Tools

---

I share this page with friends who are interested in learning more about the (software) tools I use. I am not affiliated with any of these companies or products. All paid products have been indicated with an asterisk (*).

---

• Productivity Tools
• Privacy & Security
• Technical Dev Tools

---

↑ Time / Clarity / Output ⏳

In a world full of distractions and noise, these tools help me curate content, stay focused, organize my thoughts, and manage my time more effectively.

• RSS reader → Feedly Inoreader is the best RSS aggregator I’ve tried. I use an RSS reader to centralize content from blogs, newsletters, journals, and other media sources. It constantly monitors sites for new content, removing the need for you to manually check them. If you’d like to self-host, check out FreshRSS.

• Discover new content → Refind sends you five interesting links every day, based on your preferences. It helps you find interesting articles, without overwhelming you.

• AI research → Perplexity for quick research queries, Elicit for systematic literature reviews and data extraction, and Semantic Scholar for deep academic search with citation graphs and paper recommendations. These tools complement traditional databases like *Scopus and PubMed but are faster for exploratory research and synthesis.

• AI workflow automation → if you’d like to automate workflows with AI models, check out the no-code *Dust and the low-code *n8n. The latter is built for “technical teams” but I think it’s intuitive enough to use even if you’re not a developer. For simpler no-code workflows, consider Make or Zapier. If you want more control and are comfortable with code, consider the technical options below.

• Build apps without code → Lovable is probably the easiest way to prototype web apps through chat. If you want more full-stack control to ship MVPs to production, try Bolt or Replit.

• AI browser → Comet by Perplexity has become my agentic browser of choice. It’s effectively a re-skinned Chrome so the experience should be very familiar to most. Dia and *Opera Neon are interesting emerging options. I’m sure OpenAI, Google and others will catch up, but as of late 2025, I don’t find their offerings compelling. In general, these tools still struggle with complex, longer-duration tasks, but I use them to speed up simple, tedious ones. However, until the significant privacy and security concerns are addressed, you should also consider using a privacy-oriented browser. If you’re technical, you should try creating custom agents.

  Agentic browser privacy & security concerns

  Agentic browsers read everything on screen and will train on personal and sensitive information. Until these companies offer verifiable local data processing (where sensitive data never leaves your device) and address the glaring prompt injection security risks, I will continue to heavily isolate my agentic browser activity and encourage you to do the same.

  Even with local processing, the "derived data" problem persists: metadata like embeddings, feature vectors, and behavioral patterns can uniquely identify you and your activities without ever touching the raw content.

  Analogous example: Amazon's Sidewalk mesh network connects Echo and Ring devices to extend connectivity. Amazon claims your commands stay on-device, uploading only "connection quality metrics" and "network performance data." Yet their own privacy whitepaper reveals this metadata can map your physical movements, reveal when you're home, infer your sleep schedule, and suggest household composition, all without seeing your actual commands.
  
  The parallel to AI browsers is direct: even with perfect content encryption, metadata about what you view, when, and how you interact reveals as much as the raw content itself. Unlike traditional browsers that collect telemetry and usage patterns, agentic browsers process the semantic content of everything on screen to build contextual understanding. This isn't just tracking that you visited a site; it's reading your transaction history, medical records, and private messages to train models and features. The depth of content analysis is fundamentally different.

• Browser organizer → if you routinely have 100s of browser tabs open, consider using Tab Manager Plus for Chrome or Tab Manager Plus for Firefox. It’s free, open-source, and has an attractive privacy policy. You may also want to consider Session Buddy or *Workona.

• Distraction-free Youtube → the Unhook for Chrome and Unhook for Firefox browser extensions allow you to hide different elements of the YouTube web application, such as the Trending tab.

• Faster emails → if you want a faster & more refined email experience, consider *Hey or *Superhuman. If you’re more privacy-conscious, see privacy-focused email providers below.

• Faster calendars → smart calendars help me auto-schedule events, shuffle my calendar if unplanned changes occur, and protect time for deep work. This space is quickly evolving and I have yet to find a product I can recommend without reservation but I’d encourage you to check out *Morgen, *Reclaim, *Skedpal, and *Motion. Alternatively, consider a private calendar.

• Scheduling → Cal is the scheduling tool I use most frequently. It’s open source, free for individual use, and integrates well with Gmail and Outlook.

• Speech-to-text → speaking is usually faster than typing, and I find myself increasingly using it as my primary mode of communicating with apps. Wispr Flow is available on desktop and iOS and an easy way to get started. If you’re more privacy-conscious, I’d suggest running an open-source text-to-speech model locally with something like Jan or LM Studio.

• Smarter notes → Mem is a voice-first notes app that turns your brain dumps into organized notes you can later query.

• Meeting notes → *Amie and Granola are my favorite bot-free tools for capturing meeting notes and converting them into action items.

• Collaborative meetings → Miro acquired Around, bringing its excellent video conferencing features into Miro Video Calls. I love the floating video popups that feel less clunky than competitors’ user interfaces and allow you to maximize your screen real estate during collaboration sessions.

• CRM → Attio is a simple but extensible CRM with a Notion-like interface. Twenty is another beautiful open-source option.

• Structured thoughts & writing → Notion is my go-to all-in-one workspace.

• Unstructured thoughts & writing → Logseq is a beautiful blend of markdown, org-mode and, knowledge graph. Think of it as a free and open-source roam-research. Write down your unstructured thoughts, and with time you’ll start to see connections between your notes you didn’t know existed.

• Professional writing → if English is not your first language (or frankly, even if it is), consider using a grammar checker for professional writing and emails. *Grammarly is great but I’d also recommend *LanguageTool and *Antidote.

• Academic and technical writing → consider *Trinka. I also like The Hemingway App which highlights lengthy, complex, and weak sentences — use it if you’re prone to academese. For scientific & technical publishing, see here.

• LaTeX → *Overleaf is an online LaTeX editor and an indispensable tool for academic writing. If you’re curious, learn LaTeX.

• Scientific and technical publishing → if you want to author and publish (blog posts, articles, presentations, or books) directly from a Jupyter Notebook with code, equations, and interactive data visualization, check out Quarto. It works with Python, R, Julia, and Observable JS!

• Geocodes → addresses are often cumbersome and insufficiently specific, especially once you leave urban areas. What3words divides the world into 3x3m squares and makes it easier to communicate location information online and offline. For example, instead of N51° 30.208' W000° 07.933, I could convey a specific location in London’s St James’s Park as ///song.shop.supply. Google Plus Codes are a slightly less fun (but open-source) alternative based on Open Location Code. In Plus Code language, this location is at 9C3XGV39+936.

---

---

Privacy & Security 🕳️🐇

Being privacy-conscious doesn’t mean you have to stop sharing all data or abandon big tech. Many believe privacy is already lost. It isn’t. You can’t achieve perfect privacy while enjoying modern luxuries, but you can reclaim meaningful control through practical steps that mitigate risks from companies, criminals, and states while protecting others’ data too. Small changes compound.

This is a brief guide on how to be a little more privacy- and security-conscious while leading a close-to-normal online and offline life.

Start with a threat model → ask yourself what you’d like to protect, from whom, and what the consequences of failure are. Review this introduction to threat modeling and consider the most common threats to your privacy and security. I’d also encourage you to read this digital security guide by the Freedom of the Press Foundation — it was designed for journalists, but I think it’s a great place to start for anyone.

PrivacyTools.io is a wonderful knowledge-base for privacy. And, consider Awesome-Privacy, a curated list of privacy-preserving tools.

• Password manager → Bitwarden is probably the single easiest addition you can make to significantly improve your online security.

• Check if your email is comprimised → Have I Been Pwned helps you discover whether your email address has been part of a data breach. Bitwarden’s Data Breach Report automatically checks this for every email address in your vault.

• Faster & safer internet → Cloudflare 1.1.1.1 is a free, fast, more private public DNS resolver. NextDNS is another fantastic option.

• Web browser → Brave is a privacy-oriented browser, based on Chromium (i.e. it’s a lot like Google Chrome under the hood) with fantastic ad, tracker, and cookie consent banner blocking by default. It’s significantly (~2x) faster than Chrome in my tests. Please consider updating your Brave browser configuration on desktop and mobile before use. Firefox is another great option. If anonymity is essential, consider Tor.

• Block ads uBlock Origin is a free, open-source ad content blocker. This space constantly changes, so keep an eye on their subreddit. In general, the extension works best on Firefox. I would however, encourage you to support the creators you consume content from through membership platforms like Patreon and YouTube Premium instead.

• Block trackers → Privacy Badger is a browser extension that stops third-party trackers from (secretly) tracking you across websites without your permission. If you use Firefox, consider using the LocalCDN extension to emulate content delivery networks (CDN) locally and prevent unnecessary third-party requests on a website.

• Virtual private network (VPN) → *ProtonVPN is typically the VPN I recommend. It supports the WireGuard protocol which performs better than other common protocols, like OpenVPN. If you’re more privacy-conscious, consider *Mullvad VPN. Please note that while VPNs help hide your web traffic from your internet service provider, hide your IP address from third-party services, and allow you to bypass geo-restrictions, they do not provide anonymity and if you’re using your real-life identity online, they’re unlikely to be useful in obfuscating your web behavior.

• Anonymity → if anonymity is a principal concern, consider using the Tor network. Whonix is a privacy-centric operating system that runs in a virtual machine (i.e. it runs like any desktop app on Windows, macOS, or Linux) and forces all web traffic through the Tor Network. You may also wish to compartmentalize your digital life. Tails is a tool which allows you to carry a portable & secure operating system on a USB. Plug in a Tails-equipped USB stick into any computer and temporarily turn it into a secure machine.

• Alternate web frontends → there are countless interfaces which redirect your website traffic through an alternate privacy-friendly frontend application. For example, you may use Invidious to access YouTube or Libreddit to access Reddit.

• Maps → OpenStreetMap provides global map data under an open license. It powers thousands of applications including the offline map app OsmAnd and the privacy-conscious Organic Maps.

• Private calendars → Proton Calendar is a great option. For a more feature-rich experience, consider one of the “AI calendars” above.

• Personal messaging → Signal, Session, and *Threema are great! These services provide privacy and security but not anonymity. Please note that while Telegram has a great UI/UX i.e. it’s easy to convince your friends to join, contrary to popular opinion, as of 2025, it has poor privacy and security practices (e.g. conversations are not end-to-end encrypted by default).

• Group messaging → Element is a (potentially) great messaging option for communities and companies if you’d like a more privacy-preserving and secure experience than traditional group chat applications. It’s based on the Matrix open standard and can be self-hosted.

• Email for privacy → consider Protonmail or Tutanota. Prioritize services that zero-knowledge encrypt your data at rest and in transit, and companies whose business model doesn’t depend on serving you ads by mining your email (meta)data. Please keep in mind that your communication is only as private or secure as the practices of your email recipients.

• Temporary emails & phone numbers → if you hate handing out your personal information when signing up for something trivial, consider using an email masking service such as Firefox Relay or an email alias generator, like AnonAddy. Please read the FAQs thoroughly before use. Similar services exist for temporary mobile numbers. If you’re in the US, *Burner is a great option.

• Disposable payment cards → online banks like Revolut and Monzo allow you to easily generate one-off virtual cards, which you can later delete.

• Online content removal → it is not uncommon to find content about yourself online that you want removed. You can attempt to contact a website’s webmaster, but this often leads nowhere. One easy way of reducing the visibility of this content is to ask Google, OpenAI, or another provider to remove it from generated responses.

• Delete old accounts → JustDeleteMe is a directory of web addresses that helps you easily figure out how to delete your account from web services, including the ones that make it especially hard to do so using deceptive techniques.

• Request access to your data → if you’re curious (and you should be!) about what data any one company holds about you, just ask. JustGetMyData helps you figure out how to do just that. In Europe, companies are required by law (GDPR) to allow users access to their data.

• Microsoft Windows → if you’ve used a recent version of Windows, you’ll note that advertising and excessive data collection are core features of the operating system. I’d recommend switching to Linux, but understand that many people would prefer not to (e.g. because they need specific software packages). In these cases, consider debloating Windows and changing its privacy settings. Consider using one or more of the following tools: Windows-Privacy-Dashboard, optimizer, Win-Debloat-Tools, privatezilla, WindowsSpyBlocker, Sophia-Script-for-Windows, ShutUp10++.

• Apple macOS → contrary to popular belief, Apple devices are not immune from viruses, malware, and other security/privacy threats. macOS suffers from many of the same problems as Windows. Consider using, the unfortunately named, privacy-sexy tool or the macOS-Security-and-Privacy-Guide. You could also switch to Linux.

• Mobile operating system → phones are arguably even more privacy-invasive than desktop computers; there are online guides on how to change your privacy settings on Android and iOS. If you have an Android phone, consider changing your mobile operating system to LineageOS. Google Pixel devices are very hardware-secure; if you have one, consider switching to GrapheneOS (here’s a guide to installing GrapheneOS). CalyxOS has been a great option in the past but they’ve had some recent issues.

• Privacy-conscious mobile app alternatives → if you care about your privacy on your smartphone, consider reviewing your privacy permissions on commonly used apps. If you find an app intrusive, search for privacy-conscious alternatives! You may be surprised by what you find. For example, Drip is a menstruation (period) tracking app with an attractive privacy policy! F-Droid is an alternative to the Google Play Store which provides a catalog of strictly free and open-source software applications.

• Firewall → Safing Portmaster for Linux or Windows is a free and open-source application firewall that helps you monitor all network activity and auto-block trackers, malware, and unknown connections. For macOS, consider LuLu. For Android, use NetGuard.

• Block mobile app trackers → TrackerControl allows you to monitor and control hidden data collection in mobile apps on Android.

• Mobile keyboard → changing your phone’s operating system might seem daunting, but one simple change you can make is changing your keyboard from the default Android keyboard to something like AnySoftKeyboard or OpenBoard (note: the latter was removed from the Google Play Store but remains available via F-Droid).

• Smartwatches → wearable devices are often overlooked as a risk to privacy. I love the fitness tracking features on my Suunto watch but also recognize its privacy issues and therefore take steps to mitigate them. If you’re purchasing a smartwatch, see if your device is compatible with Gadgetbridge or consider an alternate watch OS like AsteroidOS.

• Offline data storage → if you have a portable hard drive or USB, consider encrypting the disk with a tool like VeraCrypt.

• Online data storage → Nextcloud is an open-source file storage & communication platform, which may be self-hosted (or hosted in the cloud with a provider of your choice). This is appropriate for individuals and enterprises alike. In my case, I’ve used it to host research data on-site, in a regulatory setting where off-site hosting wasn’t permitted.

---

---

Technical Tools 👨‍💻

This section is probably most useful to developers and other people in STEM.

• AI agents → there are hundreds of ways to deploy agents with external data sources, APIs, and tools, but I consistently return to the LangChain ecosystem for its intuitive UX and flexibility. At its core, LangGraph provides graph-based orchestration and state management, while LangChain offers composable components and model integrations. For complex workflows, Deep Agents (inspired by Claude Code) add planning capabilities, file system context management, and subagent coordination. If you’d like to use AI to automate workflows but want to abstract away the code, consider the low-code alternatives above.

• Managed RAG → Gemini File Search is a fully managed RAG system built directly into the Gemini API that abstracts away the retrieval pipeline.

• Voice agents → ElevenLabs hosts a suite of low-latency voice AI models and crystal clear docs on how to deploy them; you should really try cloning your voice. Also check out Inworld and Hume. TTS Arena is a community-driven platform that compares leading models.

• AI coding → what I use changes frequently, and usually follows SWE-bench. In 2025, Claude Sonnet is what I turned to most frequently to delegate coding tasks with GPT-5-Codex as backup.

• Prompt-friendly codebases → Gitingest helps you feed codebases into LLMs as text.

• Up-to-date code docs for LLMs → Context7 MCP Server pulls the latest docs for libraries you rely on into your prompt. It’s not always the most token-friendly option but it saves me a lot of time.

• Terminal agents → Claude Code is a great way of bringing agents to the command line. There’s something wonderful about the fact that it’s context-aware and just works in the terminal without needing another window. For reasons I can’t quite express, I don’t enjoy Codex CLI nearly as much, but I often find I need fewer feedback rounds to produce the results I want. Using multiple tools together is probably the most optimal solution, for now. There are also an increasing array of more performant terminal agents as per Terminal-Bench.

• Deploy local models → use llama.cpp via its llama-server command, or use a GUI platform like Jan or LM Studio to easily run models on your own hardware.

• LLM router → *Martian helps you optimize performance and cost by routing requests to the best available model. OpenRouter is also a great model abstraction layer.

• Build web apps → SvelteKit and Vite helped me enjoy web development again.

• Build mobile apps → Flutter is Google’s framework for building cross-platform (mobile) apps with a single codebase. It uses Dart — which is easy to learn if you know JS, Java, or C# — and compiles to native machine code for fast performance. Flutter has an excellent package repository and integrates seamlessly with Firebase and Google Ads. You can also use the Dart Tooling MCP Server to expose Flutter development actions to AI assistants like Gemini CLI.

• Backend-as-a-Service (BaaS) →Supabase is “the open-source alternative to Firebase”. This is the most elegant BaaS I’ve come across; it offers authentication, file storage, (edge) functions, and database management. It’s strictly comprised of open-source components (e.g. PostgreSQL) which means you could containerize your application with something like Docker and host it on a cloud platform of your choice. If you want a serverless MySQL database instead, check out PlanetScale.

• Time series database → TimescaleDB is a PostgreSQL-compatible database for high-volume real-time systems, which means you can improve performance over standard PostgreSQL for analytical queries without heavy refactoring. Modern TimescaleDB uses a hybrid row-columnar storage engine (hypercore) that keeps recent data in row format for fast inserts and compresses older data into columnar format for efficient analytics. For pure columnar architectures optimized specifically for analytical workloads, consider QuestDB or InfluxDB. If you’re curious, check out this ranking of the most popular time series database management systems (DBMS) and an interesting benchmark created by ClickHouse for analytical DBMSs, albeit with significant limitations (as is the case with all benchmarks).

• DataFrame library → if you use the Pandas Python library for data wrangling/analysis, consider switching to Polars. While Pandas 2.0 added Apache Arrow backend support (addressing previous NumPy limitations with strings and missing values), Polars is built on Arrow from the ground up and remains significantly faster. And frankly, even if it wasn’t, the much cleaner and more intuitive API is reason enough to switch. If you prefer SQL, consider DuckDB.

  Why Polars will probably remain a stronger choice

  Polars' author Ritchie Vink explained in 2023:
  
  “Polars will remain faster & more memory-efficient [because]:
  

  
  
  • Polars adheres to arrow's memory format, but is a complete vectorized query engine written in Rust;
  • multi-threaded – almost all operations are multi-threaded and share a single threadpool that has low contention (not multiprocessing!); Polars can completely saturate all your CPU cores with useful work;
  • out-of-core – Polars can process datasets much larger than RAM;
  • lazy – Polars optimizes your queries and materializes much less data;
  • completely written in Rust – Polars controls every performance critical operation and doesn't have to defer to third parties, this allows it to have tight control over performance and memory;
  • zero-required dependencies – this greatly reduces latency;
  • declarative and strict API – Polars doesn't adhere to the pandas API because we think it is suboptimal for a performant OLAP library.”

  (source)

• Local cloud development → LocalStack for AWS can speed up your cloud development cycle by emulating cloud services and behavior locally. I know it sounds odd, but it works!

• Lightweight container orchestration → K3s is a production-ready Kubernetes distribution built for IoT and edge.

• API testing → Bruno is an open-source, git-native API client that works offline and stores collections directly in your filesystem. It’s a lightweight alternative to Postman or Insomnia without cloud lock-in. Hurl is a command-line tool that runs HTTP requests defined in plain text format. It’s basically a beautiful curl wrapper that’s perfect for CI/CD pipelines and automated testing.

• Application reliability → Checkly unifies synthetic monitoring, distributed tracing (OpenTelemetry), status pages, and incident management into a monitoring-as-code workflow. You can even convert Playwright tests into production monitors and trace failures across your stack.

• Observability → try Grafana.

• Load testing → Grafana k6 is an open-source performance testing tool that helps you detect issues pre-production.

• Web analytics → *Plausible is a lightweight, open-source, and privacy-friendly alternative to Google Analytics. It’s hosted in the EU, does not serve cookies, and is GDPR/CCPA/PECR compliant. Best of all, you can self-host on any server with Docker! Umami and Clouflare Web Analytics are also great options.

• Comments widget → *Commento is the privacy-preserving alternative to Disqus and Facebook Comments. If your audience is primarily composed of programmers, consider Utterances.

• Documentation → Mintlify is a human- and LLM-friendly documentation platform.

• Linux → Pop!_OS is my favorite Linux distribution, and the one I generally recommend to people who are new to Linux (unless they have a specific need e.g. cybersecurity → Kali Linux). It is developed by System76, an American computer manufacturer, and is essentially Ubuntu under the hood. It is the most cohesive Linux operating system I’ve tried! If you use Windows or macOS, see above.

• Compartmentalize your (digital) life → Qubes OS is a security-oriented operating system which leverages Xen-based virtualization to generate many virtual machines. Each (OS) instance, or qube may be a different operating system, with different application/network stacks and varying levels of trust. This approach allows you to compartmentalize different aspects of your digital presence on a single machine. If anonymity & privacy are key concerns, check out Tor.

• Modern CLI tools → these tools make it more fun to use the command line.

  • ripgrep replaces grep for faster searches.
  • fzf is an interactive fuzzy finder.
  • bat replaces cat for syntax-highlighted file viewing.
  • eza replaces ls with better directory listings.
  • zoxide is a smarter cd that learns your habits.
  • jq is a JSON data processor.
  • tldr gives you simplified man pages with practical examples.
  • sd is a faster sed.
  • btop replaces top for process monitoring.
  • procs is a modern ps.
  • lazygit gives you a developer-friendly git terminal UI.
  • tmux is a terminal multiplexer for managing persistent sessions.
  • Starship gives you beautiful, minimal shell prompts.

• Vim everywhere → if you’d like to use Vim keybindings in every facet of your life, check out this extensive list of programmes which support Vim. I’d highly recommend Vimium, a browser extension that provides keyboard shortcuts for navigation and control. If you use Firefox, try Tridactyl instead. If you don’t use Vim but are curious — learn Vim.

---