Why this site exists.
Most privacy advice is written by people who learned about threats from other articles. This site wasn’t built that way.
Predaxia exists because the people behind it have spent years working in environments where a bad operational security decision did not mean a slower laptop or a spam folder. It meant a source identified. A translator exposed. A family put at risk. A colleague who didn’t come home.
Between us, we have operated in conflict zones, high-risk countries, and environments where information security was not a professional best practice; it was a condition of survival. We have worked alongside journalists under pressure, humanitarian workers in the field, NGO teams in hostile operating environments, and individuals whose digital footprint was, at various points, a matter of life and death.
We are not researchers. We are not cybersecurity academics. We are people who learned what actually breaks, under actual pressure, in actual field conditions, who then spent years building the personal security architecture that should have existed from the start.
This site is the result of that work.
What we saw in the field.
The failures we witnessed were almost never technical. They were human. And they followed a pattern.
A source contacted through a personal phone account, not a compartmented channel. Location data shared on a social media platform while an operation was active. Cloud storage syncing documents that should never have left an air-gapped device. Family members posting routine information that, assembled piece by piece, revealed patterns no adversary should ever have access to.
None of these people were careless. They were operating under pressure, with incomplete information, using tools that were never designed for their threat level. The problem was not intelligence. It was the gap between the tools available to ordinary people and the threats those tools were actually facing.
That gap is what Predaxia is designed to close.
Why we stay anonymous.
The irony of a privacy site with named authors is not lost on us.
We stay anonymous because it is consistent with what we teach. Our identities are not relevant to whether the information here is accurate. Our experience is. And that experience is described in sufficient detail on this page for you to evaluate it.
If you need names to trust the content, this is not the right site for you. If you need the content to be correct, read an article, apply the recommendation, and assess the result. The work is the credential.
There is also a more operational reason. Members of this team continue to work in environments where personal exposure carries professional consequences. Anonymity is not a choice we made for comfort. It is a discipline we maintain for the same reasons we recommend it to the people who read this site.
How we built this.
Our combined experience covers environments most security frameworks are never tested in. Over the years, we rebuilt our personal and professional security architecture from the ground up across five domains, because the field made it necessary, not because a certification required it.
Personal security (PERSEC). What information about us exists publicly, who has access to it, and what the realistic threat profile actually looks like. Not paranoia. Threat modelling. The kind you do when the stakes are real.
Information systems security. Device hygiene, account compartmentalisation, password management, and the specific ways consumer tools fail under conditions their designers never anticipated.
Network security. VPN selection methodology, the specific conditions under which a VPN protects you and the conditions under which it does not, traffic analysis, and the documented cases where people believed they were protected and were not.
Communications security (COMSEC). Which channels are secure under which conditions, and which ones only appear to be. End-to-end encryption is not a binary. The app matters. The metadata matters. The habits of the person you are communicating with matter just as much as your own. We have seen communications security fail not because the tool was wrong, but because one person in the conversation made a single identifiable mistake. COMSEC is a chain. It is only as strong as its weakest link.
Professional operational security (OPSEC). The discipline of keeping identities, devices, communications and activities separate in ways that hold under pressure, not just in theory, but in the environments where pressure is the default.
This site applies that framework to civilian contexts. The threat levels are different. The principles are identical.
Who this is for.
This site is written for people who have something real to lose.
Journalists who work with sources and understand that protecting a source begins before the first conversation, not after something goes wrong.
Lawyers and notaries who hold client information that is worth targeting, and whose professional obligations extend to the security of the tools they use.
NGO workers and humanitarian field teams operating in environments where their communications, contacts, and location data are of genuine interest to actors with resources and intent.
Military families who need to understand what information becomes dangerous when a family member is deployed, and how to stop sharing it before the damage is done.
Anyone going through a legal dispute who needs to understand that their digital life is now potential evidence, and how to manage it before that becomes a problem in a courtroom.
Professionals operating in high-risk countries who need a security protocol before they board the plane, not after they discover the hotel Wi-Fi was compromised.
If your situation does not appear on this list, the resources here may still apply to you. Start with the threat model. If the questions it asks are relevant to your life, keep reading.
How we test our recommendations.
Every tool mentioned on this site has been tested under real conditions. Our affiliate criteria comes down to a single question: would we use this ourselves in a situation where our security depended on it? If no, it does not appear. If yes, we explain exactly why, including the limitations.
We run three affiliate programmes: Proton, 1Password, and DeleteMe. We turned down the rest, including NordVPN, Surfshark, and ExpressVPN. The article explaining exactly why is on this site. It costs us money. That is the point.
What this site is not.
This is not a technology review site. We do not benchmark download speeds or test which VPN unblocks streaming services. We test whether a tool would hold up if our security depended on it. Those are different tests, with different results.
This is not a fear-based site. Every threat described here is documented. Every recommendation is specific. The goal is not to make you anxious. It is to make you harder to compromise than the person next to you.
This is not written for everyone. If you are looking for the cheapest option or the easiest setup, this is not the right place. If you are looking for the most defensible setup for your actual situation, you are in exactly the right place.
There’s no perfect setup. Anyone selling you perfect is selling fear. The goal is simple: make yourself a harder target than the person next to you.
Get in touch.
Have a question, a situation you’d like us to cover, or feedback on something we got wrong? Use the contact form; we read everything and respond to every message.
