Do I need to share my passwords or give remote access?

No. The service is based on guided self-service.

Can my digital footprint be removed entirely from the internet?

Complete removal is rarely possible, but the footprint can be significantly reduced.

What happens during the initial assessment?

30-60 min session, written summary and action plan.

Is this service only for technical people?

No. Written clearly for anyone.

Where do you operate geographically?

Based in Tampere, serving all of Finland remotely.

How much does it cost and is there a satisfaction guarantee?

Pricing at /en/packages. 100% satisfaction guarantee.

What services does turva.dev offer?

Assessment, account security, devices, scam protection, children, privacy, custom.

Can I contact you anonymously?

Yes, via Signal @turva.19 or email.

Tampere, Finland

Signal: @turva.19

info@turva.dev

Hands-on security and privacy

Clear assessments and practical guidance for individuals and small businesses. Improve account security, 2FA, device settings, and scam protection without unnecessary technical jargon.

Assessment and a clear action plan
Account security, 2FA, and device hardening
Scam protection and safer settings for children

suomi English

How I work

The service is backed by a registered company whose information is publicly verifiable. Link to the YTJ website.

"I have written everything so that the security topics are clear to anyone – not just tech people.

If our conversation reveals that your situation is technically much more demanding than it might seem from the website at first glance, that's not a problem. On the contrary.

Whether your goal is maximum anonymity, pushing back against mass surveillance, or simply taking better care of your personal privacy – don't hesitate to reach out. I can help in any situation, and no concern is too small or too big.

Want to disappear from the internet? Consider it done. I won't ask why – I'll help you erase your digital footprint as thoroughly as possible."

You get practical guidance tailored to your situation. The goal is not to sell fear, but to help you make the right changes calmly and clearly.

You do not give me your passwords
You do not give remote access to your devices
You make the changes yourself with guidance

I don't build my service on advertising. I build it on the quality of the work: a clear initial assessment, concrete measures, and a transparent way of working. The best results come when clients recommend me to others.

100% satisfaction guarantee – if you're not satisfied, you get your money back.

Services

Assessment (30–60 min): overview of your current situation and 3–10 most important fixes in priority order
Device and account security: getting updates, passwords, 2FA, and recovery methods in order
Everyday scam protection: reducing the risk of banking, postal, and phishing messages
Children's devices: security settings and sensible restrictions
Basic privacy package: browser, DNS, and communications
Custom packages for individuals and businesses
High-risk protection: fast practical implementation for sensitive situations

What you get as a result

You get a written summary and a clear "do this first" plan – so you know what to tackle now and what can wait.

I deliver instructions as clear, numbered steps. We can use Signal (encrypted messaging) or CryptPad (encrypted documents) to share and edit them – everything stays end-to-end encrypted and private.

Is this a good fit?

It's a good fit if

you can use your devices and change settings
you want to do things properly and follow instructions

It's not a good fit if

you don't want to make the changes yourself
you're looking for a quick fix without building lasting habits

How does it work?

Assessment: your current state and risks
Priorities: the 3–10 most important fixes in order
Implementation: you make the changes, I help make security part of your daily routine

Contact

Contacting me is easy: in addition to email, you can also message me via Signal or SimpleX apps.

Get in touch, and I'll assess your situation and suggest the most suitable way forward.

Tell me two things:

whether you use an iPhone or Android
what worries you the most: accounts / scams / children / business

I will reply within 24 hours

Who am I and why do I know I can help?

My engineering background is reflected in my way of working: I measure, test, and simplify. I have worked for years in international companies, but my passion for information security and privacy was born from a personal need to separate work and private life. I have gone through countless tools and operating models – and have kept only those that truly work in daily life.

The biggest challenge (and at the same time, the biggest benefit for you) is this: building a threat model for you that is strong enough, but also realistic to follow. When the model is right, security doesn't remain a "project" – it becomes a routine.

Are you ready to take back your privacy?
Confidentiality is the default.
Better security. Better peace of mind.

I recommend messaging via Signal or SimpleX (E2EE). If you use Proton Mail and send from Proton to Proton, the messages are end-to-end encrypted. Otherwise, email is not E2EE by default.

Contact me

Links to news and blogs

Links are for further reading. I handle things practically and choose the right approach for you – you don't need these to understand or follow through on my recommendations.

Android ↔ iPhone messages are now end-to-end encrypted – Google and Apple ship E2EE RCS, Google, EN

▸ Google and Apple have led a cross-industry effort to bring end-to-end encryption (E2EE) to Rich Communication Services (RCS), the cross-platform format that replaces traditional SMS between Android and iPhone users . Rollout begins for iPhones running iOS 26.5 on supported carriers and Android devices on the latest Google Messages . In practice, message contents cannot be intercepted or read in transit between devices – not by carriers, not by Google, not by Apple . In Google Messages, encryption appears as the same lock icon previously used in Android↔Android RCS chats, is on by default, and will be enabled automatically for both new and existing conversations over time . This is a practical milestone: for the first time, ordinary cross-platform texts get the same class of encryption as Signal and WhatsApp – without users having to think about it. Bottom line: update to iOS 26.5 or the latest Google Messages – encryption activates without any extra steps.

Proton Mail introduces post-quantum encryption – available even on free plans, Proton, EN

▸ Proton Mail has rolled out post-quantum cryptography (PQC) as an optional upgrade for all users, including free plans. The feature generates post-quantum-ready keys that protect new encrypted emails against future threats, where today's public-key cryptography (RSA, elliptic curves) may no longer be sufficient. The acute threat isn't quantum computers breaking encryption today – it's the "harvest now, decrypt later" strategy, where attackers archive encrypted traffic now and decrypt it later once quantum capability matures. Important: PQC only protects new messages; it does not retroactively re-encrypt your existing mailbox. As part of this work, Proton is also adding support for OpenPGP v6, the framework that enables modern algorithms including PQC. Combined with Google's Q-Day estimate of 2029 (see news 6), this is a practical first step toward quantum-safe email. Bottom line: enable PQC today – it's free and architecturally significant.

Microsoft 365 Copilot routes data to OpenAI and Anthropic – even with EU Data Boundary enabled, Proton, EN

▸ Microsoft's new Copilot Flex pricing model routes queries to third-party servers even when the customer has enabled the "EU Data Boundary" setting. In practice, a company's confidential documents, emails, and Teams conversations may end up being processed by OpenAI and Anthropic without the customer knowing. If you use M365 Copilot, check your admin panel's data processing settings today. If you have GDPR obligations, document the new processing activity – or disable Copilot until Microsoft offers a genuine EU-only routing option. The key takeaway: "EU Data Boundary" no longer means what it sounds like.

What small businesses get wrong about password managers, Proton, EN

▸ Small and medium-sized businesses are increasingly targeted by credential-based attacks due to distributed teams and SaaS tool sprawl. While over half of SMBs use password managers, many still experience breaches because these tools are not used correctly. Key issues include unsafe credential sharing through insecure channels (documents, email, messaging), security training alone being insufficient, and unmanaged access sprawl across cloud services. The key takeaway: having security tools is not the same as being protected – consistent enforcement is what matters. Recommendations: use password managers built for teams, audit access, replace shared logins, enforce MFA, and make offboarding systematic.

PII is not just names and ID numbers, Proton, EN

▸ Personally identifiable information isn't limited to names or ID numbers. IP addresses, login credentials, location history, and combinations of seemingly ordinary data can all reveal a person's identity. According to Verizon's 2025 report, stolen credentials are the most common attack vector for both large and small organizations – roughly a third of breaches start with them. Proton's Data Breach Observatory found that names and email addresses are exposed in nearly 9 out of 10 breaches, and passwords appear in almost half. Protecting PII isn't just a compliance obligation – it's a direct security issue that affects every organization.

Google's warning: quantum computers could break current encryption by 2029, Ars Technica, EN

▸ Google has moved up its internal "Q-Day" deadline to 2029 – the point at which quantum computers will be capable of breaking current public-key cryptography, including RSA and elliptic curve encryption. In practice, this affects all encrypted traffic: online banking, email, VPN connections, and messaging apps. Particularly concerning is the "store now, decrypt later" threat – attackers can collect encrypted traffic today and decrypt it later once quantum hardware matures. Google has already begun integrating post-quantum cryptography algorithms into Android and the Play Store. For everyday users, the most important step is to keep devices and apps up to date – software updates will deliver quantum-safe encryption automatically.

Update now: Apple released iOS, iPadOS and macOS 26.4 – includes important security fixes, Ars Technica, EN

▸ Apple has released 26.4 updates for all its platforms. The most important reason to update immediately is the large number of security fixes. The update also enables Stolen Device Protection by default, which protects your phone from misuse after theft. It also includes MacBook battery charge limits, new emojis, and improvements to Safari and Family Sharing payment settings.

Your apps leak your location – even the FBI uses data brokers, Proton, EN

▸ The FBI has admitted to purchasing people's location data from commercial data brokers to bypass traditional court orders. Proton's recent article is a sobering reminder of where data collected by everyday phone apps actually ends up. Read our overview of how the hidden data economy affects your privacy and how you can easily protect yourself by restricting unnecessary app permissions.

Survey: 78% of parents are concerned about their children's online privacy, Proton, EN

▸ Proton's "Born Private" survey reveals that 78 percent of parents are concerned about their children's privacy online. Top concerns include identity theft and the long-term impact of digital footprints on children's safety, reputation, and future opportunities. According to the study, 76% of children get their own smart device by age 10, and most of them use services heavily reliant on data collection. As many as 62% of parents wish they could wipe their children's online data entirely and start fresh. The results highlight a growing need for privacy-respecting tools for families.

March 2026 updates: Microsoft patched 77 vulnerabilities, Krebs On Security, EN

▸ Microsoft has released its March 2026 security updates (Patch Tuesday), fixing at least 77 vulnerabilities in Windows and other software. While there were no critical zero-day exploits, the update patches serious flaws including one in Microsoft Office where malicious code could be executed simply by previewing a file. Over half of the fixes address privilege escalation issues. Devices and software should be updated without delay.

Why Brave opposes Google's Android developer registry, Brave, EN

▸ Google plans to require all Android developers to provide official government ID regardless of whether they distribute apps through Google Play or elsewhere. Brave, EFF, Tor Project, and others are demanding in an open letter that Google withdraw the requirement, work transparently with developers and civil society, and commit to platform neutrality. The key takeaway: privacy should be easy for both users and developers who build privacy-protecting tools.

AI agent oversharing on the web, Brave, EN

▸ When an AI agent handles tasks on your behalf online, it can inadvertently expose your data – not just through text, but also through clicks, browsing, and navigation. The research introduces the SPILLAGE framework, which measures and classifies this invisible leakage. The key takeaway: protecting content alone is not enough, because the agent's behavior itself is a data leak.

Are AI toys safe for children?, Proton, EN

▸ AI toys collect extensive data from children: conversation history, voice samples, and personal information. Data protection is often inadequate, and outsiders can gain access. The article recommends avoiding AI toys entirely or at minimum restricting network connections, disabling unnecessary features, and keeping the device out of the bedroom.

Deepfake prevention, Proton, EN

▸ Deepfake scams often exploit publicly available photos, videos, and voice samples. That's why prevention starts with limiting your digital footprint and making it harder to reuse your material. The key takeaway: prevention is easier than damage control.

Insider threat in practice, Proton, EN

▸ What insider threat means in everyday operations and how to reduce it with the basics: access controls, visibility, and clear procedures.