PRIVATE.SH EXTENSION

The private.sh Chrome & Firefox Extension allow you to run encrypted searches directly from your browser using static JavaScript running on your machine.

Available for macOS, Windows, Android (Firefox only) and Linux on Google Chrome and Firefox. We also provide standalone versions of the extension outside of the Chrome and Firefox stores that are crypograhically signed by us.

Download from Firefox Add-ons

You can turn off automatics updates in about:addons by setting Allow automatic updates to off in the Private.sh extension.

Verifying Private.sh digital signatures

The Private.sh team digitally sign all our standalone releases with GnuPG/OpenPGP, allowing users to verify the authenticity and integrity of the extensions independently. By confirming that the provided signatures are valid for the corresponding extensions (xpi and crx-files) you've downloaded, you gain cryptographic assurance that the files originated from the original developer(s) and that they were not altered or tampered with by a third party.

Please make sure that you have GnuPG/OpenPGP installed and imported the Private.sh Release Signing Key (499D877C). If you have curl on your system, you can use the following one-liner to import the signature key: curl https://download.private.sh/extension-signkey.asc | gpg --import

Check the signing key with gpg --fingerprint 3A915DDF499D877C and confirm that the output contains 46AE B760 14E4 A5B4 EF92 8E11 3A91 5DDF 499D 877C.

You confirm the digital signatures of the chrome extension with gpg --verify psh-extension-standalone-0.1.6.4.crx.asc and gpg --verify psh-extension-standalone-0.1.6.4.xpi.asc for Firefox.

If both outputs says Good signature from "PrivateStorage Release Signing Key" [unknown] and that the RSA key is the same as above: 46AE B760 14E4 A5B4 EF92 8E11 3A91 5DDF 499D 877C, you know that the files came from us and are safe to install in your browser.