The latest articles on DEV Community by Srini Ananthakrishnan (@srianant). https://dev.to/srianant https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3840628%2F8006a515-c84c-4b4b-92d6-08becb9bead5.jpg https://dev.to/srianant en Srini Ananthakrishnan Mon, 23 Mar 2026 18:06:25 +0000 https://dev.to/srianant/openobscure-open-source-on-device-privacy-firewall-for-ai-agents-2gk6 https://dev.to/srianant/openobscure-open-source-on-device-privacy-firewall-for-ai-agents-2gk6 <p><strong>OpenObscure</strong> - an open-source, <strong>on-device privacy firewall for AI agents</strong> that sits between your AI agent and the LLM provider.</p> <p><strong>Try it with OpenClaw</strong>: <a href="https://github.com/OpenObscure/OpenObscure/blob/main/setup/gateway_setup.md" rel="noopener noreferrer">https://github.com/OpenObscure/OpenObscure/blob/main/setup/gateway_setup.md</a></p> <p><strong>The problem with [REDACTED]</strong></p> <p>Most tools redact PII by replacing it with a placeholder. This works for compliance theater but breaks the LLM: it can't reason about the structure of a credit card number or SSN it can't see. You get garbled outputs or your agent has to work around the gaps.</p> <p><strong>What OpenObscure does instead</strong></p> <p>It uses FF1 Format-Preserving Encryption (AES-256) to encrypt PII values before the request leaves your device. The LLM receives a realistic-looking ciphertext — same format, fake values. On the response side, values are automatically decrypted before your agent sees them. One-line integration: change <code>base_url</code> to the local proxy.</p> <p><strong>What's in the box</strong></p> <ul> <li><p>PII detection: regex + CRF + TinyBERT NER ensemble, 99.7% recall, 15+ types</p></li> <li><p>FF1/AES-256 FPE — key in OS keychain, nothing transmitted</p></li> <li><p>Cognitive firewall: scans every LLM response for persuasion techniques across 7 categories (250-phrase dict + TinyBERT cascade) — aligns with EU AI Act Article 5 requirements on prohibited manipulation</p></li> <li><p>Image pipeline: face redaction (SCRFD + BlazeFace), OCR text scrubbing, NSFW filter</p></li> <li><p>Voice: keyword spotting in transcripts for PII trigger phrases</p></li> <li><p>Rust core, runs as Gateway sidecar (macOS/Linux/Windows) or embedded in iOS/Android via UniFFI Swift/Kotlin bindings</p></li> <li><p>Auto hardware tier detection (Full/Standard/Lite) depending on device capabilities</p></li> </ul> <p>MIT / Apache-2.0. No telemetry. No cloud dependency.</p> <p>Repo: <a href="https://github.com/openobscure/openobscure" rel="noopener noreferrer">https://github.com/openobscure/openobscure</a></p> <p>Demo: <a href="https://youtu.be/wVy_6CIHT7A" rel="noopener noreferrer">https://youtu.be/wVy_6CIHT7A</a></p> <p>Site: <a href="https://openobscure.ai" rel="noopener noreferrer">https://openobscure.ai</a></p> rust privacy opensource openclaw