Ted Lee β€” Freedom Through Knowledge

πŸ”’ Personal Privacy Playbook

How I Protect My Privacy

Minimal data footprints, strong encryption, zero-trust habits β€” and the tools I trust with my digital life.

Zero-Trust End-to-End Encrypted No Analytics Bitcoin-Payable VPN No Ads
⚠ Security Posture Elevated: Due to ongoing attacks by hostile users and their AI agents targeting this site ecosystem, security measures across all tedlee.ca subdomains have been significantly increased. Additional encryption layers, stricter access controls, and enhanced monitoring are now active. All VPN and privacy tool recommendations on this page have been updated accordingly β€” including the replacement of Zoog VPN with Obscura VPN, a provably private, no-KYC, Bitcoin-payable solution built for the threat environment we now face.
5
Independent security layers
0
Third-party trackers or ads
AES-256
Encryption standard at rest
6 mo
Maximum log retention
🧭

My Core Principles

Privacy is not a product you buy once β€” it is a discipline you practise continuously. These are the principles that govern every decision I make about my digital life.

πŸ“­
Collect Almost Nothing

I never sign up for services with my real name, address, or phone number unless legally required. Aliases, forwarding addresses, and disposable credentials are the default.

πŸ”
Encrypt End-to-End

If it's private, it's encrypted β€” no exceptions. Messages, files, backups, and passwords are all encrypted before they leave my devices. I never rely on a provider's promise to encrypt for me.

🚫
Zero-Trust by Default

I assume every network, device, or server could be compromised. I never enter sensitive credentials on a public network without a VPN. I treat every email link as potentially malicious until verified.

πŸ”„
Rotate and Replace

Passwords, API keys, and access tokens are rotated regularly. VPN providers are evaluated continuously β€” if a better solution emerges, I switch. Loyalty to convenience is not a principle I hold.

πŸ’¨
Ephemeral Footprints

Logs and temporary files auto-purge after six months. Browsing history is cleared on exit. Where possible, I use ephemeral sessions or Tails OS for sensitive operations that leave no trace.

πŸ—ΊοΈ
Know Your Threat Model

Privacy measures should be proportional to actual risk. I identify who my likely adversaries are β€” data brokers, ad networks, surveillance capitalism, hostile state actors β€” and calibrate my defences accordingly. Perfect privacy does not exist; risk reduction does.

🏝️
Compartmentalise Everything

Different identities for different purposes. Work, personal, and sensitive activities are kept strictly separated β€” different browsers, different email addresses, different devices where warranted. A breach in one compartment does not cascade into others.

🌐

VPN & Network Privacy

β˜… Now Recommended

Obscura VPN β€” Two-Hop Split-Trust Architecture

A provably private VPN built by Bitcoiners. Unlike traditional VPNs where you must trust their no-logs promises, Obscura makes logging architecturally impossible. Your traffic is split across two independent hops β€” Obscura sees your IP but never your traffic; Mullvad exit servers see your traffic but never your IP. No single entity can ever link your identity to your activity.

Pay with Bitcoin Lightning β€” no credit cards, no paper trail
Zero KYC β€” randomised account number only, no email or phone required
QUIC stealth protocol β€” blends with HTTP/3 traffic, defeats censorship filters
WireGuard end-to-end encryption to Mullvad exit servers
Also accepts Monero for maximum payment privacy
Open architecture β€” you can verify the privacy claims yourself
Visit Obscura VPN β†’
β›” Zoog VPN β€” No Longer Recommended. Previously used and recommended. Replaced by Obscura VPN due to Obscura's superior architecture: provably no-logs design, Bitcoin Lightning payments with zero KYC, and the two-hop split-trust model that eliminates the need to trust any single provider. Zoog remains a functional service but cannot match the structural privacy guarantees Obscura provides.

Additional Network Privacy Measures

πŸ§…
Tor Browser
For browser activity I don't want traced back to me. Onion routing provides layered anonymity β€” each relay knows only the previous and next hop. Used alongside Obscura VPN for the most sensitive lookups.
torproject.org β†’
πŸ”Ž
DNS-over-HTTPS
Configured at the router level via NextDNS. Standard DNS queries expose every domain you visit to your ISP in plaintext. DNS-over-HTTPS encrypts those queries and prevents ISP snooping and DNS hijacking.
nextdns.io β†’
🏠
Local Firewall & Router
Network segments are isolated; only explicitly whitelisted devices get internet access. Outbound connections are logged and reviewed. IoT devices live on their own VLAN, isolated from computers.
🧱
Pi-hole / AdGuard Home
Network-wide ad and tracker blocking at the DNS level. Blocks telemetry calls from smart TVs, apps, and devices before they leave the network. Acts as a first-line filter for the entire household.
🌍

Browser & Search Privacy

The browser is the largest attack surface in daily computing. Default browsers from major platforms harvest extensive behavioural data. I treat browser choice and configuration as a first-order privacy decision.

🦊
Firefox β€” Hardened
Primary browser with hardened about:config settings: WebRTC disabled, fingerprinting resistance enabled, all telemetry off, and strict tracking protection. Used with Firefox Multi-Account Containers for identity separation.
firefox.com β†’
🦁
Brave Browser
Chromium-based browser with aggressive ad blocking, fingerprint randomisation, and built-in Tor private windows. Used as a secondary browser for sites that require Chromium compatibility.
brave.com β†’
πŸ›‘οΈ
uBlock Origin
The most effective ad and tracker blocker available. Blocks network requests at the browser level β€” not just cosmetic hiding. Dynamic filtering mode enables per-domain script blocking for sensitive sessions.
ublockorigin.com β†’
πŸ“¦
Firefox Containers
Multi-Account Containers isolate each website in its own identity sandbox. Facebook cannot track you across the web if it runs in a container that shares no cookies or storage with other sites.
πŸ”
Brave Search
Independent search index β€” not Google or Bing underneath. No user profiling, no filter bubble. Used as the default search engine in hardened Firefox.
search.brave.com β†’
πŸ¦†
DuckDuckGo / SearXNG
DDG for casual searches with no tracking. SearXNG for a self-hosted or community meta-search that aggregates results from multiple engines without revealing queries to any single one.
duckduckgo.com β†’
Browser fingerprinting tip: Even with a VPN, websites can identify you through your unique browser fingerprint β€” screen resolution, fonts, installed plugins, and timezone. Check your fingerprint at coveryourtracks.eff.org (by the EFF). Enable fingerprint resistance in Firefox settings.
βœ‰οΈ

Email & Communications Privacy

Email is structurally insecure β€” it was designed in an era when privacy was not a consideration. I treat every email as potentially intercepted unless end-to-end encrypted, and I minimise real email exposure through aliases and encrypted providers.

πŸ”΄
ProtonMail
End-to-end encrypted email based in Switzerland. Emails between ProtonMail users are automatically E2E encrypted. Supports PGP for external encrypted communication. Zero-access encryption at rest.
proton.me β†’
πŸ¦‰
Tutanota
German-based encrypted email provider. Uses its own encryption standard rather than PGP, with full calendar and contacts encryption included. Strong alternative to ProtonMail with an open-source client.
tuta.com β†’
πŸ”—
SimpleLogin / AnonAddy
Email alias services β€” generate unique forwarding addresses for every signup. When a service leaks your alias, you disable that alias without exposing your real inbox. Zero spam reaches the real address.
simplelogin.io β†’
πŸ“±
Signal
Gold standard for encrypted messaging. End-to-end encrypted calls, texts, and file transfers. Enable disappearing messages for sensitive conversations. Used for all private communication.
signal.org β†’
πŸ•ΈοΈ
SimpleX Chat
Messaging with no user IDs β€” no phone number, no username, no account linked to your identity. Uses one-time invitation links for contact exchange. Decentralised and fully open source.
simplex.chat β†’
πŸ”‘
PGP for Email
My public PGP key is published at the bottom of this page. Use it to send me encrypted messages. Any email not PGP-encrypted should be treated as a postcard β€” readable by anyone handling it in transit.
Avoid: Gmail, Outlook, and Yahoo Mail for any sensitive communication. These services scan email content for advertising and may be subject to government data requests. They are convenient β€” not private.
πŸ”‘

Passwords & Authentication

πŸ—„οΈ
Bitwarden
All passwords are random, unique, and vaulted in an encrypted container. End-to-end encrypted, open source, and self-hostable. Zero-knowledge architecture β€” even Bitwarden cannot read your vault.
bitwarden.com β†’
πŸ”
YubiKey β€” Hardware 2FA
Every critical account is locked behind a hardware security key. Phishing-resistant FIDO2/WebAuthn β€” no TOTP codes to intercept. Even if an attacker has your password, they cannot log in without the physical key.
yubico.com β†’
πŸ“²
Authenticator App (TOTP)
Where hardware keys aren't supported, I use an authenticator app (Aegis on Android, Raivo on iOS) rather than SMS 2FA. SMS 2FA is vulnerable to SIM-swapping attacks β€” a documented and growing threat.
🚫
Never SMS-Based 2FA
SIM-swapping attacks allow criminals to receive your SMS verification codes by convincing your carrier to transfer your number. If a service only offers SMS 2FA, it is a security risk. Push for better options.
Password rule: Every account gets a unique, randomly-generated password of at least 20 characters stored only in Bitwarden. Password reuse is the single most exploitable vulnerability in personal security β€” even one reused password on a breached site compromises everything it was used on.
πŸ’»

Device & OS Hardening

The operating system is the foundation of all digital security. A secure browser and VPN mean nothing if the OS underneath is phoning home or contains unpatched vulnerabilities.

🐧
Linux for Daily Use
Linux-based operating systems eliminate Microsoft and Apple telemetry by default. Ubuntu, Fedora, or Debian are good starting points. No forced updates, no diagnostic data phoning home, no ads in the OS.
πŸ‘»
Tails OS for Sensitive Sessions
A live operating system that runs from a USB drive, leaves no trace on the computer it runs on, and routes all traffic through Tor. Used for any activity requiring maximum anonymity. Every session starts clean.
tails.boum.org β†’
🧊
VeraCrypt β€” Disk Encryption
Full-disk encryption and encrypted containers for sensitive files. Open source, audited, and supports hidden volumes for plausible deniability. Anything sensitive lives inside an encrypted container.
veracrypt.fr β†’
βœ‚οΈ
Metadata Stripping
Images and documents contain hidden metadata: GPS coordinates, device model, creation time, author name. Tools like ExifTool and MAT2 strip this metadata before sharing any files publicly or via email.
πŸ”’
Full-Disk Encryption at Rest
All drives β€” internal and external β€” are encrypted with AES-256. If a device is lost or stolen, the data is inaccessible without the decryption key. This is non-negotiable for laptops.
πŸ›‘οΈ
Automatic Updates
OS and software updates are applied promptly. The majority of real-world exploits target known, patched vulnerabilities on systems that haven't been updated. Delaying patches is security negligence.
πŸ“±

Phone Privacy

Smartphones are the most invasive surveillance devices most people carry voluntarily. They contain GPS, microphone, camera, and a continuous record of your location, contacts, and communications β€” all transmitted to servers you don't control. Mitigation requires deliberate choices.

πŸ”οΈ
GrapheneOS
A hardened Android-based OS for Google Pixel phones that removes all Google services and telemetry. Strong sandboxing, enhanced exploit mitigations, and full hardware-backed encryption. The most private Android available.
grapheneos.org β†’
✈️
Airplane Mode Discipline
Phone goes into airplane mode during sensitive conversations, meetings, or when not in use. Disable Bluetooth and Wi-Fi when not actively needed β€” both can be used for location tracking even without GPS.
πŸŽ™οΈ
App Permission Hygiene
Apps get only the minimum permissions they actually need. Microphone and camera permissions are revoked from all apps that don't explicitly require them. Location is set to "never" unless actively navigating.
πŸͺ
Alternative App Stores
F-Droid on Android provides free and open-source apps that have been independently reviewed. Avoids the app store telemetry that comes with Google Play. Many privacy tools are only available through F-Droid.
f-droid.org β†’
πŸ“²
Silent Phone Number
A secondary phone number (VoIP-based, not tied to real identity) for any service requiring phone number verification. This number is never given to banks, government agencies, or any service that may leak it.
🚫
Avoid Smart Assistants
Alexa, Google Assistant, and Siri are always-on microphones in your home transmitting voice data to corporate servers. These devices have no place in a privacy-conscious environment. Keep them out entirely.
πŸ‘οΈ

Physical Security & OpSec

Digital security means nothing if physical security is ignored. Shoulder surfing, camera access, and document theft are real attack vectors. These physical habits reinforce the digital ones.

πŸ“Ί
Camera Covers
Physical covers on all webcams when not in use. Malware targeting webcams is real and documented. A physical cover is the only guarantee β€” software permissions can be bypassed by sophisticated exploits.
πŸ”’
Screen Privacy Filters
Privacy filter films on laptop screens limit the viewing angle to approximately 60 degrees. Anyone sitting beside or behind you in a coffee shop or airport cannot read your screen. Basic, cheap, and effective.
πŸ“‘
Faraday Bags
Car key fobs, passports with RFID chips, and phones can be placed in Faraday bags to block all wireless signals. Prevents relay attacks on keyless car entry and passive RFID passport reading.
πŸ—‘οΈ
Document Shredding
All documents with personal information β€” bank statements, utility bills, any mail with your name and address β€” go through a cross-cut shredder before disposal. Dumpster diving for personal information is a standard identity theft technique.
🏦
Postal Box / Address Separation
A PO Box or commercial mailbox address is used for all business, online purchases, and public registrations. Your home address is not published anywhere or used for anything beyond what is legally required.
🌐
Domain WHOIS Privacy
All domain registrations use WHOIS privacy protection to prevent name and address from appearing in public WHOIS records. Without this, your home address can be looked up by anyone who knows your domain name.
πŸ—„οΈ

Data Broker Opt-Outs & Account Minimalism

Data brokers β€” companies like Spokeo, Whitepages, Acxiom, and hundreds of others β€” compile dossiers on individuals from public records, loyalty card data, app telemetry, and purchased datasets. They sell this information to anyone who pays. Opting out is tedious but worth doing.

πŸ—‘οΈ
Delete Unused Accounts
Every account you don't use is a liability β€” a database that may be breached, a service that may sell your data, a login that may be phished. Use JustDeleteMe.xyz to find deletion pages for hundreds of services.
justdeleteme.xyz β†’
πŸ“‹
Data Broker Opt-Outs
Manually opt out of major data brokers: Spokeo, Whitepages, Radaris, BeenVerified, Intelius, PeopleFinder. Services like DeleteMe automate this process if manual opt-outs are too time-consuming.
joindeleteme.com β†’
πŸ“Š
Opt Out of Ad Tracking
Use the Digital Advertising Alliance's opt-out tool (optout.aboutads.info) and NAI's opt-out page. Also opt out of Google and Meta ad personalisation in your account settings. These reduce β€” but do not eliminate β€” tracking.
πŸ””
Breach Monitoring
Monitor whether your email addresses appear in data breaches using HaveIBeenPwned. Set up alerts so you know immediately when a service you've used is compromised, and change passwords accordingly.
haveibeenpwned.com β†’
🏦

Banking & Financial Document Security

Digital security and physical security are inseparable when it comes to financial information. Most identity theft and financial fraud begins not with a sophisticated hack, but with a stolen wallet, an unshredded statement, an unguarded bank card, or a piece of mail left in the box too long. These practices address the physical side of the equation.

Credit & Account Monitoring

πŸ“Š
Annual Credit Report Review
Pull your credit report from both Equifax Canada and TransUnion Canada at least once per year β€” both are free. Look for accounts you didn't open, addresses you don't recognise, and inquiries you didn't authorise. These are the earliest signs of identity fraud.
equifax.ca β†’ free report
πŸ“‹
Review Statements Promptly
Review bank account and credit card statements as soon as they arrive β€” don't let them sit. Fraudulent charges are easiest to dispute within the first 30 days. Most banks require disputes to be filed within 60–120 days of the statement date.
πŸ“±
Go Paperless & Set Alerts
Electronic statements reduce the amount of sensitive paper passing through your mailbox and sitting in filing cabinets. Enable transaction alerts on all bank and credit card accounts β€” real-time push notifications catch fraud immediately rather than at month-end.
πŸ””
Report Suspicious Activity Immediately
Report lost or stolen bank cards, cheques, or credit cards to your financial institution immediately β€” most have 24-hour fraud lines. Also notify police if you suspect identity theft. Delays allow fraudsters to make more transactions and complicate recovery.

Physical Document Discipline

πŸͺͺ
Protect Your SIN β€” Do Not Carry It
Your Social Insurance Number (SIN) is the master key to your financial identity in Canada. Do not carry your SIN card in your wallet. Do not carry your passport or birth certificate unless specifically required for that trip. Store them in a locked safe at home.
πŸ‘œ
Minimise What You Carry
On any given day, carry only the ID and cards you actually need. A stolen wallet containing your driver's licence, SIN card, health card, and three bank cards is a catastrophic identity theft event. Carry the minimum; leave the rest locked away.
πŸ—‘οΈ
Destroy Before Discarding
Every document containing personal or financial information β€” bank statements, tax returns, pre-approved credit card offers, receipts with account numbers or signatures, expired cards β€” must be cross-cut shredded before disposal. Do not simply tear or fold and bin them.
πŸ“¬
Retrieve Mail Promptly
Mail sitting in an unattended mailbox is a theft opportunity. Collect mail daily. If you travel, arrange a hold with Canada Post or have a trusted person retrieve it. Pre-approved credit card offers in your name can be used by thieves to open accounts without your knowledge.
πŸ—ƒοΈ
Secure Physical Financial Records
Cancelled cheques, chequebooks, and paper account statements that you must keep should be stored in a locked filing cabinet or safe β€” not in an unlocked drawer or box in the garage. Consider transitioning entirely to eStatements to eliminate this exposure.
βœ‰οΈ
Never Email Sensitive Financial Info
Do not email account numbers, SINs, passwords, or tax identification numbers. Standard email is unencrypted in transit and stored on multiple servers indefinitely. Use encrypted alternatives (Signal, ProtonMail with PGP) for any sensitive communication β€” or use the phone with a known, verified contact.

Bank Card Physical Security

πŸ‘οΈ
Keep Cards in Sight
Never let your bank card or credit card out of your sight during a transaction β€” at restaurants, taxis, or retail. Card skimming devices can capture your card data in seconds. Use tap-to-pay where possible to minimise physical card handling.
πŸ”’
Never Write Down Your PIN
Your PIN should exist only in your memory β€” not on a sticky note in your wallet, not on the back of your card, not in your phone notes. If you need a memory aid, use a passphrase technique: turn the PIN into a memorable short sentence.
✍️
Sign New Cards Immediately
Sign the back of any new bank or credit card the moment it arrives and activate it through the official bank channel β€” not a link in an email. An unsigned card is usable by anyone who finds or steals it before you do.
βœ‚οΈ
Destroy Expired Cards Properly
Cut expired bank cards, credit cards, and loyalty cards through the chip and magnetic strip before disposal. Ideally, use a card shredder or heavy-duty scissors to cut them into multiple pieces. Do not simply discard intact expired cards.

Quick Reference β€” Do & Don't

βœ… Do:
  • Review your credit report annually (both Equifax and TransUnion)
  • Review bank and credit card statements every month
  • Go paperless and set real-time transaction alerts
  • Shred all documents containing personal or financial information
  • Store SIN card, passport, and birth certificate in a locked safe
  • Report lost or stolen cards to your bank immediately
  • Collect mail daily β€” don't let it accumulate
  • Sign new bank cards immediately on receipt
  • Keep your card in sight during every transaction
  • Educate family members β€” especially children and seniors
  • Ask why your information is needed before providing it
🚫 Don't:
  • Carry your SIN card, passport, or birth certificate in your wallet
  • Write your PIN anywhere β€” not on your card, not in your wallet
  • Let your bank card out of your sight during transactions
  • Email account numbers, SINs, or passwords in any form
  • Leave bank statements or tax returns unattended or in plain view
  • Throw out documents before shredding them
  • Respond to unsolicited calls, emails, or texts requesting financial details
  • Give out personal information unless you initiated the contact
  • Leave mail sitting in an unattended mailbox
  • Discard expired bank cards without cutting through the chip and strip
Source note: The Do/Don't framework above is based on publicly available general security best practices. This content is summarised in Ted Lee's own words for educational purposes. Nothing here constitutes financial or legal advice β€” see the Legal Disclaimer section of this page.
β‚Ώ

Bitcoin & Financial Privacy

Traditional banking provides zero financial privacy β€” every transaction is logged, reported to government agencies above certain thresholds, and potentially shared with data analytics firms. Bitcoin, used carefully, can restore a degree of financial autonomy.

πŸ”’
Self-Custody
Bitcoin held on an exchange is not private β€” the exchange has a full record of your holdings. Hardware wallet self-custody (Coldcard, Jade) removes that exposure. Not your keys, not your privacy.
⚑
Lightning Network
Off-chain Lightning payments are not recorded on the Bitcoin blockchain. Combined with fresh wallet addresses on exit, Lightning significantly reduces on-chain traceability of everyday transactions.
πŸ”€
CoinJoin
Wasabi Wallet and Sparrow (Whirlpool) enable CoinJoin β€” cooperative transactions that break input-output address linkage without custody risk. The strongest on-chain privacy tool available for Bitcoin.
πŸͺ
Non-KYC Purchasing
P2P platforms (RoboSats, Bisq, Peach) allow Bitcoin acquisition without government ID. Bitcoin acquired without KYC has no identity attached at the point of entry β€” the starting point for financial privacy.
Learn more: Full details on Bitcoin audit trail techniques, CoinJoin, PayJoin, and UTXO management are covered at btc.tedlee.ca/break.html.
πŸ“‹

My Data Practices β€” This Site

This table covers how data is handled across the tedlee.ca site ecosystem specifically.

CategoryPracticeProtection
Contact Email Minimal β€” used only for newsletters & encrypted support requests βœ” Encrypted
Session Logs Stored for 6 months, then auto-anonymised βœ” Auto-purge
Cookies First-party only β€” theme and layout preferences βœ” No trackers
At-Rest Storage AES-256 encrypted on servers I control β€” XA Net Services βœ” AES-256
Access Control MFA + hardware tokens for all admin & database access βœ” FIDO2 + MFA
Analytics No third-party analytics. No Google Analytics. No Facebook Pixel. βœ” None
Advertising No advertising of any kind on any tedlee.ca page βœ” Ad-free
Audits Logs reviewed quarterly; encryption keys rotated annually βœ” Quarterly
Retention Contact messages purged on request or after 2 years βœ” Auto-delete
Data Sales Personal data is never sold, rented, or shared with third parties βœ” Never sold
πŸ—οΈ

PGP Public Key

Encrypt messages to me using this key. Verify the fingerprint out-of-band before sending sensitive content. Valid until: Apr 3, 2031, 5:59:30 PM

Key fingerprint: BCB0 DF0D 2C42 49AA 87E2 01F1 C8B1 1DD4 C9A3 6A0D

-----BEGIN PGP PUBLIC KEY BLOCK-----

mQENBGnQAAIBCADCvKWxy/CKopsJM7jakceqE2v7+s9in/5oVap0Dx/ebNlu8o0F
wpYCh9SynlXmbwameUH8XS111aX3ipwgJXa4d9x4vMVOhWOzlhHpA6G1I7VpKbP6
vB0cyVWNuZNHux3VJZMeagR9Y42mcKKeejSTGLcpRfVGb8pVxXv/0U/fGSNFX9ph
HkAhT6wFFcGhtjQAEr1+hQjtyhuU98+tmhy3pEUOTprNLQ5Vsn3pQwdGrpkmM8bq
QlN4sSdCnu2HoT04LsR5ZK0Utn8Q3MALx8i2AL6pG2EpFKgDTgAvEI9DnwQVN5Di
mi9mqsamRwCXmjfbXQHA5oUAjVk5iA5I9R/DABEBAAG0IVRlZCBMZWUgKFZFN0xF
RSkgPGluZm9AdGVkbGVlLmNhPokBVAQTAQgAPhYhBLyw3w0sQkmqh+IB8cixHdTJ
o2oNBQJp0AACAhsvBQkJZ1MABQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJEMix
HdTJo2oNj5QH/3t+iTT67wSlLIVv/eRV/sReFDXkwxm3XkJfTAr1er97IIn6u/eA
v9pjLVd1ZzEKvKGVQOmd2Toj7gcc7xOnXxIk6Sec6pTqRWb2jD8hvjou5znjMIBy
AJrrqnmpBloivR9DZqcHmUEVvpGzCsa7Glb6cEEgGIUf7v3ninkcm7CoPKKmF8ts
Um6ZOEDtg533ILxh/srPpr/r1fjGzskrseTdAVmlxf8UFvrZIiobU7F0t7AmcNQ+
eBXiahHkizFUFVWosY2HMA5+hFAuhTT6pw0LS1rLQ85BoxH8PvT77/u27Yy9n/Tw
Esb1OHna4FW/dRSTjFaNIcQZHg396B588GC5AQ0EadAAAgEIAKQA9AgH6b4jm7NW
9JTcKgW8kd9sSXaeVa3Z32RgGjP4xyEoxfdipzc/kXMGBN7bnBo7m3TqbqwIJKzI
URkL8rhB2KRUJUQj3IE70ajkfIw5V6EkAOMVFZnOBJcQVFqU1QAKJtG3+taafcCW
RSo+aZBpFGIdRoSgKotdoJpKB8InhzXTVM4gW7TObOJEVfaXSjzke6gY/Wkm+pSs
tFFAbBcZZ2DgKYPk9JgWqVAqNsP+VsCBPRE5FJJ6UrDISHkFfsWEVqj2+FGPyRJf
VIFHXuLvgEwijVXF6hX0EUuy33PslZ9OoS3FsRgj+wiCB+u8mjMnjx2MqfClMXTG
xr+qF8UAEQEAAYkCcgQYAQgAJhYhBLyw3w0sQkmqh+IB8cixHdTJo2oNBQJp0AAC
AhsuBQkJZ1MAAUAJEMixHdTJo2oNwHQgBBkBCAAdFiEEZ/RYOWSkkqwpQZQTyxe4
jVTIBI0FAmnQAAIACgkQyxe4jVTIBI2nQwf/bDU9d+G/9hAvhvRjvNdXpcVpH9Ji
ZEPgLKeYJ4x0bRpYX8skjQDH1oPAGmAoK0vR7KjygA03KMnTdzOhYYXqVF9YfBcW
WeEjkdDGfe6zdF2f76vOQDlyj6kbwRpLmp9WkZd3jJ3+Cmdo35xuz/6pJNXytu5B
HOtPLEifzPERsq/br5GpQTbKvG6VMdhIPOe9H2klvviNeVCZJf2Ug/jjE77jGpA1
YO6Tfx+5VSvSxEpEzq2zECIW+PUHGUhBrXVk/aEp85+UsfYt6bA1f2QBYQg1ofy0
74ycNRclHuDJ6Sx42GdW7lHDAWzg0KPfR3qpWaB07BM7HDDO6blTX8iKJIVFCACl
kvdV1Djgma1cuUp4pFa0Mb+hSFWWZRUOp1IeBqx+I6ahQnCXvpKuGHvckz21zJ1P
cxPLBLjdUpfBvDXN6O38cuq8Mn2zrYppJu5QE/WRJFte/gt5F1sXw8LGXvBUlw2y
sBcjXwSDvkFfyD4pKA4I7ywoSizkO8QJgHGFnHpNnQ2U4o9FovgU2e9kbre6iNqd
tXxfwUR9elFOrjtECtNeho6mvChBJFntAxeqIoKqVTQuGbPj58dxEYRZ3rUTX9UE
f74HPlWDG6BI5CdYkHhMaeyx+8Mg2kEBChniIaHtajhsz9gGkqEG1BwSMMGCYR0P
w1odgl3mCs2vNf3qFbY1
=1vyG
-----END PGP PUBLIC KEY BLOCK-----
βš–οΈ

Legal Disclaimer

βš–οΈ Legal Disclaimer β€” Please Read

The information on this page is provided for educational and informational purposes only. It describes the personal privacy practices of Ted Lee and should not be construed as professional security advice, legal advice, technical consultation, or a recommendation that any specific individual adopt any specific practice.

Not professional advice. Ted Lee is not a cybersecurity professional, licensed lawyer, privacy consultant, or certified security auditor. The techniques, tools, and practices described here represent personal choices based on personal research and personal threat modelling. Your situation, threat model, and legal obligations may differ significantly from Ted Lee's.

No guarantee of effectiveness. No privacy or security measure is foolproof. The tools and techniques described here reduce risk β€” they do not eliminate it. Technology changes rapidly. A tool that is effective and trustworthy today may become compromised, discontinued, or legally restricted in the future. Ted Lee makes no warranty, express or implied, that any tool or practice described here will protect you from any specific threat.

Third-party tools. Links to third-party tools and services (VPNs, password managers, browsers, etc.) are provided for informational purposes. Ted Lee does not endorse, warrant, or guarantee the security, reliability, or continued operation of any third-party service. You use third-party services at your own risk and subject to their own terms and privacy policies. Ted Lee receives no compensation for most tool recommendations on this page; where referral relationships exist they are disclosed.

Legal compliance is your responsibility. Some privacy tools β€” including VPNs, encryption software, and certain communication applications β€” may be restricted or illegal in some jurisdictions. It is your sole responsibility to understand and comply with all laws and regulations applicable to you in your jurisdiction before using any tool or technique described here. Ted Lee accepts no liability for any legal consequences arising from your use of tools described on this page.

No liability. To the maximum extent permitted by applicable law, Ted Lee accepts no liability whatsoever for any loss, damage, security breach, legal consequence, or other harm arising from your use of or reliance on the information on this page β€” including any harm arising from your adoption of any privacy technique, your use of any linked tool or service, or any failure of any security measure to prevent an attack or data breach.

This page outlines Ted Lee's personal measures β€” no marketing, no services to sell, just the steps he takes. It is shared in the spirit of public education only.