Privacy. Simplified.

As someone building privacy-focused tools and running a web-security agency, I often get asked what else people should use to stay safer online. The answers vary wildly depending on experience and goals. For advanced users, suggesting an ad blocker might feel obvious. For beginners, though, it can be a gateway into an entirely different internet — one with fewer ads, less tracking, and more control.

I’ll break this guide into clear levels based on effort and payoff. I’ll also share my own setup, along with honest pros and cons. Sounds fair? Let’s jump in.

Beginner level. Big quality-of-life gains, almost no friction.

3 browser extensions

• uBlock Origin — long considered the gold standard. I say “was” because support in newer Chromium-based browsers is slowly being phased out. Your options are: use the weaker Lite version, avoid Chromium updates, or switch to Firefox. The extension itself has virtually no downsides and blocks ads while reducing tracking at the same time. 10/10. Don’t browse without it.
• Privacy Badger — works differently than uBlock. It doesn’t focus on ads, but on trackers. Some argue you shouldn’t combine the two; I’ve had excellent results using both. For beginners, there are no real drawbacks. We’ll revisit it later.
• PopUpOFF — yes, my own project. Bias acknowledged. It removes cookie banners and intrusive popups by stripping the overlay entirely. The important part: many tracking scripts never initialize because consent never happens. The tradeoff is aggressiveness — some sites may break — so use it selectively.

There are plenty of other useful extensions, but most either duplicate functionality (like DuckDuckGo Privacy Essentials) or are too niche for beginners, such as NoScript.

2 search engines

Before reacting — remember this is the beginner tier. Reliability and usability still matter.

• Kagi.com — a paid search engine that often delivers better results than Google these days. It’s privacy-first and ad-free. Downsides: it costs money and requires an account, which isn’t ideal for higher privacy levels — but perfectly acceptable here.
• Google (not signed in). Unexpected? If you never log into Google services, combine it with the extensions above, and optionally use incognito with a VPN, the amount of data collected is relatively limited — acceptable for beginners who value results.

You can experiment with alternatives like DuckDuckGo, Brave Search, Qwant, or Startpage, but the results often fall short in practice. I’ve used all of them extensively and couldn’t stick long-term.

1 VPN

There are many solid VPN providers out there. After years of research and hands-on experience, I realistically recommend only two.

• NordVPN — widely advertised, sometimes dismissed for that reason. I recommend it because I worked there and trust what I saw internally. Reliable, fast, and stable over many years of use.
• ProtonVPN — strong reputation and privacy focus. Includes a free tier, which is rare among trustworthy VPNs. Use free VPNs cautiously unless you know what you’re doing.

Results

With this setup, you should notice:

• Almost no ads across most sites — news, search, YouTube, Reddit, and social platforms included.
• Much worse ad targeting. You’re still visible, but instead of precision hits, platforms are guessing.

Interested? There’s more.

Intermediate. Stronger results, higher commitment.

Browsers

Time to talk about browsers. I intentionally skipped this earlier because switching browsers requires real commitment: exporting data, re-logging into services, rebuilding habits. But once you cross that line, there’s rarely any desire to go back — and the privacy gains are worth it.

The biggest challenge here isn’t technical — it’s psychological. The good news is that there are solid options for almost everyone.

• Brave — my first recommendation because it feels almost identical to Chrome or Edge while being far better for privacy. It includes a built-in blocker and strong defaults. Crypto features are enabled out of the box, which can be off-putting — but everything can be disabled, turning it into a clean Chromium experience. uBlock Origin is still supported.
• Firefox — arguably the strongest option for privacy overall. The downside is that it may feel unfamiliar or slightly less polished compared to Chromium browsers. I personally use it daily, but expectations matter. Any Firefox-based browser beats most Chromium ones when it comes to privacy. If you choose Firefox, look up privacy tweaks and install Facebook Container to isolate Meta trackers.
• Ungoogled Chromium — my primary browser for a long time. It offers the Chrome experience without Google’s telemetry. Unfortunately, extension support changes mean I’ve stopped updating it. No sync and manual installs make it less beginner-friendly.

I don’t recommend other mainstream browsers. Opera, Edge, Vivaldi, Yandex, and similar options are closed-source and introduce unnecessary trust risks. Your browser sees almost everything you do online — choose one that earns trust. Firefox is worth the effort.

Email providers

Avoiding major email providers is critical. Companies like Google, Apple, and Microsoft profit from advertising, and email analysis is an incredibly rich data source. Do they use it? Short answer: yes. Long answer: absolutely yes.

There’s only one service I consistently recommend: Proton Mail. I switched years ago and never looked back. Alternatives exist, but Proton remains the most balanced option. Bundling Mail, VPN, Drive, and Calendar also makes sense financially.

I strongly recommend pairing Proton with SimpleLogin (or Proton Pass). Email aliases allow you to generate unique addresses per service, forwarding mail to your inbox while protecting your real address. This improves both privacy and security.

Password managers

Password managers are controversial due to past breaches across the industry. They’re more about security than privacy, but they still matter. Using one is far better than not.

NordPass is what I use and recommend — I worked directly on the product. It also supports email aliasing, which indirectly boosts privacy.

Bitwarden is another solid choice. Proton Pass is promising but still missing advanced features.

Cloud storage

Cloud storage is tricky. Strong encryption often conflicts with convenience and speed, so compromises are inevitable.

• MEGA — a reasonable balance for everyday files and photos. Avoid uploading sensitive documents unless you encrypt them first. Always encrypt private files before uploading anywhere.
• Proton Drive — less polished, but significantly more trustworthy for sensitive data.

Self-hosted solutions offer the best privacy, but they require technical knowledge and ongoing maintenance. For most people, that’s unrealistic.

Uploading unencrypted files to Google Drive or similar platforms allows automated scanning and profiling — even if you assume the content is private.

Messengers

Private messages are extremely valuable data sources. Chats on platforms like Facebook or Instagram reveal more about you than browsing history ever could. Sensitive information should never be shared there.

The challenges are obvious:

• Reach — sometimes there’s simply no alternative way to contact someone. Use these platforms cautiously and avoid sharing sensitive details.
• Security — most popular messengers have experienced leaks or exposures in the past.

The ideal answer would be encrypted, open-source messengers — but adoption matters. If no one you know uses them, privacy becomes isolating.

If possible, suggest Signal or Telegram. They’re not perfect, but they’re far better than mainstream alternatives and widely used.

Results

• Near-zero ad relevance as major data sources are cut off.
• Improved security awareness, even if it wasn’t the main goal.

Advanced. Fading into the background.

Still reading? Respect. This is where things become extreme. We’re talking about removing entire layers of control that large platforms rely on — including your operating system.

Yes, that means learning how to install Linux on your MacBook.

Linux

Linux isn’t one system — it’s a family of operating systems built on the same core. These variants are called distributions, or distros. I’ll suggest two that are relatively easy to live with.

• Ubuntu. One of the most beginner-friendly distros available. Easy to adapt to after Windows or macOS.
• Pop OS!. Built on Ubuntu, more polished visually, and highly customizable. Excellent community support.

Drawbacks to consider:

• Software gaps. Some proprietary apps don’t exist on Linux (Photoshop is a classic example). Open-source alternatives exist for almost everything.
• Terminal usage. Occasionally, fixes require pasting commands into a terminal. If that idea causes stress, Linux may not be for you.

Benefits beyond privacy:

• Try without installing via USB.
• Total control over updates and software.
• Extreme customization.
• Better performance, even on old hardware.
• Minimal malware risk.
• Free and open-source.
• Real server skills transferable to web infrastructure.

That’s where I stop

This isn’t a knowledge limit — it’s a balance choice. Time, effort, and energy matter as much as privacy.

I accept some loss of privacy. I don’t run a custom phone ROM. I use separate browsers for different purposes. I sandbox where it makes sense and stop where it doesn’t.

On Android, I avoid signing in and disable Google services. GrapheneOS tempted me — but I never truly needed it.

Privacy should never come at the cost of relationships. Don’t alienate people because they value convenience more than privacy.

Custom Android ROMs

• GrapheneOS. Pixel-only, best-in-class privacy, full app sandboxing.
• LineageOS. Broader device support, solid overall.
• Linux-based mobile OS. Maximum privacy, minimal usability.

Beyond Linux

Once on Linux, you can self-host almost everything: OpenVPN, Nextcloud, Passbolt — at the cost of maintenance and responsibility.

Offline-first

LibreOffice replaces cloud docs. CryptPad works for rare collaboration. Encrypted local storage beats any cloud by default.

Lose the password — lose the data. That’s the trade.

Be intentional

Even privacy tools can betray trust. Open-source helps, but doesn’t guarantee ethics.

Everything connected collects data — from appliances to cars. Research before you adopt.

Results

• Enjoyment, if you like tinkering.
• Confused looks from others.
• Stronger security, if configured correctly.
• Occasional invisibility, mostly unnoticed.

Beyond reason

Most people don’t need burner phones or self-destructing messages. Convenience collapses fast beyond this point.

• privacyguides.org
• privacytools.io
• r/privacy
• nomoregoogle.com
• r/degoogle

Thanks for reading — this took time to write and refine. If you’d like my take on web security, let me know. Live privately. See you around.