&#039;&#039;Turn Off Firefox Sidebar&#039;&#039;&#039;: [https://utcc.utoronto.ca/~cks/space/blog/web/FirefoxPdfViewerSidebarOff Guide to disabling the PDF viewer sidebar].&lt;br /&gt;
* &#039;&#039;&#039;Disable Firefox Translator&#039;&#039;&#039;: [https://xnacly.me/posts/2023/disable-firefox-translation/ Guide to disabling built-in local translation].&lt;br /&gt;
* &#039;&#039;&#039;Block Pop-Ups&#039;&#039;&#039;: [https://support.mozilla.org/bm/questions/1369602 Mozilla Support thread on native pop-up blocking].&lt;br /&gt;
* &#039;&#039;&#039;GeckoView Config&#039;&#039;&#039;: You can access deeper settings via [chrome://geckoview/content/config.xhtml chrome://geckoview/content/config.xhtml].&lt;br /&gt;
&lt;br /&gt;
== Comprehensive Hardening Guides &amp;amp; Reading ==&lt;br /&gt;
&lt;br /&gt;
* [https://github.com/awesome-windows11/firefox Awesome Firefox]&lt;br /&gt;
* [https://github.com/JArmandoG/Firefox-Hardening JArmandoG&#039;s Firefox Hardening Guide]&lt;br /&gt;
* [https://github.com/drduh/macOS-Security-and-Privacy-Guide#browser drduh&#039;s macOS Browser Privacy Guide]&lt;br /&gt;
* [https://sunknudsen.com/privacy-guides sunknudsen&#039;s Privacy Guides]&lt;br /&gt;
* [https://wrongthink.link/posts/hardened-web-browser/ Wrongthink: Hardened Web Browser]&lt;br /&gt;
* [https://unixsheikh.com/articles/choose-your-browser-carefully.html#tweaking-firefox Unixsheikh: Tweaking Firefox]&lt;br /&gt;
* [https://spyware.neocities.org/guides/firefox Spyware Watchdog: Firefox Mitigation]&lt;br /&gt;
* [https://fingerprint.com/blog/browser-anti-fingerprinting-techniques/ Fingerprint.com: Browser Anti-Fingerprinting Techniques]&lt;br /&gt;
* [https://gist.github.com/atcuno/3425484ac5cce5298932 atcuno&#039;s Privacy Guide] (Outdated but helpful concepts)&lt;br /&gt;
* [https://github.com/CISOfy/privacy-guide/blob/master/browser-security.md CISOfy Browser Security Guide]&lt;br /&gt;
* [http://kb.mozillazine.org/Category:Firefox MozillaZine Firefox Wiki]&lt;br /&gt;
&lt;br /&gt;
[[Category:Hardening]]&lt;br /&gt;
[[Category:Web browsers]]&lt;br /&gt;
[[Category:Privacy]]&lt;br /&gt;
[[Category:Security]]&lt;/div&gt;</summary>
		<author><name>Admin</name></author>
	</entry>
	<entry>
		<id>https://wiki.n216.dedyn.io/index.php?title=My_Firefox_Settings&amp;diff=46</id>
		<title>My Firefox Settings</title>
		<link rel="alternate" type="text/html" href="https://wiki.n216.dedyn.io/index.php?title=My_Firefox_Settings&amp;diff=46"/>
		<updated>2026-05-17T20:48:09Z</updated>

		<summary type="html">&lt;p&gt;Admin: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&amp;lt;blockquote&amp;gt;&#039;&#039;&#039;Note:&#039;&#039;&#039; This article is imported from an old note-taking app and may be outdated.&amp;lt;/blockquote&amp;gt;&lt;br /&gt;
&lt;br /&gt;
== Core Modifications &amp;amp; Bloatware Removal ==&lt;br /&gt;
&lt;br /&gt;
Some guides, such as the [https://spyware.neocities.org/guides/firefox Spyware Watchdog Mitigation Guide], recommend deleting default plugins bundled within the Firefox directory that may introduce privacy concerns or act as bloatware.&lt;br /&gt;
&lt;br /&gt;
Navigate to your Firefox features directory and remove unnecessary add-ons:&lt;br /&gt;
&amp;lt;syntaxhighlight lang=&amp;quot;bash&amp;quot;&amp;gt;&lt;br /&gt;
cd /usr/lib/firefox/browser/features&lt;br /&gt;
doas rm *.xpi&lt;br /&gt;
&amp;lt;/syntaxhighlight&amp;gt;&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;List of bundled plugins commonly removed:&#039;&#039;&#039;&lt;br /&gt;
* &amp;lt;code&amp;gt;firefox@getpocket.com.xpi&amp;lt;/code&amp;gt; — Pocket&lt;br /&gt;
* &amp;lt;code&amp;gt;followonsearch@mozilla.com.xpi&amp;lt;/code&amp;gt; — Follow-On Search&lt;br /&gt;
* &amp;lt;code&amp;gt;activity-stream@mozilla.org.xpi&amp;lt;/code&amp;gt; — Activity Stream&lt;br /&gt;
* &amp;lt;code&amp;gt;screenshots@mozilla.org.xpi&amp;lt;/code&amp;gt; — Screenshots&lt;br /&gt;
* &amp;lt;code&amp;gt;onboarding@mozilla.org.xpi&amp;lt;/code&amp;gt; — Onboarding&lt;br /&gt;
* &amp;lt;code&amp;gt;formautofill@mozilla.org.xpi&amp;lt;/code&amp;gt; — Autofill&lt;br /&gt;
* &amp;lt;code&amp;gt;webcompat@mozilla.org.xpi&amp;lt;/code&amp;gt; — Web Compatibility Reporter&lt;br /&gt;
&lt;br /&gt;
== Configuration Tweaks (about:config) ==&lt;br /&gt;
&lt;br /&gt;
=== Privacy, Security &amp;amp; Networking ===&lt;br /&gt;
; &amp;lt;code&amp;gt;network.trr.mode&amp;lt;/code&amp;gt; : Set to &amp;lt;code&amp;gt;3&amp;lt;/code&amp;gt; to force DNS over HTTPS (DoH) every time you make a DNS request, even if your DNS server doesn&#039;t respond. (Alternatively, change the &amp;quot;DNS protection&amp;quot; preference in Settings).&lt;br /&gt;
; &amp;lt;code&amp;gt;security.tls.version.min&amp;lt;/code&amp;gt; : Set to &amp;lt;code&amp;gt;3&amp;lt;/code&amp;gt; to enforce strict TLS standards.&lt;br /&gt;
; &amp;lt;code&amp;gt;network.http.referrer.spoofSource&amp;lt;/code&amp;gt; : Set to &amp;lt;code&amp;gt;true&amp;lt;/code&amp;gt;.&lt;br /&gt;
; &amp;lt;code&amp;gt;browser.display.use_document_fonts&amp;lt;/code&amp;gt; : Set to &amp;lt;code&amp;gt;0&amp;lt;/code&amp;gt; to mitigate font fingerprinting.&lt;br /&gt;
; &amp;lt;code&amp;gt;browser.urlbar.maxRichResults&amp;lt;/code&amp;gt; : Set to &amp;lt;code&amp;gt;0&amp;lt;/code&amp;gt; (or desired low number) to limit URL bar suggestions.&lt;br /&gt;
; &amp;lt;code&amp;gt;accessibility.blockautorefresh&amp;lt;/code&amp;gt; : Set to &amp;lt;code&amp;gt;true&amp;lt;/code&amp;gt; to disable forced redirections. Combining this with disabled CSS and JS yields raw, unmangled result links. [https://pedantic.software/fxc/blog/why_there_is_no_css_on_my_website.html (via Pedantic Software)]&lt;br /&gt;
; &amp;lt;code&amp;gt;browser.sessionstore.interval&amp;lt;/code&amp;gt; : Set to a very high value to reduce disk writes and SessionStore tracking.&lt;br /&gt;
&lt;br /&gt;
=== Media &amp;amp; Autoplay Limitations ===&lt;br /&gt;
To disable autoplay and drastically reduce background video caching, apply the following:&lt;br /&gt;
* &amp;lt;code&amp;gt;media.autoplay.enabled&amp;lt;/code&amp;gt; = &amp;lt;code&amp;gt;false&amp;lt;/code&amp;gt;&lt;br /&gt;
* &amp;lt;code&amp;gt;media.cache_readahead_limit&amp;lt;/code&amp;gt; = &amp;lt;code&amp;gt;0&amp;lt;/code&amp;gt;&lt;br /&gt;
* &amp;lt;code&amp;gt;media.cache_resume_threshold&amp;lt;/code&amp;gt; = &amp;lt;code&amp;gt;10&amp;lt;/code&amp;gt;&lt;br /&gt;
* &amp;lt;code&amp;gt;media.autoplay.blocking_policy&amp;lt;/code&amp;gt; = &amp;lt;code&amp;gt;1&amp;lt;/code&amp;gt;&lt;br /&gt;
* &amp;lt;code&amp;gt;media.autoplay.allow-muted&amp;lt;/code&amp;gt; = &amp;lt;code&amp;gt;false&amp;lt;/code&amp;gt;&lt;br /&gt;
&lt;br /&gt;
=== Experimental Social Settings ===&lt;br /&gt;
&#039;&#039;Note: These disable legacy social integrations. May not be necessary on modern versions.&#039;&#039;&lt;br /&gt;
* &amp;lt;code&amp;gt;social.whitelist&amp;lt;/code&amp;gt; = (leave empty)&lt;br /&gt;
* &amp;lt;code&amp;gt;social.toast-notifications.enabled&amp;lt;/code&amp;gt; = &amp;lt;code&amp;gt;false&amp;lt;/code&amp;gt;&lt;br /&gt;
* &amp;lt;code&amp;gt;social.shareDirectory&amp;lt;/code&amp;gt; = (leave empty)&lt;br /&gt;
* &amp;lt;code&amp;gt;social.remote-install.enabled&amp;lt;/code&amp;gt; = &amp;lt;code&amp;gt;false&amp;lt;/code&amp;gt;&lt;br /&gt;
* &amp;lt;code&amp;gt;social.directories&amp;lt;/code&amp;gt; = (leave empty)&lt;br /&gt;
* &amp;lt;code&amp;gt;social.share.activationPanelEnabled&amp;lt;/code&amp;gt; = &amp;lt;code&amp;gt;false&amp;lt;/code&amp;gt;&lt;br /&gt;
&lt;br /&gt;
=== Additional Hardening Actions ===&lt;br /&gt;
* &#039;&#039;&#039;Disable Firefox SessionStore&#039;&#039;&#039;: Search for &amp;lt;code&amp;gt;browser.sessionstore&amp;lt;/code&amp;gt; in &amp;lt;code&amp;gt;about:config&amp;lt;/code&amp;gt; and disable relevant telemetry/saving mechanisms.&lt;br /&gt;
* &#039;&#039;&#039;Disable CSS Visited Links&#039;&#039;&#039;: Mitigates history-sniffing vulnerabilities. [https://www.reddit.com/r/privacy/comments/15fddo0/retrieving_your_browsing_history_through_a/juf5br1/ Read the Reddit discussion here.]&lt;br /&gt;
&lt;br /&gt;
== User.js Templates &amp;amp; Generators ==&lt;br /&gt;
&lt;br /&gt;
Instead of manually configuring &amp;lt;code&amp;gt;about:config&amp;lt;/code&amp;gt;, you can use pre-configured &amp;lt;code&amp;gt;user.js&amp;lt;/code&amp;gt; files.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Generators:&#039;&#039;&#039;&lt;br /&gt;
* [https://ffprofile.com ffprofile.com] — Interactive &amp;lt;code&amp;gt;user.js&amp;lt;/code&amp;gt; generator.&lt;br /&gt;
** &#039;&#039;Note on User-Agent Spoofing:&#039;&#039; While you can spoof your user-agent to a more common one (e.g., Chrome), doing so on Firefox can actually make your browser fingerprint [https://deviceinfo.me more unique] ([https://www.billdietrich.me/ComputerPrivacy.html alternative tools list]). Because Firefox&#039;s engine behaves differently than Chromium, mismatched engine/user-agent data is easily detectable. For common agents, see [https://techblog.willshouse.com/2012/01/03/most-common-user-agents/ Willhouse] or [https://www.whatismybrowser.com/guides/the-latest-user-agent/chrome WhatIsMyBrowser].&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Popular Pre-configured Templates:&#039;&#039;&#039;&lt;br /&gt;
# [https://github.com/arkenfox/user.js/raw/master/user.js Arkenfox] (Highly recommended, well-known)&lt;br /&gt;
# [https://raw.githubusercontent.com/pyllyukko/user.js/master/user.js Pyllyukko] (Security focused)&lt;br /&gt;
# [https://git.nixnet.services/Narsil/desktop_user.js/raw/branch/master/user.js Narsil&#039;s user.js] (Privacy focused)&lt;br /&gt;
# [https://codeberg.org/polarhive/vulpes Vulpes]&lt;br /&gt;
# [https://git.nixnet.services/Narsil/palemoon_user.js Narsil&#039;s user.js for Pale Moon] (Privacy focused)&lt;br /&gt;
# [https://git.sr.ht/~krathalan/firefox-complement krathalan config]&lt;br /&gt;
# [https://github.com/simeononsecurity/FireFox-Privacy-Script simeononsec FireFox Script]&lt;br /&gt;
# [https://vermaden.wordpress.com/2024/03/18/sensible-firefox-setup/ vermaden&#039;s Sensible Setup]&lt;br /&gt;
&lt;br /&gt;
== Extensions &amp;amp; Add-ons ==&lt;br /&gt;
&lt;br /&gt;
* &#039;&#039;&#039;ximatrix&#039;&#039;&#039;: A Firefox extension similar to uMatrix capable of blocking inline scripts and advanced requests. [https://github.com/xi/xiMatrix Source code available here]. &lt;br /&gt;
** &#039;&#039;Alternative:&#039;&#039; [https://gitler.moe/Wrongthink/paraMatrix paraMatrix] (a fork of ximatrix).&lt;br /&gt;
* &#039;&#039;&#039;Chrome Extensions on Firefox&#039;&#039;&#039;: Firefox has introduced capabilities for importing Chrome extensions. [https://news.slashdot.org/story/23/08/24/2233242/firefox-users-may-import-chrome-extensions-now Read the Slashdot coverage].&lt;br /&gt;
* &#039;&#039;&#039;Extension Restrictions&#039;&#039;&#039;: Mozilla occasionally restricts add-ons on specific domains. To disable these restrictions and allow uBlock Origin to operate aggressively everywhere, read [https://12bytes.org/tech/mozilla-wants-more-control-over-your-add-ons/ 12bytes&#039; analysis] and their [https://12bytes.org/ublock-origin-suggested-settings/ uBlock suggested settings].&lt;br /&gt;
&lt;br /&gt;
== Browser UI &amp;amp; Maintenance Tweaks ==&lt;br /&gt;
&lt;br /&gt;
* &#039;&#039;&#039;Verify Database Integrity&#039;&#039;&#039;: Navigate to &amp;lt;code&amp;gt;about:support&amp;lt;/code&amp;gt; -&amp;gt; Scroll down to &#039;&#039;&#039;Places Database&#039;&#039;&#039; -&amp;gt; Click &#039;&#039;&#039;Verify Integrity&#039;&#039;&#039;.&lt;br /&gt;
* &#039;&#039;&#039;Turn Off Firefox Sidebar&#039;&#039;&#039;: [https://utcc.utoronto.ca/~cks/space/blog/web/FirefoxPdfViewerSidebarOff Guide to disabling the PDF viewer sidebar].&lt;br /&gt;
* &#039;&#039;&#039;Disable Firefox Translator&#039;&#039;&#039;: [https://xnacly.me/posts/2023/disable-firefox-translation/ Guide to disabling built-in local translation].&lt;br /&gt;
* &#039;&#039;&#039;Block Pop-Ups&#039;&#039;&#039;: [https://support.mozilla.org/bm/questions/1369602 Mozilla Support thread on native pop-up blocking].&lt;br /&gt;
* &#039;&#039;&#039;GeckoView Config&#039;&#039;&#039;: You can access deeper settings via [chrome://geckoview/content/config.xhtml chrome://geckoview/content/config.xhtml].&lt;br /&gt;
&lt;br /&gt;
== Comprehensive Hardening Guides &amp;amp; Reading ==&lt;br /&gt;
&lt;br /&gt;
* [https://github.com/awesome-windows11/firefox Awesome Firefox]&lt;br /&gt;
* [https://github.com/JArmandoG/Firefox-Hardening JArmandoG&#039;s Firefox Hardening Guide]&lt;br /&gt;
* [https://github.com/drduh/macOS-Security-and-Privacy-Guide#browser drduh&#039;s macOS Browser Privacy Guide]&lt;br /&gt;
* [https://sunknudsen.com/privacy-guides sunknudsen&#039;s Privacy Guides]&lt;br /&gt;
* [https://wrongthink.link/posts/hardened-web-browser/ Wrongthink: Hardened Web Browser]&lt;br /&gt;
* [https://unixsheikh.com/articles/choose-your-browser-carefully.html#tweaking-firefox Unixsheikh: Tweaking Firefox]&lt;br /&gt;
* [https://spyware.neocities.org/guides/firefox Spyware Watchdog: Firefox Mitigation]&lt;br /&gt;
* [https://fingerprint.com/blog/browser-anti-fingerprinting-techniques/ Fingerprint.com: Browser Anti-Fingerprinting Techniques]&lt;br /&gt;
* [https://gist.github.com/atcuno/3425484ac5cce5298932 atcuno&#039;s Privacy Guide] (Outdated but helpful concepts)&lt;br /&gt;
* [https://github.com/CISOfy/privacy-guide/blob/master/browser-security.md CISOfy Browser Security Guide]&lt;br /&gt;
* [http://kb.mozillazine.org/Category:Firefox MozillaZine Firefox Wiki]&lt;br /&gt;
&lt;br /&gt;
[[Category:Hardening]]&lt;br /&gt;
[[Category:Web browsers]]&lt;br /&gt;
[[Category:Privacy]]&lt;br /&gt;
[[Category:Security]]&lt;/div&gt;</summary>
		<author><name>Admin</name></author>
	</entry>
	<entry>
		<id>https://wiki.n216.dedyn.io/index.php?title=My_Firefox_Settings&amp;diff=45</id>
		<title>My Firefox Settings</title>
		<link rel="alternate" type="text/html" href="https://wiki.n216.dedyn.io/index.php?title=My_Firefox_Settings&amp;diff=45"/>
		<updated>2026-05-17T20:46:25Z</updated>

		<summary type="html">&lt;p&gt;Admin: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== THIS ARTICLE IS IMPORTED FROM MY OLD NOTE-TAKING APP AND MAY BE OUTDATED ==&lt;br /&gt;
&lt;br /&gt;
== Remove Add-ons ==&lt;br /&gt;
&lt;br /&gt;
&amp;lt;syntaxhighlight lang=&amp;quot;bash&amp;quot;&amp;gt;&lt;br /&gt;
cd /usr/lib/firefox/browser/features&lt;br /&gt;
doas rm *.xpi&lt;br /&gt;
&amp;lt;/syntaxhighlight&amp;gt;&lt;br /&gt;
&lt;br /&gt;
== Firefox Settings for Hardening ==&lt;br /&gt;
=== [https://github.com/awesome-windows11/firefox Awesome Firefox] ===&lt;br /&gt;
=== [https://gist.github.com/atcuno/3425484ac5cce5298932#reqpluginsff atcuno&#039;s Privacy Guide] ===&lt;br /&gt;
=== [https://github.com/drduh/macOS-Security-and-Privacy-Guide#browser drduh&#039;s Guide] ===&lt;br /&gt;
&lt;br /&gt;
=== [https://sunknudsen.com/privacy-guides sunknudsen&#039;s Guide] ===&lt;br /&gt;
&lt;br /&gt;
=== [https://wrongthink.link/posts/hardened-web-browser/ Wrongthink Guide] ===&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Disable Firefox SessionStore in about:config ===&lt;br /&gt;
&lt;br /&gt;
=== Disable browser.urlbar.maxRichResults ===&lt;br /&gt;
&lt;br /&gt;
=== about:support -&amp;gt; Places Database -&amp;gt; Verify Integrity ===&lt;br /&gt;
&lt;br /&gt;
=== Turn Off Firefox Sidebar ===&lt;br /&gt;
Look [https://utcc.utoronto.ca/~cks/space/blog/web/FirefoxPdfViewerSidebarOff here].&lt;br /&gt;
&lt;br /&gt;
=== Disable Firefox Translator [https://xnacly.me/posts/2023/disable-firefox-translation/ here] ===&lt;br /&gt;
&lt;br /&gt;
=== Disable Firefox Restricted Domains and Make uBlock more Agressive ===&lt;br /&gt;
Look [https://12bytes.org/tech/mozilla-wants-more-control-over-your-add-ons/ here] and [https://12bytes.org/ublock-origin-suggested-settings/ here].&lt;br /&gt;
&lt;br /&gt;
=== Fingerprint.com&#039;s Blog [https://fingerprint.com/blog/browser-anti-fingerprinting-techniques/ Post] ===&lt;br /&gt;
&lt;br /&gt;
=== Disable CSS Visited Links ===&lt;br /&gt;
Look [https://www.reddit.com/r/privacy/comments/15fddo0/retrieving_your_browsing_history_through_a/juf5br1/ here].&lt;br /&gt;
&lt;br /&gt;
=== Firefox user.js generators ===&lt;br /&gt;
[https://ffprofile.com ffprofile.com]&lt;br /&gt;
&lt;br /&gt;
=== How to Block Pop-Ups in Firefox ===&lt;br /&gt;
Look [https://support.mozilla.org/bm/questions/1369602 here]&lt;br /&gt;
&lt;br /&gt;
=== Chrome Extensions on Firefox ===&lt;br /&gt;
Look [https://news.slashdot.org/story/23/08/24/2233242/firefox-users-may-import-chrome-extensions-now?utm_source=rss1.0mainlinkanon&amp;amp;utm_medium=feed here]&lt;br /&gt;
&lt;br /&gt;
=== Outdated but helpful [https://gist.github.com/atcuno/3425484ac5cce5298932 guide] ===&lt;br /&gt;
&lt;br /&gt;
=== Oh, [https://github.com/CISOfy/privacy-guide/blob/master/browser-security.md one more] ===&lt;br /&gt;
&lt;br /&gt;
=== My Notes From ffprofile.com (with my opinions) ===&lt;br /&gt;
You can change your user-agent to more common than Firefox&#039;s default user-agent.&lt;br /&gt;
&lt;br /&gt;
[https://techblog.willshouse.com/2012/01/03/most-common-user-agents/ This] website shows most common user-agents.&lt;br /&gt;
&lt;br /&gt;
Or you can use [https://www.useragents.me/ this] or [https://www.whatismybrowser.com/guides/the-latest-user-agent/chrome this] website.&lt;br /&gt;
&lt;br /&gt;
But because of Firefox isn&#039;t Chromium-based, it can make you [https://deviceinfo.me more unique] ([https://www.billdietrich.me/ComputerPrivacy.html list of alternative tools]) (because of some engine differences) instead less unique.&lt;br /&gt;
&lt;br /&gt;
=== Templates ===&lt;br /&gt;
# [https://github.com/arkenfox/user.js/raw/master/user.js Arkenfox] (well-known)&lt;br /&gt;
# [https://raw.githubusercontent.com/pyllyukko/user.js/master/user.js Pyllyukko]&lt;br /&gt;
# [https://git.nixnet.services/Narsil/desktop_user.js/raw/branch/master/user.js Narsil&#039;s user.js] (privacy focused not security)&lt;br /&gt;
&lt;br /&gt;
# [https://codeberg.org/polarhive/vulpes Vulpes]&lt;br /&gt;
# [https://git.nixnet.services/Narsil/palemoon_user.js Narsil&#039;s user.js for Pale Moon] (for Pale Moon) (privacy focused not security)&lt;br /&gt;
# [https://git.sr.ht/~krathalan/firefox-complement krathalan config]&lt;br /&gt;
# [https://github.com/simeononsecurity/FireFox-Privacy-Script simeononsec FireFox Script]&lt;br /&gt;
# [https://vermaden.wordpress.com/2024/03/18/sensible-firefox-setup/ vermaden]&lt;br /&gt;
&lt;br /&gt;
=== Guides for Firefox Hardening ===&lt;br /&gt;
[https://github.com/JArmandoG/Firefox-Hardening JArmandoG&#039;s Guide]&lt;br /&gt;
&lt;br /&gt;
[https://spyware.neocities.org/guides/firefox Spyware Watchdog Mitigation Guide]&lt;br /&gt;
&lt;br /&gt;
==== My Notes From JArmandoG&#039;s Guide ====&lt;br /&gt;
These are some about:config options to consider changing after applied user.js settings.&lt;br /&gt;
# security.tls.version.min -&amp;gt; 3&lt;br /&gt;
# network.http.referrer.spoofSource -&amp;gt; true&lt;br /&gt;
# browser.display.use_document_fonts -&amp;gt; 0&lt;br /&gt;
&lt;br /&gt;
==== My Notes From Spyware Watchdog Guide ====&lt;br /&gt;
You need to delete several default plugins in Firefox directory at /path/to/Firefox/browser/features &lt;br /&gt;
&lt;br /&gt;
(I.e. /usr/lib/Firefox/browser/features/) that can violate privacy:&lt;br /&gt;
&lt;br /&gt;
* firefox@getpocket.com.xpi — Pocket&lt;br /&gt;
* followonsearch@mozilla.com.xpi — Follow-On Search&lt;br /&gt;
* activity-stream@mozilla.org.xpi — Activity Stream&lt;br /&gt;
* screenshots@mozilla.org.xpi — Screenshots&lt;br /&gt;
* onboarding@mozilla.org.xpi — Onboarding&lt;br /&gt;
* formautofill@mozilla.org.xpi — Autofill&lt;br /&gt;
* webcompat@mozilla.org.xpi — Web Compatibility Reporter&lt;br /&gt;
&lt;br /&gt;
==== My Notes From Mullvad DNS Blog ====&lt;br /&gt;
In about:config make this: network.trr.mode -&amp;gt; 3&lt;br /&gt;
&lt;br /&gt;
Or change the “DNS protection” preference in Settings.&lt;br /&gt;
&lt;br /&gt;
It will force DNS over HTTPS every time you make a DNS request. (even if your DNS server doesn&#039;t respond)&lt;br /&gt;
&lt;br /&gt;
==== My Notes From Unixsheikh ====&lt;br /&gt;
Look [https://unixsheikh.com/articles/choose-your-browser-carefully.html#tweaking-firefox here]&lt;br /&gt;
&lt;br /&gt;
==== My Notes From [https://pedantic.software/fxc/blog/why_there_is_no_css_on_my_website.html Pedantic Software Blog] ====&lt;br /&gt;
“For Google, I take this even further: if redirections are disabled (in Firefox&#039;s about:config, set accessibility.blockautorefresh to true; this used to be available in the normal config dialog, in the good old days), in addition to both CSS and javascript being disabled, then you&#039;ll see a simple page with the unmangled results links.”&lt;br /&gt;
&lt;br /&gt;
==== Config Page ====&lt;br /&gt;
[chrome://geckoview/content/config.xhtml Open it…]&lt;br /&gt;
[http://kb.mozillazine.org/Category:Firefox Wiki]&lt;br /&gt;
&lt;br /&gt;
==== One More Thing ====&lt;br /&gt;
In about config, do this:&lt;br /&gt;
&lt;br /&gt;
* media.autoplay.enabled -&amp;gt; false&lt;br /&gt;
* media.cache_readahead_limit = 0&lt;br /&gt;
* media.cache_resume_threshold = 10&lt;br /&gt;
* media.autoplay.blocking_policy = 1&lt;br /&gt;
* media.autoplay.allow-muted -&amp;gt; false&lt;br /&gt;
&lt;br /&gt;
This will disable autoplay and reduce video caching.&lt;br /&gt;
&lt;br /&gt;
=== I don&#039;t know if it is necessary or not ===&lt;br /&gt;
about:config settings but haven&#039;t tried it yet (I temporarily switched to Chromium)&lt;br /&gt;
&lt;br /&gt;
* social.whitelist -&amp;gt; nothing&lt;br /&gt;
* social.toast-notifications.enabled -&amp;gt; false&lt;br /&gt;
* social.shareDirectory -&amp;gt; nothing&lt;br /&gt;
* social.remote-install.enabled -&amp;gt; false&lt;br /&gt;
* social.directories -&amp;gt; nothing&lt;br /&gt;
* social.share.activationPanelEnabled -&amp;gt; false&lt;br /&gt;
* browser.sessionstore.interval -&amp;gt; set it too high&lt;br /&gt;
&lt;br /&gt;
=== ximatrix extension ===&lt;br /&gt;
ximatrix is a Firefox extension similar to uMatrix. ximatrix can block anything that uMatrix can. It&#039;s also can block inline things.&lt;br /&gt;
You can look the code with [https://github.com/xi/xiMatrix this] link.&lt;br /&gt;
Or you can use [https://gitler.moe/Wrongthink/paraMatrix paraMatrix] which is fork of ximatrix.&lt;br /&gt;
&lt;br /&gt;
[[Category:Hardening]]&lt;br /&gt;
[[Category:Web browsers]]&lt;br /&gt;
[[Category:Privacy]]&lt;br /&gt;
[[Category:Security]]&lt;/div&gt;</summary>
		<author><name>Admin</name></author>
	</entry>
	<entry>
		<id>https://wiki.n216.dedyn.io/index.php?title=My_Firefox_Settings&amp;diff=44</id>
		<title>My Firefox Settings</title>
		<link rel="alternate" type="text/html" href="https://wiki.n216.dedyn.io/index.php?title=My_Firefox_Settings&amp;diff=44"/>
		<updated>2026-05-17T20:42:20Z</updated>

		<summary type="html">&lt;p&gt;Admin: Created page with &amp;quot;== Remove Addons ==  &amp;lt;syntaxhighlight lang=&amp;quot;bash&amp;quot;&amp;gt; cd /usr/lib/firefox/browser/features doas rm *.xpi &amp;lt;/syntaxhighlight&amp;gt;  == Firefox Settings for Hardening ==   === [https://github.com/awesome-windows11/firefox Awesome Firefox] and [https://gist.github.com/atcuno/3425484ac5cce5298932#reqpluginsff atcuno&amp;#039;s Privacy Guide] and [https://github.com/drduh/macOS-Security-and-Privacy-Guide#browser drduh&amp;#039;s Guide] ===  === [https://sunknudsen.com/privacy-guides Some Thingies] ===...&amp;quot;&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== Remove Addons ==&lt;br /&gt;
&lt;br /&gt;
&amp;lt;syntaxhighlight lang=&amp;quot;bash&amp;quot;&amp;gt;&lt;br /&gt;
cd /usr/lib/firefox/browser/features&lt;br /&gt;
doas rm *.xpi&lt;br /&gt;
&amp;lt;/syntaxhighlight&amp;gt;&lt;br /&gt;
&lt;br /&gt;
== Firefox Settings for Hardening ==&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== [https://github.com/awesome-windows11/firefox Awesome Firefox] and [https://gist.github.com/atcuno/3425484ac5cce5298932#reqpluginsff atcuno&#039;s Privacy Guide] and [https://github.com/drduh/macOS-Security-and-Privacy-Guide#browser drduh&#039;s Guide] ===&lt;br /&gt;
&lt;br /&gt;
=== [https://sunknudsen.com/privacy-guides Some Thingies] ===&lt;br /&gt;
&lt;br /&gt;
=== [https://wrongthink.link/posts/hardened-web-browser/ Some One More Guide] ===&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== Disable Firefox SessionStore in about:config ===&lt;br /&gt;
&lt;br /&gt;
=== Disable browser.urlbar.maxRichResults ===&lt;br /&gt;
&lt;br /&gt;
=== about:support -&amp;gt; Places Database -&amp;gt; Verify Integrity ===&lt;br /&gt;
&lt;br /&gt;
=== Turn Off Firefox Sidebar ===&lt;br /&gt;
Look [https://utcc.utoronto.ca/~cks/space/blog/web/FirefoxPdfViewerSidebarOff here].&lt;br /&gt;
&lt;br /&gt;
=== Disable Firefox Translator [https://xnacly.me/posts/2023/disable-firefox-translation/ here] ===&lt;br /&gt;
&lt;br /&gt;
=== Disable Firefox Restricted Domains and Make uBlock more Agressive ===&lt;br /&gt;
Look [https://12bytes.org/tech/mozilla-wants-more-control-over-your-add-ons/ here] and [https://12bytes.org/ublock-origin-suggested-settings/ here].&lt;br /&gt;
&lt;br /&gt;
=== Fingerprint.com&#039;s Blog [https://fingerprint.com/blog/browser-anti-fingerprinting-techniques/ Post] ===&lt;br /&gt;
&lt;br /&gt;
=== Disable CSS Visited Links ===&lt;br /&gt;
Look [https://www.reddit.com/r/privacy/comments/15fddo0/retrieving_your_browsing_history_through_a/juf5br1/ here].&lt;br /&gt;
&lt;br /&gt;
=== Firefox user.js generators ===&lt;br /&gt;
[https://ffprofile.com ffprofile.com]&lt;br /&gt;
&lt;br /&gt;
=== How to Block Pop-Ups in Firefox ===&lt;br /&gt;
Look [https://support.mozilla.org/bm/questions/1369602 here]&lt;br /&gt;
&lt;br /&gt;
=== Chrome Extensions on Firefox ===&lt;br /&gt;
Look [https://news.slashdot.org/story/23/08/24/2233242/firefox-users-may-import-chrome-extensions-now?utm_source=rss1.0mainlinkanon&amp;amp;utm_medium=feed here]&lt;br /&gt;
&lt;br /&gt;
=== Outdated but helpful [https://gist.github.com/atcuno/3425484ac5cce5298932 guide] ===&lt;br /&gt;
&lt;br /&gt;
=== Oh, [https://github.com/CISOfy/privacy-guide/blob/master/browser-security.md one more] ===&lt;br /&gt;
&lt;br /&gt;
=== My Notes From ffprofile.com (with my opinions) ===&lt;br /&gt;
You can change your user-agent to more common than Firefox&#039;s default user-agent.&lt;br /&gt;
&lt;br /&gt;
[https://techblog.willshouse.com/2012/01/03/most-common-user-agents/ This] website shows most common user-agents.&lt;br /&gt;
&lt;br /&gt;
Or you can use [https://www.useragents.me/ this] or [https://www.whatismybrowser.com/guides/the-latest-user-agent/chrome this] website.&lt;br /&gt;
&lt;br /&gt;
But because of Firefox isn&#039;t Chromium-based, it can make you [https://deviceinfo.me more unique] ([https://www.billdietrich.me/ComputerPrivacy.html list of alternative tools]) (because of some engine differences) instead less unique.&lt;br /&gt;
&lt;br /&gt;
=== Templates ===&lt;br /&gt;
# [https://github.com/arkenfox/user.js/raw/master/user.js Arkenfox] (well-known)&lt;br /&gt;
# [https://raw.githubusercontent.com/pyllyukko/user.js/master/user.js Pyllyukko]&lt;br /&gt;
# [https://git.nixnet.services/Narsil/desktop_user.js/raw/branch/master/user.js Narsil&#039;s user.js] (privacy focused not security)&lt;br /&gt;
&lt;br /&gt;
# [https://codeberg.org/polarhive/vulpes Vulpes]&lt;br /&gt;
# [https://git.nixnet.services/Narsil/palemoon_user.js Narsil&#039;s user.js for Pale Moon] (for Pale Moon) (privacy focused not security)&lt;br /&gt;
# [https://git.sr.ht/~krathalan/firefox-complement krathalan config]&lt;br /&gt;
# [https://github.com/simeononsecurity/FireFox-Privacy-Script simeononsec FireFox Script]&lt;br /&gt;
# [https://vermaden.wordpress.com/2024/03/18/sensible-firefox-setup/ vermaden]&lt;br /&gt;
&lt;br /&gt;
=== Guides for Firefox Hardening ===&lt;br /&gt;
[https://github.com/JArmandoG/Firefox-Hardening JArmandoG&#039;s Guide]&lt;br /&gt;
&lt;br /&gt;
[https://spyware.neocities.org/guides/firefox Spyware Watchdog Mitigation Guide]&lt;br /&gt;
&lt;br /&gt;
==== My Notes From JArmandoG&#039;s Guide ====&lt;br /&gt;
These are some about:config options to consider changing after applied user.js settings.&lt;br /&gt;
# security.tls.version.min -&amp;gt; 3&lt;br /&gt;
# network.http.referrer.spoofSource -&amp;gt; true&lt;br /&gt;
# browser.display.use_document_fonts -&amp;gt; 0&lt;br /&gt;
&lt;br /&gt;
==== My Notes From Spyware Watchdog Guide ====&lt;br /&gt;
You need to delete several default plugins in Firefox directory at /path/to/Firefox/browser/features &lt;br /&gt;
&lt;br /&gt;
(I.e. /usr/lib/Firefox/browser/features/) that can violate privacy:&lt;br /&gt;
&lt;br /&gt;
* firefox@getpocket.com.xpi — Pocket&lt;br /&gt;
* followonsearch@mozilla.com.xpi — Follow-On Search&lt;br /&gt;
* activity-stream@mozilla.org.xpi — Activity Stream&lt;br /&gt;
* screenshots@mozilla.org.xpi — Screenshots&lt;br /&gt;
* onboarding@mozilla.org.xpi — Onboarding&lt;br /&gt;
* formautofill@mozilla.org.xpi — Autofill&lt;br /&gt;
* webcompat@mozilla.org.xpi — Web Compatibility Reporter&lt;br /&gt;
&lt;br /&gt;
==== My Notes From Mullvad DNS Blog ====&lt;br /&gt;
In about:config make this: network.trr.mode -&amp;gt; 3&lt;br /&gt;
&lt;br /&gt;
Or change the &amp;quot;DNS protection&amp;quot; preference in Settings.&lt;br /&gt;
&lt;br /&gt;
It will force DNS over HTTPS every time you make a DNS request. (even if your DNS server doesn&#039;t respond)&lt;br /&gt;
&lt;br /&gt;
==== My Notes From Unixsheikh ====&lt;br /&gt;
Look [https://unixsheikh.com/articles/choose-your-browser-carefully.html#tweaking-firefox here]&lt;br /&gt;
&lt;br /&gt;
==== My Notes From [https://pedantic.software/fxc/blog/why_there_is_no_css_on_my_website.html Pedantic Software Blog] ====&lt;br /&gt;
&amp;quot;For google, I take this even further: if redirections are disabled (in Firefox&#039;s about:config, set accessibility.blockautorefresh to true; this used to be available in the normal config dialog, in the good old days), in addition to both CSS and javascript being disabled, then you&#039;ll see a simple page with the unmangled results links.&amp;quot;&lt;br /&gt;
&lt;br /&gt;
==== Config Page ====&lt;br /&gt;
[chrome://geckoview/content/config.xhtml Open it...]&lt;br /&gt;
[http://kb.mozillazine.org/Category:Firefox Wiki]&lt;br /&gt;
&lt;br /&gt;
==== One More Thing ====&lt;br /&gt;
In about config, do this:&lt;br /&gt;
&lt;br /&gt;
* media.autoplay.enabled -&amp;gt; false&lt;br /&gt;
* media.cache_readahead_limit = 0&lt;br /&gt;
* media.cache_resume_threshold = 10&lt;br /&gt;
* media.autoplay.blocking_policy = 1&lt;br /&gt;
* media.autoplay.allow-muted -&amp;gt; false&lt;br /&gt;
&lt;br /&gt;
This will disable autoplay and reduce video caching.&lt;br /&gt;
&lt;br /&gt;
=== I don&#039;t know if it is necessary or not ===&lt;br /&gt;
about:config settings but haven&#039;t tried it yet (I temporarily switched to Chromium)&lt;br /&gt;
&lt;br /&gt;
* social.whitelist -&amp;gt; nothing&lt;br /&gt;
* social.toast-notifications.enabled -&amp;gt; false&lt;br /&gt;
* social.shareDirectory -&amp;gt; nothing&lt;br /&gt;
* social.remote-install.enabled -&amp;gt; false&lt;br /&gt;
* social.directories -&amp;gt; nothing&lt;br /&gt;
* social.share.activationPanelEnabled -&amp;gt; false&lt;br /&gt;
* browser.sessionstore.interval -&amp;gt; set it too high&lt;br /&gt;
&lt;br /&gt;
=== ximatrix extension ===&lt;br /&gt;
ximatrix is a Firefox extension similar to uMatrix. ximatrix can block anything that uMatrix can. It&#039;s also can block inline things.&lt;br /&gt;
You can look the code with [https://github.com/xi/xiMatrix this] link.&lt;br /&gt;
Or you can use [https://gitler.moe/Wrongthink/paraMatrix paraMatrix] which is fork of ximatrix.&lt;br /&gt;
&lt;br /&gt;
=== Enable Wayland ===&lt;br /&gt;
Search about it and enable Wayland support in Firefox.&lt;br /&gt;
&lt;br /&gt;
[[Category:Hardening]]&lt;br /&gt;
[[Category:Web browsers]]&lt;br /&gt;
[[Category:Privacy]]&lt;br /&gt;
[[Category:Security]]&lt;/div&gt;</summary>
		<author><name>Admin</name></author>
	</entry>
	<entry>
		<id>https://wiki.n216.dedyn.io/index.php?title=Privacy_and_Security&amp;diff=41</id>
		<title>Privacy and Security</title>
		<link rel="alternate" type="text/html" href="https://wiki.n216.dedyn.io/index.php?title=Privacy_and_Security&amp;diff=41"/>
		<updated>2026-05-17T20:35:01Z</updated>

		<summary type="html">&lt;p&gt;Admin: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;[[How to do OSINT and protect your data]]&lt;br /&gt;
&lt;br /&gt;
[[How to bypass ISP censorship]]&lt;br /&gt;
&lt;br /&gt;
[[The Offline-First Mobile Setup]]&lt;br /&gt;
&lt;br /&gt;
[[My Firefox Settings]]&lt;/div&gt;</summary>
		<author><name>Admin</name></author>
	</entry>
	<entry>
		<id>https://wiki.n216.dedyn.io/index.php?title=The_Offline-First_Mobile_Setup&amp;diff=40</id>
		<title>The Offline-First Mobile Setup</title>
		<link rel="alternate" type="text/html" href="https://wiki.n216.dedyn.io/index.php?title=The_Offline-First_Mobile_Setup&amp;diff=40"/>
		<updated>2026-05-17T18:58:22Z</updated>

		<summary type="html">&lt;p&gt;Admin: /* What do you need from a phone? */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== Offline-First Emergency and Private Phone Setup ==&lt;br /&gt;
Most of the tracking by companies are done using online connections. So the fastest and easiest way to prevent that is to take your phone into airplane mode, assuming your phone manufacturer didn&#039;t put any backdoors in airplane mode function (they probably did, but it is still a valuable feature).&lt;br /&gt;
&lt;br /&gt;
If you have root, you can use a feature of [https://github.com/ukanth/afwall AFWall+] to prevent apps from accessing internet without having to give VPN slot to it or its alternatives. Alternatively you can use root to remove the internet permission from apps. Some ROMs like [https://www.mi.com/global/hyperos/ HyperOS] (aka MIUI) and [https://grapheneos.org/ Graphene OS] allows you to do this without having root. It also reduces mobile data usage and cost.&lt;br /&gt;
&lt;br /&gt;
The second use case for going offline-first is being able to use your phone in an emergency when internet services are not available (examples include earthquakes and regular service disruptions an ISP/GSM can have).&lt;br /&gt;
&lt;br /&gt;
Third use case is you are guaranteeing being able to access what is necessary for you in a censorship situation. What you already downloaded can not be deleted remotely in most cases (there was a case when Huawei phones deleted photos from peoples gallery to censor info related to protests).&lt;br /&gt;
&lt;br /&gt;
=== What do you need from a phone? ===&lt;br /&gt;
Put your phone away and think what will you miss first if it didn&#039;t even existed. Here is a table of what I thought and solutions I found:&lt;br /&gt;
{| class=&amp;quot;wikitable sortable&amp;quot;&lt;br /&gt;
|+&lt;br /&gt;
!What do I need?&lt;br /&gt;
!Description and Solution&lt;br /&gt;
!Download Link&lt;br /&gt;
|-&lt;br /&gt;
|Being able to research information&lt;br /&gt;
|Internet is a valuable research tool. We will download the information before requiring it to solve this issue. Download [https://kiwix.org/en/download/ Kiwix] in your phone. Then download sources which you think it will be useful. My recommendations are:&lt;br /&gt;
&lt;br /&gt;
* Wikipedia: Try to download the largest edition of Wikipedia from the list. It will cost a lot of storage. But it worths it since you can use it as a dictionary too. You can download Wiktionary too if you want a separate dictionary.&lt;br /&gt;
* Gutenberg Project: Collection of books in a single file.&lt;br /&gt;
* Stack Overflow/Stack Exchange collection: If you have a computer you need to fix, consider adding them to help you.&lt;br /&gt;
* Arch/Alpine/Gentoo Wiki: Specialized wikis when you need Linux manuals.&lt;br /&gt;
* iFixit: Hardware repair guides.&lt;br /&gt;
* Xkcd: Nerdy comics.&lt;br /&gt;
&lt;br /&gt;
This should cover most needs. You can always download more resources afterward.&lt;br /&gt;
&lt;br /&gt;
If you want to have a separate dictionary app, consider installing [https://github.com/itkach/aard2-android Aard2] or [https://github.com/rdoeffinger/Dictionary QuickDic]. They are faster for day to day use.&lt;br /&gt;
&lt;br /&gt;
You may want to download [https://linuxcommandlibrary.com/ Linux Command Library] app to look up useful commands faster.&lt;br /&gt;
&lt;br /&gt;
There is a dedicated app called [https://f-droid.org/en/packages/de.naturalnet.mirwtfapp/ WTF] for checking abbreviations meaning.&lt;br /&gt;
|&lt;br /&gt;
* [https://kiwix.org/en/download/ Kiwix]&lt;br /&gt;
* [https://github.com/itkach/aard2-android Aard2]&lt;br /&gt;
* [https://github.com/rdoeffinger/Dictionary QuickDic]&lt;br /&gt;
* [https://linuxcommandlibrary.com/ Linux Command Library]&lt;br /&gt;
* [https://f-droid.org/en/packages/de.naturalnet.mirwtfapp/ WTF]&lt;br /&gt;
|-&lt;br /&gt;
|Communication&lt;br /&gt;
|Phones original reason to exist. Connecting people. &lt;br /&gt;
You can use [https://briarproject.org/ Briar] to send messages without requiring internet, but you will need to convince other people to install it too. [https://briarproject.org/ Briar] can send messages using Wi-Fi, Bluetooth, and Tor (if you want internet as a fallback). If your city has many people using [https://briarproject.org/ Briar], the coverage, and range will be better.  &lt;br /&gt;
&lt;br /&gt;
Alternatively you can use [https://meshtastic.org/ Meshtastic] devices paired to your phone if there are volunteer-run [https://meshtastic.org/ Meshtastic] antennas near you. &lt;br /&gt;
&lt;br /&gt;
If you are not sure about coverage of [https://briarproject.org/ Briar]/[https://meshtastic.org/ Meshtastic] or just want a fallback, consider RCS or encrypted SMS. They are not the most secure or private methods. But as long as you have a signal they will work. DO NOT use SMS without encryption if you want contents of the message to be private. RCS sadly only works on proprietary messengers like [https://play.google.com/store/apps/details?id=com.google.android.apps.messaging Google Messages] or [https://play.google.com/store/apps/details?id=com.samsung.android.messaging Samsung Messages]. Encrypted SMS can be used by installing one of these apps (you will need to convince your contacts to install these apps too):&lt;br /&gt;
&lt;br /&gt;
* [https://dekusms.com/ DekuSMS]: E2EE for SMS messages. Needs Android 7 or later. Image sharing over SMS (not MMS)&lt;br /&gt;
* [https://f-droid.org/packages/org.smssecure.smssecure/ Silence]: Not updated anymore. Fork of an old [https://signal.org/ Signal] version. E2EE SMS. Supports SMS over VoWiFi. Android 6 or later. Latest version is crashing so download an older build.&lt;br /&gt;
* [https://github.com/amnesica/KryptEY KryptEY]: If any of these apps don&#039;t work for you, there is [https://github.com/amnesica/KryptEY KryptEY]. It is an innovative app that can turn any chat app into an E2EE one by auto encrypting/decrypting messages and being your secondary keyboard. Uses [https://signal.org/ Signal] encryption too. Switching between keyboards may be exhausting for your contacts so choose if there are no other options.&lt;br /&gt;
|&lt;br /&gt;
* [https://briarproject.org/ Briar]&lt;br /&gt;
* [https://meshtastic.org/ Meshtastic]&lt;br /&gt;
* [https://play.google.com/store/apps/details?id=com.google.android.apps.messaging Google Messages]&lt;br /&gt;
* [https://play.google.com/store/apps/details?id=com.samsung.android.messaging Samsung Messages]&lt;br /&gt;
* [https://dekusms.com/ DekuSMS]&lt;br /&gt;
* [https://f-droid.org/packages/org.smssecure.smssecure/ Silence]&lt;br /&gt;
* [https://github.com/amnesica/KryptEY KryptEY]&lt;br /&gt;
* [https://signal.org/ Signal]&lt;br /&gt;
|-&lt;br /&gt;
|Navigation&lt;br /&gt;
|Being able to navigate without doxxing yourself to GSM towers is important. This means your location will be known by one less entity. Also do not trust coverage of your GSM, it can just fail (only trust it as a fallback). Use [https://www.comaps.app/ CoMaps] (fork of [https://organicmaps.app/ Organic Maps]) or [https://osmand.net/ OsmAnd+] and download maps for your city and other places you can be in. [https://www.comaps.app/ CoMaps] doesn&#039;t have bus routes support still AFAIK, so I keep both apps installed just in case. If you need a nice UI and bus support, you can try using [https://maps.me/ MAPS.ME], but it is proprietary.&lt;br /&gt;
|&lt;br /&gt;
* [https://www.comaps.app/ CoMaps]&lt;br /&gt;
* [https://organicmaps.app/ Organic Maps]&lt;br /&gt;
* [https://osmand.net/ OsmAnd+]&lt;br /&gt;
* [https://maps.me/ MAPS.ME]&lt;br /&gt;
|-&lt;br /&gt;
|Using LLMs (maybe)&lt;br /&gt;
|If your phone has a powerful CPU and plenty of RAM you can try running LLMs on it. It can be sometimes faster to ask an LLM instead of searching inside archives. The con here being heavy battery usage and risk of hallucination by LLM software. Install [https://github.com/Mobile-Artificial-Intelligence/maid Maid] app.&lt;br /&gt;
|&lt;br /&gt;
* [https://github.com/Mobile-Artificial-Intelligence/maid Maid]&lt;br /&gt;
|-&lt;br /&gt;
|Translation&lt;br /&gt;
|Translators are useful especially between English and your main tongue. You can use [https://github.com/DavidVentura/offline-translator Offline Translator]. It is not the best, but it will do the job. &lt;br /&gt;
You can still use [https://translate.google.com/ Google Translate] / [https://translate.yandex.com/ Yandex Translate] offline translation feature, but they are proprietary.&lt;br /&gt;
|&lt;br /&gt;
* [https://github.com/DavidVentura/offline-translator Offline Translator]&lt;br /&gt;
* [https://translate.google.com/ Google Translate]&lt;br /&gt;
* [https://translate.yandex.com/ Yandex Translate]&lt;br /&gt;
|-&lt;br /&gt;
|Entertainment&lt;br /&gt;
|I use [https://gitlab.com/proninyaroslav/libretorrent LibreTorrent] to download movies into my phone for later viewing. If there are no torrents for them, I use [https://play.google.com/store/apps/details?id=idm.internet.download.manager 1DM] (proprietary) to scrape movie websites. &lt;br /&gt;
For games, I have [https://www.retroarch.com/ RetroArch] with several game packs installed for several emulators. You can download other games like [https://f-droid.org/packages/org.petero.droidfish/ Droid Fish] (Chess Engine) and [https://www.luanti.org/ Luanti] too. I try to choose sandbox or board games since they are replayable anytime.&lt;br /&gt;
You may download news articles that interests you to read. I was using [https://github.com/Livinglist/Hacki Hacki] (Hacker News client) to download tech related news and read when I need to pass time outside. Most RSS readers (I recommend [https://f-droid.org/packages/com.nononsenseapps.feeder/ Feeder] and [https://github.com/readrops/Readrops Readrops]) allow you to read articles offline and then sync read status with your computers.&lt;br /&gt;
&lt;br /&gt;
You can use your phone as an e-book reader too. I was using [https://koreader.rocks/ KOReader] and [https://play.google.com/store/apps/details?id=org.readera ReadEra] (proprietary) to read my e-books.&lt;br /&gt;
&lt;br /&gt;
Download local music onto your phone. So you can listen anytime. [https://music.youtube.com/ YouTube Music] (proprietary) has a feature called “Smart Downloads” that automatically downloads songs you may like. [https://github.com/knighthat/Kreate Kreate] caches the songs you have listened to for offline listening. But the best method is just downloading songs using tools like [https://lucida.to/ Lucida] or [https://squid.wtf/ Squid WTF] into your phone. You can use [https://newpipe.net/ NewPipe] or [https://github.com/deniscerri/ytdlnis YTDLnis]/[https://github.com/JunkFood02/Seal Seal] to download songs from YouTube. Then install a player like [https://www.videolan.org/vlc/download-android.html VLC] to listen to them. Other proprietary apps like [https://open.spotify.com/ Spotify] can remove songs from your device if you connect to their servers at any time for copyright and other purposes.&lt;br /&gt;
&lt;br /&gt;
Download podcasts that interest you. [https://antennapod.org/ AntennaPod] has a feature that can auto-download content when they are available.&lt;br /&gt;
|&lt;br /&gt;
* [https://gitlab.com/proninyaroslav/libretorrent LibreTorrent]&lt;br /&gt;
* [https://play.google.com/store/apps/details?id=idm.internet.download.manager 1DM]&lt;br /&gt;
* [https://www.retroarch.com/ RetroArch]&lt;br /&gt;
* [https://f-droid.org/packages/org.petero.droidfish/ Droid Fish]&lt;br /&gt;
* [https://www.luanti.org/ Luanti]&lt;br /&gt;
* [https://github.com/Livinglist/Hacki Hacki]&lt;br /&gt;
* [https://f-droid.org/packages/com.nononsenseapps.feeder/ Feeder]&lt;br /&gt;
* [https://github.com/readrops/Readrops Readrops]&lt;br /&gt;
* [https://koreader.rocks/ KOReader]&lt;br /&gt;
* [https://play.google.com/store/apps/details?id=org.readera ReadEra]&lt;br /&gt;
* [https://music.youtube.com/ YouTube Music]&lt;br /&gt;
* [https://github.com/knighthat/Kreate Kreate]&lt;br /&gt;
* [https://lucida.to/ Lucida]&lt;br /&gt;
* [https://squid.wtf/ Squid WTF]&lt;br /&gt;
* [https://newpipe.net/ NewPipe]&lt;br /&gt;
* [https://github.com/deniscerri/ytdlnis YTDLnis]&lt;br /&gt;
* [https://github.com/JunkFood02/Seal Seal]&lt;br /&gt;
* [https://www.videolan.org/vlc/download-android.html VLC]&lt;br /&gt;
* [https://open.spotify.com/ Spotify]&lt;br /&gt;
* [https://antennapod.org/ AntennaPod]&lt;br /&gt;
|-&lt;br /&gt;
|General Real Life Helpers&lt;br /&gt;
|You can download the multipurpose [https://kylecorry.com/Trail-Sense/ Trail Sense] app. It has features you will need when outside. Compass, turning paper maps into digital ones with GPS, checking whatever a surface is really flat, convert between units, metal detector, mirror mode (so you do not take accidental selfies), save the path you walked, ruler, QR scanner, white noise and more. It has a built-in survival guide too for emergencies.&lt;br /&gt;
There is an app similar to [https://kylecorry.com/Trail-Sense/ Trail Sense] called [https://phyphox.org/ Phyphox]. It is mostly intended for science experiments. It allows you to use your phone sensors to measure anything your phone supports.&lt;br /&gt;
&lt;br /&gt;
The other useful app is [https://github.com/ligi/SurvivalManual Survival Manual]. The name explains all.&lt;br /&gt;
&lt;br /&gt;
Also, there are many apps that extend the core features of a phone. [https://f-droid.org/en/packages/org.woheller69.arity/ Arity calculator] has a 3D graph feature which might be useful for visualizing data. Some calculator apps offer currency conversion even when you are offline by caching up-to-date indexes automatically. &lt;br /&gt;
&lt;br /&gt;
Another thing you may need is an app that shows you Wi-Fi passwords of nearby shops and buildings. Unfortunately all Wi-Fi password apps are proprietary and may not include up-to-date passwords. &lt;br /&gt;
|&lt;br /&gt;
* [https://kylecorry.com/Trail-Sense/ Trail Sense]&lt;br /&gt;
* [https://phyphox.org/ Phyphox]&lt;br /&gt;
* [https://github.com/ligi/SurvivalManual Survival Manual]&lt;br /&gt;
* [https://f-droid.org/en/packages/org.woheller69.arity/ Arity calculator]&lt;br /&gt;
|-&lt;br /&gt;
|Memory Helpers&lt;br /&gt;
|A note-taking app and a password manager is very helpful outside. For noting I use [https://github.com/quillpad/quillpad Quill Pad]. For passwords, I use [https://www.keepassdx.com/ KeepassDX]. You can prefer [https://bitwarden.com/ Bitwarden] for easier sync. They should be able to run offline and sync only when you connect to a network.&lt;br /&gt;
|&lt;br /&gt;
* [https://github.com/quillpad/quillpad Quill Pad]&lt;br /&gt;
* [https://www.keepassdx.com/ KeepassDX]&lt;br /&gt;
* [https://bitwarden.com/ Bitwarden]&lt;br /&gt;
|-&lt;br /&gt;
|Wallet App&lt;br /&gt;
|You can use [https://apt.izzysoft.de/fdroid/index/apk/com.akylas.cardwallet OSS Card Wallet] to remember your card details even if you don&#039;t have them outside.&lt;br /&gt;
|&lt;br /&gt;
* [https://apt.izzysoft.de/fdroid/index/apk/com.akylas.cardwallet OSS Card Wallet]&lt;br /&gt;
|-&lt;br /&gt;
|File transfer&lt;br /&gt;
|Consider installing [https://localsend.org/ Local Send] to you and your friends phones. So you can transfer files easily if you are on same Wi-Fi network (you can always use your hotspot too).&lt;br /&gt;
|&lt;br /&gt;
* [https://localsend.org/ Local Send]&lt;br /&gt;
|}&lt;/div&gt;</summary>
		<author><name>Admin</name></author>
	</entry>
	<entry>
		<id>https://wiki.n216.dedyn.io/index.php?title=The_Offline-First_Mobile_Setup&amp;diff=39</id>
		<title>The Offline-First Mobile Setup</title>
		<link rel="alternate" type="text/html" href="https://wiki.n216.dedyn.io/index.php?title=The_Offline-First_Mobile_Setup&amp;diff=39"/>
		<updated>2026-05-17T18:49:36Z</updated>

		<summary type="html">&lt;p&gt;Admin: /* What do you need from a phone? */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== Offline-First Emergency and Private Phone Setup ==&lt;br /&gt;
Most of the tracking by companies are done using online connections. So the fastest and easiest way to prevent that is to take your phone into airplane mode, assuming your phone manufacturer didn&#039;t put any backdoors in airplane mode function (they probably did, but it is still a valuable feature).&lt;br /&gt;
&lt;br /&gt;
If you have root, you can use a feature of [https://github.com/ukanth/afwall AFWall+] to prevent apps from accessing internet without having to give VPN slot to it or its alternatives. Alternatively you can use root to remove the internet permission from apps. Some ROMs like [https://www.mi.com/global/hyperos/ HyperOS] (aka MIUI) and [https://grapheneos.org/ Graphene OS] allows you to do this without having root. It also reduces mobile data usage and cost.&lt;br /&gt;
&lt;br /&gt;
The second use case for going offline-first is being able to use your phone in an emergency when internet services are not available (examples include earthquakes and regular service disruptions an ISP/GSM can have).&lt;br /&gt;
&lt;br /&gt;
Third use case is you are guaranteeing being able to access what is necessary for you in a censorship situation. What you already downloaded can not be deleted remotely in most cases (there was a case when Huawei phones deleted photos from peoples gallery to censor info related to protests).&lt;br /&gt;
&lt;br /&gt;
=== What do you need from a phone? ===&lt;br /&gt;
Put your phone away and think what will you miss first if it didn&#039;t even existed. Here is a table of what I thought and solutions I found:&lt;br /&gt;
{| class=&amp;quot;wikitable sortable&amp;quot;&lt;br /&gt;
|+&lt;br /&gt;
!What do I need?&lt;br /&gt;
!Description and Solution&lt;br /&gt;
!Download Link&lt;br /&gt;
|-&lt;br /&gt;
|Being able to research information&lt;br /&gt;
|Internet is a valuable research tool. We will download the information before requiring it to solve this issue. Download [https://kiwix.org/en/download/ Kiwix] in your phone. Then download sources which you think it will be useful. My recommendations are:&lt;br /&gt;
&lt;br /&gt;
* Wikipedia: Try to download the largest edition of Wikipedia from the list. It will cost a lot of storage. But it worths it since you can use it as a dictionary too. You can download Wiktionary too if you want a separate dictionary.&lt;br /&gt;
* Gutenberg Project: Collection of books in a single file.&lt;br /&gt;
* Stack Overflow/Stack Exchange collection: If you have a computer you need to fix, consider adding them to help you.&lt;br /&gt;
* Arch/Alpine/Gentoo Wiki: Specialized wikis when you need Linux manuals.&lt;br /&gt;
* iFixit: Hardware repair guides.&lt;br /&gt;
* Xkcd: Nerdy comics.&lt;br /&gt;
&lt;br /&gt;
This should cover most needs. You can always download more resources afterward.&lt;br /&gt;
&lt;br /&gt;
If you want to have a separate dictionary app, consider installing [https://github.com/itkach/aard2-android Aard2] or [https://github.com/rdoeffinger/Dictionary QuickDic]. They are faster for day to day use.&lt;br /&gt;
&lt;br /&gt;
You may want to download [https://linuxcommandlibrary.com/ Linux Command Library] app to look up useful commands faster.&lt;br /&gt;
&lt;br /&gt;
There is a dedicated app called [https://f-droid.org/en/packages/de.naturalnet.mirwtfapp/ WTF] for checking abbreviations meaning.&lt;br /&gt;
|&lt;br /&gt;
* [https://kiwix.org/en/download/ Kiwix]&lt;br /&gt;
* [https://github.com/itkach/aard2-android Aard2]&lt;br /&gt;
* [https://github.com/rdoeffinger/Dictionary QuickDic]&lt;br /&gt;
* [https://linuxcommandlibrary.com/ Linux Command Library]&lt;br /&gt;
* [https://f-droid.org/en/packages/de.naturalnet.mirwtfapp/ WTF]&lt;br /&gt;
|-&lt;br /&gt;
|Communication&lt;br /&gt;
|Phones original reason to exist. Connecting people. &lt;br /&gt;
You can use [https://briarproject.org/ Briar] to send messages without requiring internet, but you will need to convince other people to install it too. [https://briarproject.org/ Briar] can send messages using Wi-Fi, Bluetooth, and Tor (if you want internet as a fallback). If your city has many people using [https://briarproject.org/ Briar], the coverage, and range will be better.  &lt;br /&gt;
&lt;br /&gt;
Alternatively you can use [https://meshtastic.org/ Meshtastic] devices paired to your phone if there are volunteer-run [https://meshtastic.org/ Meshtastic] antennas near you. &lt;br /&gt;
&lt;br /&gt;
If you are not sure about coverage of [https://briarproject.org/ Briar]/[https://meshtastic.org/ Meshtastic] or just want a fallback, consider RCS or encrypted SMS. They are not the most secure or private methods. But as long as you have a signal they will work. DO NOT use SMS without encryption if you want contents of the message to be private. RCS sadly only works on proprietary messengers like [https://play.google.com/store/apps/details?id=com.google.android.apps.messaging Google Messages] or [https://play.google.com/store/apps/details?id=com.samsung.android.messaging Samsung Messages]. Encrypted SMS can be used by installing one of these apps (you will need to convince your contacts to install these apps too):&lt;br /&gt;
&lt;br /&gt;
* [https://dekusms.com/ DekuSMS]: E2EE for SMS messages. Needs Android 7 or later. Image sharing over SMS (not MMS)&lt;br /&gt;
* [https://f-droid.org/packages/org.smssecure.smssecure/ Silence]: Not updated anymore. Fork of an old [https://signal.org/ Signal] version. E2EE SMS. Supports SMS over VoWiFi. Android 6 or later. Latest version is crashing so download an older build.&lt;br /&gt;
* [https://github.com/amnesica/KryptEY KryptEY]: If any of these apps don&#039;t work for you, there is [https://github.com/amnesica/KryptEY KryptEY]. It is an innovative app that can turn any chat app into an E2EE one by auto encrypting/decrypting messages and being your secondary keyboard. Uses [https://signal.org/ Signal] encryption too. Switching between keyboards may be exhausting for your contacts so choose if there are no other options.&lt;br /&gt;
|&lt;br /&gt;
* [https://briarproject.org/ Briar]&lt;br /&gt;
* [https://meshtastic.org/ Meshtastic]&lt;br /&gt;
* [https://play.google.com/store/apps/details?id=com.google.android.apps.messaging Google Messages]&lt;br /&gt;
* [https://play.google.com/store/apps/details?id=com.samsung.android.messaging Samsung Messages]&lt;br /&gt;
* [https://dekusms.com/ DekuSMS]&lt;br /&gt;
* [https://f-droid.org/packages/org.smssecure.smssecure/ Silence]&lt;br /&gt;
* [https://github.com/amnesica/KryptEY KryptEY]&lt;br /&gt;
* [https://signal.org/ Signal]&lt;br /&gt;
|-&lt;br /&gt;
|Navigation&lt;br /&gt;
|Being able to navigate without doxxing yourself to GSM towers is important. This means your location will be known by one less entity. Also do not trust coverage of your GSM, it can just fail (only trust it as a fallback). Use [https://www.comaps.app/ CoMaps] (fork of [https://organicmaps.app/ Organic Maps]) or [https://osmand.net/ OsmAnd+] and download maps for your city and other places you can be in. [https://www.comaps.app/ CoMaps] doesn&#039;t have bus routes support still AFAIK, so I keep both apps installed just in case. If you need a nice UI and bus support, you can try using [https://maps.me/ MAPS.ME], but it is proprietary.&lt;br /&gt;
|&lt;br /&gt;
* [https://www.comaps.app/ CoMaps]&lt;br /&gt;
* [https://organicmaps.app/ Organic Maps]&lt;br /&gt;
* [https://osmand.net/ OsmAnd+]&lt;br /&gt;
* [https://maps.me/ MAPS.ME]&lt;br /&gt;
|-&lt;br /&gt;
|Using LLMs (maybe)&lt;br /&gt;
|If your phone has a powerful CPU and plenty of RAM you can try running LLMs on it. It can be sometimes faster to ask an LLM instead of searching inside archives. The con here being heavy battery usage and risk of hallucination by LLM software. Install [https://github.com/Mobile-Artificial-Intelligence/maid Maid] app.&lt;br /&gt;
|&lt;br /&gt;
* [https://github.com/Mobile-Artificial-Intelligence/maid Maid]&lt;br /&gt;
|-&lt;br /&gt;
|Translation&lt;br /&gt;
|Translators are useful especially between English and your main tongue. You can use [https://github.com/DavidVentura/offline-translator Offline Translator]. It is not the best, but it will do the job. &lt;br /&gt;
You can still use [https://translate.google.com/ Google Translate] / [https://translate.yandex.com/ Yandex Translate] offline translation feature, but they are proprietary.&lt;br /&gt;
|&lt;br /&gt;
* [https://github.com/DavidVentura/offline-translator Offline Translator]&lt;br /&gt;
* [https://translate.google.com/ Google Translate]&lt;br /&gt;
* [https://translate.yandex.com/ Yandex Translate]&lt;br /&gt;
|-&lt;br /&gt;
|Entertainment&lt;br /&gt;
|I use [https://gitlab.com/proninyaroslav/libretorrent LibreTorrent] to download movies into my phone for later viewing. If there are no torrents for them, I use [https://play.google.com/store/apps/details?id=idm.internet.download.manager 1DM] (proprietary) to scrape movie websites. &lt;br /&gt;
For games, I have [https://www.retroarch.com/ RetroArch] with several game packs installed for several emulators. You can download other games like [https://f-droid.org/packages/org.petero.droidfish/ Droid Fish] (Chess Engine) and [https://www.luanti.org/ Luanti] too. I try to choose sandbox or board games since they are replayable anytime.&lt;br /&gt;
You may download news articles that interests you to read. I was using [https://github.com/Livinglist/Hacki Hacki] (Hacker News client) to download tech related news and read when I need to pass time outside. Most RSS readers (I recommend [https://f-droid.org/packages/com.nononsenseapps.feeder/ Feeder] and [https://github.com/readrops/Readrops Readrops]) allow you to read articles offline and then sync read status with your computers.&lt;br /&gt;
&lt;br /&gt;
You can use your phone as an e-book reader too. I was using [https://koreader.rocks/ KOReader] and [https://play.google.com/store/apps/details?id=org.readera ReadEra] (proprietary) to read my e-books.&lt;br /&gt;
&lt;br /&gt;
Download local music onto your phone. So you can listen anytime. [https://music.youtube.com/ YouTube Music] (proprietary) has a feature called “Smart Downloads” that automatically downloads songs you may like. [https://github.com/knighthat/Kreate Kreate] caches the songs you have listened to for offline listening. But the best method is just downloading songs using tools like [https://lucida.to/ Lucida] or [https://squid.wtf/ Squid WTF] into your phone. You can use [https://newpipe.net/ NewPipe] or [https://github.com/deniscerri/ytdlnis YTDLnis]/[https://github.com/JunkFood02/Seal Seal] to download songs from YouTube. Then install a player like [https://www.videolan.org/vlc/download-android.html VLC] to listen to them. Other proprietary apps like [https://open.spotify.com/ Spotify] can remove songs from your device if you connect to their servers at any time for copyright and other purposes.&lt;br /&gt;
&lt;br /&gt;
Download podcasts that interest you. [https://antennapod.org/ AntennaPod] has a feature that can auto-download content when they are available.&lt;br /&gt;
|&lt;br /&gt;
* [https://gitlab.com/proninyaroslav/libretorrent LibreTorrent]&lt;br /&gt;
* [https://play.google.com/store/apps/details?id=idm.internet.download.manager 1DM]&lt;br /&gt;
* [https://www.retroarch.com/ RetroArch]&lt;br /&gt;
* [https://f-droid.org/packages/org.petero.droidfish/ Droid Fish]&lt;br /&gt;
* [https://www.luanti.org/ Luanti]&lt;br /&gt;
* [https://github.com/Livinglist/Hacki Hacki]&lt;br /&gt;
* [https://f-droid.org/packages/com.nononsenseapps.feeder/ Feeder]&lt;br /&gt;
* [https://github.com/readrops/Readrops Readrops]&lt;br /&gt;
* [https://koreader.rocks/ KOReader]&lt;br /&gt;
* [https://play.google.com/store/apps/details?id=org.readera ReadEra]&lt;br /&gt;
* [https://music.youtube.com/ YouTube Music]&lt;br /&gt;
* [https://github.com/knighthat/Kreate Kreate]&lt;br /&gt;
* [https://lucida.to/ Lucida]&lt;br /&gt;
* [https://squid.wtf/ Squid WTF]&lt;br /&gt;
* [https://newpipe.net/ NewPipe]&lt;br /&gt;
* [https://github.com/deniscerri/ytdlnis YTDLnis]&lt;br /&gt;
* [https://github.com/JunkFood02/Seal Seal]&lt;br /&gt;
* [https://www.videolan.org/vlc/download-android.html VLC]&lt;br /&gt;
* [https://open.spotify.com/ Spotify]&lt;br /&gt;
* [https://antennapod.org/ AntennaPod]&lt;br /&gt;
|-&lt;br /&gt;
|General Real Life Helpers&lt;br /&gt;
|You can download the multipurpose [https://kylecorry.com/Trail-Sense/ Trail Sense] app. It has features you will need when outside. Compass, turning paper maps into digital ones with GPS, checking whatever a surface is really flat, convert between units, metal detector, mirror mode (so you do not take accidental selfies), save the path you walked, ruler, QR scanner, white noise and more. It has a built-in survival guide too for emergencies.&lt;br /&gt;
There is an app similar to [https://kylecorry.com/Trail-Sense/ Trail Sense] called [https://phyphox.org/ Phyphox]. It is mostly intended for science experiments. It allows you to use your phone sensors to measure anything your phone supports.&lt;br /&gt;
&lt;br /&gt;
The other useful app is [https://github.com/ligi/SurvivalManual Survival Manual]. The name explains all.&lt;br /&gt;
&lt;br /&gt;
Also, there are many apps that extend the core features of a phone. [https://f-droid.org/packages/arity.calculator/ Arity calculator] has a 3D graph feature which might be useful for visualizing data. Some calculator apps offer currency conversion even when you are offline by caching up-to-date indexes automatically. &lt;br /&gt;
|&lt;br /&gt;
* [https://kylecorry.com/Trail-Sense/ Trail Sense]&lt;br /&gt;
* [https://phyphox.org/ Phyphox]&lt;br /&gt;
* [https://github.com/ligi/SurvivalManual Survival Manual]&lt;br /&gt;
* [https://f-droid.org/packages/arity.calculator/ Arity calculator]&lt;br /&gt;
|-&lt;br /&gt;
|Memory Helpers&lt;br /&gt;
|A note-taking app and a password manager is very helpful outside. For noting I use [https://github.com/quillpad/quillpad Quill Pad]. For passwords, I use [https://www.keepassdx.com/ KeepassDX]. You can prefer [https://bitwarden.com/ Bitwarden] for easier sync. They should be able to run offline and sync only when you connect to a network.&lt;br /&gt;
|&lt;br /&gt;
* [https://github.com/quillpad/quillpad Quill Pad]&lt;br /&gt;
* [https://www.keepassdx.com/ KeepassDX]&lt;br /&gt;
* [https://bitwarden.com/ Bitwarden]&lt;br /&gt;
|-&lt;br /&gt;
|Wallet App&lt;br /&gt;
|You can use [https://f-droid.org/packages/org.woheller69.cwallet/ OSS Card Wallet] to remember your card details even if you don&#039;t have them outside.&lt;br /&gt;
|&lt;br /&gt;
* [https://f-droid.org/packages/org.woheller69.cwallet/ OSS Card Wallet]&lt;br /&gt;
|-&lt;br /&gt;
|File transfer&lt;br /&gt;
|Consider installing [https://localsend.org/ Local Send] to you and your friends phones. So you can transfer files easily if you are on same Wi-Fi network (you can always use your hotspot too).&lt;br /&gt;
|&lt;br /&gt;
* [https://localsend.org/ Local Send]&lt;br /&gt;
|}&lt;/div&gt;</summary>
		<author><name>Admin</name></author>
	</entry>
	<entry>
		<id>https://wiki.n216.dedyn.io/index.php?title=The_Offline-First_Mobile_Setup&amp;diff=38</id>
		<title>The Offline-First Mobile Setup</title>
		<link rel="alternate" type="text/html" href="https://wiki.n216.dedyn.io/index.php?title=The_Offline-First_Mobile_Setup&amp;diff=38"/>
		<updated>2026-05-17T18:47:17Z</updated>

		<summary type="html">&lt;p&gt;Admin: /* What do you need from a phone? */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== Offline-First Emergency and Private Phone Setup ==&lt;br /&gt;
Most of the tracking by companies are done using online connections. So the fastest and easiest way to prevent that is to take your phone into airplane mode, assuming your phone manufacturer didn&#039;t put any backdoors in airplane mode function (they probably did, but it is still a valuable feature).&lt;br /&gt;
&lt;br /&gt;
If you have root, you can use a feature of [https://github.com/ukanth/afwall AFWall+] to prevent apps from accessing internet without having to give VPN slot to it or its alternatives. Alternatively you can use root to remove the internet permission from apps. Some ROMs like [https://www.mi.com/global/hyperos/ HyperOS] (aka MIUI) and [https://grapheneos.org/ Graphene OS] allows you to do this without having root. It also reduces mobile data usage and cost.&lt;br /&gt;
&lt;br /&gt;
The second use case for going offline-first is being able to use your phone in an emergency when internet services are not available (examples include earthquakes and regular service disruptions an ISP/GSM can have).&lt;br /&gt;
&lt;br /&gt;
Third use case is you are guaranteeing being able to access what is necessary for you in a censorship situation. What you already downloaded can not be deleted remotely in most cases (there was a case when Huawei phones deleted photos from peoples gallery to censor info related to protests).&lt;br /&gt;
&lt;br /&gt;
=== What do you need from a phone? ===&lt;br /&gt;
Put your phone away and think what will you miss first if it didn&#039;t even existed. Here is a table of what I thought and solutions I found:&lt;br /&gt;
{| class=&amp;quot;wikitable sortable&amp;quot;&lt;br /&gt;
|+&lt;br /&gt;
!What do I need?&lt;br /&gt;
!Description and Solution&lt;br /&gt;
!Download Link&lt;br /&gt;
|-&lt;br /&gt;
|Being able to research information&lt;br /&gt;
|Internet is a valuable research tool. We will download the information before requiring it to solve this issue. Download [https://kiwix.org/en/download/ Kiwix] in your phone. Then download sources which you think it will be useful. My recommendations are:&lt;br /&gt;
&lt;br /&gt;
* Wikipedia: Try to download the largest edition of Wikipedia from the list. It will cost a lot of storage. But it worths it since you can use it as a dictionary too. You can download Wiktionary too if you want a separate dictionary.&lt;br /&gt;
* Gutenberg Project: Collection of books in a single file.&lt;br /&gt;
* Stack Overflow/Stack Exchange collection: If you have a computer you need to fix, consider adding them to help you.&lt;br /&gt;
* Arch/Alpine/Gentoo Wiki: Specialized wikis when you need Linux manuals.&lt;br /&gt;
* iFixit: Hardware repair guides.&lt;br /&gt;
* Xkcd: Nerdy comics.&lt;br /&gt;
&lt;br /&gt;
This should cover most needs. You can always download more resources afterward.&lt;br /&gt;
&lt;br /&gt;
If you want to have a separate dictionary app, consider installing [https://github.com/itkach/aard2-android Aard2] or [https://github.com/rdoeffinger/Dictionary QuickDic]. They are faster for day to day use.&lt;br /&gt;
&lt;br /&gt;
You may want to download [https://linuxcommandlibrary.com/ Linux Command Library] app to look up useful commands faster.&lt;br /&gt;
&lt;br /&gt;
There is a dedicated app called [https://f-droid.org/en/packages/de.naturalnet.mirwtfapp/ WTF] for checking abbreviations meaning.&lt;br /&gt;
|&lt;br /&gt;
* [https://kiwix.org/en/download/ Kiwix]&lt;br /&gt;
* [https://github.com/itkach/aard2-android Aard2]&lt;br /&gt;
* [https://github.com/rdoeffinger/Dictionary QuickDic]&lt;br /&gt;
* [https://linuxcommandlibrary.com/ Linux Command Library]&lt;br /&gt;
* [https://f-droid.org/en/packages/de.naturalnet.mirwtfapp/ WTF]&lt;br /&gt;
|-&lt;br /&gt;
|Communication&lt;br /&gt;
|Phones original reason to exist. Connecting people. &lt;br /&gt;
You can use [https://briarproject.org/ Briar] to send messages without requiring internet, but you will need to convince other people to install it too. [https://briarproject.org/ Briar] can send messages using Wi-Fi, Bluetooth, and Tor (if you want internet as a fallback). If your city has many people using [https://briarproject.org/ Briar], the coverage, and range will be better.  &lt;br /&gt;
&lt;br /&gt;
Alternatively you can use [https://meshtastic.org/ Meshtastic] devices paired to your phone if there are volunteer-run [https://meshtastic.org/ Meshtastic] antennas near you. &lt;br /&gt;
&lt;br /&gt;
If you are not sure about coverage of [https://briarproject.org/ Briar]/[https://meshtastic.org/ Meshtastic] or just want a fallback, consider RCS or encrypted SMS. They are not the most secure or private methods. But as long as you have a signal they will work. DO NOT use SMS without encryption if you want contents of the message to be private. RCS sadly only works on proprietary messengers like [https://play.google.com/store/apps/details?id=com.google.android.apps.messaging Google Messages] or [https://play.google.com/store/apps/details?id=com.samsung.android.messaging Samsung Messages]. Encrypted SMS can be used by installing one of these apps (you will need to convince your contacts to install these apps too):&lt;br /&gt;
&lt;br /&gt;
* [https://dekusms.com/ DekuSMS]: E2EE for SMS messages. Needs Android 7 or later. Image sharing over SMS (not MMS)&lt;br /&gt;
* [https://f-droid.org/packages/org.smssecure.smssecure/ Silence]: Not updated anymore. Fork of an old [https://signal.org/ Signal] version. E2EE SMS. Supports SMS over VoWiFi. Android 6 or later. Latest version is crashing so download an older build.&lt;br /&gt;
* [https://github.com/amnesica/KryptEY KryptEY]: If any of these apps don&#039;t work for you, there is [https://github.com/amnesica/KryptEY KryptEY]. It is an innovative app that can turn any chat app into an E2EE one by auto encrypting/decrypting messages and being your secondary keyboard. Uses [https://signal.org/ Signal] encryption too. Switching between keyboards may be exhausting for your contacts so choose if there are no other options.&lt;br /&gt;
|&lt;br /&gt;
* [https://briarproject.org/ Briar]&lt;br /&gt;
* [https://meshtastic.org/ Meshtastic]&lt;br /&gt;
* [https://play.google.com/store/apps/details?id=com.google.android.apps.messaging Google Messages]&lt;br /&gt;
* [https://play.google.com/store/apps/details?id=com.samsung.android.messaging Samsung Messages]&lt;br /&gt;
* [https://dekusms.com/ DekuSMS]&lt;br /&gt;
* [https://f-droid.org/packages/org.smssecure.smssecure/ Silence]&lt;br /&gt;
* [https://github.com/amnesica/KryptEY KryptEY]&lt;br /&gt;
* [https://signal.org/ Signal]&lt;br /&gt;
|-&lt;br /&gt;
|Navigation&lt;br /&gt;
|Being able to navigate without doxxing yourself to GSM towers is important. This means your location will be known by one less entity. Also do not trust coverage of your GSM, it can just fail (only trust it as a fallback). Use [https://www.comaps.app/ CoMaps] (fork of [https://organicmaps.app/ Organic Maps]) or [https://osmand.net/ OsmAnd+] and download maps for your city and other places you can be in. [https://www.comaps.app/ CoMaps] doesn&#039;t have bus routes support still AFAIK, so I keep both apps installed just in case. If you need a nice UI and bus support, you can try using [https://maps.me/ MAPS.ME], but it is proprietary.&lt;br /&gt;
|&lt;br /&gt;
* [https://www.comaps.app/ CoMaps]&lt;br /&gt;
* [https://organicmaps.app/ Organic Maps]&lt;br /&gt;
* [https://osmand.net/ OsmAnd+]&lt;br /&gt;
* [https://maps.me/ MAPS.ME]&lt;br /&gt;
|-&lt;br /&gt;
|Using LLMs (maybe)&lt;br /&gt;
|If your phone has a powerful CPU and plenty of RAM you can try running LLMs on it. It can be sometimes faster to ask an LLM instead of searching inside archives. The con here being heavy battery usage and risk of hallucination by LLM software. Install [https://github.com/Mobile-Artificial-Intelligence/maid Maid] app.&lt;br /&gt;
|&lt;br /&gt;
* [https://github.com/Mobile-Artificial-Intelligence/maid Maid]&lt;br /&gt;
|-&lt;br /&gt;
|Translation&lt;br /&gt;
|Translators are useful especially between English and your main tongue. You can use [https://github.com/DavidVentura/offline-translator Offline Translator]. It is not the best, but it will do the job. &lt;br /&gt;
You can still use [https://translate.google.com/ Google Translate] / [https://translate.yandex.com/ Yandex Translate] offline translation feature, but they are proprietary.&lt;br /&gt;
|&lt;br /&gt;
* [https://github.com/DavidVentura/offline-translator Offline Translator]&lt;br /&gt;
* [https://translate.google.com/ Google Translate]&lt;br /&gt;
* [https://translate.yandex.com/ Yandex Translate]&lt;br /&gt;
|-&lt;br /&gt;
|Entertainment&lt;br /&gt;
|I use [https://gitlab.com/proninyaroslav/libretorrent LibreTorrent] to download movies into my phone for later viewing. If there are no torrents for them, I use [https://play.google.com/store/apps/details?id=idm.internet.download.manager 1DM] (proprietary) to scrape movie websites. &lt;br /&gt;
For games, I have [https://www.retroarch.com/ RetroArch] with several game packs installed for several emulators. You can download other games like [https://f-droid.org/packages/org.petero.droidfish/ Droid Fish] (Chess Engine) and [https://www.luanti.org/ Luanti] too. I try to choose sandbox or board games since they are replayable anytime.&lt;br /&gt;
You may download news articles that interests you to read. I was using [https://github.com/Livinglist/Hacki Hacki] (Hacker News client) to download tech related news and read when I need to pass time outside. Most RSS readers (I recommend [https://f-droid.org/packages/com.nononsenseapps.feeder/ Feeder] and [https://github.com/readrops/Readrops Readrops]) allow you to read articles offline and then sync read status with your computers.&lt;br /&gt;
&lt;br /&gt;
You can use your phone as an e-book reader too. I was using [https://koreader.rocks/ KOReader] and [https://play.google.com/store/apps/details?id=org.readera ReadEra] (proprietary) to read my e-books.&lt;br /&gt;
&lt;br /&gt;
Download local music onto your phone. So you can listen anytime. [https://music.youtube.com/ YouTube Music] (proprietary) has a feature called “Smart Downloads” that automatically downloads songs you may like. [https://github.com/knighthat/Kreate Kreate] caches the songs you have listened to for offline listening. But the best method is just downloading songs using tools like [https://lucida.to/ Lucida] or [https://squid.wtf/ Squid WTF] into your phone. You can use [https://newpipe.net/ NewPipe] or [https://github.com/deniscerri/ytdlnis YTDLnis]/[https://github.com/JunkFood02/Seal Seal] to download songs from YouTube. Then install a player like [https://www.videolan.org/vlc/download-android.html VLC] to listen to them. Other proprietary apps like [https://open.spotify.com/ Spotify] can remove songs from your device if you connect to their servers at any time for copyright and other purposes.&lt;br /&gt;
&lt;br /&gt;
Download podcasts that interest you. [https://antennapod.org/ AntennaPod] has a feature that can auto-download content when they are available.&lt;br /&gt;
|&lt;br /&gt;
* [https://gitlab.com/proninyaroslav/libretorrent LibreTorrent]&lt;br /&gt;
* [https://play.google.com/store/apps/details?id=idm.internet.download.manager 1DM]&lt;br /&gt;
* [https://www.retroarch.com/ RetroArch]&lt;br /&gt;
* [https://f-droid.org/packages/org.petero.droidfish/ Droid Fish]&lt;br /&gt;
* [https://www.luanti.org/ Luanti]&lt;br /&gt;
* [https://github.com/Livinglist/Hacki Hacki]&lt;br /&gt;
* [https://f-droid.org/packages/com.nononsenseapps.feeder/ Feeder]&lt;br /&gt;
* [https://github.com/readrops/Readrops Readrops]&lt;br /&gt;
* [https://koreader.rocks/ KOReader]&lt;br /&gt;
* [https://play.google.com/store/apps/details?id=org.readera ReadEra]&lt;br /&gt;
* [https://music.youtube.com/ YouTube Music]&lt;br /&gt;
* [https://github.com/knighthat/Kreate Kreate]&lt;br /&gt;
* [https://lucida.to/ Lucida]&lt;br /&gt;
* [https://squid.wtf/ Squid WTF]&lt;br /&gt;
* [https://newpipe.net/ NewPipe]&lt;br /&gt;
* [https://github.com/deniscerri/ytdlnis YTDLnis]&lt;br /&gt;
* [https://github.com/JunkFood02/Seal Seal]&lt;br /&gt;
* [https://www.videolan.org/vlc/download-android.html VLC]&lt;br /&gt;
* [https://open.spotify.com/ Spotify]&lt;br /&gt;
* [https://antennapod.org/ AntennaPod]&lt;br /&gt;
|-&lt;br /&gt;
|General Real Life Helpers&lt;br /&gt;
|You can download the multipurpose [https://github.com/mikesemick/trail-sense Trail Sense] app. It has features you will need when outside. Compass, turning paper maps into digital ones with GPS, checking whatever a surface is really flat, convert between units, metal detector, mirror mode (so you do not take accidental selfies), save the path you walked, ruler, QR scanner, white noise and more. It has a built-in survival guide too for emergencies.&lt;br /&gt;
There is an app similar to [https://github.com/mikesemick/trail-sense Trail Sense] called [https://phyphox.org/ Phyphox]. It is mostly intended for science experiments. It allows you to use your phone sensors to measure anything your phone supports.&lt;br /&gt;
&lt;br /&gt;
The other useful app is [https://github.com/ligi/SurvivalManual Survival Manual]. The name explains all.&lt;br /&gt;
&lt;br /&gt;
Also, there are many apps that extend the core features of a phone. [https://f-droid.org/packages/arity.calculator/ Arity calculator] has a 3D graph feature which might be useful for visualizing data. Some calculator apps offer currency conversion even when you are offline by caching up-to-date indexes automatically. &lt;br /&gt;
|&lt;br /&gt;
* [https://github.com/mikesemick/trail-sense Trail Sense]&lt;br /&gt;
* [https://phyphox.org/ Phyphox]&lt;br /&gt;
* [https://github.com/ligi/SurvivalManual Survival Manual]&lt;br /&gt;
* [https://f-droid.org/packages/arity.calculator/ Arity calculator]&lt;br /&gt;
|-&lt;br /&gt;
|Memory Helpers&lt;br /&gt;
|A note-taking app and a password manager is very helpful outside. For noting I use [https://github.com/quillpad/quillpad Quill Pad]. For passwords, I use [https://www.keepassdx.com/ KeepassDX]. You can prefer [https://bitwarden.com/ Bitwarden] for easier sync. They should be able to run offline and sync only when you connect to a network.&lt;br /&gt;
|&lt;br /&gt;
* [https://github.com/quillpad/quillpad Quill Pad]&lt;br /&gt;
* [https://www.keepassdx.com/ KeepassDX]&lt;br /&gt;
* [https://bitwarden.com/ Bitwarden]&lt;br /&gt;
|-&lt;br /&gt;
|Wallet App&lt;br /&gt;
|You can use [https://f-droid.org/packages/org.woheller69.cwallet/ OSS Card Wallet] to remember your card details even if you don&#039;t have them outside.&lt;br /&gt;
|&lt;br /&gt;
* [https://f-droid.org/packages/org.woheller69.cwallet/ OSS Card Wallet]&lt;br /&gt;
|-&lt;br /&gt;
|File transfer&lt;br /&gt;
|Consider installing [https://localsend.org/ Local Send] to you and your friends phones. So you can transfer files easily if you are on same Wi-Fi network (you can always use your hotspot too).&lt;br /&gt;
|&lt;br /&gt;
* [https://localsend.org/ Local Send]&lt;br /&gt;
|}&lt;/div&gt;</summary>
		<author><name>Admin</name></author>
	</entry>
	<entry>
		<id>https://wiki.n216.dedyn.io/index.php?title=The_Offline-First_Mobile_Setup&amp;diff=37</id>
		<title>The Offline-First Mobile Setup</title>
		<link rel="alternate" type="text/html" href="https://wiki.n216.dedyn.io/index.php?title=The_Offline-First_Mobile_Setup&amp;diff=37"/>
		<updated>2026-05-17T18:45:13Z</updated>

		<summary type="html">&lt;p&gt;Admin: /* What do you need from a phone? */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== Offline-First Emergency and Private Phone Setup ==&lt;br /&gt;
Most of the tracking by companies are done using online connections. So the fastest and easiest way to prevent that is to take your phone into airplane mode, assuming your phone manufacturer didn&#039;t put any backdoors in airplane mode function (they probably did, but it is still a valuable feature).&lt;br /&gt;
&lt;br /&gt;
If you have root, you can use a feature of [https://github.com/ukanth/afwall AFWall+] to prevent apps from accessing internet without having to give VPN slot to it or its alternatives. Alternatively you can use root to remove the internet permission from apps. Some ROMs like [https://www.mi.com/global/hyperos/ HyperOS] (aka MIUI) and [https://grapheneos.org/ Graphene OS] allows you to do this without having root. It also reduces mobile data usage and cost.&lt;br /&gt;
&lt;br /&gt;
The second use case for going offline-first is being able to use your phone in an emergency when internet services are not available (examples include earthquakes and regular service disruptions an ISP/GSM can have).&lt;br /&gt;
&lt;br /&gt;
Third use case is you are guaranteeing being able to access what is necessary for you in a censorship situation. What you already downloaded can not be deleted remotely in most cases (there was a case when Huawei phones deleted photos from peoples gallery to censor info related to protests).&lt;br /&gt;
&lt;br /&gt;
=== What do you need from a phone? ===&lt;br /&gt;
Put your phone away and think what will you miss first if it didn&#039;t even existed. Here is a table of what I thought and solutions I found:&lt;br /&gt;
{| class=&amp;quot;wikitable sortable&amp;quot;&lt;br /&gt;
|+&lt;br /&gt;
!What do I need?&lt;br /&gt;
!Description and Solution&lt;br /&gt;
!Download Link&lt;br /&gt;
|-&lt;br /&gt;
|Being able to research information&lt;br /&gt;
|Internet is a valuable research tool. We will download the information before requiring it to solve this issue. Download [https://kiwix.org/en/download/ Kiwix] in your phone. Then download sources which you think it will be useful. My recommendations are:&lt;br /&gt;
&lt;br /&gt;
* Wikipedia: Try to download the largest edition of Wikipedia from the list. It will cost a lot of storage. But it worths it since you can use it as a dictionary too. You can download Wiktionary too if you want a separate dictionary.&lt;br /&gt;
* Gutenberg Project: Collection of books in a single file.&lt;br /&gt;
* Stack Overflow/Stack Exchange collection: If you have a computer you need to fix, consider adding them to help you.&lt;br /&gt;
* Arch/Alpine/Gentoo Wiki: Specialized wikis when you need Linux manuals.&lt;br /&gt;
* iFixit: Hardware repair guides.&lt;br /&gt;
* Xkcd: Nerdy comics.&lt;br /&gt;
&lt;br /&gt;
This should cover most needs. You can always download more resources afterward.&lt;br /&gt;
&lt;br /&gt;
If you want to have a separate dictionary app, consider installing [https://github.com/itkach/aard2-android Aard2] or [https://github.com/rdoeffinger/Dictionary QuickDic]. They are faster for day to day use.&lt;br /&gt;
&lt;br /&gt;
You may want to download [https://linuxcommandlibrary.com/ Linux Command Library] app to look up useful commands faster.&lt;br /&gt;
&lt;br /&gt;
There is a dedicated app called [https://f-droid.org/en/packages/de.naturalnet.mirwtfapp/ WTF] for checking abbreviations meaning.&lt;br /&gt;
|&lt;br /&gt;
* [https://kiwix.org/en/download/ Kiwix]&lt;br /&gt;
* [https://github.com/itkach/aard2-android Aard2]&lt;br /&gt;
* [https://github.com/rdoeffinger/Dictionary QuickDic]&lt;br /&gt;
* [https://linuxcommandlibrary.com/ Linux Command Library]&lt;br /&gt;
* [https://f-droid.org/en/packages/de.naturalnet.mirwtfapp/ WTF]&lt;br /&gt;
|-&lt;br /&gt;
|Communication&lt;br /&gt;
|Phones original reason to exist. Connecting people. &lt;br /&gt;
You can use [https://briarproject.org/ Briar] to send messages without requiring internet, but you will need to convince other people to install it too. [https://briarproject.org/ Briar] can send messages using Wi-Fi, Bluetooth, and Tor (if you want internet as a fallback). If your city has many people using [https://briarproject.org/ Briar], the coverage, and range will be better.  &lt;br /&gt;
&lt;br /&gt;
Alternatively you can use [https://meshtastic.org/ Meshtastic] devices paired to your phone if there are volunteer-run [https://meshtastic.org/ Meshtastic] antennas near you. &lt;br /&gt;
&lt;br /&gt;
If you are not sure about coverage of [https://briarproject.org/ Briar]/[https://meshtastic.org/ Meshtastic] or just want a fallback, consider RCS or encrypted SMS. They are not the most secure or private methods. But as long as you have a signal they will work. DO NOT use SMS without encryption if you want contents of the message to be private. RCS sadly only works on proprietary messengers like [https://play.google.com/store/apps/details?id=com.google.android.apps.messaging Google Messages] or [https://play.google.com/store/apps/details?id=com.samsung.android.messaging Samsung Messages]. Encrypted SMS can be used by installing one of these apps (you will need to convince your contacts to install these apps too):&lt;br /&gt;
&lt;br /&gt;
* [https://dekusms.com/ DekuSMS]: E2EE for SMS messages. Needs Android 7 or later. Image sharing over SMS (not MMS)&lt;br /&gt;
* [https://f-droid.org/packages/org.smssecure.smssecure/ Silence]: Not updated anymore. Fork of an old [https://signal.org/ Signal] version. E2EE SMS. Supports SMS over VoWiFi. Android 6 or later. Latest version is crashing so download an older build.&lt;br /&gt;
* [https://github.com/amnesica/KryptEY KryptEY]: If any of these apps don&#039;t work for you, there is [https://github.com/amnesica/KryptEY KryptEY]. It is an innovative app that can turn any chat app into an E2EE one by auto encrypting/decrypting messages and being your secondary keyboard. Uses [https://signal.org/ Signal] encryption too. Switching between keyboards may be exhausting for your contacts so choose if there are no other options.&lt;br /&gt;
|&lt;br /&gt;
* [https://briarproject.org/ Briar]&lt;br /&gt;
* [https://meshtastic.org/ Meshtastic]&lt;br /&gt;
* [https://play.google.com/store/apps/details?id=com.google.android.apps.messaging Google Messages]&lt;br /&gt;
* [https://play.google.com/store/apps/details?id=com.samsung.android.messaging Samsung Messages]&lt;br /&gt;
* [https://dekusms.com/ DekuSMS]&lt;br /&gt;
* [https://f-droid.org/packages/org.smssecure.smssecure/ Silence]&lt;br /&gt;
* [https://github.com/amnesica/KryptEY KryptEY]&lt;br /&gt;
* [https://signal.org/ Signal]&lt;br /&gt;
|-&lt;br /&gt;
|Navigation&lt;br /&gt;
|Being able to navigate without doxxing yourself to GSM towers is important. This means your location will be known by one less entity. Also do not trust coverage of your GSM, it can just fail (only trust it as a fallback). Use [https://www.comaps.app/ CoMaps] (fork of [https://organicmaps.app/ Organic Maps]) or [https://osmand.net/ OsmAnd+] and download maps for your city and other places you can be in. [https://www.comaps.app/ CoMaps] doesn&#039;t have bus routes support still AFAIK, so I keep both apps installed just in case. If you need a nice UI and bus support, you can try using [https://maps.me/ MAPS.ME], but it is proprietary.&lt;br /&gt;
|&lt;br /&gt;
* [https://www.comaps.app/ CoMaps]&lt;br /&gt;
* [https://organicmaps.app/ Organic Maps]&lt;br /&gt;
* [https://osmand.net/ OsmAnd+]&lt;br /&gt;
* [https://maps.me/ MAPS.ME]&lt;br /&gt;
|-&lt;br /&gt;
|Using LLMs (maybe)&lt;br /&gt;
|If your phone has a powerful CPU and plenty of RAM you can try running LLMs on it. It can be sometimes faster to ask an LLM instead of searching inside archives. The con here being heavy battery usage and risk of hallucination by LLM software. Install [https://github.com/Mobile-Artificial-Intelligence/maid Maid] app.&lt;br /&gt;
|&lt;br /&gt;
* [https://github.com/Mobile-Artificial-Intelligence/maid Maid]&lt;br /&gt;
|-&lt;br /&gt;
|Translation&lt;br /&gt;
|Translators are useful especially between English and your main tongue. You can use [https://github.com/DavidVentura/offline-translator Offline Translator]. It is not the best, but it will do the job. &lt;br /&gt;
You can still use [https://translate.google.com/ Google Translate] / [https://translate.yandex.com/ Yandex Translate] offline translation feature, but they are proprietary.&lt;br /&gt;
|&lt;br /&gt;
* [https://github.com/DavidVentura/offline-translator Offline Translator]&lt;br /&gt;
* [https://translate.google.com/ Google Translate]&lt;br /&gt;
* [https://translate.yandex.com/ Yandex Translate]&lt;br /&gt;
|-&lt;br /&gt;
|Entertainment&lt;br /&gt;
|I use [https://gitlab.com/proninyaroslav/libretorrent LibreTorrent] to download movies into my phone for later viewing. If there are no torrents for them, I use [https://play.google.com/store/apps/details?id=idm.internet.download.manager 1DM] (proprietary) to scrape movie websites. &lt;br /&gt;
For games, I have [https://www.retroarch.com/ RetroArch] with several game packs installed for several emulators. You can download other games like [https://f-droid.org/packages/org.petero.droidfish/ Droid Fish] (Chess Engine) and [https://www.luanti.org/ Luanti] too. I try to choose sandbox or board games since they are replayable anytime.&lt;br /&gt;
You may download news articles that interests you to read. I was using [https://github.com/jiahaog/nativeio-hackernews Hacki] (Hacker News client) to download tech related news and read when I need to pass time outside. Most RSS readers (I recommend [https://f-droid.org/packages/com.nononsenseapps.feeder/ Feeder] and [https://github.com/readrops/Readrops Readrops]) allow you to read articles offline and then sync read status with your computers.&lt;br /&gt;
&lt;br /&gt;
You can use your phone as an e-book reader too. I was using [https://koreader.rocks/ KOReader] and [https://play.google.com/store/apps/details?id=org.readera ReadEra] (proprietary) to read my e-books.&lt;br /&gt;
&lt;br /&gt;
Download local music onto your phone. So you can listen anytime. [https://music.youtube.com/ YouTube Music] (proprietary) has a feature called “Smart Downloads” that automatically downloads songs you may like. [https://github.com/knighthat/Kreate Kreate] caches the songs you have listened to for offline listening. But the best method is just downloading songs using tools like [https://lucida.to/ Lucida] or [https://squid.wtf/ Squid WTF] into your phone. You can use [https://newpipe.net/ NewPipe] or [https://github.com/deniscerri/ytdlnis YTDLnis]/[https://github.com/JunkFood02/Seal Seal] to download songs from YouTube. Then install a player like [https://www.videolan.org/vlc/download-android.html VLC] to listen to them. Other proprietary apps like [https://open.spotify.com/ Spotify] can remove songs from your device if you connect to their servers at any time for copyright and other purposes.&lt;br /&gt;
&lt;br /&gt;
Download podcasts that interest you. [https://antennapod.org/ AntennaPod] has a feature that can auto-download content when they are available.&lt;br /&gt;
|&lt;br /&gt;
* [https://gitlab.com/proninyaroslav/libretorrent LibreTorrent]&lt;br /&gt;
* [https://play.google.com/store/apps/details?id=idm.internet.download.manager 1DM]&lt;br /&gt;
* [https://www.retroarch.com/ RetroArch]&lt;br /&gt;
* [https://f-droid.org/packages/org.petero.droidfish/ Droid Fish]&lt;br /&gt;
* [https://www.luanti.org/ Luanti]&lt;br /&gt;
* [https://github.com/jiahaog/nativeio-hackernews Hacki]&lt;br /&gt;
* [https://f-droid.org/packages/com.nononsenseapps.feeder/ Feeder]&lt;br /&gt;
* [https://github.com/readrops/Readrops Readrops]&lt;br /&gt;
* [https://koreader.rocks/ KOReader]&lt;br /&gt;
* [https://play.google.com/store/apps/details?id=org.readera ReadEra]&lt;br /&gt;
* [https://music.youtube.com/ YouTube Music]&lt;br /&gt;
* [https://github.com/knighthat/Kreate Kreate]&lt;br /&gt;
* [https://lucida.to/ Lucida]&lt;br /&gt;
* [https://squid.wtf/ Squid WTF]&lt;br /&gt;
* [https://newpipe.net/ NewPipe]&lt;br /&gt;
* [https://github.com/deniscerri/ytdlnis YTDLnis]&lt;br /&gt;
* [https://github.com/JunkFood02/Seal Seal]&lt;br /&gt;
* [https://www.videolan.org/vlc/download-android.html VLC]&lt;br /&gt;
* [https://open.spotify.com/ Spotify]&lt;br /&gt;
* [https://antennapod.org/ AntennaPod]&lt;br /&gt;
|-&lt;br /&gt;
|General Real Life Helpers&lt;br /&gt;
|You can download the multipurpose [https://github.com/mikesemick/trail-sense Trail Sense] app. It has features you will need when outside. Compass, turning paper maps into digital ones with GPS, checking whatever a surface is really flat, convert between units, metal detector, mirror mode (so you do not take accidental selfies), save the path you walked, ruler, QR scanner, white noise and more. It has a built-in survival guide too for emergencies.&lt;br /&gt;
There is an app similar to [https://github.com/mikesemick/trail-sense Trail Sense] called [https://phyphox.org/ Phyphox]. It is mostly intended for science experiments. It allows you to use your phone sensors to measure anything your phone supports.&lt;br /&gt;
&lt;br /&gt;
The other useful app is [https://github.com/ligi/SurvivalManual Survival Manual]. The name explains all.&lt;br /&gt;
&lt;br /&gt;
Also, there are many apps that extend the core features of a phone. [https://f-droid.org/packages/arity.calculator/ Arity calculator] has a 3D graph feature which might be useful for visualizing data. Some calculator apps offer currency conversion even when you are offline by caching up-to-date indexes automatically. &lt;br /&gt;
|&lt;br /&gt;
* [https://github.com/mikesemick/trail-sense Trail Sense]&lt;br /&gt;
* [https://phyphox.org/ Phyphox]&lt;br /&gt;
* [https://github.com/ligi/SurvivalManual Survival Manual]&lt;br /&gt;
* [https://f-droid.org/packages/arity.calculator/ Arity calculator]&lt;br /&gt;
|-&lt;br /&gt;
|Memory Helpers&lt;br /&gt;
|A note-taking app and a password manager is very helpful outside. For noting I use [https://github.com/quillpad/quillpad Quill Pad]. For passwords, I use [https://www.keepassdx.com/ KeepassDX]. You can prefer [https://bitwarden.com/ Bitwarden] for easier sync. They should be able to run offline and sync only when you connect to a network.&lt;br /&gt;
|&lt;br /&gt;
* [https://github.com/quillpad/quillpad Quill Pad]&lt;br /&gt;
* [https://www.keepassdx.com/ KeepassDX]&lt;br /&gt;
* [https://bitwarden.com/ Bitwarden]&lt;br /&gt;
|-&lt;br /&gt;
|Wallet App&lt;br /&gt;
|You can use [https://f-droid.org/packages/org.woheller69.cwallet/ OSS Card Wallet] to remember your card details even if you don&#039;t have them outside.&lt;br /&gt;
|&lt;br /&gt;
* [https://f-droid.org/packages/org.woheller69.cwallet/ OSS Card Wallet]&lt;br /&gt;
|-&lt;br /&gt;
|File transfer&lt;br /&gt;
|Consider installing [https://localsend.org/ Local Send] to you and your friends phones. So you can transfer files easily if you are on same Wi-Fi network (you can always use your hotspot too).&lt;br /&gt;
|&lt;br /&gt;
* [https://localsend.org/ Local Send]&lt;br /&gt;
|}&lt;/div&gt;</summary>
		<author><name>Admin</name></author>
	</entry>
	<entry>
		<id>https://wiki.n216.dedyn.io/index.php?title=The_Offline-First_Mobile_Setup&amp;diff=36</id>
		<title>The Offline-First Mobile Setup</title>
		<link rel="alternate" type="text/html" href="https://wiki.n216.dedyn.io/index.php?title=The_Offline-First_Mobile_Setup&amp;diff=36"/>
		<updated>2026-05-17T18:41:25Z</updated>

		<summary type="html">&lt;p&gt;Admin: /* What do you need from a phone? */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== Offline-First Emergency and Private Phone Setup ==&lt;br /&gt;
Most of the tracking by companies are done using online connections. So the fastest and easiest way to prevent that is to take your phone into airplane mode, assuming your phone manufacturer didn&#039;t put any backdoors in airplane mode function (they probably did, but it is still a valuable feature).&lt;br /&gt;
&lt;br /&gt;
If you have root, you can use a feature of [https://github.com/ukanth/afwall AFWall+] to prevent apps from accessing internet without having to give VPN slot to it or its alternatives. Alternatively you can use root to remove the internet permission from apps. Some ROMs like [https://www.mi.com/global/hyperos/ HyperOS] (aka MIUI) and [https://grapheneos.org/ Graphene OS] allows you to do this without having root. It also reduces mobile data usage and cost.&lt;br /&gt;
&lt;br /&gt;
The second use case for going offline-first is being able to use your phone in an emergency when internet services are not available (examples include earthquakes and regular service disruptions an ISP/GSM can have).&lt;br /&gt;
&lt;br /&gt;
Third use case is you are guaranteeing being able to access what is necessary for you in a censorship situation. What you already downloaded can not be deleted remotely in most cases (there was a case when Huawei phones deleted photos from peoples gallery to censor info related to protests).&lt;br /&gt;
&lt;br /&gt;
=== What do you need from a phone? ===&lt;br /&gt;
Put your phone away and think what will you miss first if it didn&#039;t even existed. Here is a table of what I thought and solutions I found:&lt;br /&gt;
{| class=&amp;quot;wikitable sortable&amp;quot;&lt;br /&gt;
|+&lt;br /&gt;
!What do I need?&lt;br /&gt;
!Description and Solution&lt;br /&gt;
!Download Link&lt;br /&gt;
|-&lt;br /&gt;
|Being able to research information&lt;br /&gt;
|Internet is a valuable research tool. We will download the information before requiring it to solve this issue. Download [https://kiwix.org/en/download/ Kiwix] in your phone. Then download sources which you think it will be useful. My recommendations are:&lt;br /&gt;
&lt;br /&gt;
* Wikipedia: Try to download the largest edition of Wikipedia from the list. It will cost a lot of storage. But it worths it since you can use it as a dictionary too. You can download Wiktionary too if you want a separate dictionary.&lt;br /&gt;
* Gutenberg Project: Collection of books in a single file.&lt;br /&gt;
* Stack Overflow/Stack Exchange collection: If you have a computer you need to fix, consider adding them to help you.&lt;br /&gt;
* Arch/Alpine/Gentoo Wiki: Specialized wikis when you need Linux manuals.&lt;br /&gt;
* iFixit: Hardware repair guides.&lt;br /&gt;
* Xkcd: Nerdy comics.&lt;br /&gt;
&lt;br /&gt;
This should cover most needs. You can always download more resources afterward.&lt;br /&gt;
&lt;br /&gt;
If you want to have a separate dictionary app, consider installing [https://github.com/itkach/aard2-android Aard2] or [https://github.com/rdoeffinger/Dictionary QuickDic]. They are faster for day to day use.&lt;br /&gt;
&lt;br /&gt;
You may want to download [https://linuxcommandlibrary.com/ Linux Command Library] app to look up useful commands faster.&lt;br /&gt;
&lt;br /&gt;
There is a dedicated app called [https://f-droid.org/en/packages/de.naturalnet.mirwtfapp/ WTF] for checking abbreviations meaning.&lt;br /&gt;
|&lt;br /&gt;
* [https://kiwix.org/en/download/ Kiwix]&lt;br /&gt;
* [https://github.com/itkach/aard2-android Aard2]&lt;br /&gt;
* [https://github.com/rdoeffinger/Dictionary QuickDic]&lt;br /&gt;
* [https://linuxcommandlibrary.com/ Linux Command Library]&lt;br /&gt;
* [https://f-droid.org/en/packages/de.naturalnet.mirwtfapp/ WTF]&lt;br /&gt;
|-&lt;br /&gt;
|Communication&lt;br /&gt;
|Phones original reason to exist. Connecting people. &lt;br /&gt;
You can use [https://briarproject.org/ Briar] to send messages without requiring internet, but you will need to convince other people to install it too. [https://briarproject.org/ Briar] can send messages using Wi-Fi, Bluetooth, and Tor (if you want internet as a fallback). If your city has many people using [https://briarproject.org/ Briar], the coverage, and range will be better.  &lt;br /&gt;
&lt;br /&gt;
Alternatively you can use [https://meshtastic.org/ Meshtastic] devices paired to your phone if there are volunteer-run [https://meshtastic.org/ Meshtastic] antennas near you. &lt;br /&gt;
&lt;br /&gt;
If you are not sure about coverage of [https://briarproject.org/ Briar]/[https://meshtastic.org/ Meshtastic] or just want a fallback, consider RCS or encrypted SMS. They are not the most secure or private methods. But as long as you have a signal they will work. DO NOT use SMS without encryption if you want contents of the message to be private. RCS sadly only works on proprietary messengers like [https://play.google.com/store/apps/details?id=com.google.android.apps.messaging Google Messages] or [https://play.google.com/store/apps/details?id=com.samsung.android.messaging Samsung Messages]. Encrypted SMS can be used by installing one of these apps (you will need to convince your contacts to install these apps too):&lt;br /&gt;
&lt;br /&gt;
* [https://dekusms.com/ DekuSMS]: E2EE for SMS messages. Needs Android 7 or later. Image sharing over SMS (not MMS)&lt;br /&gt;
* [https://f-droid.org/packages/org.smssecure.smssecure/ Silence]: Not updated anymore. Fork of an old [https://signal.org/ Signal] version. E2EE SMS. Supports SMS over VoWiFi. Android 6 or later. Latest version is crashing so download an older build.&lt;br /&gt;
* [https://github.com/amnesica/KryptEY KryptEY]: If any of these apps don&#039;t work for you, there is [https://github.com/amnesica/KryptEY KryptEY]. It is an innovative app that can turn any chat app into an E2EE one by auto encrypting/decrypting messages and being your secondary keyboard. Uses [https://signal.org/ Signal] encryption too. Switching between keyboards may be exhausting for your contacts so choose if there are no other options.&lt;br /&gt;
|&lt;br /&gt;
* [https://briarproject.org/ Briar]&lt;br /&gt;
* [https://meshtastic.org/ Meshtastic]&lt;br /&gt;
* [https://play.google.com/store/apps/details?id=com.google.android.apps.messaging Google Messages]&lt;br /&gt;
* [https://play.google.com/store/apps/details?id=com.samsung.android.messaging Samsung Messages]&lt;br /&gt;
* [https://dekusms.com/ DekuSMS]&lt;br /&gt;
* [https://f-droid.org/packages/org.smssecure.smssecure/ Silence]&lt;br /&gt;
* [https://github.com/amnesica/KryptEY KryptEY]&lt;br /&gt;
* [https://signal.org/ Signal]&lt;br /&gt;
|-&lt;br /&gt;
|Navigation&lt;br /&gt;
|Being able to navigate without doxxing yourself to GSM towers is important. This means your location will be known by one less entity. Also do not trust coverage of your GSM, it can just fail (only trust it as a fallback). Use [https://www.comaps.app/ CoMaps] (fork of [https://organicmaps.app/ Organic Maps]) or [https://osmand.net/ OsmAnd+] and download maps for your city and other places you can be in. [https://www.comaps.app/ CoMaps] doesn&#039;t have bus routes support still AFAIK, so I keep both apps installed just in case. If you need a nice UI and bus support, you can try using [https://maps.me/ MAPS.ME], but it is proprietary.&lt;br /&gt;
|&lt;br /&gt;
* [https://www.comaps.app/ CoMaps]&lt;br /&gt;
* [https://organicmaps.app/ Organic Maps]&lt;br /&gt;
* [https://osmand.net/ OsmAnd+]&lt;br /&gt;
* [https://maps.me/ MAPS.ME]&lt;br /&gt;
|-&lt;br /&gt;
|Using LLMs (maybe)&lt;br /&gt;
|If your phone has a powerful CPU and plenty of RAM you can try running LLMs on it. It can be sometimes faster to ask an LLM instead of searching inside archives. The con here being heavy battery usage and risk of hallucination by LLM software. Install [https://github.com/Mobile-Artificial-Intelligence/maid Maid] app.&lt;br /&gt;
|&lt;br /&gt;
* [https://github.com/Mobile-Artificial-Intelligence/maid Maid]&lt;br /&gt;
|-&lt;br /&gt;
|Translation&lt;br /&gt;
|Translators are useful especially between English and your main tongue. You can use [https://github.com/niedev/OfflineTranslator Offline Translator]. It is not the best, but it will do the job. &lt;br /&gt;
You can still use [https://translate.google.com/ Google Translate] / [https://translate.yandex.com/ Yandex Translate] offline translation feature, but they are proprietary.&lt;br /&gt;
|&lt;br /&gt;
* [https://github.com/niedev/OfflineTranslator Offline Translator]&lt;br /&gt;
* [https://translate.google.com/ Google Translate]&lt;br /&gt;
* [https://translate.yandex.com/ Yandex Translate]&lt;br /&gt;
|-&lt;br /&gt;
|Entertainment&lt;br /&gt;
|I use [https://gitlab.com/proninyaroslav/libretorrent LibreTorrent] to download movies into my phone for later viewing. If there are no torrents for them, I use [https://play.google.com/store/apps/details?id=idm.internet.download.manager 1DM] (proprietary) to scrape movie websites. &lt;br /&gt;
For games, I have [https://www.retroarch.com/ RetroArch] with several game packs installed for several emulators. You can download other games like [https://f-droid.org/packages/org.petero.droidfish/ Droid Fish] (Chess Engine) and [https://www.luanti.org/ Luanti] too. I try to choose sandbox or board games since they are replayable anytime.&lt;br /&gt;
You may download news articles that interests you to read. I was using [https://github.com/jiahaog/nativeio-hackernews Hacki] (Hacker News client) to download tech related news and read when I need to pass time outside. Most RSS readers (I recommend [https://f-droid.org/packages/com.nononsenseapps.feeder/ Feeder] and [https://github.com/readrops/Readrops Readrops]) allow you to read articles offline and then sync read status with your computers.&lt;br /&gt;
&lt;br /&gt;
You can use your phone as an e-book reader too. I was using [https://koreader.rocks/ KOReader] and [https://play.google.com/store/apps/details?id=org.readera ReadEra] (proprietary) to read my e-books.&lt;br /&gt;
&lt;br /&gt;
Download local music onto your phone. So you can listen anytime. [https://music.youtube.com/ YouTube Music] (proprietary) has a feature called “Smart Downloads” that automatically downloads songs you may like. [https://github.com/knighthat/Kreate Kreate] caches the songs you have listened to for offline listening. But the best method is just downloading songs using tools like [https://lucida.to/ Lucida] or [https://squid.wtf/ Squid WTF] into your phone. You can use [https://newpipe.net/ NewPipe] or [https://github.com/deniscerri/ytdlnis YTDLnis]/[https://github.com/JunkFood02/Seal Seal] to download songs from YouTube. Then install a player like [https://www.videolan.org/vlc/download-android.html VLC] to listen to them. Other proprietary apps like [https://open.spotify.com/ Spotify] can remove songs from your device if you connect to their servers at any time for copyright and other purposes.&lt;br /&gt;
&lt;br /&gt;
Download podcasts that interest you. [https://antennapod.org/ AntennaPod] has a feature that can auto-download content when they are available.&lt;br /&gt;
|&lt;br /&gt;
* [https://gitlab.com/proninyaroslav/libretorrent LibreTorrent]&lt;br /&gt;
* [https://play.google.com/store/apps/details?id=idm.internet.download.manager 1DM]&lt;br /&gt;
* [https://www.retroarch.com/ RetroArch]&lt;br /&gt;
* [https://f-droid.org/packages/org.petero.droidfish/ Droid Fish]&lt;br /&gt;
* [https://www.luanti.org/ Luanti]&lt;br /&gt;
* [https://github.com/jiahaog/nativeio-hackernews Hacki]&lt;br /&gt;
* [https://f-droid.org/packages/com.nononsenseapps.feeder/ Feeder]&lt;br /&gt;
* [https://github.com/readrops/Readrops Readrops]&lt;br /&gt;
* [https://koreader.rocks/ KOReader]&lt;br /&gt;
* [https://play.google.com/store/apps/details?id=org.readera ReadEra]&lt;br /&gt;
* [https://music.youtube.com/ YouTube Music]&lt;br /&gt;
* [https://github.com/knighthat/Kreate Kreate]&lt;br /&gt;
* [https://lucida.to/ Lucida]&lt;br /&gt;
* [https://squid.wtf/ Squid WTF]&lt;br /&gt;
* [https://newpipe.net/ NewPipe]&lt;br /&gt;
* [https://github.com/deniscerri/ytdlnis YTDLnis]&lt;br /&gt;
* [https://github.com/JunkFood02/Seal Seal]&lt;br /&gt;
* [https://www.videolan.org/vlc/download-android.html VLC]&lt;br /&gt;
* [https://open.spotify.com/ Spotify]&lt;br /&gt;
* [https://antennapod.org/ AntennaPod]&lt;br /&gt;
|-&lt;br /&gt;
|General Real Life Helpers&lt;br /&gt;
|You can download the multipurpose [https://github.com/mikesemick/trail-sense Trail Sense] app. It has features you will need when outside. Compass, turning paper maps into digital ones with GPS, checking whatever a surface is really flat, convert between units, metal detector, mirror mode (so you do not take accidental selfies), save the path you walked, ruler, QR scanner, white noise and more. It has a built-in survival guide too for emergencies.&lt;br /&gt;
There is an app similar to [https://github.com/mikesemick/trail-sense Trail Sense] called [https://phyphox.org/ Phyphox]. It is mostly intended for science experiments. It allows you to use your phone sensors to measure anything your phone supports.&lt;br /&gt;
&lt;br /&gt;
The other useful app is [https://github.com/ligi/SurvivalManual Survival Manual]. The name explains all.&lt;br /&gt;
&lt;br /&gt;
Also, there are many apps that extend the core features of a phone. [https://f-droid.org/packages/arity.calculator/ Arity calculator] has a 3D graph feature which might be useful for visualizing data. Some calculator apps offer currency conversion even when you are offline by caching up-to-date indexes automatically. &lt;br /&gt;
|&lt;br /&gt;
* [https://github.com/mikesemick/trail-sense Trail Sense]&lt;br /&gt;
* [https://phyphox.org/ Phyphox]&lt;br /&gt;
* [https://github.com/ligi/SurvivalManual Survival Manual]&lt;br /&gt;
* [https://f-droid.org/packages/arity.calculator/ Arity calculator]&lt;br /&gt;
|-&lt;br /&gt;
|Memory Helpers&lt;br /&gt;
|A note-taking app and a password manager is very helpful outside. For noting I use [https://github.com/quillpad/quillpad Quill Pad]. For passwords, I use [https://www.keepassdx.com/ KeepassDX]. You can prefer [https://bitwarden.com/ Bitwarden] for easier sync. They should be able to run offline and sync only when you connect to a network.&lt;br /&gt;
|&lt;br /&gt;
* [https://github.com/quillpad/quillpad Quill Pad]&lt;br /&gt;
* [https://www.keepassdx.com/ KeepassDX]&lt;br /&gt;
* [https://bitwarden.com/ Bitwarden]&lt;br /&gt;
|-&lt;br /&gt;
|Wallet App&lt;br /&gt;
|You can use [https://f-droid.org/packages/org.woheller69.cwallet/ OSS Card Wallet] to remember your card details even if you don&#039;t have them outside.&lt;br /&gt;
|&lt;br /&gt;
* [https://f-droid.org/packages/org.woheller69.cwallet/ OSS Card Wallet]&lt;br /&gt;
|-&lt;br /&gt;
|File transfer&lt;br /&gt;
|Consider installing [https://localsend.org/ Local Send] to you and your friends phones. So you can transfer files easily if you are on same Wi-Fi network (you can always use your hotspot too).&lt;br /&gt;
|&lt;br /&gt;
* [https://localsend.org/ Local Send]&lt;br /&gt;
|}&lt;/div&gt;</summary>
		<author><name>Admin</name></author>
	</entry>
	<entry>
		<id>https://wiki.n216.dedyn.io/index.php?title=The_Offline-First_Mobile_Setup&amp;diff=35</id>
		<title>The Offline-First Mobile Setup</title>
		<link rel="alternate" type="text/html" href="https://wiki.n216.dedyn.io/index.php?title=The_Offline-First_Mobile_Setup&amp;diff=35"/>
		<updated>2026-05-17T18:39:09Z</updated>

		<summary type="html">&lt;p&gt;Admin: /* What do you need from a phone? */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== Offline-First Emergency and Private Phone Setup ==&lt;br /&gt;
Most of the tracking by companies are done using online connections. So the fastest and easiest way to prevent that is to take your phone into airplane mode, assuming your phone manufacturer didn&#039;t put any backdoors in airplane mode function (they probably did, but it is still a valuable feature).&lt;br /&gt;
&lt;br /&gt;
If you have root, you can use a feature of [https://github.com/ukanth/afwall AFWall+] to prevent apps from accessing internet without having to give VPN slot to it or its alternatives. Alternatively you can use root to remove the internet permission from apps. Some ROMs like [https://www.mi.com/global/hyperos/ HyperOS] (aka MIUI) and [https://grapheneos.org/ Graphene OS] allows you to do this without having root. It also reduces mobile data usage and cost.&lt;br /&gt;
&lt;br /&gt;
The second use case for going offline-first is being able to use your phone in an emergency when internet services are not available (examples include earthquakes and regular service disruptions an ISP/GSM can have).&lt;br /&gt;
&lt;br /&gt;
Third use case is you are guaranteeing being able to access what is necessary for you in a censorship situation. What you already downloaded can not be deleted remotely in most cases (there was a case when Huawei phones deleted photos from peoples gallery to censor info related to protests).&lt;br /&gt;
&lt;br /&gt;
=== What do you need from a phone? ===&lt;br /&gt;
Put your phone away and think what will you miss first if it didn&#039;t even existed. Here is a table of what I thought and solutions I found:&lt;br /&gt;
{| class=&amp;quot;wikitable sortable&amp;quot;&lt;br /&gt;
|+&lt;br /&gt;
!What do I need?&lt;br /&gt;
!Description and Solution&lt;br /&gt;
!Download Link&lt;br /&gt;
|-&lt;br /&gt;
|Being able to research information&lt;br /&gt;
|Internet is a valuable research tool. We will download the information before requiring it to solve this issue. Download [https://kiwix.org/en/download/ Kiwix] in your phone. Then download sources which you think it will be useful. My recommendations are:&lt;br /&gt;
&lt;br /&gt;
* Wikipedia: Try to download the largest edition of Wikipedia from the list. It will cost a lot of storage. But it worths it since you can use it as a dictionary too. You can download Wiktionary too if you want a separate dictionary.&lt;br /&gt;
* Gutenberg Project: Collection of books in a single file.&lt;br /&gt;
* Stack Overflow/Stack Exchange collection: If you have a computer you need to fix, consider adding them to help you.&lt;br /&gt;
* Arch/Alpine/Gentoo Wiki: Specialized wikis when you need Linux manuals.&lt;br /&gt;
* iFixit: Hardware repair guides.&lt;br /&gt;
* Xkcd: Nerdy comics.&lt;br /&gt;
&lt;br /&gt;
This should cover most needs. You can always download more resources afterward.&lt;br /&gt;
&lt;br /&gt;
If you want to have a separate dictionary app, consider installing [https://github.com/itkach/slob Aard2] or [https://github.com/rdoeffinger/Dictionary QuickDic]. They are faster for day to day use.&lt;br /&gt;
&lt;br /&gt;
You may want to download [https://linuxcommandlibrary.com/ Linux Command Library] app to look up useful commands faster.&lt;br /&gt;
&lt;br /&gt;
There is a dedicated app called [https://play.google.com/store/search?q=wtf+abbreviations WTF] for checking abbreviations meaning.&lt;br /&gt;
|&lt;br /&gt;
* [https://kiwix.org/en/download/ Kiwix]&lt;br /&gt;
* [https://github.com/itkach/aard2-android Aard2]&lt;br /&gt;
* [https://github.com/rdoeffinger/Dictionary QuickDic]&lt;br /&gt;
* [https://linuxcommandlibrary.com/ Linux Command Library]&lt;br /&gt;
* [https://play.google.com/store/search?q=wtf+abbreviations WTF]&lt;br /&gt;
|-&lt;br /&gt;
|Communication&lt;br /&gt;
|Phones original reason to exist. Connecting people. &lt;br /&gt;
You can use [https://briarproject.org/ Briar] to send messages without requiring internet, but you will need to convince other people to install it too. [https://briarproject.org/ Briar] can send messages using Wi-Fi, Bluetooth, and Tor (if you want internet as a fallback). If your city has many people using [https://briarproject.org/ Briar], the coverage, and range will be better.  &lt;br /&gt;
&lt;br /&gt;
Alternatively you can use [https://meshtastic.org/ Meshtastic] devices paired to your phone if there are volunteer-run [https://meshtastic.org/ Meshtastic] antennas near you. &lt;br /&gt;
&lt;br /&gt;
If you are not sure about coverage of [https://briarproject.org/ Briar]/[https://meshtastic.org/ Meshtastic] or just want a fallback, consider RCS or encrypted SMS. They are not the most secure or private methods. But as long as you have a signal they will work. DO NOT use SMS without encryption if you want contents of the message to be private. RCS sadly only works on proprietary messengers like [https://play.google.com/store/apps/details?id=com.google.android.apps.messaging Google Messages] or [https://play.google.com/store/apps/details?id=com.samsung.android.messaging Samsung Messages]. Encrypted SMS can be used by installing one of these apps (you will need to convince your contacts to install these apps too):&lt;br /&gt;
&lt;br /&gt;
* [https://dekusms.com/ DekuSMS]: E2EE for SMS messages. Needs Android 7 or later. Image sharing over SMS (not MMS)&lt;br /&gt;
* [https://f-droid.org/packages/org.smssecure.smssecure/ Silence]: Not updated anymore. Fork of an old [https://signal.org/ Signal] version. E2EE SMS. Supports SMS over VoWiFi. Android 6 or later. Latest version is crashing so download an older build.&lt;br /&gt;
* [https://github.com/amnesica/KryptEY KryptEY]: If any of these apps don&#039;t work for you, there is [https://github.com/amnesica/KryptEY KryptEY]. It is an innovative app that can turn any chat app into an E2EE one by auto encrypting/decrypting messages and being your secondary keyboard. Uses [https://signal.org/ Signal] encryption too. Switching between keyboards may be exhausting for your contacts so choose if there are no other options.&lt;br /&gt;
|&lt;br /&gt;
* [https://briarproject.org/ Briar]&lt;br /&gt;
* [https://meshtastic.org/ Meshtastic]&lt;br /&gt;
* [https://play.google.com/store/apps/details?id=com.google.android.apps.messaging Google Messages]&lt;br /&gt;
* [https://play.google.com/store/apps/details?id=com.samsung.android.messaging Samsung Messages]&lt;br /&gt;
* [https://dekusms.com/ DekuSMS]&lt;br /&gt;
* [https://f-droid.org/packages/org.smssecure.smssecure/ Silence]&lt;br /&gt;
* [https://github.com/amnesica/KryptEY KryptEY]&lt;br /&gt;
* [https://signal.org/ Signal]&lt;br /&gt;
|-&lt;br /&gt;
|Navigation&lt;br /&gt;
|Being able to navigate without doxxing yourself to GSM towers is important. This means your location will be known by one less entity. Also do not trust coverage of your GSM, it can just fail (only trust it as a fallback). Use [https://www.comaps.app/ CoMaps] (fork of [https://organicmaps.app/ Organic Maps]) or [https://osmand.net/ OsmAnd+] and download maps for your city and other places you can be in. [https://www.comaps.app/ CoMaps] doesn&#039;t have bus routes support still AFAIK, so I keep both apps installed just in case. If you need a nice UI and bus support, you can try using [https://maps.me/ MAPS.ME], but it is proprietary.&lt;br /&gt;
|&lt;br /&gt;
* [https://www.comaps.app/ CoMaps]&lt;br /&gt;
* [https://organicmaps.app/ Organic Maps]&lt;br /&gt;
* [https://osmand.net/ OsmAnd+]&lt;br /&gt;
* [https://maps.me/ MAPS.ME]&lt;br /&gt;
|-&lt;br /&gt;
|Using LLMs (maybe)&lt;br /&gt;
|If your phone has a powerful CPU and plenty of RAM you can try running LLMs on it. It can be sometimes faster to ask an LLM instead of searching inside archives. The con here being heavy battery usage and risk of hallucination by LLM software. Install [https://github.com/Mobile-Artificial-Intelligence/maid Maid] app.&lt;br /&gt;
|&lt;br /&gt;
* [https://github.com/Mobile-Artificial-Intelligence/maid Maid]&lt;br /&gt;
|-&lt;br /&gt;
|Translation&lt;br /&gt;
|Translators are useful especially between English and your main tongue. You can use [https://github.com/niedev/OfflineTranslator Offline Translator]. It is not the best, but it will do the job. &lt;br /&gt;
You can still use [https://translate.google.com/ Google Translate] / [https://translate.yandex.com/ Yandex Translate] offline translation feature, but they are proprietary.&lt;br /&gt;
|&lt;br /&gt;
* [https://github.com/niedev/OfflineTranslator Offline Translator]&lt;br /&gt;
* [https://translate.google.com/ Google Translate]&lt;br /&gt;
* [https://translate.yandex.com/ Yandex Translate]&lt;br /&gt;
|-&lt;br /&gt;
|Entertainment&lt;br /&gt;
|I use [https://gitlab.com/proninyaroslav/libretorrent LibreTorrent] to download movies into my phone for later viewing. If there are no torrents for them, I use [https://play.google.com/store/apps/details?id=idm.internet.download.manager 1DM] (proprietary) to scrape movie websites. &lt;br /&gt;
For games, I have [https://www.retroarch.com/ RetroArch] with several game packs installed for several emulators. You can download other games like [https://f-droid.org/packages/org.petero.droidfish/ Droid Fish] (Chess Engine) and [https://www.luanti.org/ Luanti] too. I try to choose sandbox or board games since they are replayable anytime.&lt;br /&gt;
You may download news articles that interests you to read. I was using [https://github.com/jiahaog/nativeio-hackernews Hacki] (Hacker News client) to download tech related news and read when I need to pass time outside. Most RSS readers (I recommend [https://f-droid.org/packages/com.nononsenseapps.feeder/ Feeder] and [https://github.com/readrops/Readrops Readrops]) allow you to read articles offline and then sync read status with your computers.&lt;br /&gt;
&lt;br /&gt;
You can use your phone as an e-book reader too. I was using [https://koreader.rocks/ KOReader] and [https://play.google.com/store/apps/details?id=org.readera ReadEra] (proprietary) to read my e-books.&lt;br /&gt;
&lt;br /&gt;
Download local music onto your phone. So you can listen anytime. [https://music.youtube.com/ YouTube Music] (proprietary) has a feature called “Smart Downloads” that automatically downloads songs you may like. [https://github.com/knighthat/Kreate Kreate] caches the songs you have listened to for offline listening. But the best method is just downloading songs using tools like [https://lucida.to/ Lucida] or [https://squid.wtf/ Squid WTF] into your phone. You can use [https://newpipe.net/ NewPipe] or [https://github.com/deniscerri/ytdlnis YTDLnis]/[https://github.com/JunkFood02/Seal Seal] to download songs from YouTube. Then install a player like [https://www.videolan.org/vlc/download-android.html VLC] to listen to them. Other proprietary apps like [https://open.spotify.com/ Spotify] can remove songs from your device if you connect to their servers at any time for copyright and other purposes.&lt;br /&gt;
&lt;br /&gt;
Download podcasts that interest you. [https://antennapod.org/ AntennaPod] has a feature that can auto-download content when they are available.&lt;br /&gt;
|&lt;br /&gt;
* [https://gitlab.com/proninyaroslav/libretorrent LibreTorrent]&lt;br /&gt;
* [https://play.google.com/store/apps/details?id=idm.internet.download.manager 1DM]&lt;br /&gt;
* [https://www.retroarch.com/ RetroArch]&lt;br /&gt;
* [https://f-droid.org/packages/org.petero.droidfish/ Droid Fish]&lt;br /&gt;
* [https://www.luanti.org/ Luanti]&lt;br /&gt;
* [https://github.com/jiahaog/nativeio-hackernews Hacki]&lt;br /&gt;
* [https://f-droid.org/packages/com.nononsenseapps.feeder/ Feeder]&lt;br /&gt;
* [https://github.com/readrops/Readrops Readrops]&lt;br /&gt;
* [https://koreader.rocks/ KOReader]&lt;br /&gt;
* [https://play.google.com/store/apps/details?id=org.readera ReadEra]&lt;br /&gt;
* [https://music.youtube.com/ YouTube Music]&lt;br /&gt;
* [https://github.com/knighthat/Kreate Kreate]&lt;br /&gt;
* [https://lucida.to/ Lucida]&lt;br /&gt;
* [https://squid.wtf/ Squid WTF]&lt;br /&gt;
* [https://newpipe.net/ NewPipe]&lt;br /&gt;
* [https://github.com/deniscerri/ytdlnis YTDLnis]&lt;br /&gt;
* [https://github.com/JunkFood02/Seal Seal]&lt;br /&gt;
* [https://www.videolan.org/vlc/download-android.html VLC]&lt;br /&gt;
* [https://open.spotify.com/ Spotify]&lt;br /&gt;
* [https://antennapod.org/ AntennaPod]&lt;br /&gt;
|-&lt;br /&gt;
|General Real Life Helpers&lt;br /&gt;
|You can download the multipurpose [https://github.com/mikesemick/trail-sense Trail Sense] app. It has features you will need when outside. Compass, turning paper maps into digital ones with GPS, checking whatever a surface is really flat, convert between units, metal detector, mirror mode (so you do not take accidental selfies), save the path you walked, ruler, QR scanner, white noise and more. It has a built-in survival guide too for emergencies.&lt;br /&gt;
There is an app similar to [https://github.com/mikesemick/trail-sense Trail Sense] called [https://phyphox.org/ Phyphox]. It is mostly intended for science experiments. It allows you to use your phone sensors to measure anything your phone supports.&lt;br /&gt;
&lt;br /&gt;
The other useful app is [https://github.com/ligi/SurvivalManual Survival Manual]. The name explains all.&lt;br /&gt;
&lt;br /&gt;
Also, there are many apps that extend the core features of a phone. [https://f-droid.org/packages/arity.calculator/ Arity calculator] has a 3D graph feature which might be useful for visualizing data. Some calculator apps offer currency conversion even when you are offline by caching up-to-date indexes automatically. &lt;br /&gt;
|&lt;br /&gt;
* [https://github.com/mikesemick/trail-sense Trail Sense]&lt;br /&gt;
* [https://phyphox.org/ Phyphox]&lt;br /&gt;
* [https://github.com/ligi/SurvivalManual Survival Manual]&lt;br /&gt;
* [https://f-droid.org/packages/arity.calculator/ Arity calculator]&lt;br /&gt;
|-&lt;br /&gt;
|Memory Helpers&lt;br /&gt;
|A note-taking app and a password manager is very helpful outside. For noting I use [https://github.com/quillpad/quillpad Quill Pad]. For passwords, I use [https://www.keepassdx.com/ KeepassDX]. You can prefer [https://bitwarden.com/ Bitwarden] for easier sync. They should be able to run offline and sync only when you connect to a network.&lt;br /&gt;
|&lt;br /&gt;
* [https://github.com/quillpad/quillpad Quill Pad]&lt;br /&gt;
* [https://www.keepassdx.com/ KeepassDX]&lt;br /&gt;
* [https://bitwarden.com/ Bitwarden]&lt;br /&gt;
|-&lt;br /&gt;
|Wallet App&lt;br /&gt;
|You can use [https://f-droid.org/packages/org.woheller69.cwallet/ OSS Card Wallet] to remember your card details even if you don&#039;t have them outside.&lt;br /&gt;
|&lt;br /&gt;
* [https://f-droid.org/packages/org.woheller69.cwallet/ OSS Card Wallet]&lt;br /&gt;
|-&lt;br /&gt;
|File transfer&lt;br /&gt;
|Consider installing [https://localsend.org/ Local Send] to you and your friends phones. So you can transfer files easily if you are on same Wi-Fi network (you can always use your hotspot too).&lt;br /&gt;
|&lt;br /&gt;
* [https://localsend.org/ Local Send]&lt;br /&gt;
|}&lt;/div&gt;</summary>
		<author><name>Admin</name></author>
	</entry>
	<entry>
		<id>https://wiki.n216.dedyn.io/index.php?title=The_Offline-First_Mobile_Setup&amp;diff=34</id>
		<title>The Offline-First Mobile Setup</title>
		<link rel="alternate" type="text/html" href="https://wiki.n216.dedyn.io/index.php?title=The_Offline-First_Mobile_Setup&amp;diff=34"/>
		<updated>2026-05-17T18:37:32Z</updated>

		<summary type="html">&lt;p&gt;Admin: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== Offline-First Emergency and Private Phone Setup ==&lt;br /&gt;
Most of the tracking by companies are done using online connections. So the fastest and easiest way to prevent that is to take your phone into airplane mode, assuming your phone manufacturer didn&#039;t put any backdoors in airplane mode function (they probably did, but it is still a valuable feature).&lt;br /&gt;
&lt;br /&gt;
If you have root, you can use a feature of [https://github.com/ukanth/afwall AFWall+] to prevent apps from accessing internet without having to give VPN slot to it or its alternatives. Alternatively you can use root to remove the internet permission from apps. Some ROMs like [https://www.mi.com/global/hyperos/ HyperOS] (aka MIUI) and [https://grapheneos.org/ Graphene OS] allows you to do this without having root. It also reduces mobile data usage and cost.&lt;br /&gt;
&lt;br /&gt;
The second use case for going offline-first is being able to use your phone in an emergency when internet services are not available (examples include earthquakes and regular service disruptions an ISP/GSM can have).&lt;br /&gt;
&lt;br /&gt;
Third use case is you are guaranteeing being able to access what is necessary for you in a censorship situation. What you already downloaded can not be deleted remotely in most cases (there was a case when Huawei phones deleted photos from peoples gallery to censor info related to protests).&lt;br /&gt;
&lt;br /&gt;
=== What do you need from a phone? ===&lt;br /&gt;
Put your phone away and think what will you miss first if it didn&#039;t even existed. Here is a table of what I thought and solutions I found:&lt;br /&gt;
{| class=&amp;quot;wikitable sortable&amp;quot;&lt;br /&gt;
|+&lt;br /&gt;
!What do I need?&lt;br /&gt;
!Description and Solution&lt;br /&gt;
!Download Link&lt;br /&gt;
|-&lt;br /&gt;
|Being able to research information&lt;br /&gt;
|Internet is a valuable research tool. We will download the information before requiring it to solve this issue. Download [https://kiwix.org/en/download/ Kiwix] in your phone. Then download sources which you think it will be useful. My recommendations are:&lt;br /&gt;
&lt;br /&gt;
* Wikipedia: Try to download the largest edition of Wikipedia from the list. It will cost a lot of storage. But it worths it since you can use it as a dictionary too. You can download Wiktionary too if you want a separate dictionary.&lt;br /&gt;
* Gutenberg Project: Collection of books in a single file.&lt;br /&gt;
* Stack Overflow/Stack Exchange collection: If you have a computer you need to fix, consider adding them to help you.&lt;br /&gt;
* Arch/Alpine/Gentoo Wiki: Specialized wikis when you need Linux manuals.&lt;br /&gt;
* iFixit: Hardware repair guides.&lt;br /&gt;
* Xkcd: Nerdy comics.&lt;br /&gt;
&lt;br /&gt;
This should cover most needs. You can always download more resources afterward.&lt;br /&gt;
&lt;br /&gt;
If you want to have a separate dictionary app, consider installing [https://github.com/itkach/slob Aard2] or [https://github.com/rdoeffinger/Dictionary QuickDic]. They are faster for day to day use.&lt;br /&gt;
&lt;br /&gt;
You may want to download [https://linuxcommandlibrary.com/ Linux Command Library] app to look up useful commands faster.&lt;br /&gt;
&lt;br /&gt;
There is a dedicated app called [https://play.google.com/store/search?q=wtf+abbreviations WTF] for checking abbreviations meaning.&lt;br /&gt;
|&lt;br /&gt;
* [https://kiwix.org/en/download/ Kiwix]&lt;br /&gt;
* [https://github.com/itkach/slob Aard2]&lt;br /&gt;
* [https://github.com/rdoeffinger/Dictionary QuickDic]&lt;br /&gt;
* [https://linuxcommandlibrary.com/ Linux Command Library]&lt;br /&gt;
* [https://play.google.com/store/search?q=wtf+abbreviations WTF]&lt;br /&gt;
|-&lt;br /&gt;
|Communication&lt;br /&gt;
|Phones original reason to exist. Connecting people. &lt;br /&gt;
You can use [https://briarproject.org/ Briar] to send messages without requiring internet, but you will need to convince other people to install it too. [https://briarproject.org/ Briar] can send messages using Wi-Fi, Bluetooth, and Tor (if you want internet as a fallback). If your city has many people using [https://briarproject.org/ Briar], the coverage, and range will be better.  &lt;br /&gt;
&lt;br /&gt;
Alternatively you can use [https://meshtastic.org/ Meshtastic] devices paired to your phone if there are volunteer-run [https://meshtastic.org/ Meshtastic] antennas near you. &lt;br /&gt;
&lt;br /&gt;
If you are not sure about coverage of [https://briarproject.org/ Briar]/[https://meshtastic.org/ Meshtastic] or just want a fallback, consider RCS or encrypted SMS. They are not the most secure or private methods. But as long as you have a signal they will work. DO NOT use SMS without encryption if you want contents of the message to be private. RCS sadly only works on proprietary messengers like [https://play.google.com/store/apps/details?id=com.google.android.apps.messaging Google Messages] or [https://play.google.com/store/apps/details?id=com.samsung.android.messaging Samsung Messages]. Encrypted SMS can be used by installing one of these apps (you will need to convince your contacts to install these apps too):&lt;br /&gt;
&lt;br /&gt;
* [https://dekusms.com/ DekuSMS]: E2EE for SMS messages. Needs Android 7 or later. Image sharing over SMS (not MMS)&lt;br /&gt;
* [https://f-droid.org/packages/org.smssecure.smssecure/ Silence]: Not updated anymore. Fork of an old [https://signal.org/ Signal] version. E2EE SMS. Supports SMS over VoWiFi. Android 6 or later. Latest version is crashing so download an older build.&lt;br /&gt;
* [https://github.com/amnesica/KryptEY KryptEY]: If any of these apps don&#039;t work for you, there is [https://github.com/amnesica/KryptEY KryptEY]. It is an innovative app that can turn any chat app into an E2EE one by auto encrypting/decrypting messages and being your secondary keyboard. Uses [https://signal.org/ Signal] encryption too. Switching between keyboards may be exhausting for your contacts so choose if there are no other options.&lt;br /&gt;
|&lt;br /&gt;
* [https://briarproject.org/ Briar]&lt;br /&gt;
* [https://meshtastic.org/ Meshtastic]&lt;br /&gt;
* [https://play.google.com/store/apps/details?id=com.google.android.apps.messaging Google Messages]&lt;br /&gt;
* [https://play.google.com/store/apps/details?id=com.samsung.android.messaging Samsung Messages]&lt;br /&gt;
* [https://dekusms.com/ DekuSMS]&lt;br /&gt;
* [https://f-droid.org/packages/org.smssecure.smssecure/ Silence]&lt;br /&gt;
* [https://github.com/amnesica/KryptEY KryptEY]&lt;br /&gt;
* [https://signal.org/ Signal]&lt;br /&gt;
|-&lt;br /&gt;
|Navigation&lt;br /&gt;
|Being able to navigate without doxxing yourself to GSM towers is important. This means your location will be known by one less entity. Also do not trust coverage of your GSM, it can just fail (only trust it as a fallback). Use [https://www.comaps.app/ CoMaps] (fork of [https://organicmaps.app/ Organic Maps]) or [https://osmand.net/ OsmAnd+] and download maps for your city and other places you can be in. [https://www.comaps.app/ CoMaps] doesn&#039;t have bus routes support still AFAIK, so I keep both apps installed just in case. If you need a nice UI and bus support, you can try using [https://maps.me/ MAPS.ME], but it is proprietary.&lt;br /&gt;
|&lt;br /&gt;
* [https://www.comaps.app/ CoMaps]&lt;br /&gt;
* [https://organicmaps.app/ Organic Maps]&lt;br /&gt;
* [https://osmand.net/ OsmAnd+]&lt;br /&gt;
* [https://maps.me/ MAPS.ME]&lt;br /&gt;
|-&lt;br /&gt;
|Using LLMs (maybe)&lt;br /&gt;
|If your phone has a powerful CPU and plenty of RAM you can try running LLMs on it. It can be sometimes faster to ask an LLM instead of searching inside archives. The con here being heavy battery usage and risk of hallucination by LLM software. Install [https://github.com/Mobile-Artificial-Intelligence/maid Maid] app.&lt;br /&gt;
|&lt;br /&gt;
* [https://github.com/Mobile-Artificial-Intelligence/maid Maid]&lt;br /&gt;
|-&lt;br /&gt;
|Translation&lt;br /&gt;
|Translators are useful especially between English and your main tongue. You can use [https://github.com/niedev/OfflineTranslator Offline Translator]. It is not the best, but it will do the job. &lt;br /&gt;
You can still use [https://translate.google.com/ Google Translate] / [https://translate.yandex.com/ Yandex Translate] offline translation feature, but they are proprietary.&lt;br /&gt;
|&lt;br /&gt;
* [https://github.com/niedev/OfflineTranslator Offline Translator]&lt;br /&gt;
* [https://translate.google.com/ Google Translate]&lt;br /&gt;
* [https://translate.yandex.com/ Yandex Translate]&lt;br /&gt;
|-&lt;br /&gt;
|Entertainment&lt;br /&gt;
|I use [https://gitlab.com/proninyaroslav/libretorrent LibreTorrent] to download movies into my phone for later viewing. If there are no torrents for them, I use [https://play.google.com/store/apps/details?id=idm.internet.download.manager 1DM] (proprietary) to scrape movie websites. &lt;br /&gt;
For games, I have [https://www.retroarch.com/ RetroArch] with several game packs installed for several emulators. You can download other games like [https://f-droid.org/packages/org.petero.droidfish/ Droid Fish] (Chess Engine) and [https://www.luanti.org/ Luanti] too. I try to choose sandbox or board games since they are replayable anytime.&lt;br /&gt;
You may download news articles that interests you to read. I was using [https://github.com/jiahaog/nativeio-hackernews Hacki] (Hacker News client) to download tech related news and read when I need to pass time outside. Most RSS readers (I recommend [https://f-droid.org/packages/com.nononsenseapps.feeder/ Feeder] and [https://github.com/readrops/Readrops Readrops]) allow you to read articles offline and then sync read status with your computers.&lt;br /&gt;
&lt;br /&gt;
You can use your phone as an e-book reader too. I was using [https://koreader.rocks/ KOReader] and [https://play.google.com/store/apps/details?id=org.readera ReadEra] (proprietary) to read my e-books.&lt;br /&gt;
&lt;br /&gt;
Download local music onto your phone. So you can listen anytime. [https://music.youtube.com/ YouTube Music] (proprietary) has a feature called “Smart Downloads” that automatically downloads songs you may like. [https://github.com/knighthat/Kreate Kreate] caches the songs you have listened to for offline listening. But the best method is just downloading songs using tools like [https://lucida.to/ Lucida] or [https://squid.wtf/ Squid WTF] into your phone. You can use [https://newpipe.net/ NewPipe] or [https://github.com/deniscerri/ytdlnis YTDLnis]/[https://github.com/JunkFood02/Seal Seal] to download songs from YouTube. Then install a player like [https://www.videolan.org/vlc/download-android.html VLC] to listen to them. Other proprietary apps like [https://open.spotify.com/ Spotify] can remove songs from your device if you connect to their servers at any time for copyright and other purposes.&lt;br /&gt;
&lt;br /&gt;
Download podcasts that interest you. [https://antennapod.org/ AntennaPod] has a feature that can auto-download content when they are available.&lt;br /&gt;
|&lt;br /&gt;
* [https://gitlab.com/proninyaroslav/libretorrent LibreTorrent]&lt;br /&gt;
* [https://play.google.com/store/apps/details?id=idm.internet.download.manager 1DM]&lt;br /&gt;
* [https://www.retroarch.com/ RetroArch]&lt;br /&gt;
* [https://f-droid.org/packages/org.petero.droidfish/ Droid Fish]&lt;br /&gt;
* [https://www.luanti.org/ Luanti]&lt;br /&gt;
* [https://github.com/jiahaog/nativeio-hackernews Hacki]&lt;br /&gt;
* [https://f-droid.org/packages/com.nononsenseapps.feeder/ Feeder]&lt;br /&gt;
* [https://github.com/readrops/Readrops Readrops]&lt;br /&gt;
* [https://koreader.rocks/ KOReader]&lt;br /&gt;
* [https://play.google.com/store/apps/details?id=org.readera ReadEra]&lt;br /&gt;
* [https://music.youtube.com/ YouTube Music]&lt;br /&gt;
* [https://github.com/knighthat/Kreate Kreate]&lt;br /&gt;
* [https://lucida.to/ Lucida]&lt;br /&gt;
* [https://squid.wtf/ Squid WTF]&lt;br /&gt;
* [https://newpipe.net/ NewPipe]&lt;br /&gt;
* [https://github.com/deniscerri/ytdlnis YTDLnis]&lt;br /&gt;
* [https://github.com/JunkFood02/Seal Seal]&lt;br /&gt;
* [https://www.videolan.org/vlc/download-android.html VLC]&lt;br /&gt;
* [https://open.spotify.com/ Spotify]&lt;br /&gt;
* [https://antennapod.org/ AntennaPod]&lt;br /&gt;
|-&lt;br /&gt;
|General Real Life Helpers&lt;br /&gt;
|You can download the multipurpose [https://github.com/mikesemick/trail-sense Trail Sense] app. It has features you will need when outside. Compass, turning paper maps into digital ones with GPS, checking whatever a surface is really flat, convert between units, metal detector, mirror mode (so you do not take accidental selfies), save the path you walked, ruler, QR scanner, white noise and more. It has a built-in survival guide too for emergencies.&lt;br /&gt;
There is an app similar to [https://github.com/mikesemick/trail-sense Trail Sense] called [https://phyphox.org/ Phyphox]. It is mostly intended for science experiments. It allows you to use your phone sensors to measure anything your phone supports.&lt;br /&gt;
&lt;br /&gt;
The other useful app is [https://github.com/ligi/SurvivalManual Survival Manual]. The name explains all.&lt;br /&gt;
&lt;br /&gt;
Also, there are many apps that extend the core features of a phone. [https://f-droid.org/packages/arity.calculator/ Arity calculator] has a 3D graph feature which might be useful for visualizing data. Some calculator apps offer currency conversion even when you are offline by caching up-to-date indexes automatically. &lt;br /&gt;
|&lt;br /&gt;
* [https://github.com/mikesemick/trail-sense Trail Sense]&lt;br /&gt;
* [https://phyphox.org/ Phyphox]&lt;br /&gt;
* [https://github.com/ligi/SurvivalManual Survival Manual]&lt;br /&gt;
* [https://f-droid.org/packages/arity.calculator/ Arity calculator]&lt;br /&gt;
|-&lt;br /&gt;
|Memory Helpers&lt;br /&gt;
|A note-taking app and a password manager is very helpful outside. For noting I use [https://github.com/quillpad/quillpad Quill Pad]. For passwords, I use [https://www.keepassdx.com/ KeepassDX]. You can prefer [https://bitwarden.com/ Bitwarden] for easier sync. They should be able to run offline and sync only when you connect to a network.&lt;br /&gt;
|&lt;br /&gt;
* [https://github.com/quillpad/quillpad Quill Pad]&lt;br /&gt;
* [https://www.keepassdx.com/ KeepassDX]&lt;br /&gt;
* [https://bitwarden.com/ Bitwarden]&lt;br /&gt;
|-&lt;br /&gt;
|Wallet App&lt;br /&gt;
|You can use [https://f-droid.org/packages/org.woheller69.cwallet/ OSS Card Wallet] to remember your card details even if you don&#039;t have them outside.&lt;br /&gt;
|&lt;br /&gt;
* [https://f-droid.org/packages/org.woheller69.cwallet/ OSS Card Wallet]&lt;br /&gt;
|-&lt;br /&gt;
|File transfer&lt;br /&gt;
|Consider installing [https://localsend.org/ Local Send] to you and your friends phones. So you can transfer files easily if you are on same Wi-Fi network (you can always use your hotspot too).&lt;br /&gt;
|&lt;br /&gt;
* [https://localsend.org/ Local Send]&lt;br /&gt;
|}&lt;/div&gt;</summary>
		<author><name>Admin</name></author>
	</entry>
	<entry>
		<id>https://wiki.n216.dedyn.io/index.php?title=The_Offline-First_Mobile_Setup&amp;diff=33</id>
		<title>The Offline-First Mobile Setup</title>
		<link rel="alternate" type="text/html" href="https://wiki.n216.dedyn.io/index.php?title=The_Offline-First_Mobile_Setup&amp;diff=33"/>
		<updated>2026-05-17T18:34:03Z</updated>

		<summary type="html">&lt;p&gt;Admin: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== Offline-First Emergency and Private Phone Setup ==&lt;br /&gt;
Most of the tracking by companies are done using online connections. So the fastest and easiest way to prevent that is to take your phone into airplane mode, assuming your phone manufacturer didn&#039;t put any backdoors in airplane mode function (they probably did, but it is still a valuable feature).&lt;br /&gt;
&lt;br /&gt;
If you have root, you can use a feature of AFWall+ to prevent apps from accessing internet without having to give VPN slot to it or its alternatives. Alternatively you can use root to remove the internet permission from apps. Some ROMs like HyperOS (aka MIUI) and Graphene OS allows you to do this without having root. It also reduces mobile data usage and cost.&lt;br /&gt;
&lt;br /&gt;
The second use case for going offline-first is being able to use your phone in an emergency when internet services are not available (examples include earthquakes and regular service disruptions an ISP/GSM can have).&lt;br /&gt;
&lt;br /&gt;
Third use case is you are guaranteeing being able to access what is necessary for you in a censorship situation. What you already downloaded can not be deleted remotely in most cases (there was a case when Huawei phones deleted photos from peoples gallery to censor info related to protests).&lt;br /&gt;
&lt;br /&gt;
=== What do you need from a phone? ===&lt;br /&gt;
Put your phone away and think what will you miss first if it didn&#039;t even existed. Here is a table of what I thought and solutions I found:&lt;br /&gt;
{| class=&amp;quot;wikitable sortable&amp;quot;&lt;br /&gt;
|+&lt;br /&gt;
!What do I need?&lt;br /&gt;
!Description and Solution&lt;br /&gt;
!Download Link&lt;br /&gt;
|-&lt;br /&gt;
|Being able to research information&lt;br /&gt;
|Internet is a valuable research tool. We will download the information before requiring it to solve this issue. Download Kiwix in your phone. Then download sources which you think it will be useful. My recommendations are:&lt;br /&gt;
&lt;br /&gt;
* Wikipedia: Try to download the largest edition of Wikipedia from the list. It will cost a lot of storage. But it worths it since you can use it as a dictionary too. You can download Wiktionary too if you want a separate dictionary.&lt;br /&gt;
* Gutenberg Project: Collection of books in a single file.&lt;br /&gt;
* Stack Overflow/Stack Exchange collection: If you have a computer you need to fix, consider adding them to help you.&lt;br /&gt;
* Arch/Alpine/Gentoo Wiki: Specialized wikis when you need Linux manuals.&lt;br /&gt;
* iFixit: Hardware repair guides.&lt;br /&gt;
* Xkcd: Nerdy comics.&lt;br /&gt;
&lt;br /&gt;
This should cover most needs. You can always download more resources afterward.&lt;br /&gt;
&lt;br /&gt;
If you want to have a separate dictionary app, consider installing Aard2 or QuickDic. They are faster for day to day use.&lt;br /&gt;
&lt;br /&gt;
You may want to download Linux Command Library app to look up useful commands faster.&lt;br /&gt;
&lt;br /&gt;
There is a dedicated app called WTF for checking abbreviations meaning.&lt;br /&gt;
|&lt;br /&gt;
|-&lt;br /&gt;
|Communication&lt;br /&gt;
|Phones original reason to exist. Connecting people. &lt;br /&gt;
You can use Briar to send messages without requiring internet, but you will need to convince other people to install it too. Briar can send messages using Wi-Fi, Bluetooth, and Tor (if you want internet as a fallback). If your city has many people using Briar, the coverage, and range will be better.  &lt;br /&gt;
&lt;br /&gt;
Alternatively you can use Meshtastic devices paired to your phone if there are volunteer-run MeshTastic antennas near you. &lt;br /&gt;
&lt;br /&gt;
If you are not sure about coverage of Briar/Meshtastic or just want a fallback, consider RCS or encrypted SMS. They are not the most secure or private methods. But as long as you have a signal they will work. DO NOT use SMS without encryption if you want contents of the message to be private. RCS sadly only works on proprietary messengers like Google Messages or Samsung Messages. Encrypted SMS can be used by installing one of these apps (you will need to convince your contacts to install these apps too):&lt;br /&gt;
&lt;br /&gt;
* DekuSMS: E2EE for SMS messages. Needs Android 7 or later. Image sharing over SMS (not MMS)&lt;br /&gt;
* Silence: Not updated anymore. Fork of an old Signal version. E2EE SMS. Supports SMS over VoWiFi. Android 6 or later. Latest version is crashing so download an older build.&lt;br /&gt;
* KryptEY: If any of these apps don&#039;t work for you, there is KryptEY. It is an innovative app that can turn any chat app into an E2EE one by auto encrypting/decrypting messages and being your secondary keyboard. Uses Signal encryption too. Switching between keyboards may be exhausting for your contacts so choose if there are no other options.&lt;br /&gt;
|&lt;br /&gt;
|-&lt;br /&gt;
|Navigation&lt;br /&gt;
|Being able to navigate without doxxing yourself to GSM towers is important. This means your location will be known by one less entity. Also do not trust coverage of your GSM, it can just fail (only trust it as a fallback). Use CoMaps (fork of Organic Maps) or OsmAnd+ and download maps for your city and other places you can be in. CoMaps doesn&#039;t have bus routes support still AFAIK, so I keep both apps installed just in case. If you need a nice UI and bus support, you can try using MAPS.ME, but it is proprietary.&lt;br /&gt;
|&lt;br /&gt;
|-&lt;br /&gt;
|Using LLMs (maybe)&lt;br /&gt;
|If your phone has a powerful CPU and plenty of RAM you can try running LLMs on it. It can be sometimes faster to ask an LLM instead of searching inside archives. The con here being heavy battery usage and risk of hallucination by LLM software. Install Maid app.&lt;br /&gt;
|&lt;br /&gt;
|-&lt;br /&gt;
|Translation&lt;br /&gt;
|Translators are useful especially between English and your main tongue. You can use Offline Translator. It is not the best, but it will do the job. &lt;br /&gt;
You can still use Google/Yandex Translates offline translation feature, but they are proprietary.&lt;br /&gt;
|&lt;br /&gt;
|-&lt;br /&gt;
|Entertainment&lt;br /&gt;
|I use LibreTorrent to download movies into my phone for later viewing. If there are no torrents for them, I use 1DM (proprietary) to scrape movie websites. &lt;br /&gt;
For games, I have RetroArch with several game packs installed for several emulators. You can download other games like Droid Fish (Chess Engine) and Luanti too. I try to choose sandbox or board games since they are replayable anytime.&lt;br /&gt;
You may download news articles that interests you to read. I was using Hacki (Hacker News client) to download tech related news and read when I need to pass time outside. Most RSS readers (I recommend Feeder and Readrops) allow you to read articles offline and then sync read status with your computers.&lt;br /&gt;
&lt;br /&gt;
You can use your phone as an e-book reader too. I was using KOReader and ReadEra (proprietary) to read my e-books.&lt;br /&gt;
&lt;br /&gt;
Download local music onto your phone. So you can listen anytime. YouTube Music (proprietary) has a feature called “Smart Downloads” that automatically downloads songs you may like. Kreate caches the songs you have listened to for offline listening. But the best method is just downloading songs using tools like Lucida or Squid WTF into your phone. You can use NewPipe or YTDLnis/Seal to download songs from YouTube. Then install a player like VLC to listen to them. Other proprietary apps like Spotify can remove songs from your device if you connect to their servers at any time for copyright and other purposes.&lt;br /&gt;
&lt;br /&gt;
Download podcasts that interest you. AntennaPod has a feature that can auto-download content when they are available.&lt;br /&gt;
|&lt;br /&gt;
|-&lt;br /&gt;
|General Real Life Helpers&lt;br /&gt;
|You can download the multipurpose Trail Sense app. It has features you will need when outside. Compass, turning paper maps into digital ones with GPS, checking whatever a surface is really flat, convert between units, metal detector, mirror mode (so you do not take accidental selfies), save the path you walked, ruler, QR scanner, white noise and more. It has a built-in survival guide too for emergencies.&lt;br /&gt;
There is an app similar to Trail Sense called Phyphox. It is mostly intended for science experiments. It allows you to use your phone sensors to measure anything your phone supports.&lt;br /&gt;
&lt;br /&gt;
The other useful app is Survival Manual. The name explains all.&lt;br /&gt;
&lt;br /&gt;
Also, there are many apps that extend the core features of a phone. Arity calculator has a 3D graph feature which might be useful for visualizing data. Some calculator apps offer currency conversion even when you are offline by caching up-to-date indexes automatically. &lt;br /&gt;
|&lt;br /&gt;
|-&lt;br /&gt;
|Memory Helpers&lt;br /&gt;
|A note-taking app and a password manager is very helpful outside. For noting I use Quill Pad. For passwords, I use KeepassDX. You can prefer Bitwarden for easier sync. They should be able to run offline and sync only when you connect to a network.&lt;br /&gt;
|&lt;br /&gt;
|-&lt;br /&gt;
|Wallet App&lt;br /&gt;
|You can use OSS Card Wallet to remember your card details even if you don&#039;t have them outside.&lt;br /&gt;
|&lt;br /&gt;
|-&lt;br /&gt;
|NFC/IR stuff&lt;br /&gt;
|Niche stuff but sometimes helpful. You can create a copy of your public transport card if you ever lose it. Depends on your public transport solution. &lt;br /&gt;
About IR, I rarely use it to control air conditioners when nobody is able to find the remote for some reason.&lt;br /&gt;
|&lt;br /&gt;
|-&lt;br /&gt;
|File transfer&lt;br /&gt;
|Consider installing Local Send to you and your friends phones. So you can transfer files easily if you are on same Wi-Fi network (you can always use your hotspot too).&lt;br /&gt;
|&lt;br /&gt;
|}&lt;/div&gt;</summary>
		<author><name>Admin</name></author>
	</entry>
	<entry>
		<id>https://wiki.n216.dedyn.io/index.php?title=The_Offline-First_Mobile_Setup&amp;diff=32</id>
		<title>The Offline-First Mobile Setup</title>
		<link rel="alternate" type="text/html" href="https://wiki.n216.dedyn.io/index.php?title=The_Offline-First_Mobile_Setup&amp;diff=32"/>
		<updated>2026-05-17T18:25:33Z</updated>

		<summary type="html">&lt;p&gt;Admin: /* What do you need from a phone? */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== Offline-First Emergency and Private Phone Setup ==&lt;br /&gt;
Most of the tracking by companies are done using online connections. So the fastest and easiest way to prevent that is to take your phone into airplane mode, assuming your phone manufacturer didn&#039;t put any backdoors in airplane mode function (they probably did, but it is still a valuable feature).&lt;br /&gt;
&lt;br /&gt;
If you have root, you can use a feature of AFWall+ to prevent apps from accessing internet without having to give VPN slot to it or its alternatives. Alternatively you can use root to remove the internet permission from apps. Some ROMs like HyperOS (aka MIUI) and Graphene OS allows you to do this without having root. It also reduces mobile data usage and cost.&lt;br /&gt;
&lt;br /&gt;
The second use case for going offline-first is being able to use your phone in an emergency when internet services are not available (examples include earthquakes and regular service disruptions an ISP/GSM can have).&lt;br /&gt;
&lt;br /&gt;
Third use case is you are guaranteeing being able to access what is necessary for you in a censorship situation. What you already downloaded can not be deleted remotely in most cases (there was a case when Huawei phones deleted photos from peoples gallery to censor info related to protests).&lt;br /&gt;
&lt;br /&gt;
=== What do you need from a phone? ===&lt;br /&gt;
Put your phone away and think what will you miss first if it didn&#039;t even existed. Here is a table of what I thought and solutions I found:&lt;br /&gt;
{| class=&amp;quot;wikitable sortable&amp;quot;&lt;br /&gt;
|+&lt;br /&gt;
!What do I need?&lt;br /&gt;
!Description and Solution&lt;br /&gt;
!Download Link&lt;br /&gt;
|-&lt;br /&gt;
|Being able to research information&lt;br /&gt;
|Internet is a valuable research tool. We will download the information before needing it to solve this issue. Download Kiwix in your phone. Then download sources which you think it will be useful. My recommendations are:&lt;br /&gt;
&lt;br /&gt;
* Wikipedia: Try to download the largest edition of Wikipedia from the list. It will cost a lot of storage. But it worths it since you can use it as a dictionary too. You can download Wiktionary too if you want a separate dictionary.&lt;br /&gt;
* Gutenberg Project: Collection of books in a single file.&lt;br /&gt;
* StackOverFlow/StackExchange collection: If you have a computer you need to fix, consider adding them to help you.&lt;br /&gt;
* Arch/Alpine/Gentoo Wiki: Specialized wikis when you need Linux manuals.&lt;br /&gt;
* iFixit: Hardware repair guides.&lt;br /&gt;
* Xkcd: Nerdy comics.&lt;br /&gt;
&lt;br /&gt;
This should cover most needs. You can always download more resources afterwards.&lt;br /&gt;
&lt;br /&gt;
If you want to have a separate dictionary app, consider installing Aard2 or QuickDic. They are faster for day to day use.&lt;br /&gt;
&lt;br /&gt;
You may want to download Linux Command Library app to look up useful commands faster.&lt;br /&gt;
&lt;br /&gt;
There is a dedicated app called WTF for checking abbreviations meaning.&lt;br /&gt;
|&lt;br /&gt;
|-&lt;br /&gt;
|Communication&lt;br /&gt;
|Phones original reason to exist. Connecting people. &lt;br /&gt;
You can use Briar to send messages without needing internet but you will need to convince other people to install it too. Briar can send messages using Wi-Fi, Bluetooth and Tor (if you want internet as a fallback). If your city has many people using Briar, the coverage and range will be better.  &lt;br /&gt;
&lt;br /&gt;
Alternatively you can use Meshtastic devices paired to your phone if there are volunteer-run MeshTastic antennas near you. &lt;br /&gt;
&lt;br /&gt;
If you are not sure about coverage of Briar/Meshtastic or just want a fallback, consider RCS or encrypted SMS. They are not the most secure or private methods. But as long as you have a signal they will work. DO NOT use SMS without encryption if you want contents of the message to be private. RCS sadly only works on proprietary messengers like Google Messages or Samsung Messages. Encrypted SMS can be used by installing one of these apps (you will need to convinve your contacts to install these apps too):&lt;br /&gt;
&lt;br /&gt;
* DekuSMS: E2EE for SMS messages. Needs Android 7 or later. Image sharing over SMS (not MMS)&lt;br /&gt;
* Silence: Not updated anymore. Fork of an old Signal version. E2EE SMS. Supports SMS over VoWiFi. Android 6 or later. Latest version is crashing so download an older build.&lt;br /&gt;
* KryptEY: If any of these apps don&#039;t work for you, there is KryptEY. It is an innovative app that can turn any chat app into an E2EE one by auto encypting/decrypting messages and being your secondary keyboard. Uses Signal encryption too. Switching between keyboards may be exhausting for your contacts so choose if there are no other options.&lt;br /&gt;
|&lt;br /&gt;
|-&lt;br /&gt;
|Navigation&lt;br /&gt;
|Being able to navigate without doxxing yourself to GSM towers is important. This means your location will be known by one less entity. Also do not trust coverage of your GSM, it can just fail (only trust it as a fallback). Use CoMaps (fork of Organic Maps) or OSMAnd+ and download maps for your city and other places you can been to. CoMaps doesn&#039;t have bus routes support still afaik so I keep both apps installed just in case. If you need a nice UI and bus support, you can try using MapsMe but it is proprietary.&lt;br /&gt;
|&lt;br /&gt;
|-&lt;br /&gt;
|Using LLMs (maybe)&lt;br /&gt;
|If your phone has a powerful CPU and plenty of RAM you can try running LLMs on it. It can be sometimes faster to ask an LLM instead of searching inside archives. The con here being heavy battery usage and risk of hallucination by LLM software. Install Maid app.&lt;br /&gt;
|&lt;br /&gt;
|-&lt;br /&gt;
|Translation&lt;br /&gt;
|Translators are useful especially between English and your main tongue. You can use Offline Translator. It is not the best but it will do the job. &lt;br /&gt;
You can still use Google/Yandex Translates offline translation feature but they are proprietary.&lt;br /&gt;
|&lt;br /&gt;
|-&lt;br /&gt;
|Entertainment&lt;br /&gt;
|I use LibreTorrent to download movies into my phone for later viewing. If there are no torrents for them I use 1DM (proprietary) to scrape movie websites. &lt;br /&gt;
For games I have RetroArch with several game packs installed for several emulators. You can download other games like DroidFish (Chess Engine) and Luanti too. I try to choose sandbox or board games since they are replayable anytime.&lt;br /&gt;
You may download news articles that interests you to read. I was using Hacki (HackerNews client) to download tech related news and read when I need to pass time outside. Most RSS readers (I recommend Feeder and Readrops) allow you to read articles offline and then sync read status with your computers.&lt;br /&gt;
&lt;br /&gt;
You can use your phone as a ebook reader too. I was using KOReader and ReadEra (proprietary) to read my ebooks.&lt;br /&gt;
&lt;br /&gt;
Download local music onto your phone. So you can listen anytime. YouTube Music (proprietary) has a feature called &amp;quot;Smart Downloads&amp;quot; that automatically downloads songs you may like. Kreate caches the songs you have listened to for offline listening. But the best method is just downloading songs using tools like Lucida or SquidWTF into your phone. You can use NewPipe or YTDLnis/Seal to download songs from YouTube. Then install a player like VLC to listen to them. Other proprietary apps like Spotify can remove songs from your device if you connect to their servers at any time for copyright and other purposes.&lt;br /&gt;
&lt;br /&gt;
Download podcasts that interests you. AntennaPod has a feature that can auto-download content when they are available.&lt;br /&gt;
|&lt;br /&gt;
|-&lt;br /&gt;
|General Real Life Helpers&lt;br /&gt;
|You can download the multi-purpose Trail Sense app. It has features you will need when outside. Compass, turning paper maps into digital ones with GPS, checking whatever a surface is really flat, convert between units, metal detector, mirror mode (so you do not take accidental selfies), save the path you walked, ruler, QR scanner, white noise and more. It has a built-in survival guide too for emergencies.&lt;br /&gt;
There is an app similar to Trail Sense called Phyphox. It is mostly intended for science experiments. It allows you to use your phone sensors to measure anything your phone supports.&lt;br /&gt;
&lt;br /&gt;
The other useful app is Survival Manual. The name explains all.&lt;br /&gt;
&lt;br /&gt;
Also there are many apps that extend the core features of a phone. Arity calculator has a 3D graph feature which might be useful for visualizing data. Some calculator apps offer currency conversion even when you are offline by caching up to date indexes automatically. &lt;br /&gt;
|&lt;br /&gt;
|-&lt;br /&gt;
|Memory Helpers&lt;br /&gt;
|A note taking app and a password manager is very helpful outside. For noting I use QuillPad. For passwords I use KeepassDX. You can prefer Bitwarden for easier sync. They should be able to run offline and sync only when you connect to a network.&lt;br /&gt;
|&lt;br /&gt;
|-&lt;br /&gt;
|Wallet App&lt;br /&gt;
|You can use OSS Card Wallet to remember your card details even if you don&#039;t have them outside.&lt;br /&gt;
|&lt;br /&gt;
|-&lt;br /&gt;
|NFC/IR stuff&lt;br /&gt;
|Niche stuff but sometimes helpful. You can create a copy of your public transport card if you ever lose it. Depends on your public transport solution. &lt;br /&gt;
About IR, I rarely use it to control air conditioners when nobody is able to find the remote for some reason.&lt;br /&gt;
|&lt;br /&gt;
|-&lt;br /&gt;
|File transfer&lt;br /&gt;
|Consider installing LocalSend to you and your friends phones. So you can transfer files easily if you are on same Wi-Fi network (you can always use your hotspot too).&lt;br /&gt;
|&lt;br /&gt;
|}&lt;/div&gt;</summary>
		<author><name>Admin</name></author>
	</entry>
	<entry>
		<id>https://wiki.n216.dedyn.io/index.php?title=The_Offline-First_Mobile_Setup&amp;diff=31</id>
		<title>The Offline-First Mobile Setup</title>
		<link rel="alternate" type="text/html" href="https://wiki.n216.dedyn.io/index.php?title=The_Offline-First_Mobile_Setup&amp;diff=31"/>
		<updated>2026-05-17T18:25:03Z</updated>

		<summary type="html">&lt;p&gt;Admin: /* What do you need from a phone? */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== Offline-First Emergency and Private Phone Setup ==&lt;br /&gt;
Most of the tracking by companies are done using online connections. So the fastest and easiest way to prevent that is to take your phone into airplane mode, assuming your phone manufacturer didn&#039;t put any backdoors in airplane mode function (they probably did, but it is still a valuable feature).&lt;br /&gt;
&lt;br /&gt;
If you have root, you can use a feature of AFWall+ to prevent apps from accessing internet without having to give VPN slot to it or its alternatives. Alternatively you can use root to remove the internet permission from apps. Some ROMs like HyperOS (aka MIUI) and Graphene OS allows you to do this without having root. It also reduces mobile data usage and cost.&lt;br /&gt;
&lt;br /&gt;
The second use case for going offline-first is being able to use your phone in an emergency when internet services are not available (examples include earthquakes and regular service disruptions an ISP/GSM can have).&lt;br /&gt;
&lt;br /&gt;
Third use case is you are guaranteeing being able to access what is necessary for you in a censorship situation. What you already downloaded can not be deleted remotely in most cases (there was a case when Huawei phones deleted photos from peoples gallery to censor info related to protests).&lt;br /&gt;
&lt;br /&gt;
=== What do you need from a phone? ===&lt;br /&gt;
Put your phone away and think what will you miss first if it didn&#039;t even existed. Here is a table of what I thought and solutions I found:&lt;br /&gt;
{| class=&amp;quot;wikitable sortable&amp;quot;&lt;br /&gt;
|+&lt;br /&gt;
!What do I need?&lt;br /&gt;
!Description and Solution&lt;br /&gt;
!Download Link&lt;br /&gt;
|-&lt;br /&gt;
|Being able to research information&lt;br /&gt;
|Internet is a valuable research tool. We will download the information before needing it to solve this issue. Download Kiwix in your phone. Then download sources which you think it will be useful. My recommendations are:&lt;br /&gt;
&lt;br /&gt;
* Wikipedia: Try to download the largest edition of Wikipedia from the list. It will cost a lot of storage. But it worths it since you can use it as a dictionary too. You can download Wiktionary too if you want a separate dictionary.&lt;br /&gt;
* Gutenberg Project: Collection of books in a single file.&lt;br /&gt;
* StackOverFlow/StackExchange collection: If you have a computer you need to fix, consider adding them to help you.&lt;br /&gt;
* Arch/Alpine/Gentoo Wiki: Specialized wikis when you need Linux manuals.&lt;br /&gt;
* iFixit: Hardware repair guides.&lt;br /&gt;
* Xkcd: Nerdy comics.&lt;br /&gt;
&lt;br /&gt;
This should cover most needs. You can always download more resources afterwards.&lt;br /&gt;
&lt;br /&gt;
If you want to have a separate dictionary app, consider installing Aard2 or QuickDic. They are faster for day to day use.&lt;br /&gt;
&lt;br /&gt;
You may want to download Linux Command Library app to look up useful commands faster.&lt;br /&gt;
&lt;br /&gt;
There is a dedicated app called WTF for checking abbreviations meaning.&lt;br /&gt;
|&lt;br /&gt;
|-&lt;br /&gt;
|Communication&lt;br /&gt;
|Phones original reason to exist. Connecting people. &lt;br /&gt;
You can use Briar to send messages without needing internet but you will need to convince other people to install it too. Briar can send messages using Wi-Fi, Bluetooth and Tor (if you want internet as a fallback). If your city has many people using Briar, the coverage and range will be better.  &lt;br /&gt;
&lt;br /&gt;
Alternatively you can use Meshtastic devices paired to your phone if there are volunteer-run MeshTastic antennas near you. &lt;br /&gt;
&lt;br /&gt;
If you are not sure about coverage of Briar/Meshtastic or just want a fallback, consider RCS or encrypted SMS. They are not the most secure or private methods. But as long as you have a signal they will work. DO NOT use SMS without encryption if you want contents of the message to be private. RCS sadly only works on proprietary messengers like Google Messages or Samsung Messages. Encrypted SMS can be used by installing one of these apps (you will need to convinve your contacts to install these apps too):&lt;br /&gt;
&lt;br /&gt;
* DekuSMS: E2EE for SMS messages. Needs Android 7 or later. Image sharing over SMS (not MMS)&lt;br /&gt;
* Silence: Not updated anymore. Fork of an old Signal version. E2EE SMS. Supports SMS over VoWiFi. Android 6 or later. Latest version is crashing so download an older build.&lt;br /&gt;
* KryptEY: If any of these apps don&#039;t work for you, there is KryptEY. It is an innovative app that can turn any chat app into an E2EE one by auto encypting/decrypting messages and being your secondary keyboard. Uses Signal encryption too. Switching between keyboards may be exhausting for your contacts so choose if there are no other options.&lt;br /&gt;
|&lt;br /&gt;
|-&lt;br /&gt;
|Navigation&lt;br /&gt;
|Being able to navigate without doxxing yourself to GSM towers is important. This means your location will be known by one less entity. Also do not trust coverage of your GSM, it can just fail (only trust it as a fallback). Use CoMaps (fork of Organic Maps) or OSMAnd+ and download maps for your city and other places you can been to. CoMaps doesn&#039;t have bus routes support still afaik so I keep both apps installed just in case. If you need a nice UI and bus support, you can try using MapsMe but it is proprietary.&lt;br /&gt;
|&lt;br /&gt;
|-&lt;br /&gt;
|Using LLMs (maybe)&lt;br /&gt;
|If your phone has a powerful CPU and plenty of RAM you can try running LLMs on it. It can be sometimes faster to ask an LLM instead of searching inside archives. The con here being heavy battery usage and risk of hallucination by LLM software. Install Maid app.&lt;br /&gt;
|&lt;br /&gt;
|-&lt;br /&gt;
|Translation&lt;br /&gt;
|Translators are useful especially between English and your main tongue. You can use Offline Translator. It is not the best but it will do the job. &lt;br /&gt;
You can still use Google/Yandex Translates offline translation feature but they are proprietary.&lt;br /&gt;
|&lt;br /&gt;
|-&lt;br /&gt;
|Entertainment&lt;br /&gt;
|I use LibreTorrent to download movies into my phone for later viewing. If there are no torrents for them I use 1DM (proprietary) to scrape movie websites. &lt;br /&gt;
For games I have RetroArch with several game packs installed for several emulators. You can download other games like DroidFish (Chess Engine) and Luanti too. I try to choose sandbox or board games since they are replayable anytime.&lt;br /&gt;
You may download news articles that interests you to read. I was using Hacki (HackerNews client) to download tech related news and read when I need to pass time outside. Most RSS readers (I recommend Feeder and Readrops) allow you to read articles offline and then sync read status with your computers.&lt;br /&gt;
&lt;br /&gt;
You can use your phone as a ebook reader too. I was using KOReader and ReadEra (proprietary) to read my ebooks.&lt;br /&gt;
&lt;br /&gt;
Download local music onto your phone. So you can listen anytime. YouTube Music (proprietary) has a feature called &amp;quot;Smart Downloads&amp;quot; that automatically downloads songs you may like. Kreate caches the songs you have listened to for offline listening. But the best method is just downloading songs using tools like Lucida or SquidWTF into your phone. You can use NewPipe or YTDLnis/Seal to download songs from YouTube. Then install a player like VLC to listen to them. Other proprietary apps like Spotify can remove songs from your device if you connect to their servers at any time for copyright and other purposes.&lt;br /&gt;
&lt;br /&gt;
Download podcasts that interests you. AntennaPod has a feature that can auto-download content when they are available.&lt;br /&gt;
|&lt;br /&gt;
|-&lt;br /&gt;
|General Real Life Helpers&lt;br /&gt;
|You can download the multi-purpose Trail Sense app. It has features you will need when outside. Compass, turning paper maps into digital ones with GPS, checking whatever a surface is really flat, convert between units, metal detector, mirror mode (so you do not take accidental selfies), save the path you walked, ruler, QR scanner, white noise and more. It has a built-in survival guide too for emergencies.&lt;br /&gt;
There is an app similar to Trail Sense called Phyphox. It is mostly intended for science experiments. It allows you to use your phone sensors to measure anything your phone supports.&lt;br /&gt;
The other useful app is Survival Manual. The name explains all.&lt;br /&gt;
&lt;br /&gt;
Also there are many apps that extend the core features of a phone. Arity calculator has a 3D graph feature which might be useful for visualizing data. Some calculator apps offer currency conversion even when you are offline by caching up to date indexes automatically. &lt;br /&gt;
|&lt;br /&gt;
|-&lt;br /&gt;
|Memory Helpers&lt;br /&gt;
|A note taking app and a password manager is very helpful outside. For noting I use QuillPad. For passwords I use KeepassDX. You can prefer Bitwarden for easier sync. They should be able to run offline and sync only when you connect to a network.&lt;br /&gt;
|&lt;br /&gt;
|-&lt;br /&gt;
|Wallet App&lt;br /&gt;
|You can use OSS Card Wallet to remember your card details even if you don&#039;t have them outside.&lt;br /&gt;
|&lt;br /&gt;
|-&lt;br /&gt;
|NFC/IR stuff&lt;br /&gt;
|Niche stuff but sometimes helpful. You can create a copy of your public transport card if you ever lose it. Depends on your public transport solution. &lt;br /&gt;
About IR, I rarely use it to control air conditioners when nobody is able to find the remote for some reason.&lt;br /&gt;
|&lt;br /&gt;
|-&lt;br /&gt;
|File transfer&lt;br /&gt;
|Consider installing LocalSend to you and your friends phones. So you can transfer files easily if you are on same Wi-Fi network (you can always use your hotspot too).&lt;br /&gt;
|&lt;br /&gt;
|}&lt;/div&gt;</summary>
		<author><name>Admin</name></author>
	</entry>
	<entry>
		<id>https://wiki.n216.dedyn.io/index.php?title=The_Offline-First_Mobile_Setup&amp;diff=30</id>
		<title>The Offline-First Mobile Setup</title>
		<link rel="alternate" type="text/html" href="https://wiki.n216.dedyn.io/index.php?title=The_Offline-First_Mobile_Setup&amp;diff=30"/>
		<updated>2026-05-17T18:22:50Z</updated>

		<summary type="html">&lt;p&gt;Admin: /* What do you need from a phone? */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== Offline-First Emergency and Private Phone Setup ==&lt;br /&gt;
Most of the tracking by companies are done using online connections. So the fastest and easiest way to prevent that is to take your phone into airplane mode, assuming your phone manufacturer didn&#039;t put any backdoors in airplane mode function (they probably did, but it is still a valuable feature).&lt;br /&gt;
&lt;br /&gt;
If you have root, you can use a feature of AFWall+ to prevent apps from accessing internet without having to give VPN slot to it or its alternatives. Alternatively you can use root to remove the internet permission from apps. Some ROMs like HyperOS (aka MIUI) and Graphene OS allows you to do this without having root. It also reduces mobile data usage and cost.&lt;br /&gt;
&lt;br /&gt;
The second use case for going offline-first is being able to use your phone in an emergency when internet services are not available (examples include earthquakes and regular service disruptions an ISP/GSM can have).&lt;br /&gt;
&lt;br /&gt;
Third use case is you are guaranteeing being able to access what is necessary for you in a censorship situation. What you already downloaded can not be deleted remotely in most cases (there was a case when Huawei phones deleted photos from peoples gallery to censor info related to protests).&lt;br /&gt;
&lt;br /&gt;
=== What do you need from a phone? ===&lt;br /&gt;
Put your phone away and think what will you miss first if it didn&#039;t even existed. Here is a table of what I thought and solutions I found:&lt;br /&gt;
{| class=&amp;quot;wikitable sortable&amp;quot;&lt;br /&gt;
|+&lt;br /&gt;
!What do I need?&lt;br /&gt;
!Description and Solution&lt;br /&gt;
!Download Link&lt;br /&gt;
|-&lt;br /&gt;
|Being able to research information&lt;br /&gt;
|Internet is a valuable research tool. We will download the information before needing it to solve this issue. Download Kiwix in your phone. Then download sources which you think it will be useful. My recommendations are:&lt;br /&gt;
&lt;br /&gt;
* Wikipedia: Try to download the largest edition of Wikipedia from the list. It will cost a lot of storage. But it worths it since you can use it as a dictionary too. You can download Wiktionary too if you want a separate dictionary.&lt;br /&gt;
* Gutenberg Project: Collection of books in a single file.&lt;br /&gt;
* StackOverFlow/StackExchange collection: If you have a computer you need to fix, consider adding them to help you.&lt;br /&gt;
* Arch/Alpine/Gentoo Wiki: Specialized wikis when you need Linux manuals.&lt;br /&gt;
* iFixit: Hardware repair guides.&lt;br /&gt;
* Xkcd: Nerdy comics.&lt;br /&gt;
&lt;br /&gt;
This should cover most needs. You can always download more resources afterwards.&lt;br /&gt;
&lt;br /&gt;
If you want to have a separate dictionary app, consider installing Aard2 or QuickDic. They are faster for day to day use.&lt;br /&gt;
&lt;br /&gt;
You may want to download Linux Command Library app to look up useful commands faster.&lt;br /&gt;
&lt;br /&gt;
There is a dedicated app called WTF for checking abbreviations meaning.&lt;br /&gt;
|&lt;br /&gt;
|-&lt;br /&gt;
|Communication&lt;br /&gt;
|Phones original reason to exist. Connecting people. &lt;br /&gt;
You can use Briar to send messages without needing internet but you will need to convince other people to install it too. Briar can send messages using Wi-Fi, Bluetooth and Tor (if you want internet as a fallback). If your city has many people using Briar, the coverage and range will be better.  &lt;br /&gt;
&lt;br /&gt;
Alternatively you can use Meshtastic devices paired to your phone if there are volunteer-run MeshTastic antennas near you. &lt;br /&gt;
&lt;br /&gt;
If you are not sure about coverage of Briar/Meshtastic or just want a fallback, consider RCS or encrypted SMS. They are not the most secure or private methods. But as long as you have a signal they will work. DO NOT use SMS without encryption if you want contents of the message to be private. RCS sadly only works on proprietary messengers like Google Messages or Samsung Messages. Encrypted SMS can be used by installing one of these apps (you will need to convinve your contacts to install these apps too):&lt;br /&gt;
&lt;br /&gt;
* DekuSMS: E2EE for SMS messages. Needs Android 7 or later. Image sharing over SMS (not MMS)&lt;br /&gt;
* Silence: Not updated anymore. Fork of an old Signal version. E2EE SMS. Supports SMS over VoWiFi. Android 6 or later. Latest version is crashing so download an older build.&lt;br /&gt;
* KryptEY: If any of these apps don&#039;t work for you, there is KryptEY. It is an innovative app that can turn any chat app into an E2EE one by auto encypting/decrypting messages and being your secondary keyboard. Uses Signal encryption too. Switching between keyboards may be exhausting for your contacts so choose if there are no other options.&lt;br /&gt;
|&lt;br /&gt;
|-&lt;br /&gt;
|Navigation&lt;br /&gt;
|Being able to navigate without doxxing yourself to GSM towers is important. This means your location will be known by one less entity. Also do not trust coverage of your GSM, it can just fail (only trust it as a fallback). Use CoMaps (fork of Organic Maps) or OSMAnd+ and download maps for your city and other places you can been to. CoMaps doesn&#039;t have bus routes support still afaik so I keep both apps installed just in case. If you need a nice UI and bus support, you can try using MapsMe but it is proprietary.&lt;br /&gt;
|&lt;br /&gt;
|-&lt;br /&gt;
|Using LLMs (maybe)&lt;br /&gt;
|If your phone has a powerful CPU and plenty of RAM you can try running LLMs on it. It can be sometimes faster to ask an LLM instead of searching inside archives. The con here being heavy battery usage and risk of hallucination by LLM software. Install Maid app.&lt;br /&gt;
|&lt;br /&gt;
|-&lt;br /&gt;
|Translation&lt;br /&gt;
|Translators are useful especially between English and your main tongue. You can use Offline Translator. It is not the best but it will do the job. &lt;br /&gt;
You can still use Google/Yandex Translates offline translation feature but they are proprietary.&lt;br /&gt;
|&lt;br /&gt;
|-&lt;br /&gt;
|Entertainment&lt;br /&gt;
|I use LibreTorrent to download movies into my phone for later viewing. If there are no torrents for them I use 1DM (proprietary) to scrape movie websites. &lt;br /&gt;
For games I have RetroArch with several game packs installed for several emulators. You can download other games like DroidFish (Chess Engine) and Luanti too. I try to choose sandbox or board games since they are replayable anytime.&lt;br /&gt;
You may download news articles that interests you to read. I was using Hacki (HackerNews client) to download tech related news and read when I need to pass time outside. Most RSS readers (I recommend Feeder and Readrops) allow you to read articles offline and then sync read status with your computers.&lt;br /&gt;
&lt;br /&gt;
You can use your phone as a ebook reader too. I was using KOReader and ReadEra (proprietary) to read my ebooks.&lt;br /&gt;
&lt;br /&gt;
Download local music onto your phone. So you can listen anytime. YouTube Music (proprietary) has a feature called &amp;quot;Smart Downloads&amp;quot; that automatically downloads songs you may like. Kreate caches the songs you have listened to for offline listening. But the best method is just downloading songs using tools like Lucida or SquidWTF into your phone. You can use NewPipe or YTDLnis/Seal to download songs from YouTube. Then install a player like VLC to listen to them. Other proprietary apps like Spotify can remove songs from your device if you connect to their servers at any time for copyright and other purposes.&lt;br /&gt;
&lt;br /&gt;
Download podcasts that interests you. AntennaPod has a feature that can auto-download content when they are available.&lt;br /&gt;
|&lt;br /&gt;
|-&lt;br /&gt;
|General Real Life Helpers&lt;br /&gt;
|You can download the multi-purpose Trail Sense app. It has features you will need when outside. Compass, turning paper maps into digital ones with GPS, checking whatever a surface is really flat, convert between units, metal detector, mirror mode (so you do not take accidental selfies), save the path you walked, ruler, QR scanner, white noise and more. It has a built-in survival guide too for emergencies.&lt;br /&gt;
The other useful app is Survival Manual. The name explains all.&lt;br /&gt;
&lt;br /&gt;
Also there are many apps that extend the core features of a phone. Arity calculator has a 3D graph feature which might be useful for visualizing data. Some calculator apps offer currency conversion even when you are offline by caching up to date indexes automatically. &lt;br /&gt;
|&lt;br /&gt;
|-&lt;br /&gt;
|Memory Helpers&lt;br /&gt;
|A note taking app and a password manager is very helpful outside. For noting I use QuillPad. For passwords I use KeepassDX. You can prefer Bitwarden for easier sync. They should be able to run offline and sync only when you connect to a network.&lt;br /&gt;
|&lt;br /&gt;
|-&lt;br /&gt;
|Wallet App&lt;br /&gt;
|You can use OSS Card Wallet to remember your card details even if you don&#039;t have them outside.&lt;br /&gt;
|&lt;br /&gt;
|-&lt;br /&gt;
|NFC/IR stuff&lt;br /&gt;
|Niche stuff but sometimes helpful. You can create a copy of your public transport card if you ever lose it. Depends on your public transport solution. &lt;br /&gt;
About IR, I rarely use it to control air conditioners when nobody is able to find the remote for some reason.&lt;br /&gt;
|&lt;br /&gt;
|-&lt;br /&gt;
|File transfer&lt;br /&gt;
|Consider installing LocalSend to you and your friends phones. So you can transfer files easily if you are on same Wi-Fi network (you can always use your hotspot too).&lt;br /&gt;
|&lt;br /&gt;
|}&lt;/div&gt;</summary>
		<author><name>Admin</name></author>
	</entry>
	<entry>
		<id>https://wiki.n216.dedyn.io/index.php?title=The_Offline-First_Mobile_Setup&amp;diff=29</id>
		<title>The Offline-First Mobile Setup</title>
		<link rel="alternate" type="text/html" href="https://wiki.n216.dedyn.io/index.php?title=The_Offline-First_Mobile_Setup&amp;diff=29"/>
		<updated>2026-05-17T17:29:33Z</updated>

		<summary type="html">&lt;p&gt;Admin: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== Offline-First Emergency and Private Phone Setup ==&lt;br /&gt;
Most of the tracking by companies are done using online connections. So the fastest and easiest way to prevent that is to take your phone into airplane mode, assuming your phone manufacturer didn&#039;t put any backdoors in airplane mode function (they probably did, but it is still a valuable feature).&lt;br /&gt;
&lt;br /&gt;
If you have root, you can use a feature of AFWall+ to prevent apps from accessing internet without having to give VPN slot to it or its alternatives. Alternatively you can use root to remove the internet permission from apps. Some ROMs like HyperOS (aka MIUI) and Graphene OS allows you to do this without having root. It also reduces mobile data usage and cost.&lt;br /&gt;
&lt;br /&gt;
The second use case for going offline-first is being able to use your phone in an emergency when internet services are not available (examples include earthquakes and regular service disruptions an ISP/GSM can have).&lt;br /&gt;
&lt;br /&gt;
Third use case is you are guaranteeing being able to access what is necessary for you in a censorship situation. What you already downloaded can not be deleted remotely in most cases (there was a case when Huawei phones deleted photos from peoples gallery to censor info related to protests).&lt;br /&gt;
&lt;br /&gt;
=== What do you need from a phone? ===&lt;br /&gt;
Put your phone away and think what will you miss first if it didn&#039;t even existed. Here is a table of what I thought and solutions I found:&lt;br /&gt;
{| class=&amp;quot;wikitable sortable&amp;quot;&lt;br /&gt;
|+&lt;br /&gt;
!What do I need?&lt;br /&gt;
!Description and Solution&lt;br /&gt;
!Download Link&lt;br /&gt;
|-&lt;br /&gt;
|Being able to research information&lt;br /&gt;
|Internet is a valuable research tool. We will download the information before needing it to solve this issue. Download Kiwix in your phone. Then download sources which you think it will be useful. My recommendations are:&lt;br /&gt;
&lt;br /&gt;
* Wikipedia: Try to download the largest edition of Wikipedia from the list. It will cost a lot of storage. But it worths it since you can use it as a dictionary too. You can download Wiktionary too if you want a separate dictionary.&lt;br /&gt;
* Gutenberg Project: Collection of books in a single file.&lt;br /&gt;
* StackOverFlow/StackExchange collection: If you have a computer you need to fix, consider adding them to help you.&lt;br /&gt;
* Arch/Alpine/Gentoo Wiki: Specialized wikis when you need Linux manuals.&lt;br /&gt;
* iFixit: Hardware repair guides.&lt;br /&gt;
* Xkcd: Nerdy comics.&lt;br /&gt;
&lt;br /&gt;
This should cover most needs. You can always download more resources afterwards.&lt;br /&gt;
&lt;br /&gt;
If you want to have a separate dictionary app, consider installing Aard2 or QuickDic. They are faster for day to day use.&lt;br /&gt;
&lt;br /&gt;
You may want to download Linux Command Library app to look up useful commands faster.&lt;br /&gt;
&lt;br /&gt;
There is a dedicated app called WTF for checking abbreviations meaning.&lt;br /&gt;
|&lt;br /&gt;
|-&lt;br /&gt;
|Communication&lt;br /&gt;
|Phones original reason to exist. Connecting people. &lt;br /&gt;
You can use Briar to send messages without needing internet but you will need to convince other people to install it too. Briar can send messages using Wi-Fi, Bluetooth and Tor (if you want internet as a fallback). If your city has many people using Briar, the coverage and range will be better. &lt;br /&gt;
Alternatively you can use Meshtastic devices paired to your phone if there are volunteer-run MeshTastic antennas near you. &lt;br /&gt;
&lt;br /&gt;
If you are not sure about coverage of Briar/Meshtastic or just want a fallback, consider RCS or encrypted SMS. They are not the most secure or private methods. But as long as you have a signal they will work. DO NOT use SMS without encryption if you want contents of the message to be private. RCS sadly only works on proprietary messengers like Google Messages or Samsung Messages. Encrypted SMS can be used by installing one of these apps (you will need to convinve your contacts to install these apps too):&lt;br /&gt;
&lt;br /&gt;
* DekuSMS: E2EE for SMS messages. Needs Android 7 or later. Image sharing over SMS (not MMS)&lt;br /&gt;
* Silence: Not updated anymore. Fork of an old Signal version. E2EE SMS. Supports SMS over VoLTE. Android 6 or later. Latest version is crashing so download an older build.&lt;br /&gt;
* KryptEY: If any of these apps don&#039;t work for you, there is KryptEY. It is an innovative app that can turn any chat app into an E2EE one by auto encypting/decrypting messages and being your secondary keyboard. Uses Signal encryption too. Switching between keyboards may be exhausting for your contacts so choose if there are no other options.&lt;br /&gt;
|&lt;br /&gt;
|-&lt;br /&gt;
|Navigation&lt;br /&gt;
|Being able to navigate without doxxing yourself to GSM towers is important. That means your location will be known by one less entity. Also do not trust coverage of your GSM, it can just fail (only trust it as a fallback). Use CoMaps (fork of Organic Maps) or OSMAnd+ and download maps for your city and other places you can been to. CoMaps doesn&#039;t have bus routes support still afaik so I keep both apps installed just in case. If you need a nice UI and bus support, you can try using MapsMe but it is proprietary.&lt;br /&gt;
|&lt;br /&gt;
|-&lt;br /&gt;
|Using LLMs?&lt;br /&gt;
|If your phone has a powerful CPU and plenty of RAM you can try running LLMs on it. It can be sometimes faster to ask an LLM instead of searching inside archives. The con here being heavy battery usage and risk of hallucination by LLM software. Install Maid app.&lt;br /&gt;
|&lt;br /&gt;
|-&lt;br /&gt;
|Translation&lt;br /&gt;
|Especially between English and your main tongue. You can use Offline Translator. It is not the best but it will do the job. You can still use Google/Yandex Translates offline translation feature but they are proprietary.&lt;br /&gt;
|&lt;br /&gt;
|-&lt;br /&gt;
|Entertainment&lt;br /&gt;
|I use LibreTorrent to download movies into my phone for later viewing. For games I have RetroArch with several game packs installed for several emulators. You can download other games like DroidFish (Chess Engine) and Luanti too. I try to choose sandbox or board games since they are replayable anytime.&lt;br /&gt;
You may download news articles that interests you to read. I was using Hacki (HackerNews client) to download tech related news and read when I need to pass time outside. Most RSS readers (I recommend Feeder and Readrops) allow you to read articles offline and then sync read status with your computers.&lt;br /&gt;
&lt;br /&gt;
You can use your phone as a ebook reader too. I was using KOReader and ReadEra (proprietary) to read my ebooks.&lt;br /&gt;
&lt;br /&gt;
Download local music onto your phone. So you can listen anytime. YouTube Music (proprietary) has a feature called &amp;quot;Smart Downloads&amp;quot; that automatically downloads songs you may like. Kreate caches the songs you have listened to. But the best method is just downloading songs using tools like Lucida or SquidWTF into your phone. You can use NewPipe or YTDLnis/Seal to download songs from YouTube. Then install a player like VLC to listen to them. Other proprietary apps like Spotify can remove songs from your device if you connect to their servers at any time.&lt;br /&gt;
&lt;br /&gt;
Download podcasts that interests you. AntennaPod has a feature that can auto-download content when they are available.&lt;br /&gt;
|&lt;br /&gt;
|-&lt;br /&gt;
|General Real Life Helpers&lt;br /&gt;
|You can download the multi-purpose Trail Sense app. It has features you will need when outside. Compass, turning paper maps into digital ones with GPS, checking whatever a surface is really flat, convert between units, metal detector, mirror mode (so you do not take accidental selfies), save the path you walked, ruler, QR scanner, white noise and more. It has a built-in survival guide too for emergencies.&lt;br /&gt;
The other useful app is Survival Manual. The name explains all.&lt;br /&gt;
&lt;br /&gt;
Also there are many apps that extend the core features of a phone. Arity calculator has a 3D graph feature which might be useful for visualizing data. &lt;br /&gt;
|&lt;br /&gt;
|-&lt;br /&gt;
|Memory Helpers&lt;br /&gt;
|A note taking app and a password manager is very helpful outside. For noting I use QuillPad. For passwords I use KeepassDX. You can prefer Bitwarden for easier sync. They should be able to run offline and sync only when you connect to a network.&lt;br /&gt;
|&lt;br /&gt;
|-&lt;br /&gt;
|Wallet App&lt;br /&gt;
|You can use OSS Card Wallet to remember your card details even if you don&#039;t have them outside.&lt;br /&gt;
|&lt;br /&gt;
|-&lt;br /&gt;
|NFC/IR stuff&lt;br /&gt;
|Niche stuff but sometimes helpful. You can create a copy of your public transport card if you ever lose it. Depends on your public transport solution. &lt;br /&gt;
About IR, I rarely use it to control air conditioners when nobody is able to find the remote for some reason.&lt;br /&gt;
|&lt;br /&gt;
|-&lt;br /&gt;
|File transfer&lt;br /&gt;
|Consider installing LocalSend to you and your friends phones. So you can transfer files easily if you are on same Wi-Fi network (you can always use your hotspot too).&lt;br /&gt;
|&lt;br /&gt;
|}&lt;/div&gt;</summary>
		<author><name>Admin</name></author>
	</entry>
	<entry>
		<id>https://wiki.n216.dedyn.io/index.php?title=The_Offline-First_Mobile_Setup&amp;diff=28</id>
		<title>The Offline-First Mobile Setup</title>
		<link rel="alternate" type="text/html" href="https://wiki.n216.dedyn.io/index.php?title=The_Offline-First_Mobile_Setup&amp;diff=28"/>
		<updated>2026-05-17T12:57:33Z</updated>

		<summary type="html">&lt;p&gt;Admin: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== Offline-First Emergency and Private Phone Setup ==&lt;br /&gt;
Most of the tracking by companies are done using online connections. So the fastest and easiest way to prevent that is to take your phone into airplane mode, assuming your phone manufacturer didn&#039;t put any backdoors in airplane mode function (they probably did, but it is still a valuable feature).&lt;br /&gt;
&lt;br /&gt;
The second use case for going offline-first is being able to use your phone in an emergency when internet services are not available (examples include earthquakes and regular service disruptions an ISP/GSM can have).&lt;br /&gt;
&lt;br /&gt;
Third use case is you are guaranteeing being able to access what is necessary for you in a censorship situation. What you already downloaded can not be deleted remotely in most cases (there was a case Huawei phones deleting photos from peoples gallery apps to censor info related to protests).&lt;br /&gt;
&lt;br /&gt;
=== What do you need from a phone? ===&lt;br /&gt;
Put your phone away and think what will you miss first if it didn&#039;t even existed. Here is a table of what I thought and solutions I found:&lt;br /&gt;
{| class=&amp;quot;wikitable sortable&amp;quot;&lt;br /&gt;
|+&lt;br /&gt;
!What do I need?&lt;br /&gt;
!Description and Solution&lt;br /&gt;
!Download Link&lt;br /&gt;
|-&lt;br /&gt;
|Being able to research information&lt;br /&gt;
|Internet is a valuable research tool. We will download the information before needing it to solve this issue. Download Kiwix in your phone. Then download sources which you think it will be useful. My recommendations are:&lt;br /&gt;
&lt;br /&gt;
* Wikipedia: Try to download the largest edition of Wikipedia from the list. It will cost a lot of storage. But it worths it since you can use it as a dictionary too. You can download Wiktionary too if you want a separate dictionary.&lt;br /&gt;
* Gutenberg Project: A lot of books, costs 71GB as of writing this.&lt;br /&gt;
* StackOverFlow/StackExchange collection: If you have a computer you need to fix, consider adding them to help you.&lt;br /&gt;
* Arch/Alpine/Gentoo Wiki: Specialized wikis when you need Linux manuals.&lt;br /&gt;
* iFixit: Hardware repair guides.&lt;br /&gt;
* Xkcd: If you are bored you can look at several Xkcd comics and move on.&lt;br /&gt;
&lt;br /&gt;
This should cover most needs. You can always download more resources afterwards.&lt;br /&gt;
&lt;br /&gt;
If you want to have a faster dictionary app, consider installing Aard2 or QuickDic. They are faster for day to day use.&lt;br /&gt;
&lt;br /&gt;
You may want to download Linux Command Library app to look up useful commands faster.&lt;br /&gt;
&lt;br /&gt;
There is a dedicated app called WTF for checking abbreviations meaning.&lt;br /&gt;
|&lt;br /&gt;
|-&lt;br /&gt;
|Communication&lt;br /&gt;
|Phones original reason to exist. Being able to send messages between people. You can use Briar to send messages without needing internet but you will need to convince other people to install it too. Briar can send messages using WiFi (no internet just LAN), Bluetooth and Tor (if you want internet as a fallback). If your city has many people using Briar, the coverage and range will be better. &lt;br /&gt;
Alternatively you can use Meshtastic devices paired to your phone if there is a volunteer-run MeshTastic antenna near you. &lt;br /&gt;
&lt;br /&gt;
If you are not sure about coverage of Briar/Meshtastic or just want a fallback, consider RCS or encrypted SMS. They are not the most secure or private methods. But as long as you have a signal they will work. DO NOT use SMS without encryption if you want contents of the message to be private. RCS sadly only works on proprietary messengers like Google Messages or Samsung Messages. Encrypted SMS can be used by installing one of these apps (you will need to convinve your contacts to install these apps too):&lt;br /&gt;
&lt;br /&gt;
* DekuSMS: E2EE for SMS messages. Needs Android 7 or later. Image sharing over SMS (not MMS)&lt;br /&gt;
* Silence: Not updated anymore. Fork of an old Signal version. E2EE SMS. Supports SMS over VoLTE. Android 6 or later. Latest version is crashing so download an older build.&lt;br /&gt;
* KryptEY: If any of these apps don&#039;t work for you, there is KryptEY. It is an innovative app that can turn any chat app into an E2EE one by auto encypting/decrypting messages and being your secondary keyboard. Uses Signal encryption too. Switching between keyboards may be exhausting for your contacts so choose if there are no other options.&lt;br /&gt;
|&lt;br /&gt;
|-&lt;br /&gt;
|Navigation&lt;br /&gt;
|Being able to navigate without doxxing yourself to GSM towers is important. That means your location will be known by one less entity. Also do not trust coverage of your GSM, it can just fail (only trust it as a fallback). Use CoMaps (fork of Organic Maps) or OSMAnd+ and download maps for your city and other places you can been to. CoMaps doesn&#039;t have bus routes support still afaik so I keep both apps installed just in case. If you need a nice UI and bus support, you can try using MapsMe but it is proprietary.&lt;br /&gt;
|&lt;br /&gt;
|-&lt;br /&gt;
|Using LLMs?&lt;br /&gt;
|If your phone has a powerful CPU and plenty of RAM you can try running LLMs on it. It can be sometimes faster to ask an LLM instead of searching inside archives I have downloaded. The con here being heavy battery usage and risk of hallucination by LLM software. Install Maid app.&lt;br /&gt;
|&lt;br /&gt;
|-&lt;br /&gt;
|Translation&lt;br /&gt;
|Especially between English and your main tongue. You can use Offline Translator. It is not the best but it will do the job. You can still use Google/Yandex Translates offline translation feature but they are proprietary.&lt;br /&gt;
|&lt;br /&gt;
|-&lt;br /&gt;
|Entertainment&lt;br /&gt;
|Playing games, watching movies etc. I use LibreTorrent to download movies into my phone for later viewing. For games I have RetroArch with several game packs installed for several emulators. You can download other games like DroidFish (Chess Engine) and Luanti too. Try to choose sandbox or board games since they are replayable anytime.&lt;br /&gt;
You may download news articles that interests you to read. I was using Hacki (HackerNews client) to download tech related news and read when I need to pass time outside.&lt;br /&gt;
&lt;br /&gt;
You can use your phone as a ebook reader too. I was using Librera Reader and ReadEra (proprietary) to read my ebooks. It does not count as entertainment but you can download religious texts (Bible, Quran and more) if you want.&lt;br /&gt;
&lt;br /&gt;
Download local music onto your phone. So you can listen anytime. YouTube Music (proprietary) has a feature called &amp;quot;Smart Downloads&amp;quot; that automatically downloads songs you may like. ViMusic and its forks caches the songs you have listened to. But the best method is just downloading songs using tools like Lucida or SquidWTF into your phone. You can use NewPipe or YTDLnis to download songs from YouTube. Then install a player like VLC to listen to them.&lt;br /&gt;
|&lt;br /&gt;
|-&lt;br /&gt;
|General Real Life Helpers&lt;br /&gt;
|You can download the multi-purpose Trail Sense app. It has features you will need when outside. Compass, turning paper maps into digital ones with GPS, checking whatever a surface is really flat, convert between units, metal detector, mirror mode (so you do not take accidental selfies), save the path you walked, ruler, QR scanner, white noise and more. It has a built-in survival guide too for emergencies.&lt;br /&gt;
The other useful app is Survival Manual. The name explains all.&lt;br /&gt;
|&lt;br /&gt;
|-&lt;br /&gt;
|Memory Helpers&lt;br /&gt;
|A note taking app and a password manager is very helpful outside. For noting I use QuillPad. For passwords I use KeepassDX. You can prefer Bitwarden for easier sync. They should be able to run offline and sync only when you connect to a network.&lt;br /&gt;
|&lt;br /&gt;
|-&lt;br /&gt;
|Wallet App&lt;br /&gt;
|You can use OSS Card Wallet to remember your card details even if you don&#039;t have them outside.&lt;br /&gt;
|&lt;br /&gt;
|-&lt;br /&gt;
|NFC/IR stuff&lt;br /&gt;
|Niche stuff but sometimes helpful. You can create a copy of your public transport card if you ever lose it. Depends on your public transport solution. &lt;br /&gt;
About IR, I rarely use it to control air conditioners when nobody is able to find the remote for some reason.&lt;br /&gt;
|&lt;br /&gt;
|-&lt;br /&gt;
|File transfer&lt;br /&gt;
|Consider installing LocalSend to you and your friends phones. So you can transfer files easily if you are on same Wi-Fi network (you can always use your hotspot too).&lt;br /&gt;
|&lt;br /&gt;
|}&lt;/div&gt;</summary>
		<author><name>Admin</name></author>
	</entry>
</feed>