Forem: Luftie The Anonymous

Privacy and Security Setup to use in 2026 PART 1 (OS, Browser, Search Engines)

Luftie The Anonymous — Fri, 17 Apr 2026 12:20:19 +0000

Hello Dev.to Community !

This time, I decided to write on tools/services/software etc. that have been designed and created to care about your privacy on the internet. I will present some tools that I use and/or can recommend and much more tools on which I made research on.

I've dedicated a huge amount of time, therefore at the very beginning, I request you to share ⤵️ this article with your fellows or someone that you think, that it would be useful to share this article with :D

Thank you in advance 💜 !

Introduction

I didn't want to make this just another brief article, that will list you down the tools to use, brief info on them and that's all, download, put your trust into a thing and fingers crossed. This article delved a bit deeper into internals of each tool presented.

While writing the article I quickly realized that, writing a one long article with all of those tools/services is pointless, because I lost often my minds while checking the cohesion. Secondly, noone would like to direct through one hour+ long article, that could actually be a book (lol).

I decided, I will split this into an article series posted one per week. The split will be looking as following:

First Post (This one)

Introduction

Online Privacy:

Operating Systems (OS)

-- Dekstop OS

-- Mobile OS

Browsers
Search-engine

Second Post:

Messengers
Email

Third Post:

VPN
Firewalls

Fourth Post (In this one there will be a special announcement with surprise for you all):

Payments
AI

Fifth Post:

Location Privacy
Productivity Apps

Sixth Post:

DNS Privacy

Seventh Post:

Device-Level Security & Authentication

Eight Post:

Offline Privacy:

Outfit
Everyday Items
Payment Methods
Events
Transport
Youtube Creators
Educational Resources

BUT before I go into the main details, I want to start with an introduction on privacy and why it matters to everyone, regardless of who you are.

Why actually bother with privacy ?

A lot of people, when they hear term privacy, in front of their eyes emerges a chap in anonymous-mask, who likely commits cybercrimes and lives in a basement or some other shady place.... Probably something like this 🙍 is the match for what they see:

Candidly speaking, I do not wonder why people have such imagination about people who "obsessively" care about their privacy. On the other hand, for me as an crypto-anarchist, it's really harmful, because it generalizes every privacy-focused dude is like the guy on the image above.

I guess it will never disappear as human-species likes very much to over-facilitate things instead of understanding the more complex puzzles behind one's decision.

Moreover, the image of privacy preserving people in press or (social) media is rather prone to shift towards calling them some party's extremists or try to assign them to political fraction of the politics' scene, whereas it's not always the case when it comes to individuals.

Important thing to understand on the very beginning is:
Not everyone will need the same level of privacy !

And that should be the nr. 1 thing, you should take out from this article.

There will be a different need of software-developer, who is politically repressed and hounded, and completely different need will be of an regular woman out there who just doesn't want the companies to know about her to many details.

Having said that, I can move straightly into examples of why privacy matters.

Number 1. Advertisement and personal-data trade

Have you ever wondered, where tha heck is your money gone ?
Well...... Ads of some flashy product you talked about and decided to buy it without a real need could be the answer 😅

I will tell you a story, recently I was by a family-gathering and one person had a talk about bike-roads, and what did they saw first ? You guessed it ! The add of bike-road. I checked their permissions for facebook and everything was set to allowed. And this is a case where big techs ambush a lot of people, who are not aware enough.

I like to recall words said in some video by ThePrimeagen (shout out to you, Micheal :D). Those words were something like:
If you want to be a head of leading silicon-valley company, you have to sell either ads or hardware.

And it's actually true, at least at some point, look at some of the big-techs and their revenue model:
Facebook - Ads
Nvidia - Hardware
Tiktok - Ads

Google - Well they do everything, lol (Ads, hardware, software services etc.)
Microsoft - software services + ads

And in order to specifically profile you, the data is needed, Huge amount of data. Which often is used by unethical methods e.g. wiretapping (as in my story).

Thus, given you have issues that you lack money on some essentials, it might be that you purchase things that you actually don't need and only talked about with friend and under impulse, you bought those things. If you see you have issue with it, guess what privacy is for you !

There is not always about rigid self-control, but also a tooling to it. Sure you can pound a metal-bolt in a wall with your hand, but using hammer makes more sense though, especially as it would be less painful (Lol).

Having said that, I hope I managed to keep you engaged.

Number 2. Banking and Financial Operations

This case pertains a lot of people, not only those who are repressed or alleged of some crime.

I had almost every f*cking time I made a transaction online not even for big amount of money, it were transactions like 5$ or 100$, my account got temporarily frozen, because bank accessed it as suspicious activity, meanwhile it were just regular purchases like Copilot or Brilliant Subscription or even purchase of something from services like Temu or Ebay.

And you really would not like to listen to words I spit out to the consultant and to the bank in emails 😅

And in the times of growing surveillance (especially in sucky europe), I think it's real threat to most of us, than you think.

Therefore, you might want to have more privacy when it comes to your financial affairs, but also not like to relinquish digital payments.

Number 3. Location Tracking and Stalking

People who experience stalking or being bewilderingly frequently followed by some track while they go outside from somewhere, they also might want to have more privacy, when it comes to their actual location. Regardless if stalking pertains their kids or themselves.

Number 4. Password/Data-leaks

It's very common that in big/middle-sized companies occur breaches, and all of the sudden details about your life, might actually not be the same as the breach might have released a lot of sensitive private messages or data.

Number 5. Remote work setups

Companies very often while video calls, require candidates to perform some task live or to perform some task at all e.g. Make some coding recruitment-task. I have again a perfect example of why you might want to prevent your PC's content private.

To give you more context from December 2025 until Mid January 2026, I was actively looking for a job in IT, especially blockchain industry given my background. And all of the sudden I got a message. Here I will reveal some screen shots from the conversation and there is some pattern I noticed (likely they used AI for it) the account seemed to be legit (thus I hate linkedin 🤬, imo they should pivot their name to TornApart, describes perfectly the faith in not being scammed there)

Here step 1, the message arrives to potential prey/victim:

Here, I honestly answered that this position is beyond my skills and expertise, but they kept insisting

I got offered that I can actually for practice purposes, I can try solving the task so I agreed.

Note, that the messages were poem-long to convince me to run their code on my machine, but when I agreed and wanted to chat a bit more and expected a bit longer answer, I just was ghosted with one word response. Meaning they achieved their goal, so I can piss off now.

Then I was required to solve the task, which I did but I haven't run it purely on my machine, I used DOCKER !, about which fact I informed the employer. Surprisingly the recruitment task was super easy, it was about to build a WETH-like token with accruing value for depositors and test it in hardhat (whereas my setup is foundry and never used it). It turned out that although my code was correct, the test was specially written wrongly in some places especially when it come to rounding-math for the values given as output.

In the end I got no response back from the company, but from the service where the job offer was hoisted.

I cannot say what was their irregular behaviour, but I can assume that there was indeed some malicious code to be run and potentially I could loose my all crypto-assets I have purchased for my money and I could get robbed from my PRIVATE information on my PC.

Thus people like this, could are also highly welcome to read this article.

Number 6. State Oppression

There are a lot of people, who are targeted by the state. You would not even have to commit a crime, being regular chap is enough for the state to have interest in you. But the most frequent targets are people with anti-government attitude (e.g. like me). There were a lot of journalists or other activists that were victims of state oppression and not even activists. But if being an journalist or activist is not enough for you, Nigel Farage could not open a bank account in England and was separated from his money !. All because the government decided to seperate him from the financial system.

Summary of the section

Privacy is not just for weirdos from basements, but considers every single person, because we never know, how the our data is used or how we ourselves are viewed by the company, government or other institution. If you're interested on what's more, let's finally go into the details !

Online Privacy

As I emphasized in the introduction, in this section, I will do my best to present you the privacy tools I use on a daily basis, explain nuances related to each element from the list I mention. And why I recommend them specifically.

I will start with the with the very core of our internet usage, namely Operating Systems !

Operating Systems

Here I have split it into 2 types

Desktop OS
Mobile OS

I'll present you first the Desktop Operating Systems.

Desktop Operating Systems 🖥️

There is no wonder that I will say I use LINUX !

Yes, Linux is the operating system I use on daily basis. Why this operating system specifically is chosen by people with privacy concerns ?

There are many reasons, but I will name most important of them:

Linux is open-source: This provides transparency and more certainty that the OS is not malware or spyware, due to contributors and people who are interested in technical details and further Linux development.
No telemetry: Linux does not have a built-in telemetry, thus the operating system does not send the information about your activity to third party. The core of Linux is that you are the lord of your OS. If you want more analytics or tracking, you install tools specifically for it :D
No Forced Updates: In Linux you decide if you want to update your operating system or not and you are not forced to do it under circumstance of not being able to use some features or something like that as it happened often to Windows or MacOS users.
Selective Permission Management: In Windows everyone is an admin, which makes it one of reasons why Windows is often a target for hackers. In Linux there is a split between what you can run as a regular user and what you can run as an administrator. Which averts from some successful hacks on your machine.
Customizability: In Linux unlike Windows, you can customize your operating system however you want. You want to compile custom Kernel ? You can do it. You can rebuild the whole OS. Whereas in Windows, Microsoft decides what goes in, what stays out.

Distributions I use

Personally, I'm yet a freshman into Linux (8 months passed since I started using Linux). I use(d) until now Debian as a distribution, so I have no clue about other distributions. And I can recommend Debian for start with Linux as Operating System, it has slick design, and is very intuitive Operating System. Also I noticed a significant increase of free space on how my PC works in comparison to what I experienced with Windows.

However as I mentioned in my latest From Zero to Crypto-Hero post, I said I started playing around with QuebesOS on Virtual Machine, however I did not have enough time to test it out properly. I would say the learning curve is quite steep and basic browser usage like firefox was quite of not understandable for me.

For now on my laptop, I wanted to try out something different than debian, so currently I'm playing around with CachyOS on my laptop. If you ever would like to hear a review on the operating system, feel free to mention it in a comment.

I will only list down here some alternatives, if you don't want to use debian specifically.

Recommnded by experts for beginners: Ubuntu, Mint OS, Zorin
Specified distros for privacy: QuebesOS, Whonix OS, Tails OS

BEAR IN MIND !
That distros like Quebes come up with tradeoffs when it comes to UX, so people that are comming directly from microslop OS aka. Windows or Apple, might not want to choose those particular distros as they require more knowledge on Linux

Mobile Operating System 📱

We all know how pure-android and AppleOS phones are filled with spyware. Eavesdropping is one of the most privacy violating action those phones do. However there is a solution for it, name use AOSP (Android Open Source Project) Operating systems that are privacy focused. My phone for daily usage is Pixel 6a with GrapheneOS on board.

Why GrapheneOS ?

There are multiple reasons, why I decided to use GrapheneOS instead of Samsung. But instead of more technical explanations let's start from the user POV.

No Google by default - This is the first principle of GrapheneOS. Liberation of an operating system from google by default. Currently every android phone is merged/synchronized together with google by default, using google services. Your images are handled by google images, every service you use is basically bloated with google spyware (aka. personalization daemon-softwares).

However you can use your google play in GrapheneOS and are not exposed on mass surveillance over your entire phone. That's because GrapheneOS sandboxes the app usage and does not grant permission to access anything on your device.

Though if you really want to liberate your self from big tech, you probably would like to use open-source app-stores like F-droid, Aurora Store or APK Pure.

Heavy protection against unknown (0 day) vulnerabilities - GrapheneOS uses measurements to prevent from security flaws in software or hardware that are unknown to the vendor and the public.

The measurements that used are following:

Attack surface reduction - Removing unnecessary code or exposed attack surface eliminates many vulnerabilities completely. GrapheneOS avoids removing any useful functionality for end users, but we can still disable lots of functionality by default and require that users opt-in to using it to eliminate it for most of them.
Containment through sandboxing at various levels - Fine-grained sandboxes around a specific context like per site browser renderers, sandboxes around a specific component like Android's media codec sandbox and app/workspace sandboxes like the Android app sandbox used to sandbox each app which is also the basis for user/work profiles.

GrapheneOS improves all of these sandboxes through fortifying the kernel and other base OS components along with improving the sandboxing policies.

What sandboxing really means is that e.g. if there is an app compromised, then because it's in sandbox, meaning isolated, no other app is compromised.

Preventing an attacker from persisting their control of a component or the OS/firmware through verified boot and avoiding trust in persistent state also helps to mitigate the damage after a compromise has occurred.

Attack surface reduction

Greatly reduced remote, local and proximity-based attack surface by stripping out unnecessary code.
Making more features optional and disabling optional features by default (NFC, Bluetooth, UWB, etc.), when the screen is locked (USB, USB-C, pogo pins, camera access)
Optionally after a timeout (Bluetooth, Wi-Fi)

USB-C port and pogo pins control

USB-C port and pogo pins setting protects against attacks through USB-C or pogo pins while the OS is booted. For the majority of devices without pogo pins, the setting is labelled USB-C port.

The default is Charging-only when locked, which significantly reduces attack surface when the device is locked.

After locking, it blocks any new USB connections immediately through either USB-C and pogo pins at both the hardware level via configuring the USB controller and also at the OS level in the kernel to provide a second layer of defense.

The highest security however is when our charging is set to Off mode.

Other privacy protections are following, about GrapheneOS there could be really created separate posts series:

Hardened kernel
Hardened app runtime
Sensors permission toggle: disallow access to all other sensors not covered by existing Android permissions. Or even there is a feature, that can send you alerts whenever an app will request for sensors.
LTE-only mode to reduce cellular radio attack surface by disabling enormous amounts of both legacy code (2G, 3G) and bleeding edge code (5G).

Wi-Fi privacy

MAC randomization per each connection unlike in standard android it's done per network. So regardless whether I've been connected to the network or not, if I reconnect, my device is treated as completely different one.

There is a whole much more when it comes to GrapheneOS and what they do, when it comes to privacy protection. If you're more tech savvy than me and you know the infrastructure of the internet from the ground up, you can check out the GrapheneOS website

Unfortunately, GrapheneOS is limited only to Pixel 6 and newer phones, however there was announced that arguably Motorola will have partnership with GrapheneOS

Now you might wonder, why tha heck is a private OS available only on Google's phones ? Let me explain.

The Technical Constraint

GrapheneOS needs direct control over the Titan M2 security chip, which only Pixels expose at the required level. This isn't arbitrary gatekeeping; it's a hardware reality. Other devices either don't provide the necessary low-level access or have weaker security foundations. You're not choosing Google—you're choosing the only viable hardware that can run proper security hardening.

Stripping Google Down

Here's what actually happens: GrapheneOS removes Google Play Services, GMS, and proprietary Google binaries by default. Your bootloader locks with your key, not Google's. No persistent telemetry pipeline. The OS doesn't phone home unless you explicitly enable Sandboxed Google Play for specific apps.

So yeah, you bought from Google. But the software surface they can exploit is drastically smaller than stock Android.

The Trust Question

Can Google backdoor you through the Titan chip? Technically yes. But realistically? It'd destroy their business model (which runs on advertising data, not targeted espionage) and burn every ounce of credibility they have.

What you can actually verify:

Audit the open-source code yourself
Run tcpdump to inspect network traffic
Enable reproducible builds to verify the binary matches the source
Confirm zero Google domains in your traffic

The Real Answer

You're not achieving perfect de-googling. You're reducing Google's attack surface from massive to moderate. It's not self-denial—it's accepting that perfect security doesn't exist and choosing the best available option given the constraints.

The alternative isn't "truly de-googled." It's either stock Android (guaranteed surveillance) or building your own phone from discrete components (impractical). GrapheneOS + Pixel is the pragmatic best-in-class solution for commodity mobile privacy.

Alternative Privacy Operating Systems: CalyxOS, IodeOS, LineageOS

Browsers

We've got private OS, private messengers, now it's time to talk about private browsers so that you're not screwed and spied by simply browsing through the internet.

There are couple of privacy options that are worth switching to. The Browsers are following:

Tor Browser
Brave
Firefox
LibreWolf
Mullvad Browser
DuckDuckGo

Tor Browser — The Gold Standard

Tor's the closest you get to truly untraceable. Here's what makes it beast-level:

Onion routing: Your traffic bounces through minimum 3 encrypted nodes. Even if someone sniffs the exit node, they can't connect it back to you because the previous relay is encrypted.

Letterboxing: Rounds your screen resolution to standard buckets (1000x1000, 1400x900, etc.) so sites can't fingerprint you via screen dimensions.

First-Party Isolation (FPI): Cookies are isolated per-domain. A tracker pixel from Facebook can't see what you did on Amazon because they're treated as completely separate contexts.

Standardized everything: User agent, fonts, extensions—everyone looks identical on the network, so statistically you're hidden in a crowd of thousands.

Tradeoff: Slower (routing overhead), some site breakage from hardened CSP/XSS protections.

Brave

Brave is the pragmatic choice for daily use. You get strong protections without sacrificing UX:

Shields: Built-in tracker blocking (uses multiple blocklists) + ad blocking at the rendering level. No extensions needed.

Script sandboxing: Third-party scripts execute in isolated contexts, limiting their ability to communicate across sites.

Cookie isolation: Tracks HTTPS/HTTP + domain separation so cross-site tracking is harder.

Fingerprint randomization: Changes some fingerprinting vectors (Canvas, WebGL) on reload.

Additionally when it comes to features that some people might search for, is actually ads-blocking so you can enjoy watching youtube without any ads and I think it's awesome, I remember how much I suffered because of stupid ads that were kind of targeted at me by youtube.

Brave supports extensions as it's based on chromium engine.

It supports also in-background running by default so you don't have to spend monthly on spotify subscription or something else. You can run youtube music on brave and you have the same effect.

Firefox

I was honestly shocked it is privacy browser, because as I was younger I always associated it with spyware. However Firefox turns out to be privacy respecting.

Firefox lets you actually own your privacy config:

Total Cookie Protection (ETP): Isolates cookies in a "cookie jar" per website. Cross-site tracking via cookies is blocked by default.

Container tabs: Firefox Multi-Account Containers segregate cookies/data per container, so different "identities" don't bleed together.

Advanced hardening via about:config: You can disable WebGL, limit canvas fingerprinting, disable plugins, tweak timing attacks, etc.

Catch: Requires manual tuning for maximum security. Stock Firefox is good, but paranoid Firefox requires config knowledge.

Furthermore, they added 50GB Free VPN recently for every user. And firefox is one of the only browsers that support extensions/add-ons in mobile browsers, so if you have something like blocking keywords or you basically want to add nsfw extensions to your phone it's a good solution to use firefox, while keeping you private.

Mullvad Browser

This is the Tor Project + Mullvad VPN collab. Basically:

Takes Tor's hardening tech (letterboxing, FPI, standardized fingerprints).

Removes the onion routing overhead.

Assumes you'll pair it with a external VPN for network-level privacy.

Key quirk: Zero persistent state. You log out when you close the browser. No bookmarks saved, no history. That's intentional—harder to track habits.

LibreWolf

LibreWolf's Firefox with Mozilla's telemetry ripped out + pre-baked security config:

No telemetry, no studies, no data sharing with Mozilla.

Ships with hardened about:config by default.

uBlock Origin pre-installed.

Minimal network calls back to Mozilla servers.

Perfect if: You like Firefox's ecosystem but want Mozilla's data collection gone.

DuckDuckGo Browser

I actually used to use Duckduckgo as a browser, but because it was annoying that they had no extensions support for mobile apps. I would rather treat it as quick-search browser and nothing else. However I do use DuckDuckgo products and I really appreciate them. Also they do not support the in-background running by default just as firefox, so you're prolly need an extension for it.

Core Privacy Tech Stack

Search Layer (No Tracking)
Zero search history storage: DuckDuckGo doesn't save or tie your searches to you. Compare that to Google storing everything linked to your account.

No user profiles: Unlike Google's ad-targeting, they literally can't build a profile because they don't collect the data in the first place.

Business model is honest: Makes money from context-based ads (ads based on what you're currently searching, not your history), not behavioral targeting. This is key—it removes the incentive to spy on you.

Third-Party Tracker Blocking (The Heavy Hitter)
This is where DDG flexes. They've built multiple overlapping protections:

3rd-Party Tracker Loading Protection — Blocks trackers before they even load

Uses Tracker Radar (their own open-source web crawler) to identify tracking domains

Prevents requests to known trackers (Google Analytics, Facebook pixels, etc.) from being sent at all
This is crucial: Stops your IP + other identifiers from being sent
to tracker endpoints

3rd-Party Cookie Protection — Isolates cookies per domain
A Facebook tracker pixel on Amazon can't see what you did there
1st-Party Cookie Protection — Protects against persistent cookies on individual sites

CNAME Cloaking Protection — Blocks sneaky tracker domains hidden under first-party CNAME records
Tech companies sometimes mask tracker domains to look like the site's own domain to bypass cookie protections

Fingerprinting Protection
Randomizes canvas/WebGL fingerprinting vectors
Limits what scripts can detect about your device

Google-Specific Protections (Because Google is Everywhere)

They literally have dedicated protections for Google's tracking schemes:

Google AMP Protection — Strips Google AMP wrappers that let Google track your clicks

Google Topics Protection — Blocks Google's Topics API (their creepy replacement for third-party cookies)

Google Protected Audience API Protection — Blocks FLEDGE (their new ad auction system that still tracks you)

Google Sign-In Pop-Up Protection — Removes those annoying "Sign in with Google" nags

Link Tracking Protection
Strips tracking parameters from URLs before you click
Example: amazon.com?utm_source=facebook&utm_medium=ad gets cleaned to just amazon.com

Referrer Tracking Protection
Blocks the HTTP Referer header from leaking where you came from
Encrypted Connections (Smarter HTTPS). Automatically upgrades to HTTPS when available. Prevents ISP/network-level snooping.

Email Protection
Generates unique @duck.com email aliases when signing up for services. Aliases forward to your real email but mask your identity
Strips email tracker pixels before forwarding
Example: You get unique-alias@duck.com, give it to a sketchy site, it forwards to your real inbox but without the tracking pixel

Duck Player (YouTube)
Strips YouTube's tracking and disables personalized recommendations
Reduces invasive ads. Your video views don't pollute your YouTube history.

Cookie Pop-Up Protection
Automatically clicks the most privacy-friendly option on GDPR/CCPA pop-ups. Then hides the pop-up so you don't see it again.

The Fire Button
One-click nuke of recent browsing data. Clears locally stored data instantly.

Global Privacy Control (GPC)
Sends a standard signal to websites telling them not to sell/share your data.Works via HTTP header + JavaScript signal (platform-dependent). On Windows, it sends both header + JS. On Mac, JS only for compatibility reasons.

Search Engines

Ok, now as we took care of the Operating System, Browser it's time for Search Engines. And in advance I say, no there will be no google in this list (lol).

That's because we would not like to be targeted for ads and having collected our data by company or companies that appear to be friendly to your privacy and data and apparently they see and store all our movements, conversations and more. We would do it for many reasons, either to prevent ourselves from unnecessary expenditures, prevent from trackers e.g. location trackers, profiling us etc.

Before we start yet, I have to mention that there are a ton more search engines, than I thought there are. Therefore I will not discuss each one but will discuss only 6 and for more knowledge I highly encourage to read this article.

Let's first understand the fundamentals of how these systems operate before we list the details on each search-engine. This knowledge is crucial for appreciating the technical differences between privacy-focused and traditional engines.

The Web Crawler: Your Digital Librarian

A web crawler (also called a bot or spider) is an autonomous software agent that systematically browses the web to discover and index content. Think of it like a tireless librarian that never sleeps. Here's how it works:

Discovery: The crawler starts with a list of known URLs, then follows hyperlinks to discover new pages
Fetching: It downloads the HTML, CSS, and other content from each page
Indexing: The content is analyzed and stored in a massive database (the search index)
Processing: Text is extracted, links are catalogued, and metadata is recorded
Updates: Crawlers continuously revisit pages to detect changes

The crawled data is stored in an inverted index — a data structure that maps every word on the web to the pages containing that word. This allows lightning-fast lookups when you search for a query.

The Search Algorithm & Ranking System

When you submit a query, the search engine doesn't re-crawl the web — it queries its pre-built index. The ranking algorithm determines which results appear first. Traditional engines like Google use factors like:

Relevance: How well the page matches your query keywords
Authority: Link count and quality (PageRank)
Personalization: Your search history, location, device, and browsing behavior (the privacy killer)
Click-through rates: Which results users click on
Freshness: How recently the page was updated

The Privacy Problem in Search

Here's where traditional search becomes invasive. When you search Google:

Your IP address is logged
Your search query is stored and linked to your account/device
Cookies track you across the web
Your behavior is profiled to personalize ads
This data is cross-referenced with your other Google services (Gmail, YouTube, Android)

This creates a detailed profile of your interests, location, health concerns, financial status, political beliefs, and more. That's the data economy that funds free search.

And in order to prevent companies or even governments from taking advantage of your searches, you should use private search engines.

1. DuckDuckGo

Location: Paoli, Pennsylvania, United States

Founded: September 25, 2008

CEO/Founder: Gabriel Weinberg

Market Share: ~2% (highest among privacy engines)

DuckDuckGo is the heavyweight of private search — and for good reason. It's been my personal choice because the entire ecosystem they've built goes beyond just search.

I personally use DDG as my search-engine together with other products offered by DDG, but more on that in next posts.

How DuckDuckGo Works

Unlike many competitors, DuckDuckGo doesn't rely on a single source. Its search results come from a hybrid of over 400+ sources:

Bing API: Primary source for general web results
DuckDuckBot: DDG's own web crawler that supplements Bing results
Wolfram Alpha: For computational queries
Yahoo! Search BOSS: Historical data
Yandex: International coverage
Wikipedia: Knowledge panels

This is crucial because it means DDG isn't fully dependent on Microsoft's infrastructure. They've invested in building their own crawler (DuckDuckBot) to create partial independence.

Privacy Architecture

DDG's privacy model is straightforward:

Zero Tracking: No IP address logging, no search history storage, no user profiling
No Search Leakage: Your search query isn't passed to the websites you click on (this alone is huge)
Encryption: All connections use HTTPS, preventing ISP snooping
No Cookies for Tracking: Only essential cookies for functionality
Global Privacy Control (GPC): Auto-signals opt-out preferences to websites

Pros

✅ Largest privacy search community — best network effects

✅ Actual independence — uses own crawler + multiple sources

✅ Clean interface — no bloated UI

✅ Respectable search quality — Bing's index is solid

✅ Full ecosystem — everything integrates

✅ Open source contributions — DuckDuckHack community

✅ Transparency — clear about what they don't collect

Cons

❌ Depends on Microsoft Bing — During 2024 Bing outages, DDG stopped working

❌ Less personalized results — No history means generic suggestions

❌ Limited independent index — DuckDuckBot is supplementary, not primary

❌ Ad-supported model — Non-personalized ads still shown

❌ Search quality inconsistency — Sometimes results lag behind Google

❌ Premium required for full privacy — Basic version still has limitations

The Real Talk

DDG is solid if you want the path of least resistance. The ecosystem approach means you get privacy across multiple touchpoints. But here's the thing — it's still fundamentally dependent on Bing's infrastructure. That 2024 outage proved it.

2. StartPage

Location: The Hague (Den Haag), Netherlands

Founded: 2006

Ownership: Dutch company, part of System1 (US-listed)

Market Share: ~0.06%

StartPage is the proxy-based privacy champion. If you want to understand sophisticated privacy architecture, this one's worth studying.

The Architecture: Proxy-Based Anonymization

Here's what makes StartPage different from DDG — it uses a middleman approach:

Your Query: You search on startpage.com
Premise Servers: Locked cabinets with non-US administrators
Your IP Removed: All identifying info stripped (full IP, not just last octet)
Query to Google: Startpage's servers ask Google for results (no user info attached)
Results Returned: Google sees Startpage, not you
You Get Results: Back to your browser without tracking

This is clean. Google literally doesn't know who's searching. The encryption uses:

SSL/TLS: Secure socket layer between you and Startpage
Perfect Forward Secrecy (PFS): Each session gets unique encryption keys
HTTPS Everywhere: All connections encrypted

Why Google Results Matter

StartPage literally serves Google's search results but anonymizes your query. This is a trade-off:

Pro: You get Google-quality results (often considered the best)

Con: You're still dependent on Google's index, just with privacy wrapping

Pros

✅ Google-quality results — Best-in-class search

✅ True anonymity — Full IP removal, not partial

✅ EU jurisdiction — GDPR protections, privacy-first legislation

✅ Transparent operations — Explains technical flow clearly

✅ Anonymous View feature — Proxy browsing for extra privacy

✅ No account required — Works anonymously out of the box

✅ Endorsed by privacy experts — Edward Snowden recommends it

Cons

❌ Completely dependent on Google — No independence if Google changes

❌ Tiny market share — Niche product, limited resources

❌ Slower than direct Google — Added proxy layer = latency

❌ Limited feature set — Minimal instant answers compared to DDG

❌ Less aggressive crawler — Supplementary indexing only

❌ Owned by System1 — US company owns the parent (though Dutch HQ adds protection)

Technical Depth

The premise server setup is where the magic happens. Unlike traditional architectures, the servers are:

Physically locked in cabinets
Managed only by non-US staff (avoiding US legal jurisdiction)
Isolated from cloud providers (avoids Patriot Act issues)
Running their own anonymization pipeline

This is more robust than DDG's approach because there's no direct connection between your query and Google's servers.

3. Brave Search

Location: San Francisco, California, USA

Founded: June 2022 (beta), fully released

Parent Company: Brave Software, Inc.

Current Status: Growing, recently hit 100% independence

Brave Search is the young gun with serious ambitions. This is what a true independent index looks like.

The Independence Factor

Here's what makes Brave radical: it's building its own web index from scratch.

Aspect	Brave	DuckDuckGo	StartPage
Search Index	Own independent index	Bing (80%+) + own crawler	Google
Dependence	Minimal Big Tech	High (Microsoft)	High (Google)
Index Size	93% of results from own index	Supplementary	0%
Crawling	Brave owns the crawler	DuckDuckBot supplement	No crawling

This is huge. Brave doesn't have to negotiate with Microsoft or Google. They built their own.

How It Works

Web Crawling: Brave's crawler indexes the entire web
Independent Storage: Results stored in Brave's servers
Community Feedback: Users can upvote/downvote to improve results
Goggles: Custom ranking filters users create
No Bing/Google: Zero reliance on Big Tech indexes

Privacy By Design

Brave Search doesn't track because it wasn't built to track:

No User Profiles: Engine designed from ground-up for privacy
No Cookies: Zero tracking cookies by default
No Browsing Data: Device info not collected
No IP Logging: IP addresses not stored
Optional Web Discovery Project: Users can opt-in to help improve results (anonymously)

Innovative Features

Goggles: This is brilliant. You create custom ranking rules:
Example Goggle:

Boost scientific papers
Hide social media
Prioritize academic sources
Downrank clickbait

Others share their Goggles, creating community-curated search experiences.

Discussions: See real discussions about topics (Reddit threads, forums) integrated into results.

AI Summarizer: Generates concise answers with cited sources (not hallucination-prone like competitors).

Pros

✅ True independence — Own index, no Big Tech dependencies

✅ Private by architecture — Not bolted on as afterthought

✅ Goggles feature — Community-driven ranking customization

✅ Growing rapidly — 100M+ monthly active users (Brave browser)

✅ Excellent privacy defaults — Zero tracking, zero profiling

✅ Web Discovery Project optional — Can contribute anonymously

✅ US-based but transparent — Open about design principles

✅ Premium option — Ad-free for supporters

Cons

❌ Young search engine — Still refining result quality

❌ Different results than Google — Learning curve for power users

❌ Smaller index — 93% own index still maturing

❌ Brave browser required for best integration — Works standalone but better with ecosystem

❌ US jurisdiction — No GDPR-level protection (though privacy-first design)

The Blockchain Angle

Brave is built by people who understand decentralization. Their philosophy of "no Big Tech dependency" aligns with blockchain thinking. They're even working on integrating Web3 concepts into search (cryptocurrency tipping, decentralized indexing discussions).

4. Swisscows

Location: Egnach, Switzerland

Founded: Originally as web directory in 2002, evolved to search engine

Data Center: Swiss Alps

Unique Selling Point: Family-friendly + Swiss data protection

Swisscows is the extreme privacy option. They don't mess around.

The Switzerland Advantage

Switzerland has:

Federal Data Protection Act — Stricter than GDPR in some ways
"Bunker" Data Center — Swiss Alps location, highest security
No US Jurisdiction — Patriot Act doesn't apply
Strong banking privacy traditions — Culture of secrecy

Swisscows headquarters is in Egnach, serving this exact jurisdiction.

Technical Stack

Own Servers: Swisscows has its own infrastructure (unlike most competitors):

Located in Switzerland only
Not using cloud providers (avoids Patriot Act)
Only Swiss staff can access servers
Queries anonymized after 7 days

Search Index: Originally powered by Bing, but recently partnered with Brave to develop independent European index. This is strategic.

Privacy Features (Standard)

No data collection on free version
IP address removal
No user profiling
No cookies for tracking
Semantic search (intelligent understanding)

Swisscows Pro (Premium)

For absolute paranoia (in the good way):

Feature	What It Does
Zero Data Storage	Literally no data saved about you, ever
100% Anonymous	Complete anonymity, even from Swisscows
Ad-Free	No advertising revenue model needed
Custom Results	You curate which sources appear
Swiss Servers Only	No data leaves Switzerland

Family-Friendly Feature

Swisscows filters pornographic and violent content by default:
This is useful for:

Schools wanting safe search
Parents protecting kids
Organizations with content policies

Some see this as censorship, others appreciate it.

Pros

✅ Strictest privacy jurisdiction — Swiss law is gold standard

✅ Own servers — No cloud, no Patriot Act risk

✅ Bunker data center — Physically secure infrastructure

✅ No US parent company — Completely independent

✅ Partner with Brave — Contributing to European index independence

✅ Family-friendly filtering — Good for institutions

✅ Very transparent — Clear about what they do/don't collect

✅ Semantic search — Intelligent query understanding

Cons

❌ Tiny market share — ~0.001% usage

❌ Limited result quality — Smaller index means gaps

❌ Expensive premium — Around €89/month or €899/year

❌ Content filtering controversial — Some see it as censorship

❌ Newer to independence — Recently partnered with Brave for index

❌ Language limitations — Better for European languages

❌ Poor search features — Minimal instant answers or tools

5. Qwant

Location: Paris, France

Founded: February 2013

Founders: Jean-Manuel Rozan, Éric Léandri, Patrick Constant

Government Support: Backed by French state investment

Market Share: ~0.5% (mostly in Europe)

Qwant is France's answer to Google dominance — and it's complicated.

The French National Project

Qwant received backing from French government and Caisse des dépôts (French investment bank) because of geopolitical concerns about US tech dominance. This is interesting from a sovereignty perspective.

How It Works

Qwant uses Microsoft Bing as primary index with its own improvements:

Fetches Google results for some queries
Has own index but it's supplementary
Uses Wikipedia for knowledge panels
Integrates APIs from TripAdvisor, DeepL, YouTube, Twitter, Facebook

The results are similar to Bing because that's the underlying technology.

Privacy Model (Mostly)

Here's where it gets murky:

What Qwant Claims:

No tracking cookies
No personalized ads
No user profiling
Queries anonymized

What Actually Happens:

Sends data to Microsoft Bing Ads for ad targeting
IP address is masked (last octet removed) but not fully anonymized
User-Agent and search keywords sent to Microsoft
Data retained up to 18 months (not "never stored")
This wasn't disclosed until mid-2021, causing privacy backlash

This is the fundamental weakness. They claim privacy but still feed Microsoft your behavioral data for ad targeting. It's better than Google, but not actually private.

Unique Features

Junior Mode: Filtered version for kids (similar to Swisscows)

Collections: Save and organize search results like Pinterest

Qwant News: Aggregated news with diverse sources (actually good feature)

Translation Integration: Built-in DeepL translator for results

Pros

✅ EU/France jurisdiction — GDPR protected

✅ Government investment — Funding stability

✅ No personalized ads — Ad model isn't behavior-targeted

✅ Decent search quality — Bing is solid index

✅ News aggregation — Good for current events

✅ Junior mode — Family-friendly filtering

✅ Fast interface — Minimalist design

Cons

❌ Misleading privacy claims — Says "private" but feeds Microsoft data

❌ Bing dependent — No independence from Microsoft

❌ Data retention — 18 months storage contradicts privacy narrative

❌ Limited features — Fewer tools than Google/DDG

❌ Tiny market share — Limited resources for improvement

❌ French government ties — Some see as political tool

❌ IP masking not anonymization — Last octet removed ≠ private

❌ Unreliable history — Financial struggles, multiple pivots

The Real Problem

Qwant markets itself as private but fundamentally isn't. The Bing Ads data sharing was buried in their privacy policy. For crypto people doing sensitive research, this is a no-go. You're still being profiled, just not visibly personalized.

6. Ecosia

Location: Berlin, Germany

Founded: December 2009

Founders: Christian Kroll, Achim Steiner (UN figure)

Business Model: Non-profit, B Corp certified

Market Share: ~0.04%

Ecosia is unique because it's not primarily about privacy — it's about environmental impact. But it's worth understanding because the trade-offs are interesting.

The Mission

Ecosia uses search revenue to plant trees. 50% of profit goes to reforestation projects:

45+ million trees planted (as of 2024)
Partnerships with The Nature Conservancy, IUCN
Multiple continents: Brazil, Indonesia, Ethiopia, Peru, India
Verified impact tracking

This is legitimate environmental work, not greenwashing.

How It Works (Technically)

Ecosia uses Bing index (like DuckDuckGo and Qwant):

Powered by Microsoft Bing results
Own supplementary crawler (Ecosiabot)
Generates revenue through Bing partner ads
Takes ~€0.50 per search to tree planting

The economics: You search → Bing shows ads → Ecosia gets commission → ~50% goes to trees

Privacy Features

Here's the reality check:

What Ecosia Does Right:

No persistent user tracking
No search history storage
HTTPS encryption
No third-party profiling cookies
GDPR compliant (EU based)

Where Privacy Falls Short:

IP address logging — Stored for debugging, cleared after 7 days
Bing data sharing — Microsoft sees your searches (anonymized but still shared)
Analytics cookies — Matomo analytics (privacy-focused but still collects)
Limited anonymization — Not like StartPage's full proxy approach

Ecosia is more private than Google but less private than DuckDuckGo/StartPage.

Environmental Breakdown

Initiative	Details
Tree Planting	45M+ trees in 70+ countries
Carbon Negative	Offsets more CO2 than servers emit
B Corp Certified	Independent third-party verified
Transparent Reporting	Monthly impact dashboard public
Partnership Model	Works with local organizations

The tree count is audited. They show exact locations, coordinates, photos. This is serious environmental work.

Pros

✅ Environmental impact verified — Real trees, real numbers

✅ Decent privacy — Better than Google, not as strict as DDG

✅ B Corp certified — Independent auditing of social mission

✅ Reasonable search quality — Bing index is solid

✅ Transparent financials — Public impact reports

✅ EU jurisdiction — GDPR protection

✅ Growing adoption — ~15M monthly active users

✅ Mission-driven team — Passionate about environment

Cons

❌ Privacy not primary focus — IP logging, Bing data sharing

❌ Bing dependent — No search independence

❌ Effectiveness questioned — Tree planting ROI debated

❌ Limited instant answers — Fewer tools than Google/DDG

❌ Smaller index — Result quality gaps on niche queries

❌ Free version slower — Premium for faster results (weird model)

❌ Can't verify tree quality — Planting numbers public, survival rates less so

❌ Ad-supported — Still needs advertising revenue

The Trade-Off Philosophy

Ecosia explicitly says: "Choose environmental impact over maximum privacy"

This is honest. If your primary concern is privacy, use DuckDuckGo or StartPage. If you want to offset carbon while searching reasonably privately, Ecosia makes sense.

Comparison Matrix

Engine	Privacy Tier	Independence	Speed	Search Quality	Jurisdiction	Best For
DuckDuckGo	Excellent	Medium (Bing+own)	Fast	Very Good	USA	General use, ecosystem
StartPage	Extreme	Low (Google proxy)	Medium	Excellent	Netherlands	Google quality + privacy
Brave	Excellent	High (own index)	Fast	Good/Improving	USA	Independence-focused
Swisscows	Extreme	High (own infra)	Fast	Fair	Switzerland	Absolute privacy, bunker
Qwant	Fair (misleading)	Low (Bing)	Fast	Good	France	EU users, news
Ecosia	Good	Low (Bing)	Medium	Good	Germany	Environmental impact

Summary

Online Privacy is not like a road from Point A to B. It's a rather a multi-layer process, that if taken seriously and applied correctly, can benefit you and your environment by liberating you from big-tech, government surveillance.

This is a way I would envision privacy. Btw, the Penguin is probably the Linux one :D

I hope you enjoyed this article and you learnt something from it. I honestly have spent hours on reading, fact checking, researching, comprehending and editing the text so that not only me but also you could understand it.

Be ready for Part 2 ! Where I will present couple of alternatives for Mail Providers and Messengers for you, so that you can switch from the big-tech ones to more private ones.

From Zero To Crypto Hero (Week 5) - BIG CHANGES !

Luftie The Anonymous — Sun, 05 Apr 2026 01:35:20 +0000

Hi Dev.to Community !

As a weekly habit I decided to post an update on what I actually did recently and there are actually some changes to be announced.

But before the main part, I would like to wish you all happy easter out there, hope you do not grind and touch grass in this time and you're afk, same as here me and other fellow dinos !

_Btw. There should be easter, not eastern. It's because of german word Ostern, I have primarily mismatched the words. And even after request to corrrect the text, it remained the same. 😅
_

I wish you that you charge your batteries and after easter, you'll be rested out and ready for challenges and difficulties. I know that it's easier said then done, but belief dies at last.

Introduction

This week I have been doing a lot of research for an article I write on privacy-tools and privacy in general. What I mean by tools is actually a set of a lot of digital-world/IT world elements like OS, VPNs, Marketplaces, almost everything, that I use and I prepare a list of tools, I recommend.

I decided that for reliable tech-journalism, I also have to test out one of the other most popular phone OS, that cares about privacy, besides the one I'm using, so it will take time to write.

How is PokeStake doing ?

As you could see there have been couple of changes committed, most of them were mostly minor, but I actually fixed one important bug that was inside my code. Namely it was about real-time updates on frontend, it was working fine, until some time and afterwards the page crashed i.e. both players were not able to utilize their turn.

Luckily I reminded myself on useEffectEvent-hook, which basically enables you to prevent useEffect from unnecessary calls, due to it's dependency. Here's a video I recommend to see if someone does not like reading docs 😂

Now after the change the battle is working greatly, the only things now to be implemented are handling reconnections, fixing frontend bugs, handling proper display of the winner state and looser state e.g. If user leaves when the battle started already, timeout of turn. Next up there are plans to implement the rewarding-system with implementation of ZKProofs by means of Noir language, so that the contract instead of getting the data of the battle and based on it verify and grant user the reward, user could pass a hash of the battle-data and verify soundness onchain, so that the minimal anonymity is reached (that are for now just plans, but I look forward to do it).

Not everything went as planed...

It might sound, that it's almost nothing however it's good to bear in mind that I have an allergy, which occurs in the time of end of March - April and I actually got the symptoms and literally I used 2 toilet-paper rolls (not to jerk off, perverts) to blow my nose basically. It feels tough to focus and code, but somehow I manage it. So may future bring better health condition soon.

Aside from coding

I participated recently also in Hashlock online networking-event, where I got acquainted with 2 cool devy mates, whom I reckon I can
learn a lot from.

For context, Hashlock is a comapany that offers to web3 projects the security-audits, while they also host events either online or offline around the world.

Shout out to Fletcher Roberts, who invited me on the meeting ❤️

What are the impending changes ?!

Now everyone might wonder, what are the changes about that I want to announce and and label them as BIG. Before I start, I have say that I really enjoy reading and writing technical articles, coz in such way I learn from others experience, what actually can decrease the occurance of the same situation in my case.

However, weekly updates are for me kind of tough to be handled I realised. I could just ChAd-jIpiDi everything given my description, but it would take the entire joy from the process of writing. Because you have to know, that every line, every word, letter, embedding, video, has been done by me personally. And writing it is really time consuming.

Thus I decided, to temporarily cease postage of the series "From Zero To Crypto Hero", and I will hopefully come back to it later, and restart it as I finally start with actual cryptography and blockchain development/architecture.

Another big change, that I wanted to announce is that I'd rather post less, but more valuable content, I guess bi-weekly or monthly posts would be manageable with what I want perform. I currently work on an extensive article that covers a lot about digital privacy-extending tools to use, and it's gonna be really long and reliable, but I need time to do it, and recently I fell like frog hopping from a lilly-pad onto another one and another one. Something like that:

So the announcement sounds, that this month it's likely not to be any posts because weekly updates turned out to be for me a bit of burden and too short period of time to do a significant change to my devy process for now and also the I will have a lot of private matters to be resolved this month.

Summary

Temporary cease of posting for a month and change of content and series of "From Zero To Crypto Hero". Switch from weekly updates, to bi-weekly or monthly mode. Less frequent posts, but more value in posts, more to infer and learn.

That's all from my side for today, wish you all the best and take care !

Cheerio, Luftie :D

From Zero to Crypto Hero (Week 4) - Week of Break from Coding and Big Regret

Luftie The Anonymous — Mon, 30 Mar 2026 21:39:02 +0000

Hello Dev.to Community

This time I'm writing the article one day later, as I usually kept to push the updates to appear regularly on sunday. Well today is monday, so I guess it's not a big deal 😅 (Especially coz mostly my posts do not make big outreach). Anyways, promise is a promise, thus I upload this tiny update on my work.

Are you ready ? Let's go !

Introduction

So if I said, that I took break from coding, it means I've been buggering around, doing nothing and I just post it to just keep the streak ? Well technically correct :D

Thanks for reading, I hope you enjoyed this part, don't forget to hit a like or some other cool emoji and till next time. See ya !

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

Ok, I was joking 🤣. If you're still here to read further, congrats your curiosity is out of space 🚀.

This week perhaps was not filled a lot of with coding/programming whatsoever. But for sure it was not boring or completely wasted time.

So what have I been doing throughout this week ?

Let's start with the fact, that I've been 3 days out and about in Warsaw on the conference Next Block Expo, specially devoted to cryptocurrencies but discussed from financial angle. I have shared more of my views on the event in that article (If you're interested go on and read it)

Luftie The Anonymous

Mar 27

My Experiences from NBX and Privacy Hell For Crypto....

#discuss #web3 #event #blockchain

Comments 1

5 min read

As I reached my home-town and woke-up the next day, I honestly felt as though someone would have completely stolen my batteries🪫

In general, I liked the event from the point of view, that there were more projects that were genuinely interesting me than on the last edition, however here are yet couple of inferences that came into my mind. Not only about

Inferences

I'm not a fan of big cities

I know in previous article I have written, that I do not like big cities, but that was very general statement. I've written in the article that I hate big cities, I forgot to add that at least in Poland, but more on that later.

Before I start let's define what is a big city (at least for me) ? A big city at least for me is a agglomeration in which live 500k+ people (incld. commute-workers + students).

Although I personally do not live in some hicksville, I used to say so about place where I live. Warsaw felt for me like rotten, toxic and fake. I felt more endangered than even in Berlin tbh, whereas Berlin got the most unliked city in my hierarchy.

And additionally the air-conditions in Warsaw seemed awful to me (However I'm kind of over-sensitive in this case, so I might be biased). I mean indeed, the centre, accompanied by skyscrapers is looking nice and the most popular places are impressive, but for me it was enough to see how the city looks like 2/4/6 km away from the highlight-spots, to realise that Warsaw's beauty is only marketing (as always lol).

It's actually quite common in Poland, but I guess every city has it's issues, regardless of the country. I remember back 2023, as I gone for my first ever solo-trip to Manchester, England. I've been there for about 4 days, back then I really didn't experience something that would be hideous in some way, except a hobo, who pissed on a wall while I've been walking through the city, seeking a place to purchase a ticket for public-transport.

I admire always England for their infrastructure and architecture, when it comes to metropolis like Greater Manchester. I always laughed that Manchester is smaller than my city, but then I realised that the cities fade between each other and I remember that I could not realise if I'm in Salford/Trafford or Manchester. So were my experiences at least.

The World is centralized, not by government, by technology:

Sorry, I had no clue how to name this inference lol. I want to tell about my experience in Warsaw that indeed, was very mixed because I had kind of emergency situation. I haven't taken the phone-charger to my phone, although before leaving the house I had been plugging in the power-bank to pack it into backpack.

Unfortunately both power-bank and charger have been left at home by the time of my departure. Unluckily, my phone's battery's level was decreasing rapidly, like never before.

And I was looking for place where to purchase a charger and I had impression that almost everything is against me. Suddenly some arab-guy and afterwards a hobo wanted to scrounge money from me and as I gone to the mall by bus, there was some shady-guy following me weirdly as though he wanted to pick-pocket me or something, he resigned after I have shown him a pepper-spray in my hand, not having even made an eye-contact with that guy.

I gone to a first mall and the charger cheapest charger was 100 PLN, it was Media-Markt shop. I asked the assistant, if can help me choose some cheap charger, and shockingly he advised me to go to the mall on the other side of the street to buy a charger in a supermarket.

The price there ? 18.50 PLN (for cable and the charger-cube) ! Whereas the cable at Media-Markt its-self was 79 PLN ! Can you comprehend it ? There is more 500% spread between price in special IT-RTV-AGD Shop and Super-market. It just blew my mind, honestly speaking and would never say it was reality.

I almost burst in tears when I have experienced the vibration of my phone going out of battery and me being not even with knowledge, where to purchase a charger.

What I meant by centralisation is that everything nowadays is heavily based on electronics and current/electricity. Perhaps that's another problem to be solved, huh ? I know it's my fault in the end of the days, that I hadn't taken the charger 😅. I do not seek for excuses.

Small events > Big events: I reckon smaller events that are highly technical or devoted specifically for specific topic, are better than big events, where there are a lot of people. Big events tend to be more general and kind of discombobulating, as there are so many people talking to each other one has an impression to be a weirdo, not having talked to anyone.

Big events have also a flaw, that there is very intrusive and pressure-full marketing done and on one day you can buy the same ticket for 65$ and the next day you can have 2 tickets in the same price, which is annoying. Smaller events often have stable price of the event-ticket, which I find a great solution, even if for someone it out of budget.

However for sure good things about big-events is bigger amount of projects and companies to be approached and talked to, to know what services are nowadays offered on the market.

And therefore, the amount of stickers is also greater :D Here's the new layout/design of my laptop. Hope you like it 😁

Whereas smaller events like for sure Monero Konferenco could be such event......

Unfortunately, I guess I will not be able to get to the event, due to the financial circumstances on my own. Now, I've an impression as though I wasted my money on NBX to be honest, although there are visible benefits from that event.

I really would love to visit Monero Konferenco this year's edition (even though it's in Warsaw). This event is going to be technical and specific, something I had dreamt about and could not find so specifically. It sounds it's not going to be sort of scattered gibberish about financial matters.

Don't get me wrong, finances are super-important field of human-life, but when it comes to such events, it ends up on artificially looking for me severe talks about the future, another 101 sessions instead of bringing some more medium-advanced/advanced knowledge so people can develop.

And unfortunately a lot of speakers in my eyes are just dreams-sellers and are excluded from reality, pushing from the stage some truisms about hard-work, persistence, everything everyone knows about. But in the end of the days, everyone has to deal with their own issues and do everything what they can in their scale to solve them, not in the speaker's scale.

Furthermore, I do not preach that big-events, are bad and you should not attend them. No I just present the trade-offs of both types of events. Both have pros and cons, that should be basically taken into a count and should be treated separately and not as a comparing-pair.

I have to confess, even though there were projects that interested me like Gen6, Relocatify or Sealed. Most of the projects were already about combining Tradfi with Defi. Speaking outspoken, that hurts. Cryptocurrencies were the hope, which were about to turn the way we understand finances and the way we pay. Unfortunately, it seems that cryptocurrencies become only an asset instead of what their real purpose was. It seems crypto became alternative and is not going to become a payment-system. At least not in next 5/10 years, I suppose.

That doesn't mean however that I stopped being engaged in cryptocurrencies and blockchain. No, I just know that I'm just likely to build a very niche product if I were to build a private-blockchain and it will not be something that institutions would put money into (Which I actually would not like them to do).

We saw how big pump was on ZTrash (ZCash) and even bigger dump occured, only to pump the narrative and take the money from naive people, who blindly believed in privacy-turn. Unless markets are controlled by big whales, that operate in fiat, psychotically indulge theirself in seeing wars and blood of other innocent people, and understand only money-language, no change in financial-system is about to occur, and people will exist, so long will the markets be manipulated.

Resign from my privacy standard was a failure - On NBX, I came to a conclusion, not to cover my face as I usually do in public and not only. I did it for common convenience and not to trigger controversies among people there (usually a covered face is associated mostly with criminals, than carrying about privacy). Also as I got to the venue, it turned out light was shit and the air was slightly humid for me, so I could suffocate in the mask and could basically fall on someone or cause damage while walking, if I had my glasses on.

Also I gone there with an attitude that, if I don't show my face in social media anywhere, so I will not be recognisable by anyone (Previously I used to post my images in a mask online).

Big events have their flaw also that there are basically cameras everywhere, everyone is recording something and I genuinely felt, when I was just resting after networking as though someone would basically put the camera right into my face. Whereas MoneroKonferenco seems to be a really private arrangement. They have even their Photo Policy, which sound like:

Ask before snapping, all persons in a photo/video must have explicitly given consent to be photographed/recorded. As such, please avoid taking photos/video of large crowds, audience, or workshop participants.

Don't get me wrong, I'm not saying those all fluffy stuff about that conference, trying to scrounge money from you guys or something, no.

Rather just express my genuine willingness to appear, there though given my financial situation I know it will be tough. I will not create a fund-raising for a trip to Warsaw specifically for Monero-Konferenco, if I cannot even give you anything in exchange.

One option would be to go and work there as an volunteer, as they get the ticket for free. Which sounds as an interesting experience in my opinion, we will see if the event will fit my schedule or not.

People on the big-events: I was surprised, when I saw people who have less knowledge about cryptocurrencies than I have, are younger than me, and make money in this industry, whereas I, not being fake-modest have a quite big knowledge on cryptocurrencies both from financial and technical point of view and haven't made a single penny.

I do not complain or say I'm worse, just assert the facts that some people make money faster.

Candidly, I'm more looking on events for connecting with devs and people who build and also people who worked on projects already, than financial or businessman connection.

I decided to resign from hackathon participation

Given the fact that my financial struggle nowadays and my experience from trips, I decided not to participate in ETHSilesia hackathon, that I intended to.

Apparently everything seemed to fit in time perfectly, but the budget doesn't lie and I cannot pump it somehow out of nowhere. My investments currently are 60% down, and I will not resolve the loss.

Hence, I decided to devote this time to implement solid gameplay feature with reward system based on ZKP (likely to be implemented with Noir).

Was there something technical, that I've done ?

Obviously !

I have tested for the first time Quebes OS in VirtualBox env.
I watched couple of youtube videos from a guy called Reject Convenience and his second channel where they show discrepancies in Proton narrative and their actual state. And that intrigued me even more to read privacy policies (spoiler Dev.to has no better pplcy than other social media platforms). They openly state to sell and share data with their business partners or sponsors. But, what can I do ?

And ofc, a Week without going is lost week though :D (Don't take it literally). On Sunday/Monday I started implementing the gameplay functionality with socket.io and was fixing the bugs with the actual frontend code in my Pokestake project, that I work on.

You can see above the mechanism, that the connection between two players, has been successfully estabilished.

If you have some suggestions, feel free to visit my repos and create an issue with your suggestion :D If you see some bug or see a way to make code more efficient, also feel free to post an issue

Frontend

LuftieTheAnonymous / PokeStake-Dapp

A Pokemon themed staking protocol with usage of Chainlink VRF

PokeStake 🎴⛓️

A decentralized staking protocol where you can lock Pokemon cards and draw random rewards daily. Built on-chain with verifiable randomness and IPFS storage.

Overview

PokeStake is a Web3 staking protocol that lets users stake Pokemon cards and participate in daily random draws. Each day, stakers can claim a random card from the pool—powered by Chainlink VRF for cryptographically secure randomness and Pinata for decentralized card metadata storage.

Tech Stack

Technology	Purpose	Version
Next.js	Frontend framework & API routes	Latest
TypeScript	Type-safe development	Latest
Solidity	Smart contract logic	^0.8.0
Foundry	Smart contract development & testing	Latest
RainbowKit	Wallet connection & UI	Latest
Wagmi	Ethereum hooks & contract interaction	Latest
TanStack Query	Server state management	Latest
Chainlink VRF	Verifiable randomness	v2
Pinata SDK	IPFS pinning & card metadata	Latest

Features

🎴 Stake Pokemon Cards - Lock your cards into the protocol
🎰 Daily Random Draws - Once per day, draw…

View on GitHub

Smart-Contracts

LuftieTheAnonymous / PokeStake_Protocol

A Staking protocol with usage of Chainlink VRF for drawing a random pokemon Card

Foundry

Foundry is a blazing fast, portable and modular toolkit for Ethereum application development written in Rust.

Foundry consists of:

Forge: Ethereum testing framework (like Truffle, Hardhat and DappTools).
Cast: Swiss army knife for interacting with EVM smart contracts, sending transactions and getting chain data.
Anvil: Local Ethereum node, akin to Ganache, Hardhat Network.
Chisel: Fast, utilitarian, and verbose solidity REPL.

Documentation

https://book.getfoundry.sh/

Usage

Build

$ forge build

Test

$ forge test

Format

$ forge fmt

Gas Snapshots

$ forge snapshot

Anvil

$ anvil

Deploy

$ forge script script/Counter.s.sol:CounterScript --rpc-url <your_rpc_url> --private-key <your_private_key>

Cast

$ cast <subcommand>

Help

$ forge --help
$ anvil --help
$ cast --help

View on GitHub

Backend Code

LuftieTheAnonymous / pokestake-backend

Robust server-side gaming component powering the Pokestake web3 ecosystem

pokestake-backend

📑 Table of Contents

📝 Description

Pokestake-backend is the robust server-side engine powering the Pokestake web3 ecosystem. Leveraging the high performance of Express.js and the strict type safety of TypeScript, this project provides a scalable and secure infrastructure to handle core application logic and seamless API integrations. It is designed to offer a reliable and efficient backend solution for Pokémon-themed web3 project, ensuring a smooth experience for end-users.

✨ Features

🎮 Pokemon Battle Gameplay Handling
📡 Event Driven Blockchain State Mirroring

🛠️ Tech Stack

🚀 Express.js
📜 TypeScript
🔃 Socket.io
🏎️ Redis
Ether.js
Mongoose/MongoDB

⚡ Quick Start

# Clone the repository
git clone https://github.com/LuftieTheAnonymous/pokestake-backend.git

# Install dependencies
npm install

# Start development server
npm run dev

📦 Key Dependencies

@types/express: ^5.0.6
@types/socket.io: ^3.0.2
eiows: ^8.2.0
express: ^5.2.1
redis: ^5.11.0
socket.io: ^4.8.3
tsc: ^2.0.4
tsx:

…

View on GitHub

How have you been doing ?

What were you up to in recent week ? Some event attended ? Some side-project done ? Some wins ? Some failures ? Let me know down in the comments, hope you reading enjoyed the article (I have edited and written it about 7 hours).

Cheers for reaching until the end, Luftie

My Experiences from NBX and Privacy Hell For Crypto....

Luftie The Anonymous — Fri, 27 Mar 2026 19:21:00 +0000

Hello Dev.to Community !

It's been a while since my recent post on the platform. Today I would like to share with you my experience from NBX (Next Block Expo) event, that was organized in Warsaw, Poland. Although this post will not be filled so much with technical or programming knowledge, I just want to share my view on the conference, from my perspective and couple of thoughts that came into my mind.

Introduction

First, let's define what Next Block Expo is ? NBX or Next Block Expo is an cryptocurrency-focused event, where all sorts of people from blockchain-technology gather in one place, where there are lectures for newbies or also more advanced market-participants, projects present their product and many more. And by having said all sorts of people, I mean literally ALL SORTS OF PEOPLE, from investors, businessmen/women, CEOs, Journalists, and even politicians through software-devs, people that have no clue what blockchain actually is, scammers, moon-boiz, marketing guys to companies that had their stands at the event.

What companies/projects where at the event ?

It actually needs to be pointed out, that this NBX-edition was combined together with an AI-Summit event, although there were only a couple of companies, having their stands that were focused on AI particularly, and not being an "AI-company" only because they added an tranding OpenClaw-Bot to aid customer's portfolio.

A lot of the stands were either belonging to B2B-focused companies that help businesses to implement crypto-payments, offering immediate-conversion from crypto to fiat-transfers, off-ramp and on-ramp and this sort of stuff, or exchanges there were BingX, Bybit, ZondaCrypto, Kanga Exchange.

Besides that, what really has thrilled me, is that there were 4 companies or projects that I kept eye on, that were in some-sense delivering or willing to deliver privacy-extending product or they care about privacy.

I will list them out shortly:

Relocatify - A company that provides help while opening a bank account in Cambodia and purchase of an real-estate in Cambodia. Why Cambodia is somehow related to privacy ? It's because they do not have KYC once you want to purchase/sell crypto.

Their financial system is outside of the CRS-system, so they do not report your financial activity. Does it sound like a safe-heaven for criminals ? Well technically yes, but remember criminals were/are/and unfortunately will exist everywhere but will use different methods for their operation.

For me living in EU, where surveillance grows and privacy already seems as a luxury and one needs to fight for it, usually with miserable outcome.

Sealed - A private messenger, that is using Falcon as key-signature algorithm, that provides quantum-resistant. It's still developing and I had an opportunity to test-out the MVP.
For now it's going to be supporting only text-messages, but the founders say, that they work on implementing features that support images and documents. The messages will be safely stored on blockchain. The blockchain they are going to use is Algorand.
Gen6 - It's a blockchain that already has it's collective of Dapps like NCrypt, a private messenger (does not store messages on blockchain and is free to use). There is also RealSeal signs and timestamps your work on-chain. Gen6 Me Identity as an alternative to linktree, but on-chain. And many other products.
Neti - A company that is actually all into blockchain and privacy. They are those guys, who can manage everything from tokenization, ZK-Proofs, Privacy tools to Building a Blockchain from ground up. I asked if they have any intern-program and the lady I talked to, has said that it's limited but they are about to organize hackathons and blockchain-dev community.

My View on freedom and privacy in Europe and Cryptocurrencies in Europe

Although I talked to a lot of cool people from the industry, collected a lot of merch as you can see on the pictures:

Then one thing is certain for me. When it comes to Europe, privacy of your financial-matters, does not already exist in Europe. And there is no sign of hope to change this trend, as surveillance will only grow and grow in this region, together with stupid regulations taking away your freedom.

The privacy for cryptocurrencies in Europe is gone, because every for transaction even in ATM or in Exchange-Points, will require from you to go through KYC, which I personally hate and find it only as a part of mass-surveillance.

It's actually for me disastrous to see, how cryptocurrencies from technology that was about to threaten the entire monetary system and became only an assets or alternative form of payment.

I think this image explains everything, better than anyone would.

My Personal Experiences

To the event its-self, I'd say I'm disappointed, this time organizers have decided to care more about quantity and not quality of the event, although indeed there were cool projects, this event seemed as a ghost-town for me and the venue was for me not as intuitive as previous one.

The organizers indeed announce a big success, on the event there were more than 2500 people. But the venue for me was a shot in the foot, because of the amount of free space and the actual design of the halls.

I realized also, there is not so much to learn for me from the panels or lectures, but that's was obvious to me and tremendously outraged when one of the organizer in the interview said, that those speeches, panels are rather as an add-on and more it's focused for businesses to be a gateway for new connections and so on.

Is it good ? Is it bad ? I guess as always, depends on the personal perspective. I also did not really like the fact that there has been a separate event for people who speak Ukrainian or Russian.

Don't get me wrong, I do not have anything against any nation, I don't care where are you from and what is your skin color, though organizing an separated event solely for certain language-speaking people, this is for a cause that splits people and separates from each other.

Conclusion: I do not like big places e.g. halls and non-technical talks. It was my last NBX-event attended and will look definitely look for technical events or those that are within my field of interest. So cryptography, privacy, blockchain and cybersecurity.

What about you ?

What have you guys been up to recently ? Have you been building some project or have you been doing something else ? Let me know down in the comments and feel free to share your opinion on any part of my article.

Cheers for reading, till next one :D

From Zero To Crypto Hero (Week 3) - Further Work on Web3 Pokemon Project

Luftie The Anonymous — Sun, 22 Mar 2026 09:21:49 +0000

Hello Dev.to Community !

It's almost a month as I have started writing articles on Dev.to. Candidly speaking it's a mesmerising, how much fun and knowledge can writing and reading articles bring to ones life. And I want to express my gratefulness to all of my readers until now.

⚠️ WARNING: Next couple of paragraphs will not be related to coding and my week effort's specifically. If you want the gritty details, scroll down to Introduction section.

Ofc there is a jeopardy that I might be feeding a infinitely hungry dragon called "AI" with the data about my efforts and daily workflow and I might be targeted by the ads.

However...... SCREW THAT, coz as I mentioned in my post about AI (Although there were mentioned more topics from AI 🦾 to React and homo-sapiens species root of behaviour 🦍).

Luftie The Anonymous

Feb 27

My Take On AI and Technology (Besides the Pure Developer PoV)

#discuss #ai #future #machinelearning

Comments 6

7 min read

Humanity seems already to be at the verge of its existence, given the blazingly fast changes in the world, all of unsettling occurances, that it's tough to catch up with.

Tech CEOs (for me those are dumb assholes, not from the intellectual side, rather what they say publicly and how they influent others) and media spreading fear and uncertainty, willing you only to watch another clickbait video under label of "geopolitics", "development" across all of the people,only to get money for ads, simultaneously killing ambitions and eagerness to grow.

And in the end you've got linkedin posters (which are managed likely by an agent, given the quality of those posts) and triggering me to puke with rainbow on them all.

So, imo it's high-key better to have an attitude as though world would end up tomorrow, than caring about when will the next bomb blow in Iran and what causes will it bring to all of us at all.

Answering however finally why SCREW THAT, and isn't it self-hypocrisy, as I used to define myself as privacy first ? Well not really, I genuinely like the way it's been described in Cypherpunk Manifesto by Eric Hughes

Privacy is not secrecy. A private matter is something one doesn’t want the whole world to know, but a secret matter is something one doesn’t want anybody to know. Privacy is the power to selectively reveal oneself to the world.

And thus I do not expose it to the entire world per se, coz my post will likely have less than 25 views and 2 likes from people I met on dev.to, 5 likes from me and that's it.

Introduction

Ok, enough of general prattling and I hope you didn't leave me at this time (Thank you :D) and perhaps I managed to bring you laugh. Let's go into nitty-gritty details.

What have I been doing actually ?

As you might know I'm still working on my web3 pokemon-themed protocol or should I call it ecosystem, because it already has a mechanism for random card drawing ability 1 per day for each user, staking protocol for the cards, marketplace and yet in-build but there will be a pokemon battle mode, based on socket.io.

All of the sudden, getting rid of the most mundane part of coding for me throughout those years, which was designing and frontend UI-building, allowed my brain to fall back onto an idea to implement ZKP (Zero-Knowledge Proofs) to this project for Pokemon Trades, like e.g. users want to swap Pokemon with each other and there could be a proof that a user has the pokemon without a need to reveal it to the actual 3rd party.

Here you have links to particular parts of my project:

Smart-Contracts

LuftieTheAnonymous / PokeStake_Protocol

A Staking protocol with usage of Chainlink VRF for drawing a random pokemon Card

Foundry

Foundry is a blazing fast, portable and modular toolkit for Ethereum application development written in Rust.

Foundry consists of:

Forge: Ethereum testing framework (like Truffle, Hardhat and DappTools).
Cast: Swiss army knife for interacting with EVM smart contracts, sending transactions and getting chain data.
Anvil: Local Ethereum node, akin to Ganache, Hardhat Network.
Chisel: Fast, utilitarian, and verbose solidity REPL.

Documentation

https://book.getfoundry.sh/

Usage

Build

$ forge build

Test

$ forge test

Format

$ forge fmt

Gas Snapshots

$ forge snapshot

Anvil

$ anvil

Deploy

$ forge script script/Counter.s.sol:CounterScript --rpc-url <your_rpc_url> --private-key <your_private_key>

Cast

$ cast <subcommand>

Help

$ forge --help
$ anvil --help
$ cast --help

View on GitHub

Web-app

LuftieTheAnonymous / PokeStake-Dapp

A Pokemon themed staking protocol with usage of Chainlink VRF

PokeStake 🎴⛓️

A decentralized staking protocol where you can lock Pokemon cards and draw random rewards daily. Built on-chain with verifiable randomness and IPFS storage.

Overview

Tech Stack

Technology	Purpose	Version
Next.js	Frontend framework & API routes	Latest
TypeScript	Type-safe development	Latest
Solidity	Smart contract logic	^0.8.0
Foundry	Smart contract development & testing	Latest
RainbowKit	Wallet connection & UI	Latest
Wagmi	Ethereum hooks & contract interaction	Latest
TanStack Query	Server state management	Latest
Chainlink VRF	Verifiable randomness	v2
Pinata SDK	IPFS pinning & card metadata	Latest

Features

🎴 Stake Pokemon Cards - Lock your cards into the protocol
🎰 Daily Random Draws - Once per day, draw…

View on GitHub

Backend

LuftieTheAnonymous / pokestake-backend

Robust server-side gaming component powering the Pokestake web3 ecosystem

pokestake-backend

📑 Table of Contents

📝 Description

✨ Features

🎮 Pokemon Battle Gameplay Handling
📡 Event Driven Blockchain State Mirroring

🛠️ Tech Stack

🚀 Express.js
📜 TypeScript
🔃 Socket.io
🏎️ Redis
Ether.js
Mongoose/MongoDB

⚡ Quick Start

# Clone the repository
git clone https://github.com/LuftieTheAnonymous/pokestake-backend.git

# Install dependencies
npm install

# Start development server
npm run dev

📦 Key Dependencies

@types/express: ^5.0.6
@types/socket.io: ^3.0.2
eiows: ^8.2.0
express: ^5.2.1
redis: ^5.11.0
socket.io: ^4.8.3
tsc: ^2.0.4
tsx:

…

View on GitHub

This week I focused on handling the UI display of the onchain data to the user, with error and loading states, improving the smart-contract tests and implementing the marketplace. The tests had to be conducted from scratch because there's been some issues with the initial code split I approached to build.

I also finally grasped how socket.io works, I had huge issue with understanding it and was having mind-fuck after mind-fuck, whenever I approached to learn it. But I guess many factors have impacted the fact I was not able to learn it, nevermind.

I visited this week also the university, that I'm likely to be a student of, here a link to the post with my impressions and a bit of linux-propaganda :D

Luftie The Anonymous

Mar 19

My Impressions on the Uni Open Day

#discuss #learning #programming #career

Comments

3 min read

I will not lie, that I would really like to integrate ZK into this project, however I also know that 17th of April is incoming with giant steps and I have to be ready to select a project I want to build and no theme has been announced yet. Thus I decided to build the project as long as the theme is not announced.

Current focus

Pokestake PVP mode implementation with socket.io with ability to win some SNORLIEs (in-app token)
Keeping an eye on the theme announcement for the ETHSilesia Hackathon and drafting a plan on what to build as a project on the hackathon.

Honestly I also have to say, that this project is by far the most engaging and perhaps not the most complex in terms of logic, but in case of tools you though. And it's weird that all of that happens, all of those experiences are emerging while I decided to leave web-dev and smart-contracts to delve into cryptography and so will it be.

How about your week ?

Feel free to share how has your week been going and share it in the comments ?

Cheerio, your Luftie !

[Boost]

Luftie The Anonymous — Sat, 21 Mar 2026 05:55:27 +0000

Daan Acohen

Mar 20

Windows Servers Are a Cryptographic Liability: Entire Countries Can Be Left Exposed to Quantum Attacks

#webdev #programming #security #openssl

Comments

4 min read

My Impressions on the Uni Open Day

Luftie The Anonymous — Thu, 19 Mar 2026 14:44:03 +0000

Hello Dev.to Community

Today I got a quite special article to you because I'm about to tell you what are my impressions on the university's open day I'd pleasure to attend.

You're ready ? Let's go !

This article is not an paid-article or advertisement for the university, it's just an expression of my own experiences after such event.

Introduction

Firstly let's establish where the heck have I been to ? So I've attended the open-day at the IT-Faculty of ZUT (pl. Zachodniopomorski Uniwersytet Technologiczny), in english West-Pomeranian Technological University, placed in Szczecin.

The open-day consisted of walk-around tour, where I and other visitors visited 3 Laboratories. One, where there was a car drive simulator and visitors got the opportunity to try driving a car simulator experiencing what's called immersion.

Then we headed over to the basement-part (No they haven't wanted to show us kittens), rather the embedded-systems lab and the studio where there can occur a voice manipulation and prove that IT is not only about strictly profit-maximalization focused software for analysis or other tasks. But also about things like voice manipulation, voice recognition ect.

Below you can see some from the labs mentioned:

Image 1: Car Simulator Lab

Image 2: Machine which prints elements on the board needed for a component's circuit

Image 3: PC with a special device to manipulate the sound (I cannot name)

As the labs we directed to the game-dev student research club lab, where we have been given the opportunity to play a game that students have done during their internal game-jam event.
And finally, the most awaited part of the entire open-day was about to start, the lecture about voice conversion, meaning how the voice is actually understood by the machine.

BUT UNEXPECTEDLY

The beautiful and flawless day had to be interrupted by shitty Microsoft SpywareOS by other called "Windows", which had either to debug or update, I don't remember already. And that's a great reasons for the uni-principals or heads of the university to start considering switching uni-PCs to Linux ;D (Half Joke, Half Truth).

Therefore the Lecture was shortened and fully conducted. However I did manage to catch the terminology and the overall grasp of how the voice is actually converted to numbers and also why sometimes PCs or electronical devices do not understand what we tell to them.

Image one with explanation and visualisation, what Sound pressure (Ciśnienie akustyczne) is.

Slide with defintion of Phoneme and visualisation.

It's been really interesting and I have written some of the key-words where I could expand my knowledge on voice manipulation and general voice-machine work.

After the lecture, there was also a possibility to get some university's merch or even win something, if a valid answer on drawn question was valid. I actually was successful with answering the question and I won a bag of the faculty, which really fits my office colours.

Summary

Overall, the event was a satisfying introduction to the student although it were only 2 hours. I'm high-key disappointed, that the lecture had to be sped up and some slides were just flashed over. In general, I give in US-grade-scale A- as an encouragement to switch to Linux and perhaps prepare and check the work of presentation before the lecture :D

I'm looking forward to become a student at the uni to learn as well as share knowledge I gained throughout my journey with IT.

Are you a real dev or just a coder ? Go and read this article.

Luftie The Anonymous — Sun, 15 Mar 2026 20:41:48 +0000

Konark Sharma

Mar 15

Are You Really a Developer? The Mindset That Matters More Than Code

#discuss #webdev #career #learning

Comments 9

5 min read

From Zero To Crypto-Hero - (Week 2) A Dream Came True...

Luftie The Anonymous — Sat, 14 Mar 2026 22:50:22 +0000

Hello Dev.to Community !

This week, I would like to share with you, what I've built throughout last 7 days, what I learned, discovered and what happened by me in general as well. There will be some project, some crypto-geekish teasers, perhaps something more 😉...

Interested ? Let's fucking go 💥

Introduction

As I announced in recent week, I decided to focus for now until the hackathon-time on web3, web-dev and building some small-projects to test myself for the farewell hackathon :D And build under time-pressure.

Well I didn't fit the time I expected to. But at least I built in a bit of cool features into the dapp, that I built.

But what have I built actually ?

I have been lately vibing a lot with pokemon and by a lot, I mean freaking out like berserk.

Fun fact: I got even 3 the same Gengar-hoodies in my cloth-wardrobe, lol 😆.

However as I said, before I had realized I'm fed-up with web-dev and smart-contracts, and now I do it solely because I want my farewell with this part of my programming journey and my life to be unique.

I had been planning to build a pokemon-themed web3 project (namely a multiplayer game with ZK implementation), but the designing part and not allowing to focus on actual logic, made me upset and frustrated.

Back then I had been conceptualising/brainstorming about the project infra and logic and all of the sudden I fell into thoughts like: Should my app on mobile be in landscape or in portait mode ?, in meanwhile designing the mock-up in Figma, that was a point were I really told myself, I need to departure from board called web-dev, design because it's an anchor for me and does not allow me for proper work.

Ok, but what have I been building finally ?

Now, as I feel no guilt, if I screw up the hackathon or not, henceforth I decided to build as a hackathon-training project a simple staking protocol with drawing a random card of a pokemon once a day.

The staker can gain coins for the staking, which then can be used in the in-app marketplace, where players can sell their cards in exchange for either Ether or specific amount of the in-game currency.

You can click here to see how cool effect I built for drawing the card, what made me really smile.

The Stack I used for the project

I decided that I will not build UI from scratch and will use an AI tool for it so that after elaborate specification of the imagination, I got the template, which was actually something I would need at least 1 month to build.

The colours ? Well selected. The files and folder split ? Far from ideal and had to tweak it, but it's ok. The actual code ? Sort of messy, because the pages have been by default turned into the "use client" and not being server-rendered.

But the actual tech-stack is following:

Frontend: Next.js + Typescript + V0 (AI generated base UI)
Smart-Contracts: Foundry + Solidity
Key SDKs, Libaries:

TRN-generation: Chainlink-VRF
Wallet-agnosticism: RainbowKit
Interactions with smart-contracts: Wagmi
Storage of NFT-data in IPFS: Pinata SDK
Data Fetching and display: Tanstack-Query

If you're interested what it looks like visit here !

If you're willing to see the code base, click here to see frontend-code and if you're more into smart-contract side click here !

WARNING ⚠️

By the time of article-release (Sunday 12 AM, GMT + 1), the project it yet not ready to use and still works on the marketplace implementations are conducted. I will make special post on the project, for now please star the repo on github, would be really thankful.

My Inferences on the project and take on AI usage

I only asserted that my choice of leaving web-dev is rational and well substantiated. If something what I really put effort into and forced myself to do things I didn't want to do throughout 3 years can be replaced with chat-bot prompting with just a tweak to display something, use appropriate libraries. It's a sign to leave imo.

I've really shun using AI in generating UI, because I really wanted to prove myself that I also can build beautiful UIs and also can build phenomenal website on my own, and I just need time.

I experienced how AI sped up my work with the UI, this peace, that I do not have to care about pixels on the screen, settled me down tremendously.

What I learned by building this project ?

Besides realizing the real aid of AI, I kind of avoided (if you want to know my previous usage of AI feel free to checkout this article)

I was slightly wondering that the transfer of my NFT from my account to my StakingProtocol-contract, was not successful. I figured out that contracts need a special function kind of fallback or receive for the NFTies. It really surprised me because I haven't found it even in Mastering Ethereum example with auctions. This function is derived from a special extension for the contracts, namely an interface of IERC721Receiver.

   function onERC721Received(address operator, address from, uint256 tokenId, bytes calldata data)
        external
        override
        returns (bytes4)
    {

   // Here place your logic what to do after the token has been
// successfully transferred to the contract     

        return IERC721Receiver.onERC721Received.selector;
    }

This function can be thought of as fallback() or receive() for NFTIes, as I've written before. For those who do not know, fallback() and receive() functions in soldity can execute code after an amount of ether has been transferred to the contract.

What does `fallback()` differ from `receive()` ?

receive() – takes only ether, no data. Executes when someone sends ETH to your contract with empty calldata.

fallback() – takes ether AND data. Executes when calldata doesn't match any function signature, or when someone sends ETH with non-empty calldata and there's no receive().

Another Surprise 🤩

I recently just checked my Luma account to see if there are any updates on the hackathon rules, terms or so. There was no update on it, however I got an invitation for Co-work Event organised by ETHWarsaw ! and I was really wondered and shocked seeing it.

Not only because the event is something I wanted to participate in something like that, whereas my city although it's almost 400k dwellers is rather treated as an no-go zone for any coding initiatives like co-work coding events, what really made me sob sometimes.

But also because it collides in time with my private family-event, so quite suspicious coincidence (I do not believe in such thing as coincidence).

And although I'm about to leave smart-contracts development and the EVM, then I'm looking forward to feel the spirit of that even there, meet brainy people in Ethereum-ecosystem circle and of course steal some stickers so I can glue over my entire laptop and some merch if possible (and even if not then cmon I'm polish though) :D

Summary

This week was absolutely challenging but at the same time, I've saw how easily my work can be sped-up without mundane effort. I've reminded myself and also learned crucial facts when it comes to Soldity and handling ERC721 in external contracts. I got an surprise I did not expect and look forward now only to the hackathon and can't wait to make the farewell and go cryptography all-in.

What about you ?

How was your week ? Have you been successful ? stuck ? Or completely derailed this week ? Let me know in the comments and let's connect :D

From Zero To Crypto-Hero - (Week 1)

Luftie The Anonymous — Sun, 08 Mar 2026 10:25:19 +0000

Hello Dev.to Community !

This time I will share with you what I did in a full week 1 of my transition from zero to crypto-hero ? And as I promised, every sunday I will post a weekly-summary of my effort.

Are you ready ?

Let's go !

1 Week Overview

Surprisingly, I haven't done much this week in terms of cryptography development. I had a bit of tiny errands this week, that took my time and energy. One of them you can see here: One of the Errand-video

I would not say that my efforts were low because of lack of time, but rather because of cognitive overload I would name it.

What have I done ?

I have practiced modular mathematics together with turning the binary into a polynomial and practiced modular reduction of an polynomial, that is actually needed for AES on the substitution-layer level, as in the substitution table in order to get the value we have 2 approaches.

To those who do not know in short AES is an symmetric block-cipher that is built in a following way.

input                      original-key
|                          |
|                          |
|                          |
v                          V
key addition    <---   nth round-key
|
|
|
v
substitution layer
|
|
v
shift-row layer
|
|
v
mix-column
|
|
v
add-round-key

Not comming much into details this process above of encryption is repeated depending on the key length in AES, which is:
For 128 bits: 10 rounds / 11 round-keys
For 192 bits: 12 rounds / 13 round-keys
For 256 bits: 14 rounds / 15 round-keys

Because key addition is done on the beginning before actual encryption and at the end as the last round is finished, thus there are round-quantity + 1 amount of keys.

And for the substitution-layer we get the value for the input either by turning the byte value to a position in a look-up table or we will turn the byte value to polynomial and find an inverse for this polynomial in GF(2^8), by usage of Extended Euclidian Algorithm with irreducible polynomial of the GF(2^8), such that:

input-polynomial * input-polynomial-inverse = 1 mod field-irreducible-polynomial.

I have been relearning DES and AES cipher, whereas I spent about 2 days on AES, because I could not understand fully it's key-schedule workflow.

I have explored the bit manipulation key-words in TS like left-shift, right-shift or that we can xor without turning into binary, what I actually did in my implementation for OTP 😅

I recapped all of my notes on cryptography from Christof Paar course.

I implemented decimal to hex value helper function, Euler's totient function and Extended Euclidian Algorithm to my crypto-library project in TS.

And here are couple things I inferred.

My notes were purely theoretical and were mostly math-focused and for understanding concept instead of ready to implement the cipher in code. For instance I wanted to implement RSA, because it's quite simple math, that is rather math-focused than about bit shifting etc.

What I realized was that in order to get an p and q value, that would be prime-values, that are at least 2^512 bit long, I need to implement primality test from Miller-Rabin Primality Test or Little Fermat's Theorem, whereas Miller-Rabin is more efficient for large numbers than Little Fermat's approach. And I actually run into headache to understand how miller-rabin primality test works 😬

I would need to recap the ciphers all from scratch by reading the book and focusing on implementation rather than understanding how it works.

Unexpected Approval and Plan Change

Additionally there came an unexpected surprise, I have written an article on this this week, however to recall it I got approved to participate in an ETHSilesia Hackathon. Where honestly I did not expected to approved.

And it kind of forced me to change my plans. Namely I decided to temporarily cease development of my crypto-library that I started and my plans to move all-in to cryptography and blockchain architecture. And focus purely on web3-focused matters together with the hackathon-preparation, sometimes such shit happens. And I will comeback to cryptography development all in, after the hackathon.

So that's it for this week, to every woman in programming and in the world, I wish you all the best, you're rocking !

Cheers and see you next week :D

Ps. if you found some mistake feel free to correct me in terms of AES explanation.

The Last Dance with the past🕺

Luftie The Anonymous — Mon, 02 Mar 2026 20:54:11 +0000

Hello Dev.to Community !

I hope you're doing well, a week ago I posted my first ever post on dev.to introducing myself and saying that I left web-dev and transit to cryptography and blockchain architecture (and not just smart-contracts).

If you want read more about it click here

In this article I want to explain how do I want to end up this journey officially. Interested ? Let's go !

Introduction

Long story made short, I decided to quit web-dev and also developing smart-contracts as my main focus, to concentrate on building my own blockchain(s) and delve deep into cryptography as this is the field of IT that I was interested already since 2022 after reading a book on Bitcoin. Again for reasons "why?", read my first posted article.

Comparison starts in web-dev vs crypto

I will give you yet an example of my engagement etc. by comparing my learning and coding focus of my beginnings in web-dev and learning cryptography. When I was learning from a course on JavaScript, 2 hours section of the course in speed of 1.5x seemed like eternity and in real time it was like usually tripple of the section's duration.

2 hours in crypto ? I'm aware that those are completely different fields of IT and the learning requires a bit other approach but still, just by comparison the beginnings 2 hours with 1.5x speed, usually I have fit in the length of the actual course irl, because of notes etc.

You might think I exaggerate, and you're allowed to state so, but I'm the captain behind the wheel and I see what happens.

Ok, enough introduction 😅 now let's discover why it's for me so important.

Why do I bother about it so much ? 🥱

I think that leaving something you have been doing for 3 years with many obstacles faced, pressure and doubt in meanwhile without a greater farewell, is basically disregard to yourself and your work.

And also, I reckon new chapters in one's life should have a unique beginning, date or some event that would put an emphasis on the new chapter.

Thus I decided to take part in my first and prolly last hackathon, organized by ETHWarsaw in Katowice, the hackathon will last from 17-19th April. Having taken part in it, I also fulfill my another dream which was to take part in hackathon, but never had an time and opportunity to take part in such event.

As I chatted with @konark_13 in some comments, I reckon the project that I will do, will be Pokemon-themed, because this was a project idea to combine Pokemon + web3 and zk (as I had some experience with noir), but as I even started building an infra plan for it, I I was really struggling with defining the proper infra, like game-logic, events to occur, tools, DB management etc. Not because of complexity, not because of hardness of the task, because of not willing to do the same shit anymore, building the same UI with the same packages and so on, looking the same as 1000 others.

If that would be done, this would be a tripple-combo of personal-fulfillment:

Closing an web-dev chapter with honours and Opening New Chapter in life (which is actually already opened, but anyways) - Being all in into cryptography and blockchain architecture.
Taking Part in a hackathon as fulfillment of dreams/goals.
Building a project on the hackathon that is what I wanted to build.

The Hackathon-Application Approval

I was really thinking that I'm not gonna be approved, because there was some mention about being a student, so I thought that it could have been organized only for them.

As it turned out here about 4PM as I checked my mailbox I saw this:

I shouted out of excitement that my plan can be fulfilled, so I'm glad I will be able to attend the hackathon.

Until the start of hackathon, besides doing my main occupation, namely cryptography focused work. I will also take some time to recap smart-contract dev principles, other details and think what could I build specifically.

Last words...

I also want to express my flabbergast by the way how the devs are among them so to say. I always shun from the devs communities, thinking that I know too little to even express myself, but here I see that actually everyone is welcome as well as any input.

So I want to thank you 💜 for all reactions under my posts, for every follow, every reaction and every comment and I sincerely hope, that not only will I become an cryptography expert, but I also will be able to provide you value in form of explanation of cryptography components like phi-function, how SHA algos work or others.

I really think I will stay for longer on dev.to :D

Cheers !

From Zero To Crypto-Hero - (Week 0) + BONUS

Luftie The Anonymous — Fri, 27 Feb 2026 23:31:45 +0000

👋 Hello Dear Dev.to Community !

In this article I would like to share my a key-efforts I made in the entire week on my journey towards becoming a blockchain architect with deep expertise in cryptography.

This week is for me more of an organisation focused and also a relief after months of confusion (If you're willing to know more, feel free to read my self-introduction on dev.to, click here !)

Let's go now into details !

1. Define the Roadmap 🗺️

First of all I defined highly conceptual roadmap with elaborate milestones, what would I like to build in which point in time what would I like to build and so on. Of course some people will come to me and say that "it won't be so easy as you imagine etc.", on what I answer: "I know and thus attach this lovely image <3"

A lot of people, especially newbies treat the roadmap as some holy grail and clinge to it as strict as they can, which should not actually be so.

Personally, I treat roadmap as an guide + quite optimistic prediction on the learning process and I will not beat myself up for not succeeding it 100% (I used to as I was in web-dev). So my advice ? Take it easy, but not loosely.

2. Define the work-rules 📃

Again the same case as with roadmap, but this time it's general set of instructions to follow and not to follow with included unwilling behaviour. I used to have a lot of issues with concentration/focus throughout my entire journey, so I finally have broken my ego and pointed out: "Yes, I suck in that field".

3. Filling Gaps on DSA 📝

As I entered the programming space, I actually never saw a purpose on using DSA in web-dev, coz mostly DB (Database, not Deutsche Bank or Bahn, lol) providers have internal sorting algos and methods to offer to you to implement them. And I really skipped that part of coding, however it's essential for cryptography so I currently practiced and learned the sorting algorithms (only one left, from a course I made).

4. Official Farewell with Web-dev 🫡

As I decided not to do web-dev and smart-contracts profesionally as my main career focus, I want to make farewell with this period in my life with high respects. Thus I decided to send application for Web3-Hackathon and hopefully I will be accepted and will able to participate in my first hackathon. I do it not to win, but more for connections and experience the spirit of hackathon the vibe, attitude.

5. Starting a project for practice of understanding of cryptographic components (ciphers, hash-functions etc.) 🧠

I have started a project in typescript, before I start learning Rust Click here to checkout

This is a library that contains every cipher from "Understanding Cryptography" Book made by Christof Paar. If you want to enter cryptography, This Gentleman will do it much easier, I really wish I met him irl :D

I already implemented the most secure cipher in the world, simultaneously the most useless cipher in the world namely OTP.

BONUS: What is OTP ?

OTP stands for One time pad has been discovered by Gilbert Vernam in 1917, although it was used yet in end of 19th century for telegraphy security. This cipher is so called symmetric cipher, but more on it in a separate article, what that means.

OTP in order to be functional must fullfil those 4 conditions:

The key must be at least as long as the plaintext.
The key must be truly random (so it cannot be generated from Math.random(). In my approach I actually used the build in crypto.getRandomValues() method, although it seems to be CSPRNG instead of TRNG)
The key must never be reused in whole or in part.
The key must be kept completely secret by the communicating parties.

So imagine this you send a message that is 512MB large, whatever file, movie, game does not matter. You encrypt it and send the key to your receiver together with the cipher text it's 1GB of just one-time used data, thus OTP is useless.

How does OTP work ?

Encryption:

ciphertext = x XOR key

Decryption:

plaintext = ciphertext XOR key

But what is XOR ? XOR is a special operation that basically looks following way:

n-th bit of x + n-th bit of key modulo 2

so now converting 512MB to bits it's about 4 294 967 297 bits to be XORed through and thus is the cipher useless.

Thank you for reading my article 😍

So I hope I brought you a little bit of cryptographic sneak-peak, so that you will be thrilled for next updates. As an offtopic,

Yesterday was 30th Pokemon Anniversary, so here see how would look like a Pokemon Trainer if he would be a privacy-first 😅.

Btw, it's me 😁. I do not uncover my face in the internet, due to again fact because it's against my personal privacy-policy.

You want to connect ? 👥

Go to my website from this link and click Telegram or Signal link (I'm privacy first guy as you see)

Happy, Productive and Successful weekend, see you in a week !