Blog by Gregory Chamberlain.

Feed rss.xml
PGP B271 F6B8 7BBF
Sourcehut ~chambln
Mastodon @chambln
YouTube UCOb…9IAw

Recommended Hardware And Software

This page is a curated collection of computer hardware and software that I recommend to people. I have thoroughly researched and personally used every item on this list.

This is not a comprehensive list, but I will add to it over time. You can check the history of this page or subscribe via RSS to all changes made across the site. Alternatively follow me on Mastodon for complementary witticisms.


My software recommendations are guided by the following criteria. Please note this is not an exhaustive list.

Password manager

Don’t reuse passwords. Use a strong, unique password for each online account. Aim for 13 or more randomly generated characters including letters, numbers and punctuation. Anything shorter than 8 can be cracked in milliseconds, and even passwords longer than 20 characters can be vulnerable to dictionary attacks.

You’ll need a way to keep track of all those immemorable passwords, which is exactly what a password manager is for.

I advise against using password managers that are built directly into your web browser since that restricts your choice of web browsers going forward.

Pen and paper

The simplest method is not to use software at all! Literally write your online passwords in a private notebook and keep it in a safe place; for example, a locked drawer in your bedroom.

I realise pen and paper is plain text, but for tech illiterates who don’t trust themselves to store passwords digitally in a safe way, it is surprisingly effective. Cybercriminals are seldom burglars and vice versa.

This method is not perfect though. It is prone to shoulder surfing and theft. Also, if your house burns down or is flooded then your passwords may forever be lost.


Bitwarden is a free/libre password manager suitable for computer users both novice and experienced. There are clients available for all major web browsers and operating systems, desktop and mobile that can automatically fill out login forms for you.

All your data is encrypted and stored securely on a remote server where you can’t lose it. Just don’t forget your master password!

The canonical instance of Bitwarden (i.e. not self-hosted) offers paid plans, but for most individuals the free plan is plenty.

Licensed under the GNU GPLv3 client-side and AGPLv3 server-side, Bitwarden is a freedom-respecting replacement for popular malware such as LastPass and Dashlane.


For advanced users who are comfortable using the Unix shell, managing a personal PGP key pair and maintaining backups, I recommend pass—appropriately dubbed “the standard Unix password manager.”

For an even simpler, POSIX-compliant program: try pash (licensed MIT/Expat).

Pass is licensed under the GNU GPL, version 2 or later.

In addition to the included passmenu script, I like to use the Browserpass extension (via Debian’s webext-browserpass) to retrieve passwords from my ~/.password-store/ and auto-fill login pages in Firefox. It is distributed under the ISC license.

Web browser

This section only covers desktop browsers, not mobile. My recommendations focus on privacy, but not at the expense of usability.

Tor Browser

The best browser for preserving online privacy and anonymity is without question the Tor Browser.

For maximum privacy, disable JavaScript in about:preferences. Keep in mind this can stop many popular sites from working properly.

Unfortunately, browsing over the Tor network can be sluggish and intermittent. Worse, some “services” outright block Tor connections.


For when Tor is not viable, I recommend Firefox on the desktop with some tweaks and a number of extensions.

Start by disabling telemetry, HTTPS over DNS, the included Pocket extension, and Firefox accounts integration. Then install:

With NoScript you can block JavaScript on a per-domain basis. The default behaviour causes many sites not to work properly since all domains are blocked at first.

On Debian you can install Firefox and these extensions using the following command:

sudo apt-get update && sudo apt-get install \
  firefox-esr \
  webext-https-everywhere \
  webext-privacy-badger \
  webext-ublock-origin \

HTTPS Everywhere and NoScript seem to be missing from Ubuntu’s repositories for some reason.