About
Last updated .
Founder note
I run this site under the handle vulnix0x4. The pseudonym is deliberate. I want the writing and the recommendations here to stand on their own, not on my resume. It also keeps me from being a pressure point: if a company I criticize wants me silenced, the easy move is to go after the person. The pseudonym is a small friction on that. It is not unbreakable, and I am not under any illusion that it is — but it changes the calculus enough to matter.
I do not run analytics. I do not set cookies. I do not sell data. I earn money when a reader clicks an affiliate link (Proton, Bitwarden, Kagi, Obsidian, Ente, and a few others — all named on the affiliate disclosure) and decides the paid tier is worth it. Commissions do not change the ranking: every category leads with a free or open-source option. If an affiliate product is not the best pick, it is not the hero pick.
The scanner was the heart of the original idea. It runs in your browser. The backend holds a 60-second nonce; nothing else persists. The code for both the site and the scanner backend is public — see Scanner privacy for the infrastructure long-form.
— vulnix0x4
Warrant canary
As of , we have not received any legal requests to suppress content or identify users.
This line is rotated on or before the first of each month. If it goes stale by more than 30 days, treat its absence as the signal. Rotation history is part of the changelog.
Secure contact
For anything sensitive — especially security reports and journalism sourcing — use the
encrypted email address below. A long-term PGP key is being generated; once published it
will be downloadable from /pgp.asc on this site and searchable on keys.openpgp.org by the same address. Until then, Proton's native end-to-end
encryption between Proton Mail users covers the confidentiality gap.
- Signal / SimpleX
- Available on request — message first by email, reply will include a one-time introduction code.
When the PGP key is published, verify the fingerprint against at least two independent sources (this page, the key server, and the future Tor hidden-service mirror). Do not skip that step.