Instagram and Tiktok are usable in a web browser, though they do want you to make an account.

Terms like “safe” and “private” are not binary.

Are the contents of your Signal conversations on an iPhone private with regard to mass surveillance conducted by governments and ISPs? Probably. Apple uses security and privacy as marketing points, and there are a whole lot of people looking for vulnerabilities in its products who are incentivized to disclose them (possibly with a delay for patches). Signal itself takes steps to prevent data leaks to less secure parts of the OS and other apps.

Would your conversations remain private in the face of a targeted attack against your device by a nation state willing to spend a significant amount of time and money when you’re using Signal on an iPhone that’s presumably used for purposes other than secure conversations with a small set of people you know? Almost certainly not.

TOR is designed to resist surveillance and censorship by ISPs or national governments. Communications are encrypted in transit, and there’s no way for a node to tell whether it’s talking to another relay node or the end user.

It’s fairly easy for a website to detect that a user is accessing it via TOR; there are lists of exit nodes like this one which a firewall or intrusion detection system can update programmatically. Many websites block or limit access via TOR using such lists, making it unsuitable for use cases such as the one I’m discussing.

I couldn’t care less what the employer wants. This almost certainly doesn’t violate any criminal laws, but could lead to loss of employment.

I care that my friends can be somewhere they’re physically safe while making enough money to be OK.

They are going to find out regardless

Probably not. This is the sort of organization that will do the bare minimum to tick a compliance checkbox and no more. That likely includes IP geolocation and maybe checks against well-known datacenter IPs. It’s very unlikely to include latency checks, and does not include monitoring agents on remote machines. My friends have accepted there’s some risk of employment loss, but would prefer to mitigate it.

Stop trying to cheat the system

Fuck the system.

This is similar to what I had in mind. I was thinking of software and a paid subscription while this is a hardware device with free access. It does appear to reward people for acting as exit nodes in a more or less ethical manner (depending on how you feel about weird cryptocurrencies).

This is a concern about a remote employer detecting that they’re working from outside the USA, not surveillance. TOR is not an appropriate solution.

There are many, some of which are easily found with a web search for “residential VPN”. That also comes up with a bunch of untrustworthy listicles with affiliate links to the “best” options.

Some of these are extremely shady, using malware to turn unsuspecting victims into exit nodes. Some gain access with consent by offering payment or some other benefit; this probably violates ISP TOS, but I don’t care about that.

Yes, this is the DIY VPN server at a relative’s house option.

Tried this; continued to see no ads for anything at all. Am I doing it wrong?

I use Matrix, and I’ve moved some conversation with people I met in public rooms there to Signal because it kept failing to transfer keys rendering it unable to decrypt messages. I haven’t seen that in a while so maybe it’s fixed, but I haven’t been using it for one-to-one conversations lately.

Unfortunately, I’ve found most people have a lot of resistance to adding another messaging app. I don’t really understand why that is, but it’s true. Asking someone to install a messaging app when I’m their only contact who uses it and they have another way to contact me has a success rate near zero.

What is this? A Twitter post?

Just about. JWZ is known for his cynical hot takes on tech in general.

I don’t think any of his complaints are invalid, though his conclusions are uncharitable at best. Making a communication tool that’s both reasonably secure and sufficiently palatable to people who don’t know how to use computers to achieve broad adoption is a hard problem with no perfect solutions. If he has a better idea, well… he’s a skilled and somewhat famous programmer; he’s better equipped than most to implement it.