Plain-English explanations of how phones get tracked, how scams reach you, and what actually works to stop them. Written by the team that builds Casper.
New research shows a VPN's exit IP can identify you across servers. Every tunnel has one — including Casper's. Why the fix was never a magic exit-IP-free VPN, but layered protection that keeps working no matter where your tunnel terminates.
Read articleApple's iCloud Private Relay is a useful privacy feature — and one of the most misunderstood tools on the iPhone. What it actually hides, the apps and traffic it never touches, and why it is not a VPN replacement.
Read articleNordVPN and Surfshark share a parent company, and a handful of private-equity-backed holding groups now control much of the consumer VPN market. Why who owns your VPN is a privacy question — and where an independently built tool stands.
Read articleYou installed an ad blocker and turned on tracking protection — so why do the same ads still follow you from app to app? The gap browser-level blocking leaves wide open, and what actually closes it.
Read articlePi-hole works beautifully — until you walk out your front door. Why home-network DNS filtering goes dark the moment you leave Wi-Fi, and how to get always-on, every-device protection.
Read articleMost ad blockers only work inside Safari — open Instagram, a game, or a shopping app and the ads keep coming. How to block ads across the apps on your iPhone, not just the browser, and what it takes to reach system-level traffic.
Read articleiCloud Private Relay breaks the link between your IP and your browsing — but only in Safari, and it's not a VPN. Where it genuinely protects you, the apps and traffic it never touches, and whether it's enough on its own.
Read articleIf you run a DIY privacy stack — 1Blocker for Safari, Mullvad for VPN, NextDNS for tracker filtering — the question isn't whether the tools are good. They are. The question is when consolidating makes sense. Honest migration playbook, what you give up, and a 3-question decision framework.
Read articleA DNS leak happens when your VPN encrypts traffic but your DNS queries still go to your ISP. Four ways it happens, how to test for one in 60 seconds, and how to fix it on every OS.
Read articleTwo UDP packets, under 100ms, Noise_IK + Curve25519 + ChaCha20-Poly1305. The handshake that proves identity, agrees session keys, and rotates every two minutes.
Read articleEven with cookies blocked and a VPN on, websites can still identify you by combining ~30 device attributes. What fingerprinting is, why it survives cookie clearing, what actually defends.
Read articleSplit tunneling lets some apps go through the VPN tunnel and lets others connect directly. Useful for streaming, banking, local-network services — and a known source of leaks if configured wrong.
Read articleA kill switch blocks your internet the moment the VPN drops. In practice, three different mechanisms get marketed under that name. How each works, how each fails, and what to actually look for.
Read articleBoth encrypt DNS. The difference is port, visibility, and blockability. DoT runs on port 853 and looks like encrypted DNS. DoH mixes with HTTPS on 443. That distinction has real-world consequences.
Read articleOpenVPN since 2001, WireGuard since 2016. Code size, cryptographic primitives, mobile battery, roaming behavior, audit history — what's actually different, and where OpenVPN still wins.
Read articleYour phone is being tracked by apps, websites, your carrier, and ad networks — in at least 4 different ways. Here's exactly how each type works and how to stop it, step by step for iPhone and Android.
Read articleCookies, fingerprinting, CNAME cloaking, server-side analytics, cross-device graphs — the 6 mechanisms tracking you online, what each defense actually stops, and where the gaps remain.
Read articleApple's ATT blocks one identifier. Apps adapted with fingerprinting, shared SDKs, and server-side analytics. What's still tracking you and how to stop each layer.
Read articleAndroid gives you more ad-blocking options than iOS. Private DNS, AdGuard, Blokada, VPN-based filtering, Samsung Internet, Firefox + uBlock Origin — what each blocks and the trade-offs.
Read articleNot all iPhone privacy settings are created equal. Ranked by actual impact: which iOS settings matter, which are theater, and what fills the gaps Apple leaves open.
Read articleMost pop-up ads on iPhone aren't malware — they're web push notifications you accidentally allowed. Here's how to fix it, plus how to block ads across every app.
Read articleBeyond Face ID and passcodes: iCloud Advanced Data Protection, authenticator-app 2FA, Lockdown Mode, app permission audits, and network-level threat protection.
Read articleWhat website trackers are (analytics, ad pixels, fingerprinting, CNAME cloaking), where they hide, and the 4 methods to block them — with trade-offs for each.
Read articlePrevention beats detection. The specific defenses that close the real attack vectors: password hygiene, authenticator 2FA, SIM lock, OS updates, and network protection.
Read article20-item checklist covering authentication, privacy settings, iCloud security, network protection, and app hygiene. Each item: what to do, where to find it, why it matters.
Read article1Blocker, AdGuard for Safari, Wipr, Ka-Block!, Firefox Focus, and DNS-based alternatives. Which blocks the most ads, which has the lowest battery impact, and which works outside Safari.
Read articleNordVPN has 6000+ servers and best-in-class geo-unblocking. Casper adds AI threat detection, built-in ad/tracker blocking, and decoy traffic. Where each wins.
Read articleMost 'is my phone hacked?' moments are caused by aggressive ads, a misbehaving app, or normal battery degradation. Actual compromises leave specific forensic traces. Here's how to tell the difference, what to do if it's real, and how to prevent it.
Read articleFive real methods to block ads and trackers on iPhone: Safari content blockers, DNS-based blocking, VPN-based network filtering, Pi-hole at home, and iOS built-in privacy features. Honest comparison table with battery impact, coverage scope, and trade-offs.
Read articleTraditional antivirus compares files against known signatures. ML-based detection builds a model that recognizes patterns of malicious behavior — catching threats nobody has seen before. The three main approaches (static, behavioral, network), what Casper uses at the DNS layer, and honest limitations.
Read articleA decoy network generates fake browsing traffic that mixes with your real traffic, making surveillance and traffic analysis much harder. The military and enterprise precedent, how Casper's Decoy Domains feature works, honest limitations, and who actually needs this.
Read articleDoH encrypts DNS queries — closes ISP DNS snooping, coffee-shop DNS injection, and naive censorship. Doesn't close SNI leakage, IP-based destination identification, or trust in your chosen resolver. Breaks parental controls + enterprise security unless configured carefully. Honest map of the trade-offs and how DoH fits with VPNs + DNS-level filtering.
Read articleRunning a VPN service costs real money. Three honest categories of "free" VPN: limited tier from a paid provider (usually fine), free-for-a-purpose (depends on who's paying), free-as-monetization (where the documented harm has lived — Hola/Luminati device-as-exit-node, Onavo/Facebook data-broker, free Android VPN malware studies). Field guide for telling them apart.
Read article"Don't use public WiFi" was good 2015 advice. In 2026 most classic attacks (SSL strip, ARP spoof MITM) are mitigated by HTTPS + HSTS. Three categories still work: evil-twin rogue APs, captive portal exploitation, traffic-analysis at the metadata layer. Honest current-state map.
Read articlemacOS sits between iOS (highly sandboxed) and other desktops (anything goes). The OS gives you reasonable protections by default plus several powerful controls most users never find. The honest map of what the macOS privacy stack covers — and the surface area it leaves open.
Read articleAndroid has more privacy controls than most realize and bigger default-config gaps than iOS. The specific settings that actually matter (Advertising ID, Private DNS, Privacy Dashboard, OEM telemetry), what Google still sees no matter what you toggle, and the two-layer model that closes the gap.
Read articleApple ships a privacy feature that looks like a VPN, walks like a VPN, but isn't one. iCloud Private Relay is a Safari-only, double-hop encrypted proxy. Honest scope breakdown: what it covers, what it doesn't (other browsers, every non-browser app, ads, trackers, phishing), and what fills the gap.
Read articleDNS-level filtering is one of the most leveraged interventions in consumer privacy — and it has four real limitations vendors don't advertise. Here's the mechanism, the limits (encrypted payloads, DoH bypass, CDN sharing, ECH), and the two-layer model that closes the gap.
Read articleUSPS package smishing, fake toll bills, and refund-confirmation texts now drive more credential theft than email phishing for mobile users. We break down how three campaigns actually work — lure, infrastructure, why they keep working, and what catches them.
Read articleApple's 'Ask App Not to Track' prompt blocks one specific identifier. Apps continue tracking via fingerprinting, shared SDKs, hashed identifiers, and CNAME-cloaked endpoints. We break down what ATT actually does, what it doesn't, and how to close the gap.
Read article