path: root/content/blog/2025-06-02-private-ios-apps.org

#+date:        <2025-06-03 Tue 11:38:40>
#+title:       Privacy-First iOS Apps for Minimalists
#+description: Curated listing of iOS applications prioritized for privacy preservation and data security, targeted at users requiring minimal data exposure.
#+slug:        private-ios-apps
#+filetags:    :ios:privacy:security:

The world is evolving into a privacy nightmare, where our own devices are being
used by numerous parties to constantly track and report on our activities. This
is especially prevalent on iOS, where platform restrictions leave users without
many options to lock down their data.

However, there are apps that exist that can help enhance the privacy of an iOS
device. The post below details a number of privacy resources, directories, and
tools for iOS.

**Resource Table**

| Name                                   | Type                        |
|----------------------------------------+-----------------------------|
| [[https://github.com/pluja/awesome-privacy][Awesome Privacy]]                        | App Lists & Directories     |
| [[https://www.privacyguides.org/en/os/ios-overview/][PrivacyGuides.org]]                      | App Lists & Directories     |
| [[https://cyberinsider.com/][CyberInsider]]                           | Guides & Educational        |
| [[https://ssd.eff.org/module-categories/further-learning][EFF Surveillance Self-Defense]]          | Guides & Educational        |
| [[https://osintframework.com/][OSINT Framework]]                        | Guides & Educational        |
| [[https://securityplanner.consumerreports.org/][Security Planner (Consumer Reports)]]    | Guides & Educational        |
| [[https://discuss.privacyguides.net/][PrivacyGuides Forum]]                    | Community & Discussion      |
| [[https://www.reddit.com/r/privacy/][r/Privacy]]                              | Community & Discussion      |
| [[https://www.reddit.com/r/iosprivacy/][r/iOSPrivacy]]                           | Community & Discussion      |
| [[https://tosdr.org/en/][Terms of Service; Didn't Read (ToS;DR)]] | Policy & Transparency Tools |
| [[https://browserleaks.com][BrowserLeaks.com]]                       | Privacy Testing & Tools     |
| [[https://mullvad.net/check][Mullvad Privacy Check]]                  | Privacy Testing & Tools     |
| [[https://support.apple.com/en-us/HT212025][iOS App Privacy Report (Settings)]]      | Privacy Testing & Tools     |
| [[https://privacytests.org/][PrivacyTests.org]]                       | Privacy Testing & Tools     |

#+begin_quote
*Note*: This list focuses solely on iOS-compatible resources and tools. No
Android comparisons here as I have not used Android in many years.
#+end_quote

* Email

First, I like to consider email as my first app on a new device. However, iOS is
\extremely\ lacking in this area. Certain options are private, such as Proton
Mail and Tuta, but they have certain restrictions and ecosystem lock-in methods
that I try to avoid.

Canary Mail was a decent option for a while, although a bit mysterious, but they
have recently leaned into the AI hype pretty heavily, which is concerning.
However, it's still one of the only options for PGP emails on iOS.

- [[https://proton.me/mail][Proton Mail]] - One of the more popular private email options available on iOS.
  Allows custom domains, but does not allow for IMAP/SMTP usage, so you're
  locked into using their apps. Open source.
- [[https://tuta.com/][Tuta]] - Tuta also locks you into their clients and they do not allow you to use
  custom domains. Open source.
- [[https://canarymail.io/][Canary Mail]] - Closed source, so you can't verify anything about what they are
  building into the app. However, it's one of the only options for PGP mail on
  iOS. Advanced features are locked behind a paywall.

Another suggestion is to use a browser-based web client. You can install browser
mail clients as progressive web apps (PWAs). For example, I have been using
[[https://webmail.migadu.com][webmail.migadu.com]] as a progressive email app for a while now and it works great
for my purposes.

This allows for access to your email without installing an application that
access native APIs or other potential data sources you may be concerned about.
This is especially important if you're concerned about allowing permissions to
device APIs, non-reproducible buils from the App Store, or mobile device
fingerprints.

Lastly, [[https://blog.thunderbird.net/2025/05/thunderbird-for-mobile-april-2025-progress-report/][Thunderbird iOS]] is under development. Keep an eye out for an alpha or
beta release later in 2025 or early 2026. I have a feeling that once Thunderbird
iOS is available, it will easily become the best option for email on iOS.

#+begin_quote
*I use*: Web-based email on iOS and Thunderbird on my desktop. Once Thunderbird
releases for iOS, I will probably use that.
#+end_quote

* Browsers

Your choise of browser is very important if you're concerned with privacy. Any
and all links you click will be opened in your default browser, so you need to
make sure you choose the right browser and configure it properly. Trackers, ads,
fingerprints, and data leaks are constant threats that should be avoided when
possible.

- [[https://apps.apple.com/us/app/firefox-focus-privacy-browser/id1055677337][Firefox Focus]] - In my opinion, the best option for privacy on iOS.
  Automatically blocks trackers, erases data and history upon app close, and
  focused on private usage. However, it won't support your bookmarks or keep you
  logged into sites long-term.
- [[https://duckduckgo.com/app][DuckDuckGo]] - Another good option, built on chromium. Like Focus, it allows you
  to clear all data with a button tap.
- [[https://onionbrowser.com/][Onion Browser]] & [[https://orbot.app/][Orbot]] - Tor - what can I say? It's been the most popular
  privacy browser for ages for a reason and now it's available on iOS. Onion
  Browser is a Tor browser and Orbot can proxy any number of iOS apps through
  Tor. As with all Tor traffic, it will be slower than "regular" traffic.
- [[https://brave.com/][Brave]] - Another chromium-based privacy browser. Can sync with other Brave
  browsers via a secure linking process (no account). Fully-featured and great
  privacy defaults. There have been some concerns in the past about the company
  behind Brave, but I still think it's a decent option for most peoplel.
- [[https://www.apple.com/safari/][Safari]] (with caveats) - Great option if the browsers above don't work for you.
  Be sure to read PrivacyGuide's [[https://www.privacyguides.org/en/mobile-browsers/#safari-ios][Safari]] section for more information on what you
  need to do to lock it down before relying on it full time.

#+begin_quote
*I use*: Hardened safari in private mode for every day use, and Onion Browser
for anonymous browsing.
#+end_quote

* Messaging

Next up are messaging apps. If you have an iPhone, it's a good bet that you will
be messaging other people on it. The threats for messaging apps tend to be
metadata/data collection from cellular providers, ISPs, and Apple itself. If you
want to protect the privacy of your messages, who your messaging, and the
metadata around those messages (time, method, location, etc.), you'll need to
think about which apps you're using.

- [[https://signal.org/][Signal]] - My personal favorite and still the gold standard for secure and
  private messaging. Open source, end-to-end encrypted, and runs its own private
  push notification infrastructure so Apple can't read your message content. A
  phone number is required to sign up, but you can create a username immediately
  after signing up and share that with others instead of sharing your phone
  number.
- [[https://simplex.chat/][SimpleX]] - A decentralized, phone-number-free messaging system. Uses anonymous
  message relays and asymmetric keys.
- [[https://getsession.org/][Session]] - A fork of Signal's protocol that eliminates phone numbers entirely.
  Routes messages through a decentralized onion network (like Tor).
- [[https://element.io/][Element]] - Based on the Matrix protocol, offering decentralized, federated
  chat. Great for groups and communities, with optional end-to-end encryption.
  Other client options are available for Matrix on iOS, as well.

#+begin_quote
*I use*: Signal for private chats with known people, and Matrix for group chats.
#+end_quote

* VPNs & Networking

Network traffic is where most surveillance happens. Even with encrypted
messaging and browsers, your IP address and DNS queries reveal a lot about you.
A good VPN or alternative network routing tool masks this, but not all VPNs are
trustworthy. Avoid “free” services or those lacking transparency.

- [[https://mullvad.net/][Mullvad]] - A no-logs VPN that doesn't require an email or personal info to
  create an account. Consistently audited and privacy-focused. Their app is
  excellent on iOS.
- [[https://www.torproject.org/][Tor]] - Best for anonymity rather than everyday VPN use. Routes your traffic
  over three relays, obscuring both source and destination. Slower, but
  unmatched for high-risk browsing.
- [[https://yggdrasilnetwork.org/installation][Yggdrasil]] - An experimental, encrypted, peer-to-peer mesh network. Less
  polished for mobile but useful for hobbyists or building private networks
  between devices.

If you can't self-host or build your own mesh, Mullvad is hands-down the easiest
option here. There are other VPN options available, but I haven't tested them
all so I will simply put my vote for Mullvad here and let you research other
options if you don't want to use Mullvad.

#+begin_quote
*I use*: Mullvad for 24/7 usage, and Tor when anonymity is required.
#+end_quote

* Password Management

Weak and reused passwords are still the biggest risks for personal security. A
good password manager makes it possible to use strong, unique credentials
without memorizing them all.

- [[https://bitwarden.com/][Bitwarden]] - Open source, audited, and free to self-host (e.g., Vaultwarden).
  The iOS app integrates with system autofill and Face ID.
- [[https://keepassium.com/][KeePassium]] - A KeePass-compatible client for iOS. Local database storage,
  optional cloud sync, and no external accounts. Excellent if you want full
  control over your credential store.
- [[https://keepassxc.org/][KeePassXC]] + Syncing Solution - If you already use KeePass on desktop, sync
  your database with a secure method like [[https://cryptomator.org/][Cryptomator]]-protected cloud storage,
  Syncthing, or local-only transfers.

Good passwords matter are extremely important, and these apps give you control
over your vault.

#+begin_quote
*I use*: Bitwarden Families ($40/year) to protect passwords, passkeys, TOTP
codes, and secure notes for my family. If I were using a solution solely for
myself, I would prefer KeePassXC + Syncthing.
#+end_quote

* Multi-Factor Authentication (MFA)

MFA is essential, but relying on SMS codes or untrusted proprietary apps defeats
the point. Use open, local, encrypted authenticators where possible. Also, use
passkeys if you can! I prefer passkeys, then TOTP, and then SMS/email, if other
options are not possible.

- [[https://bitwarden.com/products/authenticator/][Bitwarden Authenticator]] - Integrates with the password manager or works as a
  standalone TOTP app. Optional encrypted backups through your Bitwarden
  account.
- [[https://ente.io/auth/][Ente Auth]] - Open source, end-to-end encrypted TOTP manager. Syncs encrypted
  via Ente's infrastructure.
- [[https://www.tofuauth.com/][Tofu]] - Minimal, offline-first TOTP app. No cloud, no telemetry.
- [[https://raivo-otp.com/][Raivo OTP]] - Open source, native iOS app with secure iCloud backups. Clean
  interface.
- [[https://apps.apple.com/us/app/otp-auth/id659877384][OTP Auth]] - A longstanding, trusted TOTP manager with encrypted backups and
  Apple Watch support. *Not open source.*

I recommend pairing one of these with strong passwords and a VPN for everyday
security.

#+begin_quote
*I use*: Bitwarden Authenticator, previously OTP Auth.
#+end_quote

* Notes & Personal Data

If you're storing sensitive personal notes, account details, or journal entries,
opt for encrypted, local-first apps.

- [[https://beorgapp.com/][Beorg]] - An Org-mode-compatible outliner and task manager for iOS. Great for
  Emacs fans and those managing plaintext files.
- [[https://obsidian.md/][Obsidian]] - A local Markdown-based notes app. All data stays on your device
  unless you opt for Obsidian Sync (or your own setup).
- [[https://standardnotes.com/][Standard Notes]] - End-to-end encrypted notes, with cross-platform sync. Good if
  you want a straightforward, secure cloud service.
- [[https://joplinapp.org/][Joplin]] - Open source, Markdown notes with optional encryption and cloud sync
  (Nextcloud, Dropbox, etc).

These options help decouple your data from major cloud platforms while keeping
notes portable and encrypted.

#+begin_quote
*I use*: Beorg, since I love org-mode.
#+end_quote

* Photos & Media

If you're using iCloud Photos, your camera roll quietly feeds metadata and
images to iCloud by default. If you want to self-host or encrypt your photo
library, here's what works on iOS. At a minimum, I suggest disabling iCloud for
the Photos app, so the data stays local on your device.

- [[https://immich.app/][Immich (self-hosted)]] - Open source, feature-rich, self-hosted photo manager
  with facial recognition and live photo support. Requires a home server.
- [[https://ente.io/][Ente Photos]] - End-to-end encrypted photo storage with iOS and web apps. Paid
  plans, but privacy-first infrastructure.

Good privacy photos apps are rare on iOS — these two are the standout options
right now.

#+begin_quote
*I use*: Immich for all photos.
#+end_quote

* Encryption Utilities

If you're handling sensitive files, you need a proper encryption utility to lock
them down.

- [[https://cryptomator.org/][Cryptomator]] - Open source, encrypted cloud storage vaults. Integrates with
  most cloud providers and works locally.
- [[https://apps.apple.com/us/app/instant-pgp/id1497433694][Instant PGP]] - PGP key generation, import/export, and encrypted message/file
  creation. Handy for old-school secure comms.

If you're serious about privacy, encrypted storage and messaging layers like
these are essential.

#+begin_quote
*I use*: Cryptomator when syncing sensitive data over Syncthing. I no longer
require Instant PGP since Migadu's webmail client (SnappyMail) supports PGP.
#+end_quote

* News & Social

News and social apps leak all kinds of usage metadata, even when you're just
lurking. These tools let you follow content with less exposure.

- [[https://netnewswire.com/][NetNewsWire]] - Free, open source RSS reader for iOS.
- [[https://www.talklittle.com/three-cheers/][ThreeCheers]] - Privacy-friendly Tildes client for iOS.
- [[https://getvoyager.app/][Voyager]] - Clean, independent Lemmy client.
- [[https://joinmastodon.org/][Mastodon]] - Federated, open source alternative to Twitter.
- [[https://joinpeertube.org/][PeerTube]] - Decentralized video platform, accessible via web or PWA.
- [[https://pixelfed.org/][Pixelfed]] - Federated, open source alternative to Instagram.

If you're going to be online, at least let it be on your terms.

#+begin_quote
*I use*: NetNewsWire (via FreshRSS) for RSS feeds, Voyager for Lemmy, and Three
 Cheers for Tildes. I have used all of these apps and they are great, but I am
 not very active on social sites.
#+end_quote

* Final Thoughts

Whether you just want to improve your privacy in small steps or you're
fashioning a tinfoil hat as we speak, moving to privacy-focused services and
apps does two things:

1. It protects your privacy by ensuring that your data is being protected
   through the many methods mentioned above; and
2. It provides money (for paid apps), support (in terms of download count,
   reviews, ratings, etc.), and motivation for the developers and companies
   behind these apps that provide a privacy haven for users on iOS.

Every app you use, every service you sign into, quietly collects and trades your
data. iOS makes true anonymity harder than other platforms, but these tools and
services give you a fighting chance to keep your data private.