How I Protect My Privacy

A personal playbook of minimal data footprints, strong encryption, zero-trust habits — and the tools I trust with my digital life.

⚠ Security Posture Elevated

Due to ongoing attacks by hostile users and their AI agents targeting this site ecosystem, security measures across all tedlee.ca subdomains have been significantly increased. Additional encryption layers, stricter access controls, and enhanced monitoring are now active. All VPN and privacy tool recommendations on this page have been updated accordingly — including the replacement of Zoog VPN with Obscura VPN, a provably private, no-KYC, Bitcoin-payable solution built for the threat environment we now face.

My Core Principles

Tools I Rely On

★ Now Recommended

Obscura VPN

A provably private VPN built by Bitcoiners. Unlike traditional VPNs where you must trust their no-logs promises, Obscura makes logging architecturally impossible. Your traffic is split across two independent hops — Obscura sees your IP but never your traffic; Mullvad exit servers see your traffic but never your IP. No single entity can ever link your identity to your activity.

Pay with Bitcoin Lightning — no credit cards, no paper trail
Zero KYC — randomized account number, no email or phone required
QUIC stealth protocol — blends with HTTP/3 traffic, defeats censorship
WireGuard end-to-end encryption to Mullvad exit servers
Also accepts Monero for maximum payment privacy
Visit Obscura VPN →
YOU QUIC OBSCURA Knows IP Can't see traffic WG MULLVAD Sees traffic Can't see IP Two-Hop Privacy Architecture No single entity can link identity to activity Architecturally Trustless
⛔ Zoog VPN — No Longer Recommended. I previously used and recommended Zoog VPN. It has been replaced by Obscura VPN due to Obscura's superior architecture: provably no-logs design, Bitcoin Lightning payments with zero KYC, and the two-hop split-trust model that eliminates the need to trust any single VPN provider. Zoog remains a functional service, but it cannot match the structural privacy guarantees that Obscura provides.

Tor Browser

For any browser activity I don't want traced back to me. Onion routing provides layered anonymity beyond what any VPN can achieve alone.

Hardware 2FA (YubiKey)

Every critical account is locked behind a hardware security key. Phishing-resistant FIDO2/WebAuthn — no TOTP codes to intercept.

Bitwarden

All passwords are random, unique, and vaulted in an encrypted container. End-to-end encrypted, open source, and self-hostable.

Local Firewall & Router

Network segments isolated; only whitelisted devices get internet access. DNS-over-HTTPS configured at the router level.

My Data Practices

CategoryPracticeProtection
Contact Email Minimal — used only for newsletters & encrypted support requests ✔ Encrypted
Session Logs Stored for 6 months, then auto-anonymized ✔ Auto-purge
Cookies First-party only — theme and layout preferences ✔ No trackers
At-Rest Storage AES-256 encrypted on servers I control — XA Net Services ✔ AES-256
Access Control MFA + hardware tokens for all admin & database access ✔ FIDO2 + MFA
Audits Logs reviewed quarterly; encryption keys rotated annually ✔ Quarterly
Retention Contact messages purged on request or after 2 years. No third-party analytics. ✔ Auto-delete

PGP Public Key

Encrypt messages to me using this key. Verify the fingerprint out-of-band. Valid until: Apr 3, 2031, 5:59:30 PM

-----BEGIN PGP PUBLIC KEY BLOCK-----

mQENBGnQAAIBCADCvKWxy/CKopsJM7jakceqE2v7+s9in/5oVap0Dx/ebNlu8o0F
wpYCh9SynlXmbwameUH8XS111aX3ipwgJXa4d9x4vMVOhWOzlhHpA6G1I7VpKbP6
vB0cyVWNuZNHux3VJZMeagR9Y42mcKKeejSTGLcpRfVGb8pVxXv/0U/fGSNFX9ph
HkAhT6wFFcGhtjQAEr1+hQjtyhuU98+tmhy3pEUOTprNLQ5Vsn3pQwdGrpkmM8bq
QlN4sSdCnu2HoT04LsR5ZK0Utn8Q3MALx8i2AL6pG2EpFKgDTgAvEI9DnwQVN5Di
mi9mqsamRwCXmjfbXQHA5oUAjVk5iA5I9R/DABEBAAG0IVRlZCBMZWUgKFZFN0xF
RSkgPGluZm9AdGVkbGVlLmNhPokBVAQTAQgAPhYhBLyw3w0sQkmqh+IB8cixHdTJ
o2oNBQJp0AACAhsvBQkJZ1MABQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJEMix
HdTJo2oNj5QH/3t+iTT67wSlLIVv/eRV/sReFDXkwxm3XkJfTAr1er97IIn6u/eA
v9pjLVd1ZzEKvKGVQOmd2Toj7gcc7xOnXxIk6Sec6pTqRWb2jD8hvjou5znjMIBy
AJrrqnmpBloivR9DZqcHmUEVvpGzCsa7Glb6cEEgGIUf7v3ninkcm7CoPKKmF8ts
Um6ZOEDtg533ILxh/srPpr/r1fjGzskrseTdAVmlxf8UFvrZIiobU7F0t7AmcNQ+
eBXiahHkizFUFVWosY2HMA5+hFAuhTT6pw0LS1rLQ85BoxH8PvT77/u27Yy9n/Tw
Esb1OHna4FW/dRSTjFaNIcQZHg396B588GC5AQ0EadAAAgEIAKQA9AgH6b4jm7NW
9JTcKgW8kd9sSXaeVa3Z32RgGjP4xyEoxfdipzc/kXMGBN7bnBo7m3TqbqwIJKzI
URkL8rhB2KRUJUQj3IE70ajkfIw5V6EkAOMVFZnOBJcQVFqU1QAKJtG3+taafcCW
RSo+aZBpFGIdRoSgKotdoJpKB8InhzXTVM4gW7TObOJEVfaXSjzke6gY/Wkm+pSs
tFFAbBcZZ2DgKYPk9JgWqVAqNsP+VsCBPRE5FJJ6UrDISHkFfsWEVqj2+FGPyRJf
VIFHXuLvgEwijVXF6hX0EUuy33PslZ9OoS3FsRgj+wiCB+u8mjMnjx2MqfClMXTG
xr+qF8UAEQEAAYkCcgQYAQgAJhYhBLyw3w0sQkmqh+IB8cixHdTJo2oNBQJp0AAC
AhsuBQkJZ1MAAUAJEMixHdTJo2oNwHQgBBkBCAAdFiEEZ/RYOWSkkqwpQZQTyxe4
jVTIBI0FAmnQAAIACgkQyxe4jVTIBI2nQwf/bDU9d+G/9hAvhvRjvNdXpcVpH9Ji
ZEPgLKeYJ4x0bRpYX8skjQDH1oPAGmAoK0vR7KjygA03KMnTdzOhYYXqVF9YfBcW
WeEjkdDGfe6zdF2f76vOQDlyj6kbwRpLmp9WkZd3jJ3+Cmdo35xuz/6pJNXytu5B
HOtPLEifzPERsq/br5GpQTbKvG6VMdhIPOe9H2klvviNeVCZJf2Ug/jjE77jGpA1
YO6Tfx+5VSvSxEpEzq2zECIW+PUHGUhBrXVk/aEp85+UsfYt6bA1f2QBYQg1ofy0
74ycNRclHuDJ6Sx42GdW7lHDAWzg0KPfR3qpWaB07BM7HDDO6blTB8iKJIVFCACl
kvdV1Djgma1cuUp4pFa0Mb+hSFWWZRUOp1IeBqx+I6ahQnCXvpKuGHvckz21zJ1P
cxPLBLjdUpfBvDXN6O38cuq8Mn2zrYppJu5QE/WRJFte/gt5F1sXw8LGXvBUlw2y
sBcjXwSDvkFfyD4pKA4I7ywoSizkO8QJgHGFnHpNnQ2U4o9FovgU2e9kbre6iNqd
tXxfwUR9elFOrjtECtNeho6mvChBJFntAxeqIoKqVTQuGbPj58dxEYRZ3rUTX9UE
f74HPlWDG6BI5CdYkHhMaeyx+8Mg2kEBChniIaHtajhsz9gGkqEG1BwSMMGCYR0P
w1odgl3mCs2vNf3qFbY1
=1vyG
-----END PGP PUBLIC KEY BLOCK-----

This page outlines my personal measures — no marketing, no services to sell, just the steps I take.