features
voidme is a list of choices. each one is here because the alternative was logging, persistence, or a promise to delete things later. we picked the version that doesn't keep what others would.
your session host doesn't exist before you connect and doesn't exist after you disconnect. we're not running servers waiting for you — we're spinning a fresh container per session and destroying it the moment you're done. there is no shared infrastructure, no persistent state, no warm pool.
wireguard private keys, neko passwords, container identities — all generated at session start, all destroyed at session end. no key reuse across sessions. no key persistence on the host. no master key that someone could exfiltrate.
sessions stream to whatever browser you already have via webrtc. there's no app to install, no client to update, no fingerprintable software on your device. your local machine sees a video stream. that's it.
the privacy boundary lives inside the container, not at our infrastructure perimeter. the wireguard interface is created with keys we generated for you and that exist nowhere else. your traffic exits through it to a separate masking layer (L2) before reaching the public internet.
your session container runs on one fleet (L1). your traffic exits the internet from a different fleet (L2). the host that streams your session and the host that talks to the public internet on your behalf are not the same machine. compromise of either one alone reveals nothing useful.
no email required. no name. no phone number. you get a randomly-generated voidID that we don't link to any identifying information about you. an email can be optionally attached if you want recovery — and we encrypt it on storage with a key we don't keep online.
pay in crypto and the only person who knows you bought a session is you. we don't need your card, your billing address, or your bank.
walk into a retailer, buy a scratch-off card with cash, scan the qr code in our app — your account is funded with no record connecting the purchase to your identity. the way pre-paid sim cards used to work, before they all required an ID.
session containers route all DNS to Quad9 (9.9.9.11) — a Swiss nonprofit foundation, structurally harder to compel than a US for-profit corporation. audited no-log retention, malware-domain blocking, DNSSEC validation by default. your dns queries leave through our tunnel and arrive at the resolver mixed in with every other voidme user routed through the same exit. no individual query attributable to any individual user.
unlimited per session. metering bandwidth would require tracking per-user usage data — exactly the kind of metadata we architecturally refuse to keep. you pay a flat rate. use what you need.
firefox · brave · chromium · librewolf · cromite · vivaldi. covering the firefox-family, the chromium-family, the privacy-hardened forks, and the customization-power-user crowd. your choice — switch any time.
telegram · signal · element · thunderbird · slack · libreoffice · gimp · inkscape · vlc · filezilla. dedicated single-app sessions. encrypted messengers, productivity tools, and creative software — each in its own ephemeral container with its own tunnel.
xfce desktops with browser, file manager, terminal, text editor — five distro flavors available. for when you need the freedom of a full computing environment that disappears when you walk away.
every privacy company has a list. ours is enforced by the architecture, not the marketing.
we don't keep logs.
we can't. there is no logging system because there is no persistent infrastructure to log to. session containers are destroyed before any retention policy could even apply.
we don't store IP addresses.
your IP touches our orchestration during session setup and is gone the moment that record is overwritten by the next session. nothing persists.
we don't run analytics on your activity.
no behavioral telemetry. no engagement scoring. no a/b funnels run against your session. we do not know what you do inside a container and the architecture prevents us from finding out.
we don't share data with third parties.
there is no data to share. third parties asking would receive a polite explanation that the bytes they're requesting were destroyed minutes after the session ended.
we don't require an email.
creating an account does not require any personal information. a randomly-generated voidID is enough. an optional email may be attached for recovery — encrypted at rest with a key we don't keep online.
we don't run a referral program that tracks you.
no affiliate cookies. no utm tracking pixels. no sign-up source mapping that ties your account to whatever site sent you here.
we don't sync your activity across devices.
because there's no activity to sync. each session is its own world.
what doesn't exist can't be requested.
every feature on this page exists because the version that kept records didn't.
start a session