Glossary

Plain-English definitions for the words privacy tools throw at you.

End-to-End Encryption (E2EE)

Encryption where only the sender and recipient hold the keys; the server in the middle stores ciphertext it cannot read.

Metadata

The data about your data — who, when, where, how big — that often leaks more than the message content itself.

No-Logs VPN

A VPN that doesn't record connection details that could tie a session back to a specific user.

Self-Hosting

Running the server yourself instead of trusting a vendor's cloud — gains control, gains responsibility for uptime and backups.

Tor (The Onion Router)

An anonymity network that routes your traffic through three relays, each only knowing one hop, hiding your IP and your destination.

Browser Fingerprinting

Tracking by combining dozens of browser data points (canvas rendering, fonts, timezone) into a unique signature, no cookies needed.

Open Source

Source code published publicly under a license that allows inspection and (typically) modification. Necessary but not sufficient for trust.

Five Eyes

Intelligence-sharing alliance of the US, UK, Canada, Australia, and New Zealand — relevant for jurisdiction-based privacy decisions.

TOTP (Time-Based One-Time Password)

The 6-digit codes from authenticator apps. Strong second factor; better than SMS.

Onion Routing

Encrypting a message in multiple layers, peeled off one at a time as it travels through routers — the basis of Tor and Session.

Perfect Forward Secrecy (PFS)

An encryption property where compromising one session key does not let an attacker decrypt past sessions.

Verified Boot

A boot process that cryptographically verifies each component of the OS image so a tampered system refuses to start.

Client-Side Encryption

Encrypting files on your device with your own key before they go to the cloud — the cloud only ever sees ciphertext.

Threat Model

An honest list of what you're protecting, who you're protecting it from, and what you're willing to give up to do it.