Projects

Three concentric rings: integrated projects we steward and whose code we publish; related projects we work alongside; and aligned offers from separate organisations we recommend.

Integrated projects

The pieces we run, fund, and (eventually) ship the source for. SoTranscribe is the first to publish its code publicly — a marker for the path the others will follow.

SoTranscribe → SovTranscribe First to ship code

Sovereign transcription — turn voice into text without sending the audio to a U.S. cloud. Currently lives on the QuestHub server; being moved to /transcribe on this site. Will accept all of sotranscribe.com, sovtranscribe.com, and transcribe-style requests once landed.

Significance: the first project where we publish our personal codebase publicly. Status: in transfer; once GitHub is the canonical source and the QuestHub server is no longer the primary host, the QuestHub presence downgrades to a passive quest entry (least priority).

OpenHarness In build · stealth

A sovereign terminal AI — an open fork of OpenCode.ai (120k+ stars, 75+ supported models including Claude, GPT, Gemini, Mistral, and local Ollama).

Designed to remove the things in proprietary AI harnesses that quietly hurt: prompts that evaporate when you hit Ctrl-C, stress-inducing permission dialogs, opaque memory you can't read or edit, vendor lock-in to a single model.

• Prompt autosave — every keystroke survives Ctrl-C, accidental close, or crash.
• Switchable interfaces — Claude Code style, OpenClaw style, community curations.
• Region-aware model defaults — Mistral in EU, Claude in US, Qwen in CN, Ollama anywhere.
• Custom memory system — readable JSONL plus markdown mirrors, not a black box.

secureOpenHarness Concept

The security and isolation layer beneath OpenHarness (and any other AI assistant you let run on your machine). Sandboxed execution via Podman / Bubblewrap, filesystem isolation, a token vault with scoped access, and audit logging.

Inspired by Vitalik's self-sovereign LLM setup — the goal is that your AI assistant cannot reach your password manager, your SSH keys, or files outside its sandbox, even if the model itself is compromised or jailbroken.

deGoogle flows Migration paths

Step-by-step paths for the big four Google services. Each path is calibrated for a non-techie, honest about tradeoffs, and ends with a working setup — not a checklist.

• Gmail → Proton / Tuta / Infomaniak. The keystone migration. Email is your account-recovery hub for everything else.
• Calendar → CalDAV (Infomaniak, Posteo, Proton Calendar). Native sync to iOS, Android, macOS, Windows, Linux without Google's middleman.
• Drive → Tresorit / Proton Drive / Nextcloud (self or hosted). End-to-end encrypted, EU jurisdiction.
• Photos → Ente / Immich. Both end-to-end encrypted; Immich is self-hosted, Ente is hosted-but-zero-knowledge.

Related projects

Distinct stewardship, aligned aims. We collaborate, share know-how, sometimes contribute upstream — but the codebase isn't ours.

InterHarness In build

A session-management layer for Claude Code: persistent banner, autosave-reinject, zoom in/out across nested sessions, ★-glyph for important items, ih r ↔ ih c semantics, cron-scheduling helpers. Adjacent to OpenHarness; serves the day-to-day operator experience while OpenHarness owns the underlying stack.

Phone — the lane that matters most

Your phone leaks more about you than any other device, by orders of magnitude. Two pragmatic options, depending on hardware:

• Pixel + GrapheneOS — the strongest privacy-respecting Android. Keeps Play Store apps via a sandboxed Google Services layer. Pixel hardware has been the subject of extensive independent third-party research — including academic labs and security firms in Germany and France — on its verified-boot chain, secure-element behaviour, and firmware integrity. That research depth is part of why GrapheneOS chose Pixel as the verified-boot baseline; the result is one of the few mass-market phones whose hardening claims can be independently audited rather than taken on trust. 2026 development: GrapheneOS announced Motorola as the first non-Pixel partner (devices ship 2027), opening the path beyond Pixel's verified-boot lock-in.
• NitroPhone (Nitrokey, Germany) — the turnkey recommendation. Arrives pre-flashed with GrapheneOS, ready to use. EU vendor, EU shipping, EU support. Optional physical removal of the microphones and of sensors that can be re-purposed as microphones (accelerometer, gyroscope). Nitrokey also runs managed deployments for enterprises — the right offer for organisations issuing phones to staff without becoming their own hardware vendor. Pair with a Faraday pouch for high-sensitivity situations — the combination is genuinely strong.
• Shiftphone + ShiftOS-L (Germany) — AOSP without GMS, 5-year patches, fair-trade hardware. Slower silicon; ideologically aligned.
• Fairphone + Murena /e/OS (NL/FR) — turnkey de-Googled, lower bar to entry. Weaker low-level hardening than GrapheneOS but mainstream-usable.
• Linux phones: PinePhone Pro / Librem 5 — hardware kill switches that physically cut modem, WiFi/BT, mic/cam. Daily-use is painful; for the semi-sensitive tier they're one of the few options where you can verify what's powered.
• iOS, hardened. If you're not switching: turn off "Personalized Ads", set Mail Privacy Protection on, switch search default to Brave or DuckDuckGo, switch Safari to "Strict" tracking prevention. Doesn't fix the threat, materially reduces it.

Faraday pouch — the analog backstop

Underrated, low-cost, surprisingly powerful: an RF-blocking phone pouch — like an old-school phone case, but the fabric attenuates cellular, WiFi, Bluetooth, and GPS signals. Slip your phone in; nothing in, nothing out, regardless of what state the OS thinks it's in.

The combination that makes this strong: a NitroPhone with the optional mic + sensor removal, paired with a Faraday pouch when the phone is not in active use. Nothing on the device can listen, and nothing can reach the antennas while pouched. Defence-in-depth, no performance cost, cheap. Mission Darkness and SLNT are the two well-known brands — either works.

For most readers this is overkill. For meetings you'd want privacy on, for crossing borders, or as a default for the private tier — a meaningful upgrade for < €40.

Desktop — OpenMac · OpenWindows

Familiar UI on Linux, so the switching cost stays low. The look-and-feel of an OS isn't copyrighted (Apple v. Microsoft 1994), so these are legally safe.

• OpenMac tracks the early-stage AiryxOS effort, plus emerging projects like Aisha and other macOS-alternative distributions. Reviews-and-comparison page coming.
• OpenWindows tracks ReactOS (30+ years of active development) plus app-compat layers (Wine, CrossOver, Proton).

Hardware horizon — RISC-V

Beyond x86, the open-instruction-set RISC-V ecosystem is the long-term path off Intel ME / AMD PSP firmware. Today: RISC-V workstations exist (Talos, SiFive development boards, Pine64) but performance and software compatibility lag x86. Tomorrow: viable daily-driver hardware. We track the RISC-V Foundation roadmap and surface working setups as they appear — for the semi-sensitive data tier, RISC-V is the hardware target.

Aligned offers

Separate organisations whose offer fits the same person we're writing for. We don't take a cut; we recommend because the alignment is real.

Incogni Aligned offer

Incogni is a data-broker opt-out service. It contacts the (hundreds of) data brokers that buy and resell your information, and tells them — on your behalf, with legal authority — to delete your records and not re-collect.

Complementary to switching providers, not a replacement. You still need to leave Big Tech; Incogni cleans up the trail Big Tech already sold.

Want to know how we decide which projects make the list? See how we grade providers → — and the multiple-accounts pattern for staging your switch without burning daily-driver time.