mirror of
https://github.com/privacyguides/i18n.git
synced 2026-05-07 19:21:26 +00:00
New Crowdin translations by GitHub Action
This commit is contained in:
Crowdin Bot
@@ -51,7 +51,7 @@ VPNs cannot encrypt data outside the connection between your device and the VPN
|
||||
|
||||
Using a VPN in cases where you're using your [real-life or well-known identity](common-misconceptions.md#complicated-is-better) online is unlikely to be useful. Doing so may trigger spam and fraud detection systems, such as if you were to log into your bank's website.
|
||||
|
||||
It's important to remember that a VPN will not provide you with absolute anonymity, because the VPN provider itself will still see your real IP address, destination website information, and often has a money trail that can be linked directly back to you. You can't rely on "no logging" policies to protect your data from anyone who is able to protect. If you need complete safety from the network itself, consider using [Tor](../advanced/tor-overview.md) in addition to or instead of a VPN.
|
||||
It's important to remember that a VPN will not provide you with absolute anonymity because the VPN provider itself will still have access to your real IP address, destination website information, and often a money trail that can be linked directly back to you. "No logging" policies are merely a promise; if you need complete safety from the network itself, consider using [Tor](../advanced/tor-overview.md) in addition to or instead of a VPN.
|
||||
|
||||
You also should not trust a VPN to secure your connection to an unencrypted, HTTP destination. In order to keep what you actually do on the websites you visit private and secure, you must use HTTPS. This will keep your passwords, session tokens, and queries safe from the VPN provider and other potential adversaries in between the VPN server and your destination. You should enable HTTPS-only mode in your browser (if it's supported) to mitigate attacks which try to downgrade your connection from HTTPS to HTTP.
|
||||
|
||||
|
||||
+5
-5
@@ -26,7 +26,7 @@ These are our favorite public DNS resolvers based on their privacy and security
|
||||
| [**AdGuard Public DNS**](https://adguard-dns.io/en/public-dns.html) | Cleartext DoH/3 DoT DoQ DNSCrypt | Anonymized[^1] | Anonymized | Based on server choice. لك العثور على قائمة التصفيات المستخدمة هنا. [:octicons-link-external-24:](https://github.com/AdguardTeam/AdGuardDNS) | Yes [:octicons-link-external-24:](https://adguard-dns.io/en/blog/encrypted-dns-ios-14.html) |
|
||||
| [**كلاودفلير**](https://developers.cloudflare.com/1.1.1.1/setup) | Cleartext DoH/3 DoT | Anonymized[^2] | لا يوجد | Based on server choice. | No [:octicons-link-external-24:](https://community.cloudflare.com/t/requesting-1-1-1-1-signed-profiles-for-apple/571846) |
|
||||
| [**Control D Free DNS**](https://controld.com/free-dns) | Cleartext DoH/3 DoT DoQ | No[^3] | لا يوجد | Based on server choice. | Yes [:octicons-link-external-24:](https://docs.controld.com/docs/macos-platform) |
|
||||
| [**dns0.eu**](https://dns0.eu) | Cleartext DoH/3 DoH DoT DoQ | Anonymized[^4] | Anonymized | Based on server choice. | Yes [:octicons-link-external-24:](https://dns0.eu/zero.dns0.eu.mobileconfig) |
|
||||
| [**DNS0.eu**](https://dns0.eu) | Cleartext DoH/3 DoH DoT DoQ | Anonymized[^4] | Anonymized | Based on server choice. | Yes [:octicons-link-external-24:](https://dns0.eu/zero.dns0.eu.mobileconfig) |
|
||||
| [**ملفاد**](https://mullvad.net/en/help/dns-over-https-and-dns-over-tls) | DoH DoT | No[^5] | لا يوجد | Based on server choice. لك العثور على قائمة التصفيات المستخدمة هنا. [:octicons-link-external-24:](https://github.com/mullvad/dns-adblock) | Yes [:octicons-link-external-24:](https://mullvad.net/en/blog/profiles-to-configure-our-encrypted-dns-on-apple-devices) |
|
||||
| [**كواد٩**](https://quad9.net) | Cleartext DoH DoT DNSCrypt | Anonymized[^6] | اختياري | Based on server choice, malware blocking by default. | Yes [:octicons-link-external-24:](https://quad9.net/news/blog/ios-mobile-provisioning-profiles) |
|
||||
|
||||
@@ -166,13 +166,13 @@ NextDNS also offers public DNS-over-HTTPS service at `https://dns.nextdns.io` an
|
||||
|
||||
While RethinkDNS takes up the Android VPN slot, you can still use a VPN or Orbot with the app by [adding a WireGuard configuration](https://docs.rethinkdns.com/proxy/wireguard) or [manually configuring Orbot as a Proxy server](https://docs.rethinkdns.com/firewall/orbot), respectively.
|
||||
|
||||
### dnscrypt-proxy
|
||||
### DNSCrypt-Proxy
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**dnscrypt-proxy** is a DNS proxy with support for [DNSCrypt](advanced/dns-overview.md#dnscrypt), [DNS-over-HTTPS](advanced/dns-overview.md#dns-over-https-doh), and [Anonymized DNS](https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Anonymized-DNS).
|
||||
**DNSCrypt-Proxy** is a DNS proxy with support for [DNSCrypt](advanced/dns-overview.md#dnscrypt), [DNS-over-HTTPS](advanced/dns-overview.md#dns-over-https-doh), and [Anonymized DNS](https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Anonymized-DNS).
|
||||
|
||||
[:octicons-repo-16: Repository](https://github.com/DNSCrypt/dnscrypt-proxy){ .md-button .md-button--primary }
|
||||
[:octicons-info-16:](https://github.com/DNSCrypt/dnscrypt-proxy/wiki){ .card-link title=Documentation}
|
||||
@@ -216,6 +216,6 @@ Additionally, all public providers:
|
||||
[^1]: تخزِّن آدجارد قياسات الأداء المجمَّعة من خوادم أنظمة تسمية نطاقاتهم، وتتضمَّن عدد الطلبات المكتملة لكلِّ خادم، وعدد الطلبات المحظورة، وسرعة معالجة الطلبات. وتخزِّن أيضًا قاعدة بيانات بها النطاقات المطلوبة خلال آخر ٢٤ ساعة. «نحتاج هذه المعلومات لنتحرَّى ونحظر المتتبِّعات والمخاطر الجديدة.» «وكذلك نسجِّل عدد المرات التي تُحظر فيها المتتبِّعات. نحتاج هذه المعلومات لنزيل القواعد القديمة من تصفياتنا.» [https://adguard-dns.io/en/privacy.html](https://adguard-dns.io/en/privacy.html)
|
||||
[^2]: تجمِّع وتخزِّن كلاودفلير عددًا قليلًا من استعلامات أنظمة تسمية النطاقات المرسلة للمحلِّل ١٫١٫١٫١. لا تسجِّل خدمة المحلِّل ١٫١٫١٫١ بيانات شخصيةً، وغالب ما تسِّجل من بيانات لا تعرِّف الأشخاص تخزَّن مدَّة ٢٥ ساعةً لا أكثر. [https://developers.cloudflare.com/1.1.1.1/privacy/public-dns-resolver/](https://developers.cloudflare.com/1.1.1.1/privacy/public-dns-resolver)
|
||||
[^3]: تسجِّل كنترول دي البيانات من المحلِّلات المدفوعة التي لها ملفَّات تعريف مخصَّصة فقط. المحلِّلات المجَّانية لا تسجِّل بيانات. [https://controld.com/privacy](https://controld.com/privacy)
|
||||
[^4]: dns0.eu collects some data for their threat intelligence feeds, to monitor for newly registered/observed/active domains and other bulk data. That data is shared with some [partners](https://docs.dns0.eu/data-feeds/introduction) for e.g. security research. They do not collect any Personally Identifiable Information. [https://dns0.eu/privacy](https://dns0.eu/privacy)
|
||||
[^4]: DNS0.eu collects some data for their threat intelligence feeds, to monitor for newly registered/observed/active domains and other bulk data. That data is shared with some [partners](https://docs.dns0.eu/data-feeds/introduction) for e.g. security research. They do not collect any Personally Identifiable Information. [https://dns0.eu/privacy](https://dns0.eu/privacy)
|
||||
[^5]: خدمة أنظمة تسمية النطاقات من ملفاد متاحة للمشتركين في خدمة الشبكة الخاصة الافتراضية ولغير المشتركين كذلك. تزعم سياسة خصوصيتهم صريحًا أنهم لا يسجِّلون طلبات أنظمة تسمية النطاقات أبدًا. [https://mullvad.net/en/help/no-logging-data-policy/](https://mullvad.net/en/help/no-logging-data-policy)
|
||||
[^6]: تجمع كواد٩ بعض البيانات لمراقبة المخاطر والاستجابات. ويمكن لتلك البيانات أن تُخلط وتُشارك، وغرض ذلك قد يكون لأبحاث الأمن. لا تجمع كواد٩ ولا تسجِّل عناوين IP أو أيَّ بيانات تصنِّفها معرِّفةً شخصيًّا. [https://quad9.net/privacy/policy](https://quad9.net/privacy/policy)
|
||||
|
||||
@@ -14,7 +14,7 @@ An **email aliasing service** allows you to easily generate a new email address
|
||||
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji } [addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji } [Addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji } [SimpleLogin](email-aliasing.md#simplelogin)
|
||||
|
||||
</div>
|
||||
@@ -36,13 +36,13 @@ Our email aliasing recommendations are providers that allow you to create aliase
|
||||
|
||||
Using an aliasing service requires trusting both your email provider and your aliasing provider with your unencrypted messages. Some providers mitigate this slightly with automatic PGP encryption[^1], which reduces the number of parties you need to trust from two to one by encrypting incoming emails before they are delivered to your final mailbox provider.
|
||||
|
||||
### addy.io
|
||||
### Addy.io
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**addy.io** lets you create 10 domain aliases on a shared domain for free, or unlimited "standard" aliases.
|
||||
**Addy.io** lets you create 10 domain aliases on a shared domain for free, or unlimited "standard" aliases.
|
||||
|
||||
[:octicons-home-16: Homepage](https://addy.io){ .md-button .md-button--primary }
|
||||
[:octicons-eye-16:](https://addy.io/privacy){ .card-link title="Privacy Policy" }
|
||||
@@ -62,9 +62,9 @@ Using an aliasing service requires trusting both your email provider and your al
|
||||
|
||||
</div>
|
||||
|
||||
The number of shared aliases (which end in a shared domain like @addy.io) that you can create is limited to 10 on addy.io's free plan, 50 on their $1/month plan and unlimited on the $4/month plan (billed $3 for a year). You can pay for these plans using [cryptocurrency](https://addy.io/help/subscribing-with-cryptocurrency) or purchase a voucher code from [ProxyStore](https://addy.io/help/voucher-codes), addy.io's official reseller.
|
||||
The number of shared aliases (which end in a shared domain like @addy.io) that you can create is limited to 10 on Addy.io's free plan, 50 on their $1/month plan and unlimited on the $4/month plan (billed $3 for a year). You can pay for these plans using [cryptocurrency](https://addy.io/help/subscribing-with-cryptocurrency) or purchase a voucher code from [ProxyStore](https://addy.io/help/voucher-codes), Addy.io's official reseller.
|
||||
|
||||
You can create unlimited standard aliases which end in a domain like @[username].addy.io or a custom domain on paid plans. However, as previously mentioned, this can be detrimental to privacy because people can trivially tie your standard aliases together based on the domain name alone. They are useful where a shared domain might be blocked by a service. Securitum [audited](https://addy.io/blog/addy-io-passes-independent-security-audit) addy.io in September 2023 and no significant vulnerabilities [were identified](https://addy.io/addy-io-security-audit.pdf).
|
||||
You can create unlimited standard aliases which end in a domain like @[username].addy.io or a custom domain on paid plans. However, as previously mentioned, this can be detrimental to privacy because people can trivially tie your standard aliases together based on the domain name alone. They are useful where a shared domain might be blocked by a service. Securitum [audited](https://addy.io/blog/addy-io-passes-independent-security-audit) Addy.io in September 2023 and no significant vulnerabilities [were identified](https://addy.io/addy-io-security-audit.pdf).
|
||||
|
||||
Notable free features:
|
||||
|
||||
|
||||
@@ -16,13 +16,13 @@ Keep track of your health and fitness-related goals with these apps. Unlike thei
|
||||
|
||||
Popular menstrual trackers like [Flo](https://techcrunch.com/2021/01/13/flo-gets-ftc-slap-for-sharing-user-data-when-it-promised-privacy) are notorious for collecting and sharing your user data. Depending on your jurisdiction, this may lead to [legal consequences](https://forbes.com/sites/abigaildubiniecki/2024/11/14/post-roe-your-period-app-data-could-be-used-against-you) affecting your reproductive autonomy.
|
||||
|
||||
### drip.
|
||||
### Drip
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**drip.** is a gender-inclusive and open source menstrual cycle tracker available on all mobile platforms. It relies on the "sympto-thermal method" to predict ovulation. All user data is stored locally on your device and can be protected with a password.
|
||||
**Drip** is a gender-inclusive and open source menstrual cycle tracker available on all mobile platforms. It relies on the "sympto-thermal method" to predict ovulation. All user data is stored locally on your device and can be protected with a password.
|
||||
|
||||
[:octicons-home-16: Homepage](https://bloodyhealth.gitlab.io){ .md-button .md-button--primary }
|
||||
[:octicons-eye-16:](https://bloodyhealth.gitlab.io/privacy-policy.html){ .card-link title="Privacy Policy" }
|
||||
|
||||
@@ -105,7 +105,7 @@ schema:
|
||||
-
|
||||
"@context": http://schema.org
|
||||
"@type": SoftwareApplication
|
||||
name: gopass
|
||||
name: Gopass
|
||||
image: /assets/img/password-management/gopass.svg
|
||||
url: https://gopass.pw
|
||||
applicationCategory: Password Manager
|
||||
@@ -363,13 +363,13 @@ KeePassXC stores its export data as [CSV](https://en.wikipedia.org/wiki/Comma-se
|
||||
|
||||
</div>
|
||||
|
||||
### gopass (CLI)
|
||||
### Gopass (CLI)
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**gopass** is a minimal password manager for the command line written in Go. It can be used within scripting applications and works on all major desktop and server operating systems.
|
||||
**Gopass** is a minimal password manager for the command line written in Go. It can be used within scripting applications and works on all major desktop and server operating systems.
|
||||
|
||||
[:octicons-home-16: Homepage](https://gopass.pw){ .md-button .md-button--primary }
|
||||
[:octicons-info-16:](https://github.com/gopasspw/gopass/tree/master/docs){ .card-link title="Documentation" }
|
||||
|
||||
+4
-4
@@ -209,7 +209,7 @@ If you're looking for added **security**, you should always ensure you're connec
|
||||
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji loading=lazy } [addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji loading=lazy } [Addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji loading=lazy } [SimpleLogin](email-aliasing.md#simplelogin)
|
||||
|
||||
</div>
|
||||
@@ -284,7 +284,7 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji loading=lazy }{ .twemoji loading=lazy } [RethinkDNS](dns.md#rethinkdns)
|
||||
- { .twemoji loading=lazy } [dnscrypt-proxy](dns.md#dnscrypt-proxy)
|
||||
- { .twemoji loading=lazy } [DNSCrypt-Proxy](dns.md#dnscrypt-proxy)
|
||||
|
||||
</div>
|
||||
|
||||
@@ -480,7 +480,7 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
|
||||
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji loading=lazy } [drip.](health-and-wellness.md#drip)
|
||||
- { .twemoji loading=lazy } [Drip](health-and-wellness.md#drip)
|
||||
- { .twemoji loading=lazy } [Euki](health-and-wellness.md#euki)
|
||||
- { .twemoji loading=lazy } { .twemoji loading=lazy }[Apple Health](health-and-wellness.md#apple-health)
|
||||
- { .twemoji loading=lazy }{ .twemoji loading=lazy } [Gadgetbridge](health-and-wellness.md#gadgetbridge)
|
||||
@@ -575,7 +575,7 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
|
||||
- { .twemoji loading=lazy } [Psono](passwords.md#psono)
|
||||
- { .twemoji loading=lazy } [KeePassXC](passwords.md#keepassxc)
|
||||
- { .twemoji loading=lazy } [KeePassDX (Android)](passwords.md#keepassdx-android)
|
||||
- { .twemoji loading=lazy } [gopass (CLI)](passwords.md#gopass-cli)
|
||||
- { .twemoji loading=lazy } [Gopass (CLI)](passwords.md#gopass-cli)
|
||||
|
||||
</div>
|
||||
|
||||
|
||||
@@ -51,7 +51,7 @@ VPNs cannot encrypt data outside the connection between your device and the VPN
|
||||
|
||||
Using a VPN in cases where you're using your [real-life or well-known identity](common-misconceptions.md#complicated-is-better) online is unlikely to be useful. Doing so may trigger spam and fraud detection systems, such as if you were to log into your bank's website.
|
||||
|
||||
It's important to remember that a VPN will not provide you with absolute anonymity, because the VPN provider itself will still see your real IP address, destination website information, and often has a money trail that can be linked directly back to you. You can't rely on "no logging" policies to protect your data from anyone who is able to protect. If you need complete safety from the network itself, consider using [Tor](../advanced/tor-overview.md) in addition to or instead of a VPN.
|
||||
It's important to remember that a VPN will not provide you with absolute anonymity because the VPN provider itself will still have access to your real IP address, destination website information, and often a money trail that can be linked directly back to you. "No logging" policies are merely a promise; if you need complete safety from the network itself, consider using [Tor](../advanced/tor-overview.md) in addition to or instead of a VPN.
|
||||
|
||||
You also should not trust a VPN to secure your connection to an unencrypted, HTTP destination. In order to keep what you actually do on the websites you visit private and secure, you must use HTTPS. This will keep your passwords, session tokens, and queries safe from the VPN provider and other potential adversaries in between the VPN server and your destination. You should enable HTTPS-only mode in your browser (if it's supported) to mitigate attacks which try to downgrade your connection from HTTPS to HTTP.
|
||||
|
||||
|
||||
+5
-5
@@ -26,7 +26,7 @@ These are our favorite public DNS resolvers based on their privacy and security
|
||||
| [**AdGuard Public DNS**](https://adguard-dns.io/en/public-dns.html) | Cleartext DoH/3 DoT DoQ DNSCrypt | Anonymized[^1] | Anonymized | Based on server choice. Filter list being used can be found here. [:octicons-link-external-24:](https://github.com/AdguardTeam/AdGuardDNS) | Yes [:octicons-link-external-24:](https://adguard-dns.io/en/blog/encrypted-dns-ios-14.html) |
|
||||
| [**Cloudflare**](https://developers.cloudflare.com/1.1.1.1/setup) | Cleartext DoH/3 DoT | Anonymized[^2] | No | Based on server choice. | No [:octicons-link-external-24:](https://community.cloudflare.com/t/requesting-1-1-1-1-signed-profiles-for-apple/571846) |
|
||||
| [**Control D Free DNS**](https://controld.com/free-dns) | Cleartext DoH/3 DoT DoQ | No[^3] | No | Based on server choice. | Yes [:octicons-link-external-24:](https://docs.controld.com/docs/macos-platform) |
|
||||
| [**dns0.eu**](https://dns0.eu) | Cleartext DoH/3 DoH DoT DoQ | Anonymized[^4] | Anonymized | Based on server choice. | Yes [:octicons-link-external-24:](https://dns0.eu/zero.dns0.eu.mobileconfig) |
|
||||
| [**DNS0.eu**](https://dns0.eu) | Cleartext DoH/3 DoH DoT DoQ | Anonymized[^4] | Anonymized | Based on server choice. | Yes [:octicons-link-external-24:](https://dns0.eu/zero.dns0.eu.mobileconfig) |
|
||||
| [**Mullvad**](https://mullvad.net/en/help/dns-over-https-and-dns-over-tls) | DoH DoT | No[^5] | No | Based on server choice. Filter list being used can be found here. [:octicons-link-external-24:](https://github.com/mullvad/dns-adblock) | Yes [:octicons-link-external-24:](https://mullvad.net/en/blog/profiles-to-configure-our-encrypted-dns-on-apple-devices) |
|
||||
| [**Quad9**](https://quad9.net) | Cleartext DoH DoT DNSCrypt | Anonymized[^6] | Optional | Based on server choice, malware blocking by default. | Yes [:octicons-link-external-24:](https://quad9.net/news/blog/ios-mobile-provisioning-profiles) |
|
||||
|
||||
@@ -166,13 +166,13 @@ Encrypted DNS proxy software provides a local proxy for the [unencrypted DNS](ad
|
||||
|
||||
While RethinkDNS takes up the Android VPN slot, you can still use a VPN or Orbot with the app by [adding a WireGuard configuration](https://docs.rethinkdns.com/proxy/wireguard) or [manually configuring Orbot as a Proxy server](https://docs.rethinkdns.com/firewall/orbot), respectively.
|
||||
|
||||
### dnscrypt-proxy
|
||||
### DNSCrypt-Proxy
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**dnscrypt-proxy** is a DNS proxy with support for [DNSCrypt](advanced/dns-overview.md#dnscrypt), [DNS-over-HTTPS](advanced/dns-overview.md#dns-over-https-doh), and [Anonymized DNS](https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Anonymized-DNS).
|
||||
**DNSCrypt-Proxy** is a DNS proxy with support for [DNSCrypt](advanced/dns-overview.md#dnscrypt), [DNS-over-HTTPS](advanced/dns-overview.md#dns-over-https-doh), and [Anonymized DNS](https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Anonymized-DNS).
|
||||
|
||||
[:octicons-repo-16: Repository](https://github.com/DNSCrypt/dnscrypt-proxy){ .md-button .md-button--primary }
|
||||
[:octicons-info-16:](https://github.com/DNSCrypt/dnscrypt-proxy/wiki){ .card-link title=Documentation}
|
||||
@@ -216,6 +216,6 @@ Additionally, all public providers:
|
||||
[^1]: AdGuard stores aggregated performance metrics of their DNS servers, namely the number of complete requests to a particular server, the number of blocked requests, and the speed of processing requests. They also keep and store the database of domains requested in within last 24 hours. "We need this information to identify and block new trackers and threats." "We also log how many times this or that tracker has been blocked. We need this information to remove outdated rules from our filters." [https://adguard-dns.io/en/privacy.html](https://adguard-dns.io/en/privacy.html)
|
||||
[^2]: Cloudflare collects and stores only the limited DNS query data that is sent to the 1.1.1.1 resolver. The 1.1.1.1 resolver service does not log personal data, and the bulk of the limited non-personally identifiable query data is stored only for 25 hours. [https://developers.cloudflare.com/1.1.1.1/privacy/public-dns-resolver/](https://developers.cloudflare.com/1.1.1.1/privacy/public-dns-resolver)
|
||||
[^3]: Control D only logs for Premium resolvers with custom DNS profiles. Free resolvers do not log data. [https://controld.com/privacy](https://controld.com/privacy)
|
||||
[^4]: dns0.eu collects some data for their threat intelligence feeds, to monitor for newly registered/observed/active domains and other bulk data. That data is shared with some [partners](https://docs.dns0.eu/data-feeds/introduction) for e.g. security research. They do not collect any Personally Identifiable Information. [https://dns0.eu/privacy](https://dns0.eu/privacy)
|
||||
[^4]: DNS0.eu collects some data for their threat intelligence feeds, to monitor for newly registered/observed/active domains and other bulk data. That data is shared with some [partners](https://docs.dns0.eu/data-feeds/introduction) for e.g. security research. They do not collect any Personally Identifiable Information. [https://dns0.eu/privacy](https://dns0.eu/privacy)
|
||||
[^5]: Mullvad's DNS service is available to both subscribers and non-subscribers of Mullvad VPN. Their privacy policy explicitly claims they do not log DNS requests in any way. [https://mullvad.net/en/help/no-logging-data-policy/](https://mullvad.net/en/help/no-logging-data-policy)
|
||||
[^6]: Quad9 collects some data for the purposes of threat monitoring and response. That data may then be remixed and shared, such as for the purpose of security research. Quad9 does not collect or record IP addresses or other data they deem personally identifiable. [https://quad9.net/privacy/policy](https://quad9.net/privacy/policy)
|
||||
|
||||
@@ -14,7 +14,7 @@ An **email aliasing service** allows you to easily generate a new email address
|
||||
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji } [addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji } [Addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji } [SimpleLogin](email-aliasing.md#simplelogin)
|
||||
|
||||
</div>
|
||||
@@ -36,13 +36,13 @@ Our email aliasing recommendations are providers that allow you to create aliase
|
||||
|
||||
Using an aliasing service requires trusting both your email provider and your aliasing provider with your unencrypted messages. Some providers mitigate this slightly with automatic PGP encryption[^1], which reduces the number of parties you need to trust from two to one by encrypting incoming emails before they are delivered to your final mailbox provider.
|
||||
|
||||
### addy.io
|
||||
### Addy.io
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**addy.io** lets you create 10 domain aliases on a shared domain for free, or unlimited "standard" aliases.
|
||||
**Addy.io** lets you create 10 domain aliases on a shared domain for free, or unlimited "standard" aliases.
|
||||
|
||||
[:octicons-home-16: Homepage](https://addy.io){ .md-button .md-button--primary }
|
||||
[:octicons-eye-16:](https://addy.io/privacy){ .card-link title="Privacy Policy" }
|
||||
@@ -62,9 +62,9 @@ Using an aliasing service requires trusting both your email provider and your al
|
||||
|
||||
</div>
|
||||
|
||||
The number of shared aliases (which end in a shared domain like @addy.io) that you can create is limited to 10 on addy.io's free plan, 50 on their $1/month plan and unlimited on the $4/month plan (billed $3 for a year). You can pay for these plans using [cryptocurrency](https://addy.io/help/subscribing-with-cryptocurrency) or purchase a voucher code from [ProxyStore](https://addy.io/help/voucher-codes), addy.io's official reseller.
|
||||
The number of shared aliases (which end in a shared domain like @addy.io) that you can create is limited to 10 on Addy.io's free plan, 50 on their $1/month plan and unlimited on the $4/month plan (billed $3 for a year). You can pay for these plans using [cryptocurrency](https://addy.io/help/subscribing-with-cryptocurrency) or purchase a voucher code from [ProxyStore](https://addy.io/help/voucher-codes), Addy.io's official reseller.
|
||||
|
||||
You can create unlimited standard aliases which end in a domain like @[username].addy.io or a custom domain on paid plans. However, as previously mentioned, this can be detrimental to privacy because people can trivially tie your standard aliases together based on the domain name alone. They are useful where a shared domain might be blocked by a service. Securitum [audited](https://addy.io/blog/addy-io-passes-independent-security-audit) addy.io in September 2023 and no significant vulnerabilities [were identified](https://addy.io/addy-io-security-audit.pdf).
|
||||
You can create unlimited standard aliases which end in a domain like @[username].addy.io or a custom domain on paid plans. However, as previously mentioned, this can be detrimental to privacy because people can trivially tie your standard aliases together based on the domain name alone. They are useful where a shared domain might be blocked by a service. Securitum [audited](https://addy.io/blog/addy-io-passes-independent-security-audit) Addy.io in September 2023 and no significant vulnerabilities [were identified](https://addy.io/addy-io-security-audit.pdf).
|
||||
|
||||
Notable free features:
|
||||
|
||||
|
||||
@@ -16,13 +16,13 @@ Keep track of your health and fitness-related goals with these apps. Unlike thei
|
||||
|
||||
Popular menstrual trackers like [Flo](https://techcrunch.com/2021/01/13/flo-gets-ftc-slap-for-sharing-user-data-when-it-promised-privacy) are notorious for collecting and sharing your user data. Depending on your jurisdiction, this may lead to [legal consequences](https://forbes.com/sites/abigaildubiniecki/2024/11/14/post-roe-your-period-app-data-could-be-used-against-you) affecting your reproductive autonomy.
|
||||
|
||||
### drip.
|
||||
### Drip
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**drip.** is a gender-inclusive and open source menstrual cycle tracker available on all mobile platforms. It relies on the "sympto-thermal method" to predict ovulation. All user data is stored locally on your device and can be protected with a password.
|
||||
**Drip** is a gender-inclusive and open source menstrual cycle tracker available on all mobile platforms. It relies on the "sympto-thermal method" to predict ovulation. All user data is stored locally on your device and can be protected with a password.
|
||||
|
||||
[:octicons-home-16: Homepage](https://bloodyhealth.gitlab.io){ .md-button .md-button--primary }
|
||||
[:octicons-eye-16:](https://bloodyhealth.gitlab.io/privacy-policy.html){ .card-link title="Privacy Policy" }
|
||||
|
||||
@@ -105,7 +105,7 @@ schema:
|
||||
-
|
||||
"@context": http://schema.org
|
||||
"@type": SoftwareApplication
|
||||
name: gopass
|
||||
name: Gopass
|
||||
image: /assets/img/password-management/gopass.svg
|
||||
url: https://gopass.pw
|
||||
applicationCategory: Password Manager
|
||||
@@ -363,13 +363,13 @@ KeePassXC stores its export data as [CSV](https://en.wikipedia.org/wiki/Comma-se
|
||||
|
||||
</div>
|
||||
|
||||
### gopass (CLI)
|
||||
### Gopass (CLI)
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**gopass** is a minimal password manager for the command line written in Go. It can be used within scripting applications and works on all major desktop and server operating systems.
|
||||
**Gopass** is a minimal password manager for the command line written in Go. It can be used within scripting applications and works on all major desktop and server operating systems.
|
||||
|
||||
[:octicons-home-16: Homepage](https://gopass.pw){ .md-button .md-button--primary }
|
||||
[:octicons-info-16:](https://github.com/gopasspw/gopass/tree/master/docs){ .card-link title="Documentation" }
|
||||
|
||||
+4
-4
@@ -209,7 +209,7 @@ If you're looking for added **security**, you should always ensure you're connec
|
||||
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji loading=lazy } [addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji loading=lazy } [Addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji loading=lazy } [SimpleLogin](email-aliasing.md#simplelogin)
|
||||
|
||||
</div>
|
||||
@@ -284,7 +284,7 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji loading=lazy }{ .twemoji loading=lazy } [RethinkDNS](dns.md#rethinkdns)
|
||||
- { .twemoji loading=lazy } [dnscrypt-proxy](dns.md#dnscrypt-proxy)
|
||||
- { .twemoji loading=lazy } [DNSCrypt-Proxy](dns.md#dnscrypt-proxy)
|
||||
|
||||
</div>
|
||||
|
||||
@@ -480,7 +480,7 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
|
||||
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji loading=lazy } [drip.](health-and-wellness.md#drip)
|
||||
- { .twemoji loading=lazy } [Drip](health-and-wellness.md#drip)
|
||||
- { .twemoji loading=lazy } [Euki](health-and-wellness.md#euki)
|
||||
- { .twemoji loading=lazy } { .twemoji loading=lazy }[Apple Health](health-and-wellness.md#apple-health)
|
||||
- { .twemoji loading=lazy }{ .twemoji loading=lazy } [Gadgetbridge](health-and-wellness.md#gadgetbridge)
|
||||
@@ -575,7 +575,7 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
|
||||
- { .twemoji loading=lazy } [Psono](passwords.md#psono)
|
||||
- { .twemoji loading=lazy } [KeePassXC](passwords.md#keepassxc)
|
||||
- { .twemoji loading=lazy } [KeePassDX (Android)](passwords.md#keepassdx-android)
|
||||
- { .twemoji loading=lazy } [gopass (CLI)](passwords.md#gopass-cli)
|
||||
- { .twemoji loading=lazy } [Gopass (CLI)](passwords.md#gopass-cli)
|
||||
|
||||
</div>
|
||||
|
||||
|
||||
@@ -51,7 +51,7 @@ VPNs cannot encrypt data outside the connection between your device and the VPN
|
||||
|
||||
Using a VPN in cases where you're using your [real-life or well-known identity](common-misconceptions.md#complicated-is-better) online is unlikely to be useful. Doing so may trigger spam and fraud detection systems, such as if you were to log into your bank's website.
|
||||
|
||||
It's important to remember that a VPN will not provide you with absolute anonymity, because the VPN provider itself will still see your real IP address, destination website information, and often has a money trail that can be linked directly back to you. You can't rely on "no logging" policies to protect your data from anyone who is able to protect. If you need complete safety from the network itself, consider using [Tor](../advanced/tor-overview.md) in addition to or instead of a VPN.
|
||||
It's important to remember that a VPN will not provide you with absolute anonymity because the VPN provider itself will still have access to your real IP address, destination website information, and often a money trail that can be linked directly back to you. "No logging" policies are merely a promise; if you need complete safety from the network itself, consider using [Tor](../advanced/tor-overview.md) in addition to or instead of a VPN.
|
||||
|
||||
You also should not trust a VPN to secure your connection to an unencrypted, HTTP destination. In order to keep what you actually do on the websites you visit private and secure, you must use HTTPS. This will keep your passwords, session tokens, and queries safe from the VPN provider and other potential adversaries in between the VPN server and your destination. You should enable HTTPS-only mode in your browser (if it's supported) to mitigate attacks which try to downgrade your connection from HTTPS to HTTP.
|
||||
|
||||
|
||||
+5
-5
@@ -26,7 +26,7 @@ These are our favorite public DNS resolvers based on their privacy and security
|
||||
| [**AdGuard Public DNS**](https://adguard-dns.io/en/public-dns.html) | Cleartext DoH/3 DoT DoQ DNSCrypt | Anonymized[^1] | Anonymized | Based on server choice. Filter list being used can be found here. [:octicons-link-external-24:](https://github.com/AdguardTeam/AdGuardDNS) | Yes [:octicons-link-external-24:](https://adguard-dns.io/en/blog/encrypted-dns-ios-14.html) |
|
||||
| [**Cloudflare**](https://developers.cloudflare.com/1.1.1.1/setup) | Cleartext DoH/3 DoT | Anonymized[^2] | No | Based on server choice. | No [:octicons-link-external-24:](https://community.cloudflare.com/t/requesting-1-1-1-1-signed-profiles-for-apple/571846) |
|
||||
| [**Control D Free DNS**](https://controld.com/free-dns) | Cleartext DoH/3 DoT DoQ | No[^3] | No | Based on server choice. | Yes [:octicons-link-external-24:](https://docs.controld.com/docs/macos-platform) |
|
||||
| [**dns0.eu**](https://dns0.eu) | Cleartext DoH/3 DoH DoT DoQ | Anonymized[^4] | Anonymized | Based on server choice. | Yes [:octicons-link-external-24:](https://dns0.eu/zero.dns0.eu.mobileconfig) |
|
||||
| [**DNS0.eu**](https://dns0.eu) | Cleartext DoH/3 DoH DoT DoQ | Anonymized[^4] | Anonymized | Based on server choice. | Yes [:octicons-link-external-24:](https://dns0.eu/zero.dns0.eu.mobileconfig) |
|
||||
| [**Mullvad**](https://mullvad.net/en/help/dns-over-https-and-dns-over-tls) | DoH DoT | No[^5] | No | Based on server choice. Filter list being used can be found here. [:octicons-link-external-24:](https://github.com/mullvad/dns-adblock) | Yes [:octicons-link-external-24:](https://mullvad.net/en/blog/profiles-to-configure-our-encrypted-dns-on-apple-devices) |
|
||||
| [**Quad9**](https://quad9.net) | Cleartext DoH DoT DNSCrypt | Anonymized[^6] | Optional | Based on server choice, malware blocking by default. | Yes [:octicons-link-external-24:](https://quad9.net/news/blog/ios-mobile-provisioning-profiles) |
|
||||
|
||||
@@ -166,13 +166,13 @@ Encrypted DNS proxy software provides a local proxy for the [unencrypted DNS](ad
|
||||
|
||||
While RethinkDNS takes up the Android VPN slot, you can still use a VPN or Orbot with the app by [adding a WireGuard configuration](https://docs.rethinkdns.com/proxy/wireguard) or [manually configuring Orbot as a Proxy server](https://docs.rethinkdns.com/firewall/orbot), respectively.
|
||||
|
||||
### dnscrypt-proxy
|
||||
### DNSCrypt-Proxy
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**dnscrypt-proxy** is a DNS proxy with support for [DNSCrypt](advanced/dns-overview.md#dnscrypt), [DNS-over-HTTPS](advanced/dns-overview.md#dns-over-https-doh), and [Anonymized DNS](https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Anonymized-DNS).
|
||||
**DNSCrypt-Proxy** is a DNS proxy with support for [DNSCrypt](advanced/dns-overview.md#dnscrypt), [DNS-over-HTTPS](advanced/dns-overview.md#dns-over-https-doh), and [Anonymized DNS](https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Anonymized-DNS).
|
||||
|
||||
[:octicons-repo-16: Repository](https://github.com/DNSCrypt/dnscrypt-proxy){ .md-button .md-button--primary }
|
||||
[:octicons-info-16:](https://github.com/DNSCrypt/dnscrypt-proxy/wiki){ .card-link title=Documentation}
|
||||
@@ -216,6 +216,6 @@ Additionally, all public providers:
|
||||
[^1]: AdGuard stores aggregated performance metrics of their DNS servers, namely the number of complete requests to a particular server, the number of blocked requests, and the speed of processing requests. They also keep and store the database of domains requested in within last 24 hours. "We need this information to identify and block new trackers and threats." "We also log how many times this or that tracker has been blocked. We need this information to remove outdated rules from our filters." [https://adguard-dns.io/en/privacy.html](https://adguard-dns.io/en/privacy.html)
|
||||
[^2]: Cloudflare collects and stores only the limited DNS query data that is sent to the 1.1.1.1 resolver. The 1.1.1.1 resolver service does not log personal data, and the bulk of the limited non-personally identifiable query data is stored only for 25 hours. [https://developers.cloudflare.com/1.1.1.1/privacy/public-dns-resolver/](https://developers.cloudflare.com/1.1.1.1/privacy/public-dns-resolver)
|
||||
[^3]: Control D only logs for Premium resolvers with custom DNS profiles. Free resolvers do not log data. [https://controld.com/privacy](https://controld.com/privacy)
|
||||
[^4]: dns0.eu collects some data for their threat intelligence feeds, to monitor for newly registered/observed/active domains and other bulk data. That data is shared with some [partners](https://docs.dns0.eu/data-feeds/introduction) for e.g. security research. They do not collect any Personally Identifiable Information. [https://dns0.eu/privacy](https://dns0.eu/privacy)
|
||||
[^4]: DNS0.eu collects some data for their threat intelligence feeds, to monitor for newly registered/observed/active domains and other bulk data. That data is shared with some [partners](https://docs.dns0.eu/data-feeds/introduction) for e.g. security research. They do not collect any Personally Identifiable Information. [https://dns0.eu/privacy](https://dns0.eu/privacy)
|
||||
[^5]: Mullvad's DNS service is available to both subscribers and non-subscribers of Mullvad VPN. Their privacy policy explicitly claims they do not log DNS requests in any way. [https://mullvad.net/en/help/no-logging-data-policy/](https://mullvad.net/en/help/no-logging-data-policy)
|
||||
[^6]: Quad9 collects some data for the purposes of threat monitoring and response. That data may then be remixed and shared, such as for the purpose of security research. Quad9 does not collect or record IP addresses or other data they deem personally identifiable. [https://quad9.net/privacy/policy](https://quad9.net/privacy/policy)
|
||||
|
||||
@@ -14,7 +14,7 @@ An **email aliasing service** allows you to easily generate a new email address
|
||||
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji } [addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji } [Addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji } [SimpleLogin](email-aliasing.md#simplelogin)
|
||||
|
||||
</div>
|
||||
@@ -36,13 +36,13 @@ Our email aliasing recommendations are providers that allow you to create aliase
|
||||
|
||||
Using an aliasing service requires trusting both your email provider and your aliasing provider with your unencrypted messages. Some providers mitigate this slightly with automatic PGP encryption[^1], which reduces the number of parties you need to trust from two to one by encrypting incoming emails before they are delivered to your final mailbox provider.
|
||||
|
||||
### addy.io
|
||||
### Addy.io
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**addy.io** lets you create 10 domain aliases on a shared domain for free, or unlimited "standard" aliases.
|
||||
**Addy.io** lets you create 10 domain aliases on a shared domain for free, or unlimited "standard" aliases.
|
||||
|
||||
[:octicons-home-16: Homepage](https://addy.io){ .md-button .md-button--primary }
|
||||
[:octicons-eye-16:](https://addy.io/privacy){ .card-link title="Privacy Policy" }
|
||||
@@ -62,9 +62,9 @@ Using an aliasing service requires trusting both your email provider and your al
|
||||
|
||||
</div>
|
||||
|
||||
The number of shared aliases (which end in a shared domain like @addy.io) that you can create is limited to 10 on addy.io's free plan, 50 on their $1/month plan and unlimited on the $4/month plan (billed $3 for a year). You can pay for these plans using [cryptocurrency](https://addy.io/help/subscribing-with-cryptocurrency) or purchase a voucher code from [ProxyStore](https://addy.io/help/voucher-codes), addy.io's official reseller.
|
||||
The number of shared aliases (which end in a shared domain like @addy.io) that you can create is limited to 10 on Addy.io's free plan, 50 on their $1/month plan and unlimited on the $4/month plan (billed $3 for a year). You can pay for these plans using [cryptocurrency](https://addy.io/help/subscribing-with-cryptocurrency) or purchase a voucher code from [ProxyStore](https://addy.io/help/voucher-codes), Addy.io's official reseller.
|
||||
|
||||
You can create unlimited standard aliases which end in a domain like @[username].addy.io or a custom domain on paid plans. However, as previously mentioned, this can be detrimental to privacy because people can trivially tie your standard aliases together based on the domain name alone. They are useful where a shared domain might be blocked by a service. Securitum [audited](https://addy.io/blog/addy-io-passes-independent-security-audit) addy.io in September 2023 and no significant vulnerabilities [were identified](https://addy.io/addy-io-security-audit.pdf).
|
||||
You can create unlimited standard aliases which end in a domain like @[username].addy.io or a custom domain on paid plans. However, as previously mentioned, this can be detrimental to privacy because people can trivially tie your standard aliases together based on the domain name alone. They are useful where a shared domain might be blocked by a service. Securitum [audited](https://addy.io/blog/addy-io-passes-independent-security-audit) Addy.io in September 2023 and no significant vulnerabilities [were identified](https://addy.io/addy-io-security-audit.pdf).
|
||||
|
||||
Notable free features:
|
||||
|
||||
|
||||
@@ -16,13 +16,13 @@ Keep track of your health and fitness-related goals with these apps. Unlike thei
|
||||
|
||||
Popular menstrual trackers like [Flo](https://techcrunch.com/2021/01/13/flo-gets-ftc-slap-for-sharing-user-data-when-it-promised-privacy) are notorious for collecting and sharing your user data. Depending on your jurisdiction, this may lead to [legal consequences](https://forbes.com/sites/abigaildubiniecki/2024/11/14/post-roe-your-period-app-data-could-be-used-against-you) affecting your reproductive autonomy.
|
||||
|
||||
### drip.
|
||||
### Drip
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**drip.** is a gender-inclusive and open source menstrual cycle tracker available on all mobile platforms. It relies on the "sympto-thermal method" to predict ovulation. All user data is stored locally on your device and can be protected with a password.
|
||||
**Drip** is a gender-inclusive and open source menstrual cycle tracker available on all mobile platforms. It relies on the "sympto-thermal method" to predict ovulation. All user data is stored locally on your device and can be protected with a password.
|
||||
|
||||
[:octicons-home-16: Homepage](https://bloodyhealth.gitlab.io){ .md-button .md-button--primary }
|
||||
[:octicons-eye-16:](https://bloodyhealth.gitlab.io/privacy-policy.html){ .card-link title="Privacy Policy" }
|
||||
|
||||
@@ -105,7 +105,7 @@ schema:
|
||||
-
|
||||
"@context": http://schema.org
|
||||
"@type": SoftwareApplication
|
||||
name: gopass
|
||||
name: Gopass
|
||||
image: /assets/img/password-management/gopass.svg
|
||||
url: https://gopass.pw
|
||||
applicationCategory: Password Manager
|
||||
@@ -363,13 +363,13 @@ KeePassXC stores its export data as [CSV](https://en.wikipedia.org/wiki/Comma-se
|
||||
|
||||
</div>
|
||||
|
||||
### gopass (CLI)
|
||||
### Gopass (CLI)
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**gopass** is a minimal password manager for the command line written in Go. It can be used within scripting applications and works on all major desktop and server operating systems.
|
||||
**Gopass** is a minimal password manager for the command line written in Go. It can be used within scripting applications and works on all major desktop and server operating systems.
|
||||
|
||||
[:octicons-home-16: Homepage](https://gopass.pw){ .md-button .md-button--primary }
|
||||
[:octicons-info-16:](https://github.com/gopasspw/gopass/tree/master/docs){ .card-link title="Documentation" }
|
||||
|
||||
+4
-4
@@ -209,7 +209,7 @@ If you're looking for added **security**, you should always ensure you're connec
|
||||
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji loading=lazy } [addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji loading=lazy } [Addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji loading=lazy } [SimpleLogin](email-aliasing.md#simplelogin)
|
||||
|
||||
</div>
|
||||
@@ -284,7 +284,7 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji loading=lazy }{ .twemoji loading=lazy } [RethinkDNS](dns.md#rethinkdns)
|
||||
- { .twemoji loading=lazy } [dnscrypt-proxy](dns.md#dnscrypt-proxy)
|
||||
- { .twemoji loading=lazy } [DNSCrypt-Proxy](dns.md#dnscrypt-proxy)
|
||||
|
||||
</div>
|
||||
|
||||
@@ -480,7 +480,7 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
|
||||
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji loading=lazy } [drip.](health-and-wellness.md#drip)
|
||||
- { .twemoji loading=lazy } [Drip](health-and-wellness.md#drip)
|
||||
- { .twemoji loading=lazy } [Euki](health-and-wellness.md#euki)
|
||||
- { .twemoji loading=lazy } { .twemoji loading=lazy }[Apple Health](health-and-wellness.md#apple-health)
|
||||
- { .twemoji loading=lazy }{ .twemoji loading=lazy } [Gadgetbridge](health-and-wellness.md#gadgetbridge)
|
||||
@@ -575,7 +575,7 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
|
||||
- { .twemoji loading=lazy } [Psono](passwords.md#psono)
|
||||
- { .twemoji loading=lazy } [KeePassXC](passwords.md#keepassxc)
|
||||
- { .twemoji loading=lazy } [KeePassDX (Android)](passwords.md#keepassdx-android)
|
||||
- { .twemoji loading=lazy } [gopass (CLI)](passwords.md#gopass-cli)
|
||||
- { .twemoji loading=lazy } [Gopass (CLI)](passwords.md#gopass-cli)
|
||||
|
||||
</div>
|
||||
|
||||
|
||||
@@ -51,7 +51,7 @@ VPNs cannot encrypt data outside the connection between your device and the VPN
|
||||
|
||||
Using a VPN in cases where you're using your [real-life or well-known identity](common-misconceptions.md#complicated-is-better) online is unlikely to be useful. Doing so may trigger spam and fraud detection systems, such as if you were to log into your bank's website.
|
||||
|
||||
It's important to remember that a VPN will not provide you with absolute anonymity, because the VPN provider itself will still see your real IP address, destination website information, and often has a money trail that can be linked directly back to you. You can't rely on "no logging" policies to protect your data from anyone who is able to protect. If you need complete safety from the network itself, consider using [Tor](../advanced/tor-overview.md) in addition to or instead of a VPN.
|
||||
It's important to remember that a VPN will not provide you with absolute anonymity because the VPN provider itself will still have access to your real IP address, destination website information, and often a money trail that can be linked directly back to you. "No logging" policies are merely a promise; if you need complete safety from the network itself, consider using [Tor](../advanced/tor-overview.md) in addition to or instead of a VPN.
|
||||
|
||||
You also should not trust a VPN to secure your connection to an unencrypted, HTTP destination. In order to keep what you actually do on the websites you visit private and secure, you must use HTTPS. This will keep your passwords, session tokens, and queries safe from the VPN provider and other potential adversaries in between the VPN server and your destination. You should enable HTTPS-only mode in your browser (if it's supported) to mitigate attacks which try to downgrade your connection from HTTPS to HTTP.
|
||||
|
||||
|
||||
+5
-5
@@ -26,7 +26,7 @@ These are our favorite public DNS resolvers based on their privacy and security
|
||||
| [**AdGuard Public DNS**](https://adguard-dns.io/en/public-dns.html) | Cleartext DoH/3 DoT DoQ DNSCrypt | Anonymized[^1] | Anonymized | Based on server choice. Filter list being used can be found here. [:octicons-link-external-24:](https://github.com/AdguardTeam/AdGuardDNS) | Yes [:octicons-link-external-24:](https://adguard-dns.io/en/blog/encrypted-dns-ios-14.html) |
|
||||
| [**Cloudflare**](https://developers.cloudflare.com/1.1.1.1/setup) | Cleartext DoH/3 DoT | Anonymized[^2] | Ne | Based on server choice. | No [:octicons-link-external-24:](https://community.cloudflare.com/t/requesting-1-1-1-1-signed-profiles-for-apple/571846) |
|
||||
| [**Control D Free DNS**](https://controld.com/free-dns) | Cleartext DoH/3 DoT DoQ | No[^3] | Ne | Based on server choice. | Yes [:octicons-link-external-24:](https://docs.controld.com/docs/macos-platform) |
|
||||
| [**dns0.eu**](https://dns0.eu) | Cleartext DoH/3 DoH DoT DoQ | Anonymized[^4] | Anonymized | Based on server choice. | Yes [:octicons-link-external-24:](https://dns0.eu/zero.dns0.eu.mobileconfig) |
|
||||
| [**DNS0.eu**](https://dns0.eu) | Cleartext DoH/3 DoH DoT DoQ | Anonymized[^4] | Anonymized | Based on server choice. | Yes [:octicons-link-external-24:](https://dns0.eu/zero.dns0.eu.mobileconfig) |
|
||||
| [**Mullvad**](https://mullvad.net/en/help/dns-over-https-and-dns-over-tls) | DoH DoT | No[^5] | Ne | Based on server choice. Filter list being used can be found here. [:octicons-link-external-24:](https://github.com/mullvad/dns-adblock) | Yes [:octicons-link-external-24:](https://mullvad.net/en/blog/profiles-to-configure-our-encrypted-dns-on-apple-devices) |
|
||||
| [**Quad9**](https://quad9.net) | Cleartext DoH DoT DNSCrypt | Anonymized[^6] | Optional | Based on server choice, malware blocking by default. | Yes [:octicons-link-external-24:](https://quad9.net/news/blog/ios-mobile-provisioning-profiles) |
|
||||
|
||||
@@ -166,13 +166,13 @@ Encrypted DNS proxy software provides a local proxy for the [unencrypted DNS](ad
|
||||
|
||||
While RethinkDNS takes up the Android VPN slot, you can still use a VPN or Orbot with the app by [adding a WireGuard configuration](https://docs.rethinkdns.com/proxy/wireguard) or [manually configuring Orbot as a Proxy server](https://docs.rethinkdns.com/firewall/orbot), respectively.
|
||||
|
||||
### dnscrypt-proxy
|
||||
### DNSCrypt-Proxy
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**dnscrypt-proxy** is a DNS proxy with support for [DNSCrypt](advanced/dns-overview.md#dnscrypt), [DNS-over-HTTPS](advanced/dns-overview.md#dns-over-https-doh), and [Anonymized DNS](https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Anonymized-DNS).
|
||||
**DNSCrypt-Proxy** is a DNS proxy with support for [DNSCrypt](advanced/dns-overview.md#dnscrypt), [DNS-over-HTTPS](advanced/dns-overview.md#dns-over-https-doh), and [Anonymized DNS](https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Anonymized-DNS).
|
||||
|
||||
[:octicons-repo-16: Repository](https://github.com/DNSCrypt/dnscrypt-proxy){ .md-button .md-button--primary }
|
||||
[:octicons-info-16:](https://github.com/DNSCrypt/dnscrypt-proxy/wiki){ .card-link title=Documentation}
|
||||
@@ -216,6 +216,6 @@ Additionally, all public providers:
|
||||
[^1]: AdGuard stores aggregated performance metrics of their DNS servers, namely the number of complete requests to a particular server, the number of blocked requests, and the speed of processing requests. They also keep and store the database of domains requested in within last 24 hours. "We need this information to identify and block new trackers and threats." "We also log how many times this or that tracker has been blocked. We need this information to remove outdated rules from our filters." [https://adguard-dns.io/en/privacy.html](https://adguard-dns.io/en/privacy.html)
|
||||
[^2]: Cloudflare collects and stores only the limited DNS query data that is sent to the 1.1.1.1 resolver. The 1.1.1.1 resolver service does not log personal data, and the bulk of the limited non-personally identifiable query data is stored only for 25 hours. [https://developers.cloudflare.com/1.1.1.1/privacy/public-dns-resolver/](https://developers.cloudflare.com/1.1.1.1/privacy/public-dns-resolver)
|
||||
[^3]: Control D only logs for Premium resolvers with custom DNS profiles. Free resolvers do not log data. [https://controld.com/privacy](https://controld.com/privacy)
|
||||
[^4]: dns0.eu collects some data for their threat intelligence feeds, to monitor for newly registered/observed/active domains and other bulk data. That data is shared with some [partners](https://docs.dns0.eu/data-feeds/introduction) for e.g. security research. They do not collect any Personally Identifiable Information. [https://dns0.eu/privacy](https://dns0.eu/privacy)
|
||||
[^4]: DNS0.eu collects some data for their threat intelligence feeds, to monitor for newly registered/observed/active domains and other bulk data. That data is shared with some [partners](https://docs.dns0.eu/data-feeds/introduction) for e.g. security research. They do not collect any Personally Identifiable Information. [https://dns0.eu/privacy](https://dns0.eu/privacy)
|
||||
[^5]: Mullvad's DNS service is available to both subscribers and non-subscribers of Mullvad VPN. Their privacy policy explicitly claims they do not log DNS requests in any way. [https://mullvad.net/en/help/no-logging-data-policy/](https://mullvad.net/en/help/no-logging-data-policy)
|
||||
[^6]: Quad9 collects some data for the purposes of threat monitoring and response. That data may then be remixed and shared, such as for the purpose of security research. Quad9 does not collect or record IP addresses or other data they deem personally identifiable. [https://quad9.net/privacy/policy](https://quad9.net/privacy/policy)
|
||||
|
||||
@@ -14,7 +14,7 @@ An **email aliasing service** allows you to easily generate a new email address
|
||||
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji } [addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji } [Addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji } [SimpleLogin](email-aliasing.md#simplelogin)
|
||||
|
||||
</div>
|
||||
@@ -36,13 +36,13 @@ Our email aliasing recommendations are providers that allow you to create aliase
|
||||
|
||||
Using an aliasing service requires trusting both your email provider and your aliasing provider with your unencrypted messages. Some providers mitigate this slightly with automatic PGP encryption[^1], which reduces the number of parties you need to trust from two to one by encrypting incoming emails before they are delivered to your final mailbox provider.
|
||||
|
||||
### addy.io
|
||||
### Addy.io
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**addy.io** lets you create 10 domain aliases on a shared domain for free, or unlimited "standard" aliases.
|
||||
**Addy.io** lets you create 10 domain aliases on a shared domain for free, or unlimited "standard" aliases.
|
||||
|
||||
[:octicons-home-16: Homepage](https://addy.io){ .md-button .md-button--primary }
|
||||
[:octicons-eye-16:](https://addy.io/privacy){ .card-link title="Privacy Policy" }
|
||||
@@ -62,9 +62,9 @@ Using an aliasing service requires trusting both your email provider and your al
|
||||
|
||||
</div>
|
||||
|
||||
The number of shared aliases (which end in a shared domain like @addy.io) that you can create is limited to 10 on addy.io's free plan, 50 on their $1/month plan and unlimited on the $4/month plan (billed $3 for a year). You can pay for these plans using [cryptocurrency](https://addy.io/help/subscribing-with-cryptocurrency) or purchase a voucher code from [ProxyStore](https://addy.io/help/voucher-codes), addy.io's official reseller.
|
||||
The number of shared aliases (which end in a shared domain like @addy.io) that you can create is limited to 10 on Addy.io's free plan, 50 on their $1/month plan and unlimited on the $4/month plan (billed $3 for a year). You can pay for these plans using [cryptocurrency](https://addy.io/help/subscribing-with-cryptocurrency) or purchase a voucher code from [ProxyStore](https://addy.io/help/voucher-codes), Addy.io's official reseller.
|
||||
|
||||
You can create unlimited standard aliases which end in a domain like @[username].addy.io or a custom domain on paid plans. However, as previously mentioned, this can be detrimental to privacy because people can trivially tie your standard aliases together based on the domain name alone. They are useful where a shared domain might be blocked by a service. Securitum [audited](https://addy.io/blog/addy-io-passes-independent-security-audit) addy.io in September 2023 and no significant vulnerabilities [were identified](https://addy.io/addy-io-security-audit.pdf).
|
||||
You can create unlimited standard aliases which end in a domain like @[username].addy.io or a custom domain on paid plans. However, as previously mentioned, this can be detrimental to privacy because people can trivially tie your standard aliases together based on the domain name alone. They are useful where a shared domain might be blocked by a service. Securitum [audited](https://addy.io/blog/addy-io-passes-independent-security-audit) Addy.io in September 2023 and no significant vulnerabilities [were identified](https://addy.io/addy-io-security-audit.pdf).
|
||||
|
||||
Notable free features:
|
||||
|
||||
|
||||
@@ -16,13 +16,13 @@ Keep track of your health and fitness-related goals with these apps. Unlike thei
|
||||
|
||||
Popular menstrual trackers like [Flo](https://techcrunch.com/2021/01/13/flo-gets-ftc-slap-for-sharing-user-data-when-it-promised-privacy) are notorious for collecting and sharing your user data. Depending on your jurisdiction, this may lead to [legal consequences](https://forbes.com/sites/abigaildubiniecki/2024/11/14/post-roe-your-period-app-data-could-be-used-against-you) affecting your reproductive autonomy.
|
||||
|
||||
### drip.
|
||||
### Drip
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**drip.** is a gender-inclusive and open source menstrual cycle tracker available on all mobile platforms. It relies on the "sympto-thermal method" to predict ovulation. All user data is stored locally on your device and can be protected with a password.
|
||||
**Drip** is a gender-inclusive and open source menstrual cycle tracker available on all mobile platforms. It relies on the "sympto-thermal method" to predict ovulation. All user data is stored locally on your device and can be protected with a password.
|
||||
|
||||
[:octicons-home-16: Homepage](https://bloodyhealth.gitlab.io){ .md-button .md-button--primary }
|
||||
[:octicons-eye-16:](https://bloodyhealth.gitlab.io/privacy-policy.html){ .card-link title="Privacy Policy" }
|
||||
|
||||
@@ -105,7 +105,7 @@ schema:
|
||||
-
|
||||
"@context": http://schema.org
|
||||
"@type": SoftwareApplication
|
||||
name: gopass
|
||||
name: Gopass
|
||||
image: /assets/img/password-management/gopass.svg
|
||||
url: https://gopass.pw
|
||||
applicationCategory: Password Manager
|
||||
@@ -363,13 +363,13 @@ KeePassXC stores its export data as [CSV](https://en.wikipedia.org/wiki/Comma-se
|
||||
|
||||
</div>
|
||||
|
||||
### gopass (CLI)
|
||||
### Gopass (CLI)
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**gopass** is a minimal password manager for the command line written in Go. It can be used within scripting applications and works on all major desktop and server operating systems.
|
||||
**Gopass** is a minimal password manager for the command line written in Go. It can be used within scripting applications and works on all major desktop and server operating systems.
|
||||
|
||||
[:octicons-home-16: Homepage](https://gopass.pw){ .md-button .md-button--primary }
|
||||
[:octicons-info-16:](https://github.com/gopasspw/gopass/tree/master/docs){ .card-link title="Documentation" }
|
||||
|
||||
+4
-4
@@ -209,7 +209,7 @@ If you're looking for added **security**, you should always ensure you're connec
|
||||
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji loading=lazy } [addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji loading=lazy } [Addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji loading=lazy } [SimpleLogin](email-aliasing.md#simplelogin)
|
||||
|
||||
</div>
|
||||
@@ -284,7 +284,7 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji loading=lazy }{ .twemoji loading=lazy } [RethinkDNS](dns.md#rethinkdns)
|
||||
- { .twemoji loading=lazy } [dnscrypt-proxy](dns.md#dnscrypt-proxy)
|
||||
- { .twemoji loading=lazy } [DNSCrypt-Proxy](dns.md#dnscrypt-proxy)
|
||||
|
||||
</div>
|
||||
|
||||
@@ -480,7 +480,7 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
|
||||
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji loading=lazy } [drip.](health-and-wellness.md#drip)
|
||||
- { .twemoji loading=lazy } [Drip](health-and-wellness.md#drip)
|
||||
- { .twemoji loading=lazy } [Euki](health-and-wellness.md#euki)
|
||||
- { .twemoji loading=lazy } { .twemoji loading=lazy }[Apple Health](health-and-wellness.md#apple-health)
|
||||
- { .twemoji loading=lazy }{ .twemoji loading=lazy } [Gadgetbridge](health-and-wellness.md#gadgetbridge)
|
||||
@@ -575,7 +575,7 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
|
||||
- { .twemoji loading=lazy } [Psono](passwords.md#psono)
|
||||
- { .twemoji loading=lazy } [KeePassXC](passwords.md#keepassxc)
|
||||
- { .twemoji loading=lazy } [KeePassDX (Android)](passwords.md#keepassdx-android)
|
||||
- { .twemoji loading=lazy } [gopass (CLI)](passwords.md#gopass-cli)
|
||||
- { .twemoji loading=lazy } [Gopass (CLI)](passwords.md#gopass-cli)
|
||||
|
||||
</div>
|
||||
|
||||
|
||||
@@ -51,7 +51,7 @@ VPNs cannot encrypt data outside the connection between your device and the VPN
|
||||
|
||||
Using a VPN in cases where you're using your [real-life or well-known identity](common-misconceptions.md#complicated-is-better) online is unlikely to be useful. Doing so may trigger spam and fraud detection systems, such as if you were to log into your bank's website.
|
||||
|
||||
It's important to remember that a VPN will not provide you with absolute anonymity, because the VPN provider itself will still see your real IP address, destination website information, and often has a money trail that can be linked directly back to you. You can't rely on "no logging" policies to protect your data from anyone who is able to protect. If you need complete safety from the network itself, consider using [Tor](../advanced/tor-overview.md) in addition to or instead of a VPN.
|
||||
It's important to remember that a VPN will not provide you with absolute anonymity because the VPN provider itself will still have access to your real IP address, destination website information, and often a money trail that can be linked directly back to you. "No logging" policies are merely a promise; if you need complete safety from the network itself, consider using [Tor](../advanced/tor-overview.md) in addition to or instead of a VPN.
|
||||
|
||||
You also should not trust a VPN to secure your connection to an unencrypted, HTTP destination. In order to keep what you actually do on the websites you visit private and secure, you must use HTTPS. This will keep your passwords, session tokens, and queries safe from the VPN provider and other potential adversaries in between the VPN server and your destination. You should enable HTTPS-only mode in your browser (if it's supported) to mitigate attacks which try to downgrade your connection from HTTPS to HTTP.
|
||||
|
||||
|
||||
+5
-5
@@ -26,7 +26,7 @@ These are our favorite public DNS resolvers based on their privacy and security
|
||||
| [**AdGuard Public DNS**](https://adguard-dns.io/en/public-dns.html) | Cleartext DoH/3 DoT DoQ DNSCrypt | Anonymized[^1] | Anonymized | Based on server choice. Die verwendete Filterliste findest du hier. [:octicons-link-external-24:](https://github.com/AdguardTeam/AdGuardDNS) | Yes [:octicons-link-external-24:](https://adguard-dns.io/en/blog/encrypted-dns-ios-14.html) |
|
||||
| [**Cloudflare**](https://developers.cloudflare.com/1.1.1.1/setup) | Cleartext DoH/3 DoT | Anonymized[^2] | Nein | Based on server choice. | No [:octicons-link-external-24:](https://community.cloudflare.com/t/requesting-1-1-1-1-signed-profiles-for-apple/571846) |
|
||||
| [**Control D Free DNS**](https://controld.com/free-dns) | Cleartext DoH/3 DoT DoQ | No[^3] | Nein | Based on server choice. | Yes [:octicons-link-external-24:](https://docs.controld.com/docs/macos-platform) |
|
||||
| [**dns0.eu**](https://dns0.eu) | Cleartext DoH/3 DoH DoT DoQ | Anonymized[^4] | Anonymized | Based on server choice. | Yes [:octicons-link-external-24:](https://dns0.eu/zero.dns0.eu.mobileconfig) |
|
||||
| [**DNS0.eu**](https://dns0.eu) | Cleartext DoH/3 DoH DoT DoQ | Anonymized[^4] | Anonymized | Based on server choice. | Yes [:octicons-link-external-24:](https://dns0.eu/zero.dns0.eu.mobileconfig) |
|
||||
| [**Mullvad**](https://mullvad.net/en/help/dns-over-https-and-dns-over-tls) | DoH DoT | No[^5] | Nein | Based on server choice. Die verwendete Filterliste findest du hier. [:octicons-link-external-24:](https://github.com/mullvad/dns-adblock) | Yes [:octicons-link-external-24:](https://mullvad.net/en/blog/profiles-to-configure-our-encrypted-dns-on-apple-devices) |
|
||||
| [**Quad9**](https://quad9.net) | Cleartext DoH DoT DNSCrypt | Anonymized[^6] | Optional | Based on server choice, malware blocking by default. | Yes [:octicons-link-external-24:](https://quad9.net/news/blog/ios-mobile-provisioning-profiles) |
|
||||
|
||||
@@ -166,13 +166,13 @@ Verschlüsselte DNS-Proxy-Software stellt einen lokalen Proxy für den [unversch
|
||||
|
||||
While RethinkDNS takes up the Android VPN slot, you can still use a VPN or Orbot with the app by [adding a WireGuard configuration](https://docs.rethinkdns.com/proxy/wireguard) or [manually configuring Orbot as a Proxy server](https://docs.rethinkdns.com/firewall/orbot), respectively.
|
||||
|
||||
### dnscrypt-proxy
|
||||
### DNSCrypt-Proxy
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**dnscrypt-proxy** is a DNS proxy with support for [DNSCrypt](advanced/dns-overview.md#dnscrypt), [DNS-over-HTTPS](advanced/dns-overview.md#dns-over-https-doh), and [Anonymized DNS](https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Anonymized-DNS).
|
||||
**DNSCrypt-Proxy** is a DNS proxy with support for [DNSCrypt](advanced/dns-overview.md#dnscrypt), [DNS-over-HTTPS](advanced/dns-overview.md#dns-over-https-doh), and [Anonymized DNS](https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Anonymized-DNS).
|
||||
|
||||
[:octicons-repo-16: Repository](https://github.com/DNSCrypt/dnscrypt-proxy){ .md-button .md-button--primary }
|
||||
[:octicons-info-16:](https://github.com/DNSCrypt/dnscrypt-proxy/wiki){ .card-link title=Documentation}
|
||||
@@ -216,6 +216,6 @@ Additionally, all public providers:
|
||||
[^1]: AdGuard stores aggregated performance metrics of their DNS servers, namely the number of complete requests to a particular server, the number of blocked requests, and the speed of processing requests. They also keep and store the database of domains requested in within last 24 hours. "We need this information to identify and block new trackers and threats." "We also log how many times this or that tracker has been blocked. We need this information to remove outdated rules from our filters." [https://adguard-dns.io/en/privacy.html](https://adguard-dns.io/en/privacy.html)
|
||||
[^2]: Cloudflare collects and stores only the limited DNS query data that is sent to the 1.1.1.1 resolver. The 1.1.1.1 resolver service does not log personal data, and the bulk of the limited non-personally identifiable query data is stored only for 25 hours. [https://developers.cloudflare.com/1.1.1.1/privacy/public-dns-resolver/](https://developers.cloudflare.com/1.1.1.1/privacy/public-dns-resolver)
|
||||
[^3]: Control D only logs for Premium resolvers with custom DNS profiles. Free resolvers do not log data. [https://controld.com/privacy](https://controld.com/privacy)
|
||||
[^4]: dns0.eu collects some data for their threat intelligence feeds, to monitor for newly registered/observed/active domains and other bulk data. That data is shared with some [partners](https://docs.dns0.eu/data-feeds/introduction) for e.g. security research. They do not collect any Personally Identifiable Information. [https://dns0.eu/privacy](https://dns0.eu/privacy)
|
||||
[^4]: DNS0.eu collects some data for their threat intelligence feeds, to monitor for newly registered/observed/active domains and other bulk data. That data is shared with some [partners](https://docs.dns0.eu/data-feeds/introduction) for e.g. security research. They do not collect any Personally Identifiable Information. [https://dns0.eu/privacy](https://dns0.eu/privacy)
|
||||
[^5]: Mullvad's DNS service is available to both subscribers and non-subscribers of Mullvad VPN. Their privacy policy explicitly claims they do not log DNS requests in any way. [https://mullvad.net/en/help/no-logging-data-policy/](https://mullvad.net/en/help/no-logging-data-policy)
|
||||
[^6]: Quad9 collects some data for the purposes of threat monitoring and response. That data may then be remixed and shared, such as for the purpose of security research. Quad9 does not collect or record IP addresses or other data they deem personally identifiable. [https://quad9.net/privacy/policy](https://quad9.net/privacy/policy)
|
||||
|
||||
@@ -14,7 +14,7 @@ Mit einem **E-Mail-Aliasing-Dienst** kannst du für jede Website, für die du di
|
||||
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji } [addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji } [Addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji } [SimpleLogin](email-aliasing.md#simplelogin)
|
||||
|
||||
</div>
|
||||
@@ -36,13 +36,13 @@ Unsere E-Mail-Aliasing-Empfehlungen beziehen sich auf Provider, die es dir ermö
|
||||
|
||||
Die Verwendung eines Alias-Dienstes setzt voraus, dass du sowohl deinem E-Mail-Anbieter als auch deinem Alias-Anbieter deine unverschlüsselten Nachrichten anvertraust. Einige Anbieter entschärfen dieses Problem teils durch automatische PGP-Verschlüsselung[^1], bei der die Anzahl der Parteien, denen du vertrauen musst, von zwei auf eine reduziert wird, indem eingehende E-Mails verschlüsselt werden, bevor sie an deinen endgültigen Mailbox-Anbieter übermittelt werden.
|
||||
|
||||
### addy.io
|
||||
### Addy.io
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**addy.io** lässt dich 10 Domain-Aliase auf einer gemeinsam genutzten Domain kostenlos oder unbegrenzt „Standard“-Aliase erstellen.
|
||||
**Addy.io** lets you create 10 domain aliases on a shared domain for free, or unlimited "standard" aliases.
|
||||
|
||||
[:octicons-home-16: Homepage](https://addy.io){ .md-button .md-button--primary }
|
||||
[:octicons-eye-16:](https://addy.io/privacy){ .card-link title="Datenschutzerklärung" }
|
||||
@@ -62,9 +62,9 @@ Die Verwendung eines Alias-Dienstes setzt voraus, dass du sowohl deinem E-Mail-A
|
||||
|
||||
</div>
|
||||
|
||||
Die Anzahl der geteilten Aliase (die auf eine gemeinsam genutzte Domain wie @addy.io enden), die du erstellen kannst, ist beim kostenlosen Tarif von addy.io auf 10 begrenzt, beim Tarif für 1 €/Monat auf 50 und beim Tarif für 4 €/Monat (der für ein Jahr mit 3 € berechnet wird) unbegrenzt. Du kannst für diese Tarife mit [Kryptowährung](https://addy.io/help/subscribing-with-cryptocurrency) bezahlen oder einen Gutscheincode von [ProxyStore](https://addy.io/help/voucher-codes), addy.io's offiziellem Reseller, erwerben.
|
||||
The number of shared aliases (which end in a shared domain like @addy.io) that you can create is limited to 10 on Addy.io's free plan, 50 on their $1/month plan and unlimited on the $4/month plan (billed $3 for a year). You can pay for these plans using [cryptocurrency](https://addy.io/help/subscribing-with-cryptocurrency) or purchase a voucher code from [ProxyStore](https://addy.io/help/voucher-codes), Addy.io's official reseller.
|
||||
|
||||
Du kannst unbegrenzt viele Standard-Aliase erstellen, die auf eine Domain wie @[Benutzername].addy.io oder eine benutzerdefinierte Domain bei kostenpflichtigen Tarifen enden. Wie bereits erwähnt, kann sich dies jedoch nachteilig auf deine Privatsphäre auswirken, da andere Personen deine Standard-Aliasnamen allein aufgrund des Domainnamens trivialerweise miteinander verknüpfen können. Standard Aliase sind sinnvoll, wenn geteilte Domains von einer Website geblockt werden. Securitum [auditierte](https://addy.io/blog/addy-io-passes-independent-security-audit) addy.io im September 2023, wobei keine signifikanten Schwachstellen [identifiziert wurden](https://addy.io/addy-io-security-audit.pdf).
|
||||
Du kannst unbegrenzt viele Standard-Aliase erstellen, die auf eine Domain wie @[Benutzername].addy.io oder eine benutzerdefinierte Domain bei kostenpflichtigen Tarifen enden. Wie bereits erwähnt, kann sich dies jedoch nachteilig auf deine Privatsphäre auswirken, da andere Personen deine Standard-Aliasnamen allein aufgrund des Domainnamens trivialerweise miteinander verknüpfen können. Standard Aliase sind sinnvoll, wenn geteilte Domains von einer Website geblockt werden. Securitum [audited](https://addy.io/blog/addy-io-passes-independent-security-audit) Addy.io in September 2023 and no significant vulnerabilities [were identified](https://addy.io/addy-io-security-audit.pdf).
|
||||
|
||||
Bemerkenswerte kostenlose Funktionen:
|
||||
|
||||
|
||||
@@ -16,13 +16,13 @@ Keep track of your health and fitness-related goals with these apps. Unlike thei
|
||||
|
||||
Popular menstrual trackers like [Flo](https://techcrunch.com/2021/01/13/flo-gets-ftc-slap-for-sharing-user-data-when-it-promised-privacy) are notorious for collecting and sharing your user data. Depending on your jurisdiction, this may lead to [legal consequences](https://forbes.com/sites/abigaildubiniecki/2024/11/14/post-roe-your-period-app-data-could-be-used-against-you) affecting your reproductive autonomy.
|
||||
|
||||
### drip.
|
||||
### Drip
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**drip.** is a gender-inclusive and open source menstrual cycle tracker available on all mobile platforms. It relies on the "sympto-thermal method" to predict ovulation. All user data is stored locally on your device and can be protected with a password.
|
||||
**Drip** is a gender-inclusive and open source menstrual cycle tracker available on all mobile platforms. It relies on the "sympto-thermal method" to predict ovulation. All user data is stored locally on your device and can be protected with a password.
|
||||
|
||||
[:octicons-home-16: Homepage](https://bloodyhealth.gitlab.io){ .md-button .md-button--primary }
|
||||
[:octicons-eye-16:](https://bloodyhealth.gitlab.io/privacy-policy.html){ .card-link title="Privacy Policy" }
|
||||
|
||||
@@ -105,7 +105,7 @@ schema:
|
||||
-
|
||||
"@context": http://schema.org
|
||||
"@type": SoftwareApplication
|
||||
name: gopass
|
||||
name: Gopass
|
||||
image: /assets/img/password-management/gopass.svg
|
||||
url: https://gopass.pw
|
||||
applicationCategory: Passwort-Manager
|
||||
@@ -363,13 +363,13 @@ KeePassXC speichert seine Exportdaten als [CSV-Dateien](https://en.wikipedia.org
|
||||
|
||||
</div>
|
||||
|
||||
### gopass (CLI)
|
||||
### Gopass (CLI)
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**gopass** ist ein minimaler, in Go geschriebener Passwortmanager für die Kommandozeile. Es kann innerhalb von Skripting-Anwendungen verwendet werden und funktioniert auf allen wichtigen Desktop- und Server-Betriebssystemen.
|
||||
**Gopass** is a minimal password manager for the command line written in Go. Es kann innerhalb von Skripting-Anwendungen verwendet werden und funktioniert auf allen wichtigen Desktop- und Server-Betriebssystemen.
|
||||
|
||||
[:octicons-home-16: Homepage](https://gopass.pw){ .md-button .md-button--primary }
|
||||
[:octicons-info-16:](https://github.com/gopasspw/gopass/tree/master/docs){ .card-link title="Dokumentation" }
|
||||
|
||||
+4
-4
@@ -209,7 +209,7 @@ If you're looking for added **security**, you should always ensure you're connec
|
||||
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji loading=lazy } [addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji loading=lazy } [Addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji loading=lazy } [SimpleLogin](email-aliasing.md#simplelogin)
|
||||
|
||||
</div>
|
||||
@@ -284,7 +284,7 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji loading=lazy }{ .twemoji loading=lazy } [RethinkDNS](dns.md#rethinkdns)
|
||||
- { .twemoji loading=lazy } [dnscrypt-proxy](dns.md#dnscrypt-proxy)
|
||||
- { .twemoji loading=lazy } [DNSCrypt-Proxy](dns.md#dnscrypt-proxy)
|
||||
|
||||
</div>
|
||||
|
||||
@@ -480,7 +480,7 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
|
||||
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji loading=lazy } [drip.](health-and-wellness.md#drip)
|
||||
- { .twemoji loading=lazy } [Drip](health-and-wellness.md#drip)
|
||||
- { .twemoji loading=lazy } [Euki](health-and-wellness.md#euki)
|
||||
- { .twemoji loading=lazy } { .twemoji loading=lazy }[Apple Health](health-and-wellness.md#apple-health)
|
||||
- { .twemoji loading=lazy }{ .twemoji loading=lazy } [Gadgetbridge](health-and-wellness.md#gadgetbridge)
|
||||
@@ -575,7 +575,7 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
|
||||
- { .twemoji loading=lazy } [Psono](passwords.md#psono)
|
||||
- { .twemoji loading=lazy } [KeePassXC](passwords.md#keepassxc)
|
||||
- { .twemoji loading=lazy } [KeePassDX (Android)](passwords.md#keepassdx-android)
|
||||
- { .twemoji loading=lazy } [gopass (CLI)](passwords.md#gopass-cli)
|
||||
- { .twemoji loading=lazy } [Gopass (CLI)](passwords.md#gopass-cli)
|
||||
|
||||
</div>
|
||||
|
||||
|
||||
@@ -51,7 +51,7 @@ VPNs cannot encrypt data outside the connection between your device and the VPN
|
||||
|
||||
Using a VPN in cases where you're using your [real-life or well-known identity](common-misconceptions.md#complicated-is-better) online is unlikely to be useful. Doing so may trigger spam and fraud detection systems, such as if you were to log into your bank's website.
|
||||
|
||||
It's important to remember that a VPN will not provide you with absolute anonymity, because the VPN provider itself will still see your real IP address, destination website information, and often has a money trail that can be linked directly back to you. You can't rely on "no logging" policies to protect your data from anyone who is able to protect. If you need complete safety from the network itself, consider using [Tor](../advanced/tor-overview.md) in addition to or instead of a VPN.
|
||||
It's important to remember that a VPN will not provide you with absolute anonymity because the VPN provider itself will still have access to your real IP address, destination website information, and often a money trail that can be linked directly back to you. "No logging" policies are merely a promise; if you need complete safety from the network itself, consider using [Tor](../advanced/tor-overview.md) in addition to or instead of a VPN.
|
||||
|
||||
You also should not trust a VPN to secure your connection to an unencrypted, HTTP destination. In order to keep what you actually do on the websites you visit private and secure, you must use HTTPS. This will keep your passwords, session tokens, and queries safe from the VPN provider and other potential adversaries in between the VPN server and your destination. You should enable HTTPS-only mode in your browser (if it's supported) to mitigate attacks which try to downgrade your connection from HTTPS to HTTP.
|
||||
|
||||
|
||||
+5
-5
@@ -26,7 +26,7 @@ These are our favorite public DNS resolvers based on their privacy and security
|
||||
| [**AdGuard Public DNS**](https://adguard-dns.io/en/public-dns.html) | Cleartext DoH/3 DoT DoQ DNSCrypt | Anonymized[^1] | Anonymized | Based on server choice. Filter list being used can be found here. [:octicons-link-external-24:](https://github.com/AdguardTeam/AdGuardDNS) | Yes [:octicons-link-external-24:](https://adguard-dns.io/en/blog/encrypted-dns-ios-14.html) |
|
||||
| [**Cloudflare**](https://developers.cloudflare.com/1.1.1.1/setup) | Cleartext DoH/3 DoT | Anonymized[^2] | No | Based on server choice. | No [:octicons-link-external-24:](https://community.cloudflare.com/t/requesting-1-1-1-1-signed-profiles-for-apple/571846) |
|
||||
| [**Control D Free DNS**](https://controld.com/free-dns) | Cleartext DoH/3 DoT DoQ | No[^3] | No | Based on server choice. | Yes [:octicons-link-external-24:](https://docs.controld.com/docs/macos-platform) |
|
||||
| [**dns0.eu**](https://dns0.eu) | Cleartext DoH/3 DoH DoT DoQ | Anonymized[^4] | Anonymized | Based on server choice. | Yes [:octicons-link-external-24:](https://dns0.eu/zero.dns0.eu.mobileconfig) |
|
||||
| [**DNS0.eu**](https://dns0.eu) | Cleartext DoH/3 DoH DoT DoQ | Anonymized[^4] | Anonymized | Based on server choice. | Yes [:octicons-link-external-24:](https://dns0.eu/zero.dns0.eu.mobileconfig) |
|
||||
| [**Mullvad**](https://mullvad.net/en/help/dns-over-https-and-dns-over-tls) | DoH DoT | No[^5] | No | Based on server choice. Filter list being used can be found here. [:octicons-link-external-24:](https://github.com/mullvad/dns-adblock) | Yes [:octicons-link-external-24:](https://mullvad.net/en/blog/profiles-to-configure-our-encrypted-dns-on-apple-devices) |
|
||||
| [**Quad9**](https://quad9.net) | Cleartext DoH DoT DNSCrypt | Anonymized[^6] | Optional | Based on server choice, malware blocking by default. | Yes [:octicons-link-external-24:](https://quad9.net/news/blog/ios-mobile-provisioning-profiles) |
|
||||
|
||||
@@ -166,13 +166,13 @@ Encrypted DNS proxy software provides a local proxy for the [unencrypted DNS](ad
|
||||
|
||||
While RethinkDNS takes up the Android VPN slot, you can still use a VPN or Orbot with the app by [adding a WireGuard configuration](https://docs.rethinkdns.com/proxy/wireguard) or [manually configuring Orbot as a Proxy server](https://docs.rethinkdns.com/firewall/orbot), respectively.
|
||||
|
||||
### dnscrypt-proxy
|
||||
### DNSCrypt-Proxy
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**dnscrypt-proxy** is a DNS proxy with support for [DNSCrypt](advanced/dns-overview.md#dnscrypt), [DNS-over-HTTPS](advanced/dns-overview.md#dns-over-https-doh), and [Anonymized DNS](https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Anonymized-DNS).
|
||||
**DNSCrypt-Proxy** is a DNS proxy with support for [DNSCrypt](advanced/dns-overview.md#dnscrypt), [DNS-over-HTTPS](advanced/dns-overview.md#dns-over-https-doh), and [Anonymized DNS](https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Anonymized-DNS).
|
||||
|
||||
[:octicons-repo-16: Repository](https://github.com/DNSCrypt/dnscrypt-proxy){ .md-button .md-button--primary }
|
||||
[:octicons-info-16:](https://github.com/DNSCrypt/dnscrypt-proxy/wiki){ .card-link title=Documentation}
|
||||
@@ -216,6 +216,6 @@ Additionally, all public providers:
|
||||
[^1]: AdGuard stores aggregated performance metrics of their DNS servers, namely the number of complete requests to a particular server, the number of blocked requests, and the speed of processing requests. They also keep and store the database of domains requested in within last 24 hours. "We need this information to identify and block new trackers and threats." "We also log how many times this or that tracker has been blocked. We need this information to remove outdated rules from our filters." [https://adguard-dns.io/en/privacy.html](https://adguard-dns.io/en/privacy.html)
|
||||
[^2]: Cloudflare collects and stores only the limited DNS query data that is sent to the 1.1.1.1 resolver. The 1.1.1.1 resolver service does not log personal data, and the bulk of the limited non-personally identifiable query data is stored only for 25 hours. [https://developers.cloudflare.com/1.1.1.1/privacy/public-dns-resolver/](https://developers.cloudflare.com/1.1.1.1/privacy/public-dns-resolver)
|
||||
[^3]: Control D only logs for Premium resolvers with custom DNS profiles. Free resolvers do not log data. [https://controld.com/privacy](https://controld.com/privacy)
|
||||
[^4]: dns0.eu collects some data for their threat intelligence feeds, to monitor for newly registered/observed/active domains and other bulk data. That data is shared with some [partners](https://docs.dns0.eu/data-feeds/introduction) for e.g. security research. They do not collect any Personally Identifiable Information. [https://dns0.eu/privacy](https://dns0.eu/privacy)
|
||||
[^4]: DNS0.eu collects some data for their threat intelligence feeds, to monitor for newly registered/observed/active domains and other bulk data. That data is shared with some [partners](https://docs.dns0.eu/data-feeds/introduction) for e.g. security research. They do not collect any Personally Identifiable Information. [https://dns0.eu/privacy](https://dns0.eu/privacy)
|
||||
[^5]: Mullvad's DNS service is available to both subscribers and non-subscribers of Mullvad VPN. Their privacy policy explicitly claims they do not log DNS requests in any way. [https://mullvad.net/en/help/no-logging-data-policy/](https://mullvad.net/en/help/no-logging-data-policy)
|
||||
[^6]: Quad9 collects some data for the purposes of threat monitoring and response. That data may then be remixed and shared, such as for the purpose of security research. Quad9 does not collect or record IP addresses or other data they deem personally identifiable. [https://quad9.net/privacy/policy](https://quad9.net/privacy/policy)
|
||||
|
||||
@@ -14,7 +14,7 @@ An **email aliasing service** allows you to easily generate a new email address
|
||||
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji } [addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji } [Addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji } [SimpleLogin](email-aliasing.md#simplelogin)
|
||||
|
||||
</div>
|
||||
@@ -36,13 +36,13 @@ Our email aliasing recommendations are providers that allow you to create aliase
|
||||
|
||||
Using an aliasing service requires trusting both your email provider and your aliasing provider with your unencrypted messages. Some providers mitigate this slightly with automatic PGP encryption[^1], which reduces the number of parties you need to trust from two to one by encrypting incoming emails before they are delivered to your final mailbox provider.
|
||||
|
||||
### addy.io
|
||||
### Addy.io
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**addy.io** lets you create 10 domain aliases on a shared domain for free, or unlimited "standard" aliases.
|
||||
**Addy.io** lets you create 10 domain aliases on a shared domain for free, or unlimited "standard" aliases.
|
||||
|
||||
[:octicons-home-16: Homepage](https://addy.io){ .md-button .md-button--primary }
|
||||
[:octicons-eye-16:](https://addy.io/privacy){ .card-link title="Privacy Policy" }
|
||||
@@ -62,9 +62,9 @@ Using an aliasing service requires trusting both your email provider and your al
|
||||
|
||||
</div>
|
||||
|
||||
The number of shared aliases (which end in a shared domain like @addy.io) that you can create is limited to 10 on addy.io's free plan, 50 on their $1/month plan and unlimited on the $4/month plan (billed $3 for a year). You can pay for these plans using [cryptocurrency](https://addy.io/help/subscribing-with-cryptocurrency) or purchase a voucher code from [ProxyStore](https://addy.io/help/voucher-codes), addy.io's official reseller.
|
||||
The number of shared aliases (which end in a shared domain like @addy.io) that you can create is limited to 10 on Addy.io's free plan, 50 on their $1/month plan and unlimited on the $4/month plan (billed $3 for a year). You can pay for these plans using [cryptocurrency](https://addy.io/help/subscribing-with-cryptocurrency) or purchase a voucher code from [ProxyStore](https://addy.io/help/voucher-codes), Addy.io's official reseller.
|
||||
|
||||
You can create unlimited standard aliases which end in a domain like @[username].addy.io or a custom domain on paid plans. However, as previously mentioned, this can be detrimental to privacy because people can trivially tie your standard aliases together based on the domain name alone. They are useful where a shared domain might be blocked by a service. Securitum [audited](https://addy.io/blog/addy-io-passes-independent-security-audit) addy.io in September 2023 and no significant vulnerabilities [were identified](https://addy.io/addy-io-security-audit.pdf).
|
||||
You can create unlimited standard aliases which end in a domain like @[username].addy.io or a custom domain on paid plans. However, as previously mentioned, this can be detrimental to privacy because people can trivially tie your standard aliases together based on the domain name alone. They are useful where a shared domain might be blocked by a service. Securitum [audited](https://addy.io/blog/addy-io-passes-independent-security-audit) Addy.io in September 2023 and no significant vulnerabilities [were identified](https://addy.io/addy-io-security-audit.pdf).
|
||||
|
||||
Notable free features:
|
||||
|
||||
|
||||
@@ -16,13 +16,13 @@ Keep track of your health and fitness-related goals with these apps. Unlike thei
|
||||
|
||||
Popular menstrual trackers like [Flo](https://techcrunch.com/2021/01/13/flo-gets-ftc-slap-for-sharing-user-data-when-it-promised-privacy) are notorious for collecting and sharing your user data. Depending on your jurisdiction, this may lead to [legal consequences](https://forbes.com/sites/abigaildubiniecki/2024/11/14/post-roe-your-period-app-data-could-be-used-against-you) affecting your reproductive autonomy.
|
||||
|
||||
### drip.
|
||||
### Drip
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**drip.** is a gender-inclusive and open source menstrual cycle tracker available on all mobile platforms. It relies on the "sympto-thermal method" to predict ovulation. All user data is stored locally on your device and can be protected with a password.
|
||||
**Drip** is a gender-inclusive and open source menstrual cycle tracker available on all mobile platforms. It relies on the "sympto-thermal method" to predict ovulation. All user data is stored locally on your device and can be protected with a password.
|
||||
|
||||
[:octicons-home-16: Homepage](https://bloodyhealth.gitlab.io){ .md-button .md-button--primary }
|
||||
[:octicons-eye-16:](https://bloodyhealth.gitlab.io/privacy-policy.html){ .card-link title="Privacy Policy" }
|
||||
|
||||
@@ -105,7 +105,7 @@ schema:
|
||||
-
|
||||
"@context": http://schema.org
|
||||
"@type": SoftwareApplication
|
||||
name: gopass
|
||||
name: Gopass
|
||||
image: /assets/img/password-management/gopass.svg
|
||||
url: https://gopass.pw
|
||||
applicationCategory: Διαχειριστής Κωδικών
|
||||
@@ -363,13 +363,13 @@ KeePassXC stores its export data as [CSV](https://en.wikipedia.org/wiki/Comma-se
|
||||
|
||||
</div>
|
||||
|
||||
### gopass (CLI)
|
||||
### Gopass (CLI)
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**gopass** is a minimal password manager for the command line written in Go. It can be used within scripting applications and works on all major desktop and server operating systems.
|
||||
**Gopass** is a minimal password manager for the command line written in Go. It can be used within scripting applications and works on all major desktop and server operating systems.
|
||||
|
||||
[:octicons-home-16: Homepage](https://gopass.pw){ .md-button .md-button--primary }
|
||||
[:octicons-info-16:](https://github.com/gopasspw/gopass/tree/master/docs){ .card-link title="Documentation" }
|
||||
|
||||
+4
-4
@@ -209,7 +209,7 @@ If you're looking for added **security**, you should always ensure you're connec
|
||||
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji loading=lazy } [addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji loading=lazy } [Addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji loading=lazy } [SimpleLogin](email-aliasing.md#simplelogin)
|
||||
|
||||
</div>
|
||||
@@ -284,7 +284,7 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji loading=lazy }{ .twemoji loading=lazy } [RethinkDNS](dns.md#rethinkdns)
|
||||
- { .twemoji loading=lazy } [dnscrypt-proxy](dns.md#dnscrypt-proxy)
|
||||
- { .twemoji loading=lazy } [DNSCrypt-Proxy](dns.md#dnscrypt-proxy)
|
||||
|
||||
</div>
|
||||
|
||||
@@ -480,7 +480,7 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
|
||||
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji loading=lazy } [drip.](health-and-wellness.md#drip)
|
||||
- { .twemoji loading=lazy } [Drip](health-and-wellness.md#drip)
|
||||
- { .twemoji loading=lazy } [Euki](health-and-wellness.md#euki)
|
||||
- { .twemoji loading=lazy } { .twemoji loading=lazy }[Apple Health](health-and-wellness.md#apple-health)
|
||||
- { .twemoji loading=lazy }{ .twemoji loading=lazy } [Gadgetbridge](health-and-wellness.md#gadgetbridge)
|
||||
@@ -575,7 +575,7 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
|
||||
- { .twemoji loading=lazy } [Psono](passwords.md#psono)
|
||||
- { .twemoji loading=lazy } [KeePassXC](passwords.md#keepassxc)
|
||||
- { .twemoji loading=lazy } [KeePassDX (Android)](passwords.md#keepassdx-android)
|
||||
- { .twemoji loading=lazy } [gopass (CLI)](passwords.md#gopass-cli)
|
||||
- { .twemoji loading=lazy } [Gopass (CLI)](passwords.md#gopass-cli)
|
||||
|
||||
</div>
|
||||
|
||||
|
||||
@@ -51,7 +51,7 @@ VPNs cannot encrypt data outside the connection between your device and the VPN
|
||||
|
||||
Using a VPN in cases where you're using your [real-life or well-known identity](common-misconceptions.md#complicated-is-better) online is unlikely to be useful. Doing so may trigger spam and fraud detection systems, such as if you were to log into your bank's website.
|
||||
|
||||
It's important to remember that a VPN will not provide you with absolute anonymity, because the VPN provider itself will still see your real IP address, destination website information, and often has a money trail that can be linked directly back to you. You can't rely on "no logging" policies to protect your data from anyone who is able to protect. If you need complete safety from the network itself, consider using [Tor](../advanced/tor-overview.md) in addition to or instead of a VPN.
|
||||
It's important to remember that a VPN will not provide you with absolute anonymity because the VPN provider itself will still have access to your real IP address, destination website information, and often a money trail that can be linked directly back to you. "No logging" policies are merely a promise; if you need complete safety from the network itself, consider using [Tor](../advanced/tor-overview.md) in addition to or instead of a VPN.
|
||||
|
||||
You also should not trust a VPN to secure your connection to an unencrypted, HTTP destination. In order to keep what you actually do on the websites you visit private and secure, you must use HTTPS. This will keep your passwords, session tokens, and queries safe from the VPN provider and other potential adversaries in between the VPN server and your destination. You should enable HTTPS-only mode in your browser (if it's supported) to mitigate attacks which try to downgrade your connection from HTTPS to HTTP.
|
||||
|
||||
|
||||
+5
-5
@@ -26,7 +26,7 @@ These are our favorite public DNS resolvers based on their privacy and security
|
||||
| [**AdGuard Public DNS**](https://adguard-dns.io/en/public-dns.html) | Cleartext DoH/3 DoT DoQ DNSCrypt | Anonymized[^1] | Anonymized | Based on server choice. Filter list being used can be found here. [:octicons-link-external-24:](https://github.com/AdguardTeam/AdGuardDNS) | Yes [:octicons-link-external-24:](https://adguard-dns.io/en/blog/encrypted-dns-ios-14.html) |
|
||||
| [**Cloudflare**](https://developers.cloudflare.com/1.1.1.1/setup) | Cleartext DoH/3 DoT | Anonymized[^2] | No | Based on server choice. | No [:octicons-link-external-24:](https://community.cloudflare.com/t/requesting-1-1-1-1-signed-profiles-for-apple/571846) |
|
||||
| [**Control D Free DNS**](https://controld.com/free-dns) | Cleartext DoH/3 DoT DoQ | No[^3] | No | Based on server choice. | Yes [:octicons-link-external-24:](https://docs.controld.com/docs/macos-platform) |
|
||||
| [**dns0.eu**](https://dns0.eu) | Cleartext DoH/3 DoH DoT DoQ | Anonymized[^4] | Anonymized | Based on server choice. | Yes [:octicons-link-external-24:](https://dns0.eu/zero.dns0.eu.mobileconfig) |
|
||||
| [**DNS0.eu**](https://dns0.eu) | Cleartext DoH/3 DoH DoT DoQ | Anonymized[^4] | Anonymized | Based on server choice. | Yes [:octicons-link-external-24:](https://dns0.eu/zero.dns0.eu.mobileconfig) |
|
||||
| [**Mullvad**](https://mullvad.net/en/help/dns-over-https-and-dns-over-tls) | DoH DoT | No[^5] | No | Based on server choice. Filter list being used can be found here. [:octicons-link-external-24:](https://github.com/mullvad/dns-adblock) | Yes [:octicons-link-external-24:](https://mullvad.net/en/blog/profiles-to-configure-our-encrypted-dns-on-apple-devices) |
|
||||
| [**Quad9**](https://quad9.net) | Cleartext DoH DoT DNSCrypt | Anonymized[^6] | Optional | Based on server choice, malware blocking by default. | Yes [:octicons-link-external-24:](https://quad9.net/news/blog/ios-mobile-provisioning-profiles) |
|
||||
|
||||
@@ -166,13 +166,13 @@ Encrypted DNS proxy software provides a local proxy for the [unencrypted DNS](ad
|
||||
|
||||
While RethinkDNS takes up the Android VPN slot, you can still use a VPN or Orbot with the app by [adding a WireGuard configuration](https://docs.rethinkdns.com/proxy/wireguard) or [manually configuring Orbot as a Proxy server](https://docs.rethinkdns.com/firewall/orbot), respectively.
|
||||
|
||||
### dnscrypt-proxy
|
||||
### DNSCrypt-Proxy
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**dnscrypt-proxy** is a DNS proxy with support for [DNSCrypt](advanced/dns-overview.md#dnscrypt), [DNS-over-HTTPS](advanced/dns-overview.md#dns-over-https-doh), and [Anonymized DNS](https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Anonymized-DNS).
|
||||
**DNSCrypt-Proxy** is a DNS proxy with support for [DNSCrypt](advanced/dns-overview.md#dnscrypt), [DNS-over-HTTPS](advanced/dns-overview.md#dns-over-https-doh), and [Anonymized DNS](https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Anonymized-DNS).
|
||||
|
||||
[:octicons-repo-16: Repository](https://github.com/DNSCrypt/dnscrypt-proxy){ .md-button .md-button--primary }
|
||||
[:octicons-info-16:](https://github.com/DNSCrypt/dnscrypt-proxy/wiki){ .card-link title=Documentation}
|
||||
@@ -216,6 +216,6 @@ Additionally, all public providers:
|
||||
[^1]: AdGuard stores aggregated performance metrics of their DNS servers, namely the number of complete requests to a particular server, the number of blocked requests, and the speed of processing requests. They also keep and store the database of domains requested in within last 24 hours. "We need this information to identify and block new trackers and threats." "We also log how many times this or that tracker has been blocked. We need this information to remove outdated rules from our filters." [https://adguard-dns.io/en/privacy.html](https://adguard-dns.io/en/privacy.html)
|
||||
[^2]: Cloudflare collects and stores only the limited DNS query data that is sent to the 1.1.1.1 resolver. The 1.1.1.1 resolver service does not log personal data, and the bulk of the limited non-personally identifiable query data is stored only for 25 hours. [https://developers.cloudflare.com/1.1.1.1/privacy/public-dns-resolver/](https://developers.cloudflare.com/1.1.1.1/privacy/public-dns-resolver)
|
||||
[^3]: Control D only logs for Premium resolvers with custom DNS profiles. Free resolvers do not log data. [https://controld.com/privacy](https://controld.com/privacy)
|
||||
[^4]: dns0.eu collects some data for their threat intelligence feeds, to monitor for newly registered/observed/active domains and other bulk data. That data is shared with some [partners](https://docs.dns0.eu/data-feeds/introduction) for e.g. security research. They do not collect any Personally Identifiable Information. [https://dns0.eu/privacy](https://dns0.eu/privacy)
|
||||
[^4]: DNS0.eu collects some data for their threat intelligence feeds, to monitor for newly registered/observed/active domains and other bulk data. That data is shared with some [partners](https://docs.dns0.eu/data-feeds/introduction) for e.g. security research. They do not collect any Personally Identifiable Information. [https://dns0.eu/privacy](https://dns0.eu/privacy)
|
||||
[^5]: Mullvad's DNS service is available to both subscribers and non-subscribers of Mullvad VPN. Their privacy policy explicitly claims they do not log DNS requests in any way. [https://mullvad.net/en/help/no-logging-data-policy/](https://mullvad.net/en/help/no-logging-data-policy)
|
||||
[^6]: Quad9 collects some data for the purposes of threat monitoring and response. That data may then be remixed and shared, such as for the purpose of security research. Quad9 does not collect or record IP addresses or other data they deem personally identifiable. [https://quad9.net/privacy/policy](https://quad9.net/privacy/policy)
|
||||
|
||||
@@ -14,7 +14,7 @@ An **email aliasing service** allows you to easily generate a new email address
|
||||
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji } [addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji } [Addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji } [SimpleLogin](email-aliasing.md#simplelogin)
|
||||
|
||||
</div>
|
||||
@@ -36,13 +36,13 @@ Our email aliasing recommendations are providers that allow you to create aliase
|
||||
|
||||
Using an aliasing service requires trusting both your email provider and your aliasing provider with your unencrypted messages. Some providers mitigate this slightly with automatic PGP encryption[^1], which reduces the number of parties you need to trust from two to one by encrypting incoming emails before they are delivered to your final mailbox provider.
|
||||
|
||||
### addy.io
|
||||
### Addy.io
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**addy.io** lets you create 10 domain aliases on a shared domain for free, or unlimited "standard" aliases.
|
||||
**Addy.io** lets you create 10 domain aliases on a shared domain for free, or unlimited "standard" aliases.
|
||||
|
||||
[:octicons-home-16: Homepage](https://addy.io){ .md-button .md-button--primary }
|
||||
[:octicons-eye-16:](https://addy.io/privacy){ .card-link title="Privacy Policy" }
|
||||
@@ -62,9 +62,9 @@ Using an aliasing service requires trusting both your email provider and your al
|
||||
|
||||
</div>
|
||||
|
||||
The number of shared aliases (which end in a shared domain like @addy.io) that you can create is limited to 10 on addy.io's free plan, 50 on their $1/month plan and unlimited on the $4/month plan (billed $3 for a year). You can pay for these plans using [cryptocurrency](https://addy.io/help/subscribing-with-cryptocurrency) or purchase a voucher code from [ProxyStore](https://addy.io/help/voucher-codes), addy.io's official reseller.
|
||||
The number of shared aliases (which end in a shared domain like @addy.io) that you can create is limited to 10 on Addy.io's free plan, 50 on their $1/month plan and unlimited on the $4/month plan (billed $3 for a year). You can pay for these plans using [cryptocurrency](https://addy.io/help/subscribing-with-cryptocurrency) or purchase a voucher code from [ProxyStore](https://addy.io/help/voucher-codes), Addy.io's official reseller.
|
||||
|
||||
You can create unlimited standard aliases which end in a domain like @[username].addy.io or a custom domain on paid plans. However, as previously mentioned, this can be detrimental to privacy because people can trivially tie your standard aliases together based on the domain name alone. They are useful where a shared domain might be blocked by a service. Securitum [audited](https://addy.io/blog/addy-io-passes-independent-security-audit) addy.io in September 2023 and no significant vulnerabilities [were identified](https://addy.io/addy-io-security-audit.pdf).
|
||||
You can create unlimited standard aliases which end in a domain like @[username].addy.io or a custom domain on paid plans. However, as previously mentioned, this can be detrimental to privacy because people can trivially tie your standard aliases together based on the domain name alone. They are useful where a shared domain might be blocked by a service. Securitum [audited](https://addy.io/blog/addy-io-passes-independent-security-audit) Addy.io in September 2023 and no significant vulnerabilities [were identified](https://addy.io/addy-io-security-audit.pdf).
|
||||
|
||||
Notable free features:
|
||||
|
||||
|
||||
@@ -16,13 +16,13 @@ Keep track of your health and fitness-related goals with these apps. Unlike thei
|
||||
|
||||
Popular menstrual trackers like [Flo](https://techcrunch.com/2021/01/13/flo-gets-ftc-slap-for-sharing-user-data-when-it-promised-privacy) are notorious for collecting and sharing your user data. Depending on your jurisdiction, this may lead to [legal consequences](https://forbes.com/sites/abigaildubiniecki/2024/11/14/post-roe-your-period-app-data-could-be-used-against-you) affecting your reproductive autonomy.
|
||||
|
||||
### drip.
|
||||
### Drip
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**drip.** is a gender-inclusive and open source menstrual cycle tracker available on all mobile platforms. It relies on the "sympto-thermal method" to predict ovulation. All user data is stored locally on your device and can be protected with a password.
|
||||
**Drip** is a gender-inclusive and open source menstrual cycle tracker available on all mobile platforms. It relies on the "sympto-thermal method" to predict ovulation. All user data is stored locally on your device and can be protected with a password.
|
||||
|
||||
[:octicons-home-16: Homepage](https://bloodyhealth.gitlab.io){ .md-button .md-button--primary }
|
||||
[:octicons-eye-16:](https://bloodyhealth.gitlab.io/privacy-policy.html){ .card-link title="Privacy Policy" }
|
||||
|
||||
@@ -105,7 +105,7 @@ schema:
|
||||
-
|
||||
"@context": http://schema.org
|
||||
"@type": SoftwareApplication
|
||||
name: gopass
|
||||
name: Gopass
|
||||
image: /assets/img/password-management/gopass.svg
|
||||
url: https://gopass.pw
|
||||
applicationCategory: Password Manager
|
||||
@@ -363,13 +363,13 @@ KeePassXC stores its export data as [CSV](https://en.wikipedia.org/wiki/Comma-se
|
||||
|
||||
</div>
|
||||
|
||||
### gopass (CLI)
|
||||
### Gopass (CLI)
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**gopass** is a minimal password manager for the command line written in Go. It can be used within scripting applications and works on all major desktop and server operating systems.
|
||||
**Gopass** is a minimal password manager for the command line written in Go. It can be used within scripting applications and works on all major desktop and server operating systems.
|
||||
|
||||
[:octicons-home-16: Homepage](https://gopass.pw){ .md-button .md-button--primary }
|
||||
[:octicons-info-16:](https://github.com/gopasspw/gopass/tree/master/docs){ .card-link title="Documentation" }
|
||||
|
||||
+4
-4
@@ -209,7 +209,7 @@ If you're looking for added **security**, you should always ensure you're connec
|
||||
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji loading=lazy } [addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji loading=lazy } [Addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji loading=lazy } [SimpleLogin](email-aliasing.md#simplelogin)
|
||||
|
||||
</div>
|
||||
@@ -284,7 +284,7 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji loading=lazy }{ .twemoji loading=lazy } [RethinkDNS](dns.md#rethinkdns)
|
||||
- { .twemoji loading=lazy } [dnscrypt-proxy](dns.md#dnscrypt-proxy)
|
||||
- { .twemoji loading=lazy } [DNSCrypt-Proxy](dns.md#dnscrypt-proxy)
|
||||
|
||||
</div>
|
||||
|
||||
@@ -480,7 +480,7 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
|
||||
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji loading=lazy } [drip.](health-and-wellness.md#drip)
|
||||
- { .twemoji loading=lazy } [Drip](health-and-wellness.md#drip)
|
||||
- { .twemoji loading=lazy } [Euki](health-and-wellness.md#euki)
|
||||
- { .twemoji loading=lazy } { .twemoji loading=lazy }[Apple Health](health-and-wellness.md#apple-health)
|
||||
- { .twemoji loading=lazy }{ .twemoji loading=lazy } [Gadgetbridge](health-and-wellness.md#gadgetbridge)
|
||||
@@ -575,7 +575,7 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
|
||||
- { .twemoji loading=lazy } [Psono](passwords.md#psono)
|
||||
- { .twemoji loading=lazy } [KeePassXC](passwords.md#keepassxc)
|
||||
- { .twemoji loading=lazy } [KeePassDX (Android)](passwords.md#keepassdx-android)
|
||||
- { .twemoji loading=lazy } [gopass (CLI)](passwords.md#gopass-cli)
|
||||
- { .twemoji loading=lazy } [Gopass (CLI)](passwords.md#gopass-cli)
|
||||
|
||||
</div>
|
||||
|
||||
|
||||
@@ -51,7 +51,7 @@ Las VPN no pueden cifrar datos fuera de la conexión entre tu dispositivo y el s
|
||||
|
||||
Usar una VPN en casos en los que estás usando tu [identidad real o conocida](common-misconceptions.md#complicated-is-better) en línea es poco probable que sea útil. Si lo haces, puedes activar sistemas de detección de spam y fraude, por ejemplo si te conectas al sitio web de tu banco.
|
||||
|
||||
Es importante recordar que una VPN no te proporcionará un anonimato absoluto, ya que el propio proveedor de VPN seguirá viendo tu dirección IP real, la información del sitio web de destino y, a menudo, tiene un rastro de dinero que puede vincularse directamente contigo. No puedes confiar en las políticas de "no registro" para proteger tus datos de cualquiera que sea capaz de proteger. Si necesitas seguridad total de la propia red, considera usar [Tor](../advanced/tor-overview.md) además o en lugar de una VPN.
|
||||
It's important to remember that a VPN will not provide you with absolute anonymity because the VPN provider itself will still have access to your real IP address, destination website information, and often a money trail that can be linked directly back to you. "No logging" policies are merely a promise; if you need complete safety from the network itself, consider using [Tor](../advanced/tor-overview.md) in addition to or instead of a VPN.
|
||||
|
||||
Tampoco deberías confiar en una VPN para asegurar tu conexión a un destino HTTP sin cifrar. Para mantener la privacidad y seguridad de lo que haces en los sitios web que visitas, debes utilizar HTTPS. Esto mantendrá tus contraseñas, tokens de sesión y consultas a salvo del proveedor de VPN y otros posibles adversarios entre el servidor VPN y tu destino. Deberías activar el modo sólo HTTPS en tu navegador (si es compatible) para mitigar los ataques que intentan degradar tu conexión de HTTPS a HTTP.
|
||||
|
||||
|
||||
+5
-5
@@ -26,7 +26,7 @@ Estos son nuestros resolvedores de DNS públicos favoritos en función de sus ca
|
||||
| [**AdGuard Public DNS**](https://adguard-dns.io/en/public-dns.html) | Texto claro DoH/3 DoT DoQ DNSCrypt | Anónimo[^1] | Anónimo | Basado en la elección del servidor. La lista de filtros utilizada se puede encontrar aquí. [:octicons-link-external-24:](https://github.com/AdguardTeam/AdGuardDNS) | Sí [:octicons-link-external-24:](https://adguard-dns.io/en/blog/encrypted-dns-ios-14.html) |
|
||||
| [**Cloudflare**](https://developers.cloudflare.com/1.1.1.1/setup) | Texto claro DoH/3 DoT | Anónimo[^2] | No | Basado en la elección del servidor. | No [:octicons-link-external-24:](https://community.cloudflare.com/t/requesting-1-1-1-1-signed-profiles-for-apple/571846) |
|
||||
| [**Control D Free DNS**](https://controld.com/free-dns) | Texto claro DoH/3 DoT DoQ | No[^3] | No | Basado en la elección del servidor. | Sí [:octicons-link-external-24:](https://docs.controld.com/docs/macos-platform) |
|
||||
| [**dns0.eu**](https://dns0.eu) | Texto claro DoH/3 DoH DoT DoQ | Anónimo[^4] | Anónimo | Basado en la elección del servidor. | Sí [:octicons-link-external-24:](https://dns0.eu/zero.dns0.eu.mobileconfig) |
|
||||
| [**DNS0.eu**](https://dns0.eu) | Texto claro DoH/3 DoH DoT DoQ | Anónimo[^4] | Anónimo | Basado en la elección del servidor. | Sí [:octicons-link-external-24:](https://dns0.eu/zero.dns0.eu.mobileconfig) |
|
||||
| [**Mullvad**](https://mullvad.net/en/help/dns-over-https-and-dns-over-tls) | DoH DoT | No[^5] | No | Basado en la elección del servidor. La lista de filtros utilizada se puede encontrar aquí. [:octicons-link-external-24:](https://github.com/mullvad/dns-adblock) | Sí [:octicons-link-external-24:](https://mullvad.net/en/blog/profiles-to-configure-our-encrypted-dns-on-apple-devices) |
|
||||
| [**Quad9**](https://quad9.net) | Texto claro DoH DoT DNSCrypt | Anónimo[^6] | Opcional | Basado en la elección del servidor, bloqueo de Malware por defecto. | Sí [:octicons-link-external-24:](https://quad9.net/news/blog/ios-mobile-provisioning-profiles) |
|
||||
|
||||
@@ -166,13 +166,13 @@ El software de proxy de DNS cifrado proporciona un proxy local para que el servi
|
||||
|
||||
While RethinkDNS takes up the Android VPN slot, you can still use a VPN or Orbot with the app by [adding a WireGuard configuration](https://docs.rethinkdns.com/proxy/wireguard) or [manually configuring Orbot as a Proxy server](https://docs.rethinkdns.com/firewall/orbot), respectively.
|
||||
|
||||
### dnscrypt-proxy
|
||||
### DNSCrypt-Proxy
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**dnscrypt-proxy** es un proxy DNS compatible con [DNSCrypt](advanced/dns-overview.md#dnscrypt), [DNS-sobre-HTTPS](advanced/dns-overview.md#dns-sobre-https-doh), y [DNS anónimo](https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Anonymized-DNS).
|
||||
**DNSCrypt-Proxy** is a DNS proxy with support for [DNSCrypt](advanced/dns-overview.md#dnscrypt), [DNS-over-HTTPS](advanced/dns-overview.md#dns-over-https-doh), and [Anonymized DNS](https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Anonymized-DNS).
|
||||
|
||||
[:octicons-repo-16: Repositorio](https://github.com/DNSCrypt/dnscrypt-proxy){ .md-button .md-button--primary }
|
||||
[:octicons-info-16:](https://github.com/DNSCrypt/dnscrypt-proxy/wiki){ .card-link title=Documentación}
|
||||
@@ -216,6 +216,6 @@ Además, todos los proveedores públicos:
|
||||
[^1]: AdGuard almacena métricas de rendimiento agregadas de sus servidores DNS, es decir, el número de solicitudes completas a un servidor en particular, el número de solicitudes bloqueadas, y la velocidad de procesamiento de solicitudes. También guardan y almacenan la base de datos de dominios solicitados dentro de las últimas 24 horas. "Necesitamos esta información para identificar y bloquear nuevos rastreadores y amenazas". "También registramos cuántas veces se ha bloqueado tal o cual rastreador. Necesitamos esta información para eliminar normas obsoletas de nuestros filtros". [https://adguard-dns.io/en/privacy.html](https://adguard-dns.io/en/privacy.html)
|
||||
[^2]: Cloudflare recopila y almacena únicamente los datos de consulta DNS limitados que se envían al resolver 1.1.1.1. El servicio de resolución 1.1.1.1 no registra datos personales, y el grueso de los limitados datos de consulta no identificables personalmente se almacena solo durante 25 horas. [https://developers.cloudflare.com/1.1.1.1/privacy/public-dns-resolver/](https://developers.cloudflare.com/1.1.1.1/privacy/public-dns-resolver)
|
||||
[^3]: El Control D solo registra los resolvers Premium con perfiles DNS personalizados. Los resolvers libres no registran datos. [https://controld.com/privacy](https://controld.com/privacy)
|
||||
[^4]: dns0.eu recopila algunos datos para sus fuentes de inteligencia de amenazas, para monitorizar dominios recién registrados/observados/activos y otros datos masivos. Esos datos se comparten con algunos [socios](https://docs.dns0.eu/data-feeds/introduction) para, por ejemplo, investigaciones de seguridad. No recogen ninguna Información Personal Identificable. [https://dns0.eu/privacy](https://dns0.eu/privacy)
|
||||
[^4]: DNS0.eu collects some data for their threat intelligence feeds, to monitor for newly registered/observed/active domains and other bulk data. Esos datos se comparten con algunos [socios](https://docs.dns0.eu/data-feeds/introduction) para, por ejemplo, investigaciones de seguridad. No recogen ninguna Información Personal Identificable. [https://dns0.eu/privacy](https://dns0.eu/privacy)
|
||||
[^5]: El servicio DNS de Mullvad está disponible tanto para suscriptores como para no suscriptores de Mullvad VPN. Su política de privacidad afirma explícitamente que no registran solicitudes DNS de ninguna manera. [https://mullvad.net/en/help/no-logging-data-policy/](https://mullvad.net/en/help/no-logging-data-policy)
|
||||
[^6]: Quad9 recopila algunos datos con fines de monitorización y respuesta ante amenazas. Esos datos pueden remezclarse y compartirse, por ejemplo, con fines de investigación sobre seguridad. Quad9 no colecciona ni registra direcciones IP ni otros datos que consideren personalmente identificables. [https://quad9.net/privacy/policy](https://quad9.net/privacy/policy)
|
||||
|
||||
@@ -14,7 +14,7 @@ Un **servicio de alias de correo electrónico** te permite generar fácilmente u
|
||||
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji } [addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji } [Addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji } [SimpleLogin](email-aliasing.md#simplelogin)
|
||||
|
||||
</div>
|
||||
@@ -36,13 +36,13 @@ Nuestras recomendaciones de alias de correo electrónico son proveedores que te
|
||||
|
||||
Usar un servicio de alias requiere confiar tus mensajes sin encriptar a tu proveedor de correo electrónico y tu proveedor de alias. Algunos proveedores mitigan esto ligeramente con el cifrado automático PGP[^1], que reduce el número de partes en las que tienes que confiar de dos a una al cifrar los correos entrantes antes de que lleguen a tu proveedor de buzón final.
|
||||
|
||||
### addy.io
|
||||
### Addy.io
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**addy.io** te permite crear 10 alias de dominio en un dominio compartido de forma gratuita, o alias "estándar" ilimitados.
|
||||
**Addy.io** lets you create 10 domain aliases on a shared domain for free, or unlimited "standard" aliases.
|
||||
|
||||
[:octicons-home-16: Página Principal](https://addy.io){ .md-button .md-button--primary }
|
||||
[:octicons-eye-16:](https://addy.io/privacy){ .card-link title="Politica de Privacidad" }
|
||||
@@ -62,9 +62,9 @@ Usar un servicio de alias requiere confiar tus mensajes sin encriptar a tu prove
|
||||
|
||||
</div>
|
||||
|
||||
El número de alias compartidos (finalizan en un dominio compartido como @addy.io) que puedes crear está limitado a 10 en el plan gratuito de addy.io, 50 en el plan de 1$/mes e ilimitado en el plan de 4$/mes (facturado en 3$ por un año). You can pay for these plans using [cryptocurrency](https://addy.io/help/subscribing-with-cryptocurrency) or purchase a voucher code from [ProxyStore](https://addy.io/help/voucher-codes), addy.io's official reseller.
|
||||
The number of shared aliases (which end in a shared domain like @addy.io) that you can create is limited to 10 on Addy.io's free plan, 50 on their $1/month plan and unlimited on the $4/month plan (billed $3 for a year). You can pay for these plans using [cryptocurrency](https://addy.io/help/subscribing-with-cryptocurrency) or purchase a voucher code from [ProxyStore](https://addy.io/help/voucher-codes), Addy.io's official reseller.
|
||||
|
||||
Puedes crear un número ilimitado de alias estándar que terminen en un dominio como @[nombredeusuario].addy.io o un dominio personalizado en los planes de pago. Sin embargo, como ya se ha mencionado, esto puede ir en detrimento de la privacidad porque la gente puede relacionar trivialmente tus alias estándar basándose únicamente en el nombre de dominio. Estos son útiles cuando un dominio compartido puede estar bloqueado por un servicio. Securitum [auditó](https://addy.io/blog/addy-io-passes-independent-security-audit) addy.io en septiembre de 2023 y no [se identificaron] vulnerabilidades significativas(https://addy.io/addy-io-security-audit.pdf).
|
||||
Puedes crear un número ilimitado de alias estándar que terminen en un dominio como @[nombredeusuario].addy.io o un dominio personalizado en los planes de pago. Sin embargo, como ya se ha mencionado, esto puede ir en detrimento de la privacidad porque la gente puede relacionar trivialmente tus alias estándar basándose únicamente en el nombre de dominio. Estos son útiles cuando un dominio compartido puede estar bloqueado por un servicio. Securitum [audited](https://addy.io/blog/addy-io-passes-independent-security-audit) Addy.io in September 2023 and no significant vulnerabilities [were identified](https://addy.io/addy-io-security-audit.pdf).
|
||||
|
||||
Funciones gratuitas destacables:
|
||||
|
||||
|
||||
@@ -16,13 +16,13 @@ Keep track of your health and fitness-related goals with these apps. Unlike thei
|
||||
|
||||
Popular menstrual trackers like [Flo](https://techcrunch.com/2021/01/13/flo-gets-ftc-slap-for-sharing-user-data-when-it-promised-privacy) are notorious for collecting and sharing your user data. Depending on your jurisdiction, this may lead to [legal consequences](https://forbes.com/sites/abigaildubiniecki/2024/11/14/post-roe-your-period-app-data-could-be-used-against-you) affecting your reproductive autonomy.
|
||||
|
||||
### drip.
|
||||
### Drip
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**drip.** is a gender-inclusive and open source menstrual cycle tracker available on all mobile platforms. It relies on the "sympto-thermal method" to predict ovulation. All user data is stored locally on your device and can be protected with a password.
|
||||
**Drip** is a gender-inclusive and open source menstrual cycle tracker available on all mobile platforms. It relies on the "sympto-thermal method" to predict ovulation. All user data is stored locally on your device and can be protected with a password.
|
||||
|
||||
[:octicons-home-16: Homepage](https://bloodyhealth.gitlab.io){ .md-button .md-button--primary }
|
||||
[:octicons-eye-16:](https://bloodyhealth.gitlab.io/privacy-policy.html){ .card-link title="Privacy Policy" }
|
||||
|
||||
@@ -105,7 +105,7 @@ schema:
|
||||
-
|
||||
"@context": http://schema.org
|
||||
"@type": SoftwareApplication
|
||||
name: gopass
|
||||
name: Gopass
|
||||
image: /assets/img/password-management/gopass.svg
|
||||
url: https://gopass.pw
|
||||
applicationCategory: Administrador de contraseñas
|
||||
@@ -363,13 +363,13 @@ KeePassXC almacena sus datos de exportación como archivos [CSV](https://es.wiki
|
||||
|
||||
</div>
|
||||
|
||||
### gopass (CLI)
|
||||
### Gopass (CLI)
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**gopass** es un gestor de contraseñas mínimo para la línea de comandos escritos en Go. Puede utilizarse dentro de aplicaciones de scripting y funciona en los principales sistemas operativos de escritorio y servidor.
|
||||
**Gopass** is a minimal password manager for the command line written in Go. Puede utilizarse dentro de aplicaciones de scripting y funciona en los principales sistemas operativos de escritorio y servidor.
|
||||
|
||||
[:octicons-home-16: Página Principal](https://gopass.pw){ .md-button .md-button--primary }
|
||||
[:octicons-info-16:](https://github.com/gopasspw/gopass/tree/master/docs){ .card-link title="Documentación" }
|
||||
|
||||
+6
-6
@@ -210,8 +210,8 @@ Si busca más **seguridad**, asegúrese siempre de conectarse a sitios web que u
|
||||
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji loading=lazy } [addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji loading=lazy } [SimpleLogin](email-aliasing.md#simplelogin)
|
||||
- { .twemoji loading=lazy } [Addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji loading=lazy } [SimpleLogin](email-aliasing.md#simplelogin)
|
||||
|
||||
</div>
|
||||
</div>
|
||||
@@ -284,8 +284,8 @@ Si busca más **seguridad**, asegúrese siempre de conectarse a sitios web que u
|
||||
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji loading=lazy }{ .twemoji loading=lazy } [RethinkDNS](dns.md#rethinkdns)
|
||||
- { .twemoji loading=lazy } [dnscrypt-proxy](dns.md#dnscrypt-proxy)
|
||||
- { .twemoji loading=lazy }{ .twemoji loading=lazy } [RethinkDNS](dns.md#rethinkdns)
|
||||
- { .twemoji loading=lazy } [DNSCrypt-Proxy](dns.md#dnscrypt-proxy)
|
||||
|
||||
</div>
|
||||
|
||||
@@ -481,7 +481,7 @@ Para cifrar su unidad de SO, normalmente recomendamos utilizar la herramienta de
|
||||
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji loading=lazy } [drip.](health-and-wellness.md#drip)
|
||||
- { .twemoji loading=lazy } [Drip](health-and-wellness.md#drip)
|
||||
- { .twemoji loading=lazy } [Euki](health-and-wellness.md#euki)
|
||||
- { .twemoji loading=lazy } { .twemoji loading=lazy }[Apple Health](health-and-wellness.md#apple-health)
|
||||
- { .twemoji loading=lazy }{ .twemoji loading=lazy } [Gadgetbridge](health-and-wellness.md#gadgetbridge)
|
||||
@@ -576,7 +576,7 @@ Para cifrar su unidad de SO, normalmente recomendamos utilizar la herramienta de
|
||||
- { .twemoji loading=lazy } [Psono](passwords.md#psono)
|
||||
- { .twemoji loading=lazy } [KeePassXC](passwords.md#keepassxc)
|
||||
- { .twemoji loading=lazy } [KeePassDX (Android)](passwords.md#keepassdx-android)
|
||||
- { .twemoji loading=lazy } [gopass (CLI)](passwords.md#gopass-cli)
|
||||
- { .twemoji loading=lazy } [Gopass (CLI)](passwords.md#gopass-cli)
|
||||
|
||||
</div>
|
||||
|
||||
|
||||
@@ -51,7 +51,7 @@ VPNs cannot encrypt data outside the connection between your device and the VPN
|
||||
|
||||
Using a VPN in cases where you're using your [real-life or well-known identity](common-misconceptions.md#complicated-is-better) online is unlikely to be useful. Doing so may trigger spam and fraud detection systems, such as if you were to log into your bank's website.
|
||||
|
||||
It's important to remember that a VPN will not provide you with absolute anonymity, because the VPN provider itself will still see your real IP address, destination website information, and often has a money trail that can be linked directly back to you. You can't rely on "no logging" policies to protect your data from anyone who is able to protect. If you need complete safety from the network itself, consider using [Tor](../advanced/tor-overview.md) in addition to or instead of a VPN.
|
||||
It's important to remember that a VPN will not provide you with absolute anonymity because the VPN provider itself will still have access to your real IP address, destination website information, and often a money trail that can be linked directly back to you. "No logging" policies are merely a promise; if you need complete safety from the network itself, consider using [Tor](../advanced/tor-overview.md) in addition to or instead of a VPN.
|
||||
|
||||
You also should not trust a VPN to secure your connection to an unencrypted, HTTP destination. In order to keep what you actually do on the websites you visit private and secure, you must use HTTPS. This will keep your passwords, session tokens, and queries safe from the VPN provider and other potential adversaries in between the VPN server and your destination. You should enable HTTPS-only mode in your browser (if it's supported) to mitigate attacks which try to downgrade your connection from HTTPS to HTTP.
|
||||
|
||||
|
||||
+5
-5
@@ -26,7 +26,7 @@ These are our favorite public DNS resolvers based on their privacy and security
|
||||
| [**AdGuard Public DNS**](https://adguard-dns.io/en/public-dns.html) | Cleartext DoH/3 DoT DoQ DNSCrypt | Anonymized[^1] | Anonymized | Based on server choice. Filter list being used can be found here. [:octicons-link-external-24:](https://github.com/AdguardTeam/AdGuardDNS) | Yes [:octicons-link-external-24:](https://adguard-dns.io/en/blog/encrypted-dns-ios-14.html) |
|
||||
| [**Cloudflare**](https://developers.cloudflare.com/1.1.1.1/setup) | Cleartext DoH/3 DoT | Anonymized[^2] | No | Based on server choice. | No [:octicons-link-external-24:](https://community.cloudflare.com/t/requesting-1-1-1-1-signed-profiles-for-apple/571846) |
|
||||
| [**Control D Free DNS**](https://controld.com/free-dns) | Cleartext DoH/3 DoT DoQ | No[^3] | No | Based on server choice. | Yes [:octicons-link-external-24:](https://docs.controld.com/docs/macos-platform) |
|
||||
| [**dns0.eu**](https://dns0.eu) | Cleartext DoH/3 DoH DoT DoQ | Anonymized[^4] | Anonymized | Based on server choice. | Yes [:octicons-link-external-24:](https://dns0.eu/zero.dns0.eu.mobileconfig) |
|
||||
| [**DNS0.eu**](https://dns0.eu) | Cleartext DoH/3 DoH DoT DoQ | Anonymized[^4] | Anonymized | Based on server choice. | Yes [:octicons-link-external-24:](https://dns0.eu/zero.dns0.eu.mobileconfig) |
|
||||
| [**Mullvad**](https://mullvad.net/en/help/dns-over-https-and-dns-over-tls) | DoH DoT | No[^5] | No | Based on server choice. Filter list being used can be found here. [:octicons-link-external-24:](https://github.com/mullvad/dns-adblock) | Yes [:octicons-link-external-24:](https://mullvad.net/en/blog/profiles-to-configure-our-encrypted-dns-on-apple-devices) |
|
||||
| [**Quad9**](https://quad9.net) | Cleartext DoH DoT DNSCrypt | Anonymized[^6] | Optional | Based on server choice, malware blocking by default. | Yes [:octicons-link-external-24:](https://quad9.net/news/blog/ios-mobile-provisioning-profiles) |
|
||||
|
||||
@@ -166,13 +166,13 @@ Encrypted DNS proxy software provides a local proxy for the [unencrypted DNS](ad
|
||||
|
||||
While RethinkDNS takes up the Android VPN slot, you can still use a VPN or Orbot with the app by [adding a WireGuard configuration](https://docs.rethinkdns.com/proxy/wireguard) or [manually configuring Orbot as a Proxy server](https://docs.rethinkdns.com/firewall/orbot), respectively.
|
||||
|
||||
### dnscrypt-proxy
|
||||
### DNSCrypt-Proxy
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**dnscrypt-proxy** is a DNS proxy with support for [DNSCrypt](advanced/dns-overview.md#dnscrypt), [DNS-over-HTTPS](advanced/dns-overview.md#dns-over-https-doh), and [Anonymized DNS](https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Anonymized-DNS).
|
||||
**DNSCrypt-Proxy** is a DNS proxy with support for [DNSCrypt](advanced/dns-overview.md#dnscrypt), [DNS-over-HTTPS](advanced/dns-overview.md#dns-over-https-doh), and [Anonymized DNS](https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Anonymized-DNS).
|
||||
|
||||
[:octicons-repo-16: Repository](https://github.com/DNSCrypt/dnscrypt-proxy){ .md-button .md-button--primary }
|
||||
[:octicons-info-16:](https://github.com/DNSCrypt/dnscrypt-proxy/wiki){ .card-link title=Documentation}
|
||||
@@ -216,6 +216,6 @@ Additionally, all public providers:
|
||||
[^1]: AdGuard stores aggregated performance metrics of their DNS servers, namely the number of complete requests to a particular server, the number of blocked requests, and the speed of processing requests. They also keep and store the database of domains requested in within last 24 hours. "We need this information to identify and block new trackers and threats." "We also log how many times this or that tracker has been blocked. We need this information to remove outdated rules from our filters." [https://adguard-dns.io/en/privacy.html](https://adguard-dns.io/en/privacy.html)
|
||||
[^2]: Cloudflare collects and stores only the limited DNS query data that is sent to the 1.1.1.1 resolver. The 1.1.1.1 resolver service does not log personal data, and the bulk of the limited non-personally identifiable query data is stored only for 25 hours. [https://developers.cloudflare.com/1.1.1.1/privacy/public-dns-resolver/](https://developers.cloudflare.com/1.1.1.1/privacy/public-dns-resolver)
|
||||
[^3]: Control D only logs for Premium resolvers with custom DNS profiles. Free resolvers do not log data. [https://controld.com/privacy](https://controld.com/privacy)
|
||||
[^4]: dns0.eu collects some data for their threat intelligence feeds, to monitor for newly registered/observed/active domains and other bulk data. That data is shared with some [partners](https://docs.dns0.eu/data-feeds/introduction) for e.g. security research. They do not collect any Personally Identifiable Information. [https://dns0.eu/privacy](https://dns0.eu/privacy)
|
||||
[^4]: DNS0.eu collects some data for their threat intelligence feeds, to monitor for newly registered/observed/active domains and other bulk data. That data is shared with some [partners](https://docs.dns0.eu/data-feeds/introduction) for e.g. security research. They do not collect any Personally Identifiable Information. [https://dns0.eu/privacy](https://dns0.eu/privacy)
|
||||
[^5]: Mullvad's DNS service is available to both subscribers and non-subscribers of Mullvad VPN. Their privacy policy explicitly claims they do not log DNS requests in any way. [https://mullvad.net/en/help/no-logging-data-policy/](https://mullvad.net/en/help/no-logging-data-policy)
|
||||
[^6]: Quad9 collects some data for the purposes of threat monitoring and response. That data may then be remixed and shared, such as for the purpose of security research. Quad9 does not collect or record IP addresses or other data they deem personally identifiable. [https://quad9.net/privacy/policy](https://quad9.net/privacy/policy)
|
||||
|
||||
@@ -14,7 +14,7 @@ An **email aliasing service** allows you to easily generate a new email address
|
||||
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji } [addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji } [Addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji } [SimpleLogin](email-aliasing.md#simplelogin)
|
||||
|
||||
</div>
|
||||
@@ -36,13 +36,13 @@ Our email aliasing recommendations are providers that allow you to create aliase
|
||||
|
||||
Using an aliasing service requires trusting both your email provider and your aliasing provider with your unencrypted messages. Some providers mitigate this slightly with automatic PGP encryption[^1], which reduces the number of parties you need to trust from two to one by encrypting incoming emails before they are delivered to your final mailbox provider.
|
||||
|
||||
### addy.io
|
||||
### Addy.io
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**addy.io** lets you create 10 domain aliases on a shared domain for free, or unlimited "standard" aliases.
|
||||
**Addy.io** lets you create 10 domain aliases on a shared domain for free, or unlimited "standard" aliases.
|
||||
|
||||
[:octicons-home-16: Homepage](https://addy.io){ .md-button .md-button--primary }
|
||||
[:octicons-eye-16:](https://addy.io/privacy){ .card-link title="Privacy Policy" }
|
||||
@@ -62,9 +62,9 @@ Using an aliasing service requires trusting both your email provider and your al
|
||||
|
||||
</div>
|
||||
|
||||
The number of shared aliases (which end in a shared domain like @addy.io) that you can create is limited to 10 on addy.io's free plan, 50 on their $1/month plan and unlimited on the $4/month plan (billed $3 for a year). You can pay for these plans using [cryptocurrency](https://addy.io/help/subscribing-with-cryptocurrency) or purchase a voucher code from [ProxyStore](https://addy.io/help/voucher-codes), addy.io's official reseller.
|
||||
The number of shared aliases (which end in a shared domain like @addy.io) that you can create is limited to 10 on Addy.io's free plan, 50 on their $1/month plan and unlimited on the $4/month plan (billed $3 for a year). You can pay for these plans using [cryptocurrency](https://addy.io/help/subscribing-with-cryptocurrency) or purchase a voucher code from [ProxyStore](https://addy.io/help/voucher-codes), Addy.io's official reseller.
|
||||
|
||||
You can create unlimited standard aliases which end in a domain like @[username].addy.io or a custom domain on paid plans. However, as previously mentioned, this can be detrimental to privacy because people can trivially tie your standard aliases together based on the domain name alone. They are useful where a shared domain might be blocked by a service. Securitum [audited](https://addy.io/blog/addy-io-passes-independent-security-audit) addy.io in September 2023 and no significant vulnerabilities [were identified](https://addy.io/addy-io-security-audit.pdf).
|
||||
You can create unlimited standard aliases which end in a domain like @[username].addy.io or a custom domain on paid plans. However, as previously mentioned, this can be detrimental to privacy because people can trivially tie your standard aliases together based on the domain name alone. They are useful where a shared domain might be blocked by a service. Securitum [audited](https://addy.io/blog/addy-io-passes-independent-security-audit) Addy.io in September 2023 and no significant vulnerabilities [were identified](https://addy.io/addy-io-security-audit.pdf).
|
||||
|
||||
Notable free features:
|
||||
|
||||
|
||||
@@ -16,13 +16,13 @@ Keep track of your health and fitness-related goals with these apps. Unlike thei
|
||||
|
||||
Popular menstrual trackers like [Flo](https://techcrunch.com/2021/01/13/flo-gets-ftc-slap-for-sharing-user-data-when-it-promised-privacy) are notorious for collecting and sharing your user data. Depending on your jurisdiction, this may lead to [legal consequences](https://forbes.com/sites/abigaildubiniecki/2024/11/14/post-roe-your-period-app-data-could-be-used-against-you) affecting your reproductive autonomy.
|
||||
|
||||
### drip.
|
||||
### Drip
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**drip.** is a gender-inclusive and open source menstrual cycle tracker available on all mobile platforms. It relies on the "sympto-thermal method" to predict ovulation. All user data is stored locally on your device and can be protected with a password.
|
||||
**Drip** is a gender-inclusive and open source menstrual cycle tracker available on all mobile platforms. It relies on the "sympto-thermal method" to predict ovulation. All user data is stored locally on your device and can be protected with a password.
|
||||
|
||||
[:octicons-home-16: Homepage](https://bloodyhealth.gitlab.io){ .md-button .md-button--primary }
|
||||
[:octicons-eye-16:](https://bloodyhealth.gitlab.io/privacy-policy.html){ .card-link title="Privacy Policy" }
|
||||
|
||||
@@ -105,7 +105,7 @@ schema:
|
||||
-
|
||||
"@context": http://schema.org
|
||||
"@type": SoftwareApplication
|
||||
name: gopass
|
||||
name: Gopass
|
||||
image: /assets/img/password-management/gopass.svg
|
||||
url: https://gopass.pw
|
||||
applicationCategory: Password Manager
|
||||
@@ -363,13 +363,13 @@ KeePassXC stores its export data as [CSV](https://en.wikipedia.org/wiki/Comma-se
|
||||
|
||||
</div>
|
||||
|
||||
### gopass (CLI)
|
||||
### Gopass (CLI)
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**gopass** is a minimal password manager for the command line written in Go. It can be used within scripting applications and works on all major desktop and server operating systems.
|
||||
**Gopass** is a minimal password manager for the command line written in Go. It can be used within scripting applications and works on all major desktop and server operating systems.
|
||||
|
||||
[:octicons-home-16: Homepage](https://gopass.pw){ .md-button .md-button--primary }
|
||||
[:octicons-info-16:](https://github.com/gopasspw/gopass/tree/master/docs){ .card-link title="Documentation" }
|
||||
|
||||
+4
-4
@@ -209,7 +209,7 @@ If you're looking for added **security**, you should always ensure you're connec
|
||||
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji loading=lazy } [addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji loading=lazy } [Addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji loading=lazy } [SimpleLogin](email-aliasing.md#simplelogin)
|
||||
|
||||
</div>
|
||||
@@ -284,7 +284,7 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji loading=lazy }{ .twemoji loading=lazy } [RethinkDNS](dns.md#rethinkdns)
|
||||
- { .twemoji loading=lazy } [dnscrypt-proxy](dns.md#dnscrypt-proxy)
|
||||
- { .twemoji loading=lazy } [DNSCrypt-Proxy](dns.md#dnscrypt-proxy)
|
||||
|
||||
</div>
|
||||
|
||||
@@ -480,7 +480,7 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
|
||||
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji loading=lazy } [drip.](health-and-wellness.md#drip)
|
||||
- { .twemoji loading=lazy } [Drip](health-and-wellness.md#drip)
|
||||
- { .twemoji loading=lazy } [Euki](health-and-wellness.md#euki)
|
||||
- { .twemoji loading=lazy } { .twemoji loading=lazy }[Apple Health](health-and-wellness.md#apple-health)
|
||||
- { .twemoji loading=lazy }{ .twemoji loading=lazy } [Gadgetbridge](health-and-wellness.md#gadgetbridge)
|
||||
@@ -575,7 +575,7 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
|
||||
- { .twemoji loading=lazy } [Psono](passwords.md#psono)
|
||||
- { .twemoji loading=lazy } [KeePassXC](passwords.md#keepassxc)
|
||||
- { .twemoji loading=lazy } [KeePassDX (Android)](passwords.md#keepassdx-android)
|
||||
- { .twemoji loading=lazy } [gopass (CLI)](passwords.md#gopass-cli)
|
||||
- { .twemoji loading=lazy } [Gopass (CLI)](passwords.md#gopass-cli)
|
||||
|
||||
</div>
|
||||
|
||||
|
||||
@@ -51,7 +51,7 @@ Les VPN ne peuvent pas chiffrer les données en dehors de la connexion entre vot
|
||||
|
||||
L'utilisation d'un VPN dans les cas où vous utilisez votre [identité réelle ou connue](common-misconceptions.md#complicated-is-better) en ligne ne sera probablement pas utile. Cela peut déclencher des systèmes de détection de spam et de fraude, par exemple si vous vous connectez au site web de votre banque.
|
||||
|
||||
Il est important de se rappeler qu'un VPN ne vous procurera pas un anonymat absolu, car le fournisseur de VPN lui-même verra toujours votre adresse IP réelle, des informations sur le site Web de destination, et a souvent une trace financière qui peut être remontée directement jusqu'à vous. Vous ne pouvez pas compter sur des politiques de "non journalisation" pour protéger vos données de quiconque est en mesure de les protéger. Si vous avez besoin d'une protection complète du réseau lui-même, envisagez d'utiliser [Tor](../advanced/tor-overview.md) en plus ou au lieu d'un VPN.
|
||||
It's important to remember that a VPN will not provide you with absolute anonymity because the VPN provider itself will still have access to your real IP address, destination website information, and often a money trail that can be linked directly back to you. "No logging" policies are merely a promise; if you need complete safety from the network itself, consider using [Tor](../advanced/tor-overview.md) in addition to or instead of a VPN.
|
||||
|
||||
Vous ne devriez pas non plus faire confiance à un VPN pour sécuriser votre connexion à une destination HTTP non chiffrée. Pour que ce que vous faites sur les sites web que vous visitez reste privé et sécurisé, vous devez utiliser le protocole HTTPS. Cela conservera vos mots de passe, jetons de session, et les requêtes à l'abri du fournisseur VPN et d'autres adversaires potentiels entre le serveur VPN et votre destination. Vous devriez activer le mode HTTPS-uniquement dans votre navigateur (s'il est pris en charge) pour atténuer les attaques qui tentent de rétrograder votre connexion de HTTPS à HTTP.
|
||||
|
||||
|
||||
+5
-5
@@ -26,7 +26,7 @@ These are our favorite public DNS resolvers based on their privacy and security
|
||||
| [**AdGuard Public DNS**](https://adguard-dns.io/en/public-dns.html) | Cleartext DoH/3 DoT DoQ DNSCrypt | Anonymized[^1] | Anonymized | Based on server choice. La liste des filtres utilisés peut être consultée ici. [:octicons-link-external-24:](https://github.com/AdguardTeam/AdGuardDNS) | Yes [:octicons-link-external-24:](https://adguard-dns.io/en/blog/encrypted-dns-ios-14.html) |
|
||||
| [**Cloudflare**](https://developers.cloudflare.com/1.1.1.1/setup) | Cleartext DoH/3 DoT | Anonymized[^2] | Non | Based on server choice. | No [:octicons-link-external-24:](https://community.cloudflare.com/t/requesting-1-1-1-1-signed-profiles-for-apple/571846) |
|
||||
| [**Control D Free DNS**](https://controld.com/free-dns) | Cleartext DoH/3 DoT DoQ | No[^3] | Non | Based on server choice. | Yes [:octicons-link-external-24:](https://docs.controld.com/docs/macos-platform) |
|
||||
| [**dns0.eu**](https://dns0.eu) | Cleartext DoH/3 DoH DoT DoQ | Anonymized[^4] | Anonymized | Based on server choice. | Yes [:octicons-link-external-24:](https://dns0.eu/zero.dns0.eu.mobileconfig) |
|
||||
| [**DNS0.eu**](https://dns0.eu) | Cleartext DoH/3 DoH DoT DoQ | Anonymized[^4] | Anonymized | Based on server choice. | Yes [:octicons-link-external-24:](https://dns0.eu/zero.dns0.eu.mobileconfig) |
|
||||
| [**Mullvad**](https://mullvad.net/en/help/dns-over-https-and-dns-over-tls) | DoH DoT | No[^5] | Non | Based on server choice. La liste des filtres utilisés peut être consultée ici. [:octicons-link-external-24:](https://github.com/mullvad/dns-adblock) | Yes [:octicons-link-external-24:](https://mullvad.net/en/blog/profiles-to-configure-our-encrypted-dns-on-apple-devices) |
|
||||
| [**Quad9**](https://quad9.net) | Cleartext DoH DoT DNSCrypt | Anonymized[^6] | Optionnel | Based on server choice, malware blocking by default. | Yes [:octicons-link-external-24:](https://quad9.net/news/blog/ios-mobile-provisioning-profiles) |
|
||||
|
||||
@@ -166,13 +166,13 @@ Un logiciel de proxy DNS chiffré fourni un proxy local vers lequel le résolveu
|
||||
|
||||
While RethinkDNS takes up the Android VPN slot, you can still use a VPN or Orbot with the app by [adding a WireGuard configuration](https://docs.rethinkdns.com/proxy/wireguard) or [manually configuring Orbot as a Proxy server](https://docs.rethinkdns.com/firewall/orbot), respectively.
|
||||
|
||||
### dnscrypt-proxy
|
||||
### DNSCrypt-Proxy
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**dnscrypt-proxy** is a DNS proxy with support for [DNSCrypt](advanced/dns-overview.md#dnscrypt), [DNS-over-HTTPS](advanced/dns-overview.md#dns-over-https-doh), and [Anonymized DNS](https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Anonymized-DNS).
|
||||
**DNSCrypt-Proxy** is a DNS proxy with support for [DNSCrypt](advanced/dns-overview.md#dnscrypt), [DNS-over-HTTPS](advanced/dns-overview.md#dns-over-https-doh), and [Anonymized DNS](https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Anonymized-DNS).
|
||||
|
||||
[:octicons-repo-16: Repository](https://github.com/DNSCrypt/dnscrypt-proxy){ .md-button .md-button--primary }
|
||||
[:octicons-info-16:](https://github.com/DNSCrypt/dnscrypt-proxy/wiki){ .card-link title=Documentation}
|
||||
@@ -216,6 +216,6 @@ Additionally, all public providers:
|
||||
[^1]: AdGuard stocke des mesures de performance agrégées de ses serveurs DNS, à savoir le nombre de demandes complètes adressées à un serveur particulier, le nombre de demandes bloquées et la vitesse de traitement des demandes. Ils conservent et stockent également la base de données des domaines demandés dans les dernières 24 heures. "Nous avons besoin de ces informations pour identifier et bloquer les nouveaux traqueurs et menaces." "Nous enregistrons également le nombre de fois où tel ou tel traqueur a été bloqué. Nous avons besoin de ces informations pour supprimer les règles obsolètes de nos filtres." [https://adguard-dns.io/en/privacy.html](https://adguard-dns.io/en/privacy.html)
|
||||
[^2]: Cloudflare ne collecte et ne stocke que les données limitées des requêtes DNS qui sont envoyées au résolveur 1.1.1.1. Le service de résolution 1.1.1.1 n'enregistre pas de données personnelles, et la majeure partie des données de requête limitées et non personnellement identifiables n'est stockée que pendant 25 heures. [https://developers.cloudflare.com/1.1.1.1/privacy/public-dns-resolver/](https://developers.cloudflare.com/1.1.1.1/privacy/public-dns-resolver)
|
||||
[^3]: Control D n'enregistre que les résolveurs Premium avec des profils DNS personnalisés. Les résolveurs libres n'enregistrent pas de données. [https://controld.com/privacy](https://controld.com/privacy)
|
||||
[^4]: dns0.eu collects some data for their threat intelligence feeds, to monitor for newly registered/observed/active domains and other bulk data. That data is shared with some [partners](https://docs.dns0.eu/data-feeds/introduction) for e.g. security research. They do not collect any Personally Identifiable Information. [https://dns0.eu/privacy](https://dns0.eu/privacy)
|
||||
[^4]: DNS0.eu collects some data for their threat intelligence feeds, to monitor for newly registered/observed/active domains and other bulk data. That data is shared with some [partners](https://docs.dns0.eu/data-feeds/introduction) for e.g. security research. They do not collect any Personally Identifiable Information. [https://dns0.eu/privacy](https://dns0.eu/privacy)
|
||||
[^5]: Le service DNS de Mullvad est disponible à la fois pour les abonnés et les non-abonnés de Mullvad VPN. Leur politique de confidentialité affirme explicitement qu'ils n'enregistrent pas les requêtes DNS de quelque manière que ce soit. [https://mullvad.net/en/help/no-logging-data-policy/](https://mullvad.net/en/help/no-logging-data-policy)
|
||||
[^6]: Quad9 recueille certaines données à des fins de surveillance et de réponse aux menaces. Ces données peuvent ensuite être remélangées et partagées, par exemple à des fins de recherche sur la sécurité. Quad9 ne collecte ni n'enregistre les adresses IP ou d'autres données qu'elle juge personnellement identifiables. [https://quad9.net/privacy/policy](https://quad9.net/privacy/policy)
|
||||
|
||||
@@ -14,7 +14,7 @@ An **email aliasing service** allows you to easily generate a new email address
|
||||
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji } [addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji } [Addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji } [SimpleLogin](email-aliasing.md#simplelogin)
|
||||
|
||||
</div>
|
||||
@@ -36,13 +36,13 @@ Our email aliasing recommendations are providers that allow you to create aliase
|
||||
|
||||
L'utilisation d'un service d'alias nécessite de faire confiance à la fois à votre fournisseur de courrier électronique et à votre fournisseur d'alias pour vos messages non cryptés. Some providers mitigate this slightly with automatic PGP encryption[^1], which reduces the number of parties you need to trust from two to one by encrypting incoming emails before they are delivered to your final mailbox provider.
|
||||
|
||||
### addy.io
|
||||
### Addy.io
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**addy.io** lets you create 10 domain aliases on a shared domain for free, or unlimited "standard" aliases.
|
||||
**Addy.io** lets you create 10 domain aliases on a shared domain for free, or unlimited "standard" aliases.
|
||||
|
||||
[:octicons-home-16: Homepage](https://addy.io){ .md-button .md-button--primary }
|
||||
[:octicons-eye-16:](https://addy.io/privacy){ .card-link title="Privacy Policy" }
|
||||
@@ -62,9 +62,9 @@ L'utilisation d'un service d'alias nécessite de faire confiance à la fois à v
|
||||
|
||||
</div>
|
||||
|
||||
Le nombre d'alias partagés (qui se terminent par un domaine partagé comme @addy.io) que vous pouvez créer est limité à 10 sur le plan gratuit d'addy.io, à 50 sur leur plan à 1 $/mois et illimité sur le plan à 4 $/mois (facturé 3 $ pour un an). You can pay for these plans using [cryptocurrency](https://addy.io/help/subscribing-with-cryptocurrency) or purchase a voucher code from [ProxyStore](https://addy.io/help/voucher-codes), addy.io's official reseller.
|
||||
The number of shared aliases (which end in a shared domain like @addy.io) that you can create is limited to 10 on Addy.io's free plan, 50 on their $1/month plan and unlimited on the $4/month plan (billed $3 for a year). You can pay for these plans using [cryptocurrency](https://addy.io/help/subscribing-with-cryptocurrency) or purchase a voucher code from [ProxyStore](https://addy.io/help/voucher-codes), Addy.io's official reseller.
|
||||
|
||||
Vous pouvez créer un nombre illimité d'alias standard qui se terminent par un domaine comme @[nom d'utilisateur].addy.io ou un domaine personnalisé sur les plans payants. Toutefois, comme indiqué précédemment, cela peut nuire à la protection de la vie privée, car les gens peuvent facilement relier vos alias standard en se basant uniquement sur le nom de domaine. Ils sont utiles lorsqu'un domaine partagé peut être bloqué par un service. Securitum a [audité](https://addy.io/blog/addy-io-passes-independent-security-audit) addy.io en septembre 2023 et aucune vulnérabilité importante [n'a été identifiée](https://addy.io/addy-io-security-audit.pdf).
|
||||
Vous pouvez créer un nombre illimité d'alias standard qui se terminent par un domaine comme @[nom d'utilisateur].addy.io ou un domaine personnalisé sur les plans payants. Toutefois, comme indiqué précédemment, cela peut nuire à la protection de la vie privée, car les gens peuvent facilement relier vos alias standard en se basant uniquement sur le nom de domaine. Ils sont utiles lorsqu'un domaine partagé peut être bloqué par un service. Securitum [audited](https://addy.io/blog/addy-io-passes-independent-security-audit) Addy.io in September 2023 and no significant vulnerabilities [were identified](https://addy.io/addy-io-security-audit.pdf).
|
||||
|
||||
Fonctionnalités gratuites notables :
|
||||
|
||||
|
||||
@@ -16,13 +16,13 @@ Keep track of your health and fitness-related goals with these apps. Unlike thei
|
||||
|
||||
Popular menstrual trackers like [Flo](https://techcrunch.com/2021/01/13/flo-gets-ftc-slap-for-sharing-user-data-when-it-promised-privacy) are notorious for collecting and sharing your user data. Selon la juridiction où vous vivez, cela peut menez à des [conséquences légales](https://forbes.com/sites/abigaildubiniecki/2024/11/14/post-roe-your-period-app-data-could-be-used-against-you) qui affectent votre santé et autonomie reproductive.
|
||||
|
||||
### drip.
|
||||
### Drip
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**drip.** is a gender-inclusive and open source menstrual cycle tracker available on all mobile platforms. It relies on the "sympto-thermal method" to predict ovulation. All user data is stored locally on your device and can be protected with a password.
|
||||
**Drip** is a gender-inclusive and open source menstrual cycle tracker available on all mobile platforms. It relies on the "sympto-thermal method" to predict ovulation. All user data is stored locally on your device and can be protected with a password.
|
||||
|
||||
[:octicons-home-16: Homepage](https://bloodyhealth.gitlab.io){ .md-button .md-button--primary }
|
||||
[:octicons-eye-16:](https://bloodyhealth.gitlab.io/privacy-policy.html){ .card-link title="Privacy Policy" }
|
||||
|
||||
@@ -105,7 +105,7 @@ schema:
|
||||
-
|
||||
"@context": http://schema.org
|
||||
"@type": SoftwareApplication
|
||||
name: gopass
|
||||
name: Gopass
|
||||
image: /assets/img/password-management/gopass.svg
|
||||
url: https://gopass.pw
|
||||
applicationCategory: Gestionnaire de mots de passe
|
||||
@@ -363,13 +363,13 @@ KeePassXC stocke ses données d'exportation sous forme de fichiers [CSV](https:/
|
||||
|
||||
</div>
|
||||
|
||||
### gopass (CLI)
|
||||
### Gopass (CLI)
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**gopass** is a minimal password manager for the command line written in Go. It can be used within scripting applications and works on all major desktop and server operating systems.
|
||||
**Gopass** is a minimal password manager for the command line written in Go. It can be used within scripting applications and works on all major desktop and server operating systems.
|
||||
|
||||
[:octicons-home-16: Homepage](https://gopass.pw){ .md-button .md-button--primary }
|
||||
[:octicons-info-16:](https://github.com/gopasspw/gopass/tree/master/docs){ .card-link title="Documentation" }
|
||||
|
||||
+10
-10
@@ -203,8 +203,8 @@ Si vous recherchez une **sécurité** supplémentaire, vous devez toujours vous
|
||||
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji loading=lazy } [addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji loading=lazy } [SimpleLogin](email-aliasing.md#simplelogin)
|
||||
- { .twemoji loading=lazy } [Addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji loading=lazy } [SimpleLogin](email-aliasing.md#simplelogin)
|
||||
|
||||
</div>
|
||||
</div>
|
||||
@@ -277,8 +277,8 @@ Nous [recommandons](dns.md#recommended-providers) un certain nombre de serveurs
|
||||
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji loading=lazy }{ .twemoji loading=lazy } [RethinkDNS](dns.md#rethinkdns)
|
||||
- { .twemoji loading=lazy } [dnscrypt-proxy](dns.md#dnscrypt-proxy)
|
||||
- { .twemoji loading=lazy }{ .twemoji loading=lazy } [RethinkDNS](dns.md#rethinkdns)
|
||||
- { .twemoji loading=lazy } [DNSCrypt-Proxy](dns.md#dnscrypt-proxy)
|
||||
|
||||
</div>
|
||||
|
||||
@@ -474,11 +474,11 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
|
||||
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji loading=lazy } [drip.](health-and-wellness.md#drip)
|
||||
- { .twemoji loading=lazy } [Euki](health-and-wellness.md#euki)
|
||||
- { .twemoji loading=lazy } { .twemoji loading=lazy }[Apple Health](health-and-wellness.md#apple-health)
|
||||
- { .twemoji loading=lazy }{ .twemoji loading=lazy } [Gadgetbridge](health-and-wellness.md#gadgetbridge)
|
||||
- { .twemoji loading=lazy } { .twemoji loading=lazy }[dossier médical avec Apple Health](health-and-wellness.md#apple-health-records)
|
||||
- { .twemoji loading=lazy } [Drip](health-and-wellness.md#drip)
|
||||
- { .twemoji loading=lazy } [Euki](health-and-wellness.md#euki)
|
||||
- { .twemoji loading=lazy } { .twemoji loading=lazy }[Apple Health](health-and-wellness.md#apple-health)
|
||||
- { .twemoji loading=lazy }{ .twemoji loading=lazy } [Gadgetbridge](health-and-wellness.md#gadgetbridge)
|
||||
- { .twemoji loading=lazy } { .twemoji loading=lazy }[Apple Health Records](health-and-wellness.md#apple-health-records)
|
||||
- { .twemoji loading=lazy } [CommonHealth](health-and-wellness.md#commonhealth)
|
||||
|
||||
</div>
|
||||
@@ -569,7 +569,7 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
|
||||
- { .twemoji loading=lazy } [Psono](passwords.md#psono)
|
||||
- { .twemoji loading=lazy } [KeePassXC](passwords.md#keepassxc)
|
||||
- { .twemoji loading=lazy } [KeePassDX (Android)](passwords.md#keepassdx-android)
|
||||
- { .twemoji loading=lazy } [gopass (CLI)](passwords.md#gopass-cli)
|
||||
- { .twemoji loading=lazy } [Gopass (CLI)](passwords.md#gopass-cli)
|
||||
|
||||
</div>
|
||||
|
||||
|
||||
@@ -51,7 +51,7 @@ VPNs cannot encrypt data outside the connection between your device and the VPN
|
||||
|
||||
Using a VPN in cases where you're using your [real-life or well-known identity](common-misconceptions.md#complicated-is-better) online is unlikely to be useful. פעולה זו עלולה להפעיל מערכות זיהוי דואר זבל והונאות, כגון אם היית נכנס לאתר האינטרנט של הבנק שלך.
|
||||
|
||||
It's important to remember that a VPN will not provide you with absolute anonymity, because the VPN provider itself will still see your real IP address, destination website information, and often has a money trail that can be linked directly back to you. You can't rely on "no logging" policies to protect your data from anyone who is able to protect. If you need complete safety from the network itself, consider using [Tor](../advanced/tor-overview.md) in addition to or instead of a VPN.
|
||||
It's important to remember that a VPN will not provide you with absolute anonymity because the VPN provider itself will still have access to your real IP address, destination website information, and often a money trail that can be linked directly back to you. "No logging" policies are merely a promise; if you need complete safety from the network itself, consider using [Tor](../advanced/tor-overview.md) in addition to or instead of a VPN.
|
||||
|
||||
You also should not trust a VPN to secure your connection to an unencrypted, HTTP destination. על מנת לשמור על פרטיות ומאובטחת מה שאתה עושה באתרים שבהם אתה מבקר, עליך להשתמש ב-HTTPS. This will keep your passwords, session tokens, and queries safe from the VPN provider and other potential adversaries in between the VPN server and your destination. You should enable HTTPS-only mode in your browser (if it's supported) to mitigate attacks which try to downgrade your connection from HTTPS to HTTP.
|
||||
|
||||
|
||||
+5
-5
@@ -26,7 +26,7 @@ These are our favorite public DNS resolvers based on their privacy and security
|
||||
| [**AdGuard Public DNS**](https://adguard-dns.io/en/public-dns.html) | Cleartext DoH/3 DoT DoQ DNSCrypt | Anonymized[^1] | Anonymized | Based on server choice. רשימת סינון בשימוש ניתן למצוא כאן. [:octicons-link-external-24:](https://github.com/AdguardTeam/AdGuardDNS) | Yes [:octicons-link-external-24:](https://adguard-dns.io/en/blog/encrypted-dns-ios-14.html) |
|
||||
| [**Cloudflare**](https://developers.cloudflare.com/1.1.1.1/setup) | Cleartext DoH/3 DoT | Anonymized[^2] | לא | Based on server choice. | No [:octicons-link-external-24:](https://community.cloudflare.com/t/requesting-1-1-1-1-signed-profiles-for-apple/571846) |
|
||||
| [**Control D Free DNS**](https://controld.com/free-dns) | Cleartext DoH/3 DoT DoQ | No[^3] | לא | Based on server choice. | Yes [:octicons-link-external-24:](https://docs.controld.com/docs/macos-platform) |
|
||||
| [**dns0.eu**](https://dns0.eu) | Cleartext DoH/3 DoH DoT DoQ | Anonymized[^4] | Anonymized | Based on server choice. | Yes [:octicons-link-external-24:](https://dns0.eu/zero.dns0.eu.mobileconfig) |
|
||||
| [**DNS0.eu**](https://dns0.eu) | Cleartext DoH/3 DoH DoT DoQ | Anonymized[^4] | Anonymized | Based on server choice. | Yes [:octicons-link-external-24:](https://dns0.eu/zero.dns0.eu.mobileconfig) |
|
||||
| [**Mullvad**](https://mullvad.net/en/help/dns-over-https-and-dns-over-tls) | DoH DoT | No[^5] | לא | Based on server choice. רשימת סינון בשימוש ניתן למצוא כאן. [:octicons-link-external-24:](https://github.com/mullvad/dns-adblock) | Yes [:octicons-link-external-24:](https://mullvad.net/en/blog/profiles-to-configure-our-encrypted-dns-on-apple-devices) |
|
||||
| [**Quad9**](https://quad9.net) | Cleartext DoH DoT DNSCrypt | Anonymized[^6] | אופציונאלי | Based on server choice, malware blocking by default. | Yes [:octicons-link-external-24:](https://quad9.net/news/blog/ios-mobile-provisioning-profiles) |
|
||||
|
||||
@@ -166,13 +166,13 @@ NextDNS also offers public DNS-over-HTTPS service at `https://dns.nextdns.io` an
|
||||
|
||||
While RethinkDNS takes up the Android VPN slot, you can still use a VPN or Orbot with the app by [adding a WireGuard configuration](https://docs.rethinkdns.com/proxy/wireguard) or [manually configuring Orbot as a Proxy server](https://docs.rethinkdns.com/firewall/orbot), respectively.
|
||||
|
||||
### dnscrypt-proxy
|
||||
### DNSCrypt-Proxy
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**dnscrypt-proxy** is a DNS proxy with support for [DNSCrypt](advanced/dns-overview.md#dnscrypt), [DNS-over-HTTPS](advanced/dns-overview.md#dns-over-https-doh), and [Anonymized DNS](https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Anonymized-DNS).
|
||||
**DNSCrypt-Proxy** is a DNS proxy with support for [DNSCrypt](advanced/dns-overview.md#dnscrypt), [DNS-over-HTTPS](advanced/dns-overview.md#dns-over-https-doh), and [Anonymized DNS](https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Anonymized-DNS).
|
||||
|
||||
[:octicons-repo-16: Repository](https://github.com/DNSCrypt/dnscrypt-proxy){ .md-button .md-button--primary }
|
||||
[:octicons-info-16:](https://github.com/DNSCrypt/dnscrypt-proxy/wiki){ .card-link title=Documentation}
|
||||
@@ -216,6 +216,6 @@ Additionally, all public providers:
|
||||
[^1]: AdGuard מאחסן מדדי ביצועים מצטברים של שרתי ה-DNS שלהם, כלומר מספר הבקשות המלאות לשרת מסוים, מספר הבקשות החסומות ומהירות עיבוד הבקשות. הם גם שומרים ומאחסנים את מסד הנתונים של הדומיינים שהתבקשו ב-24 השעות האחרונות. "אנחנו צריכים את המידע הזה כדי לזהות ולחסום עוקבים ואיומים חדשים." "אנחנו גם מתעדים כמה פעמים גשש זה או אחר נחסם. אנחנו צריכים את המידע הזה כדי להסיר את הכללים המיושנים מהמסננים שלנו." [https://adguard-dns.io/en/privacy.html](https://adguard-dns.io/en/privacy.html)
|
||||
[^2]: Cloudflare אוספת ומאחסנת רק את נתוני שאילתת ה-DNS המוגבלים שנשלחים לפותר 1.1.1.1. שירות הפותר 1.1.1.1 אינו רושם נתונים אישיים, וחלק הארי של נתוני השאילתות המוגבלים שאינם ניתנים לזיהוי אישי מאוחסן למשך 25 שעות בלבד. [https://developers.cloudflare.com/1.1.1.1/privacy/public-dns-resolver/](https://developers.cloudflare.com/1.1.1.1/privacy/public-dns-resolver)
|
||||
[^3]: Control D רק מתעדים עבור פותרי Premium עם פרופילי DNS מותאמים אישית. פותרים חינמיים אינם רושמים נתונים. [https://controld.com/privacy](https://controld.com/privacy)
|
||||
[^4]: dns0.eu collects some data for their threat intelligence feeds, to monitor for newly registered/observed/active domains and other bulk data. That data is shared with some [partners](https://docs.dns0.eu/data-feeds/introduction) for e.g. security research. They do not collect any Personally Identifiable Information. [https://dns0.eu/privacy](https://dns0.eu/privacy)
|
||||
[^4]: DNS0.eu collects some data for their threat intelligence feeds, to monitor for newly registered/observed/active domains and other bulk data. That data is shared with some [partners](https://docs.dns0.eu/data-feeds/introduction) for e.g. security research. They do not collect any Personally Identifiable Information. [https://dns0.eu/privacy](https://dns0.eu/privacy)
|
||||
[^5]: שירות ה-DNS של Mullvad זמין הן למנויים והן ללא מנויים של Mullvad VPN. מדיניות הפרטיות שלהם טוענת במפורש שהם לא רושמים בקשות DNS בשום צורה. [https://mullvad.net/en/help/no-logging-data-policy/](https://mullvad.net/en/help/no-logging-data-policy)
|
||||
[^6]: Quad9 אוספת חלק מהנתונים למטרות ניטור ותגובה של איומים. לאחר מכן ניתן לערבב מחדש את הנתונים הללו ולשתף אותם, למשל לצורך מחקר אבטחה. Quad9 אינה אוספת או מתעדת כתובות IP או נתונים אחרים שלדעתם ניתנים לזיהוי אישי. [https://quad9.net/privacy/policy](https://quad9.net/privacy/policy)
|
||||
|
||||
@@ -14,7 +14,7 @@ An **email aliasing service** allows you to easily generate a new email address
|
||||
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji } [addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji } [Addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji } [SimpleLogin](email-aliasing.md#simplelogin)
|
||||
|
||||
</div>
|
||||
@@ -36,13 +36,13 @@ Our email aliasing recommendations are providers that allow you to create aliase
|
||||
|
||||
Using an aliasing service requires trusting both your email provider and your aliasing provider with your unencrypted messages. Some providers mitigate this slightly with automatic PGP encryption[^1], which reduces the number of parties you need to trust from two to one by encrypting incoming emails before they are delivered to your final mailbox provider.
|
||||
|
||||
### addy.io
|
||||
### Addy.io
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**addy.io** lets you create 10 domain aliases on a shared domain for free, or unlimited "standard" aliases.
|
||||
**Addy.io** lets you create 10 domain aliases on a shared domain for free, or unlimited "standard" aliases.
|
||||
|
||||
[:octicons-home-16: Homepage](https://addy.io){ .md-button .md-button--primary }
|
||||
[:octicons-eye-16:](https://addy.io/privacy){ .card-link title="Privacy Policy" }
|
||||
@@ -62,9 +62,9 @@ Using an aliasing service requires trusting both your email provider and your al
|
||||
|
||||
</div>
|
||||
|
||||
The number of shared aliases (which end in a shared domain like @addy.io) that you can create is limited to 10 on addy.io's free plan, 50 on their $1/month plan and unlimited on the $4/month plan (billed $3 for a year). You can pay for these plans using [cryptocurrency](https://addy.io/help/subscribing-with-cryptocurrency) or purchase a voucher code from [ProxyStore](https://addy.io/help/voucher-codes), addy.io's official reseller.
|
||||
The number of shared aliases (which end in a shared domain like @addy.io) that you can create is limited to 10 on Addy.io's free plan, 50 on their $1/month plan and unlimited on the $4/month plan (billed $3 for a year). You can pay for these plans using [cryptocurrency](https://addy.io/help/subscribing-with-cryptocurrency) or purchase a voucher code from [ProxyStore](https://addy.io/help/voucher-codes), Addy.io's official reseller.
|
||||
|
||||
You can create unlimited standard aliases which end in a domain like @[username].addy.io or a custom domain on paid plans. However, as previously mentioned, this can be detrimental to privacy because people can trivially tie your standard aliases together based on the domain name alone. They are useful where a shared domain might be blocked by a service. Securitum [audited](https://addy.io/blog/addy-io-passes-independent-security-audit) addy.io in September 2023 and no significant vulnerabilities [were identified](https://addy.io/addy-io-security-audit.pdf).
|
||||
You can create unlimited standard aliases which end in a domain like @[username].addy.io or a custom domain on paid plans. However, as previously mentioned, this can be detrimental to privacy because people can trivially tie your standard aliases together based on the domain name alone. They are useful where a shared domain might be blocked by a service. Securitum [audited](https://addy.io/blog/addy-io-passes-independent-security-audit) Addy.io in September 2023 and no significant vulnerabilities [were identified](https://addy.io/addy-io-security-audit.pdf).
|
||||
|
||||
Notable free features:
|
||||
|
||||
|
||||
@@ -16,13 +16,13 @@ Keep track of your health and fitness-related goals with these apps. Unlike thei
|
||||
|
||||
Popular menstrual trackers like [Flo](https://techcrunch.com/2021/01/13/flo-gets-ftc-slap-for-sharing-user-data-when-it-promised-privacy) are notorious for collecting and sharing your user data. Depending on your jurisdiction, this may lead to [legal consequences](https://forbes.com/sites/abigaildubiniecki/2024/11/14/post-roe-your-period-app-data-could-be-used-against-you) affecting your reproductive autonomy.
|
||||
|
||||
### drip.
|
||||
### Drip
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**drip.** is a gender-inclusive and open source menstrual cycle tracker available on all mobile platforms. It relies on the "sympto-thermal method" to predict ovulation. All user data is stored locally on your device and can be protected with a password.
|
||||
**Drip** is a gender-inclusive and open source menstrual cycle tracker available on all mobile platforms. It relies on the "sympto-thermal method" to predict ovulation. All user data is stored locally on your device and can be protected with a password.
|
||||
|
||||
[:octicons-home-16: Homepage](https://bloodyhealth.gitlab.io){ .md-button .md-button--primary }
|
||||
[:octicons-eye-16:](https://bloodyhealth.gitlab.io/privacy-policy.html){ .card-link title="Privacy Policy" }
|
||||
|
||||
@@ -105,7 +105,7 @@ schema:
|
||||
-
|
||||
"@context": http://schema.org
|
||||
"@type": SoftwareApplication
|
||||
name: gopass
|
||||
name: Gopass
|
||||
image: /assets/img/password-management/gopass.svg
|
||||
url: https://gopass.pw
|
||||
applicationCategory: מנהל הסיסמאות
|
||||
@@ -363,13 +363,13 @@ KeePassXC מאחסן את נתוני הייצוא שלו כקובצי [CSV](http
|
||||
|
||||
</div>
|
||||
|
||||
### gopass (CLI)
|
||||
### Gopass (CLI)
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**gopass** is a minimal password manager for the command line written in Go. It can be used within scripting applications and works on all major desktop and server operating systems.
|
||||
**Gopass** is a minimal password manager for the command line written in Go. It can be used within scripting applications and works on all major desktop and server operating systems.
|
||||
|
||||
[:octicons-home-16: Homepage](https://gopass.pw){ .md-button .md-button--primary }
|
||||
[:octicons-info-16:](https://github.com/gopasspw/gopass/tree/master/docs){ .card-link title="Documentation" }
|
||||
|
||||
+4
-4
@@ -209,7 +209,7 @@ If you're looking for added **security**, you should always ensure you're connec
|
||||
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji loading=lazy } [addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji loading=lazy } [Addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji loading=lazy } [SimpleLogin](email-aliasing.md#simplelogin)
|
||||
|
||||
</div>
|
||||
@@ -284,7 +284,7 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji loading=lazy }{ .twemoji loading=lazy } [RethinkDNS](dns.md#rethinkdns)
|
||||
- { .twemoji loading=lazy } [dnscrypt-proxy](dns.md#dnscrypt-proxy)
|
||||
- { .twemoji loading=lazy } [DNSCrypt-Proxy](dns.md#dnscrypt-proxy)
|
||||
|
||||
</div>
|
||||
|
||||
@@ -480,7 +480,7 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
|
||||
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji loading=lazy } [drip.](health-and-wellness.md#drip)
|
||||
- { .twemoji loading=lazy } [Drip](health-and-wellness.md#drip)
|
||||
- { .twemoji loading=lazy } [Euki](health-and-wellness.md#euki)
|
||||
- { .twemoji loading=lazy } { .twemoji loading=lazy }[Apple Health](health-and-wellness.md#apple-health)
|
||||
- { .twemoji loading=lazy }{ .twemoji loading=lazy } [Gadgetbridge](health-and-wellness.md#gadgetbridge)
|
||||
@@ -575,7 +575,7 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
|
||||
- { .twemoji loading=lazy } [Psono](passwords.md#psono)
|
||||
- { .twemoji loading=lazy } [KeePassXC](passwords.md#keepassxc)
|
||||
- { .twemoji loading=lazy } [KeePassDX (Android)](passwords.md#keepassdx-android)
|
||||
- { .twemoji loading=lazy } [gopass (CLI)](passwords.md#gopass-cli)
|
||||
- { .twemoji loading=lazy } [Gopass (CLI)](passwords.md#gopass-cli)
|
||||
|
||||
</div>
|
||||
|
||||
|
||||
@@ -51,7 +51,7 @@ VPNs cannot encrypt data outside the connection between your device and the VPN
|
||||
|
||||
Using a VPN in cases where you're using your [real-life or well-known identity](common-misconceptions.md#complicated-is-better) online is unlikely to be useful. Doing so may trigger spam and fraud detection systems, such as if you were to log into your bank's website.
|
||||
|
||||
It's important to remember that a VPN will not provide you with absolute anonymity, because the VPN provider itself will still see your real IP address, destination website information, and often has a money trail that can be linked directly back to you. You can't rely on "no logging" policies to protect your data from anyone who is able to protect. If you need complete safety from the network itself, consider using [Tor](../advanced/tor-overview.md) in addition to or instead of a VPN.
|
||||
It's important to remember that a VPN will not provide you with absolute anonymity because the VPN provider itself will still have access to your real IP address, destination website information, and often a money trail that can be linked directly back to you. "No logging" policies are merely a promise; if you need complete safety from the network itself, consider using [Tor](../advanced/tor-overview.md) in addition to or instead of a VPN.
|
||||
|
||||
You also should not trust a VPN to secure your connection to an unencrypted, HTTP destination. In order to keep what you actually do on the websites you visit private and secure, you must use HTTPS. This will keep your passwords, session tokens, and queries safe from the VPN provider and other potential adversaries in between the VPN server and your destination. You should enable HTTPS-only mode in your browser (if it's supported) to mitigate attacks which try to downgrade your connection from HTTPS to HTTP.
|
||||
|
||||
|
||||
+5
-5
@@ -26,7 +26,7 @@ These are our favorite public DNS resolvers based on their privacy and security
|
||||
| [**AdGuard Public DNS**](https://adguard-dns.io/en/public-dns.html) | Cleartext DoH/3 DoT DoQ DNSCrypt | Anonymized[^1] | Anonymized | Based on server choice. Filter list being used can be found here. [:octicons-link-external-24:](https://github.com/AdguardTeam/AdGuardDNS) | Yes [:octicons-link-external-24:](https://adguard-dns.io/en/blog/encrypted-dns-ios-14.html) |
|
||||
| [**Cloudflare**](https://developers.cloudflare.com/1.1.1.1/setup) | Cleartext DoH/3 DoT | Anonymized[^2] | No | Based on server choice. | No [:octicons-link-external-24:](https://community.cloudflare.com/t/requesting-1-1-1-1-signed-profiles-for-apple/571846) |
|
||||
| [**Control D Free DNS**](https://controld.com/free-dns) | Cleartext DoH/3 DoT DoQ | No[^3] | No | Based on server choice. | Yes [:octicons-link-external-24:](https://docs.controld.com/docs/macos-platform) |
|
||||
| [**dns0.eu**](https://dns0.eu) | Cleartext DoH/3 DoH DoT DoQ | Anonymized[^4] | Anonymized | Based on server choice. | Yes [:octicons-link-external-24:](https://dns0.eu/zero.dns0.eu.mobileconfig) |
|
||||
| [**DNS0.eu**](https://dns0.eu) | Cleartext DoH/3 DoH DoT DoQ | Anonymized[^4] | Anonymized | Based on server choice. | Yes [:octicons-link-external-24:](https://dns0.eu/zero.dns0.eu.mobileconfig) |
|
||||
| [**Mullvad**](https://mullvad.net/en/help/dns-over-https-and-dns-over-tls) | DoH DoT | No[^5] | No | Based on server choice. Filter list being used can be found here. [:octicons-link-external-24:](https://github.com/mullvad/dns-adblock) | Yes [:octicons-link-external-24:](https://mullvad.net/en/blog/profiles-to-configure-our-encrypted-dns-on-apple-devices) |
|
||||
| [**Quad9**](https://quad9.net) | Cleartext DoH DoT DNSCrypt | Anonymized[^6] | Optional | Based on server choice, malware blocking by default. | Yes [:octicons-link-external-24:](https://quad9.net/news/blog/ios-mobile-provisioning-profiles) |
|
||||
|
||||
@@ -166,13 +166,13 @@ Encrypted DNS proxy software provides a local proxy for the [unencrypted DNS](ad
|
||||
|
||||
While RethinkDNS takes up the Android VPN slot, you can still use a VPN or Orbot with the app by [adding a WireGuard configuration](https://docs.rethinkdns.com/proxy/wireguard) or [manually configuring Orbot as a Proxy server](https://docs.rethinkdns.com/firewall/orbot), respectively.
|
||||
|
||||
### dnscrypt-proxy
|
||||
### DNSCrypt-Proxy
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**dnscrypt-proxy** is a DNS proxy with support for [DNSCrypt](advanced/dns-overview.md#dnscrypt), [DNS-over-HTTPS](advanced/dns-overview.md#dns-over-https-doh), and [Anonymized DNS](https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Anonymized-DNS).
|
||||
**DNSCrypt-Proxy** is a DNS proxy with support for [DNSCrypt](advanced/dns-overview.md#dnscrypt), [DNS-over-HTTPS](advanced/dns-overview.md#dns-over-https-doh), and [Anonymized DNS](https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Anonymized-DNS).
|
||||
|
||||
[:octicons-repo-16: Repository](https://github.com/DNSCrypt/dnscrypt-proxy){ .md-button .md-button--primary }
|
||||
[:octicons-info-16:](https://github.com/DNSCrypt/dnscrypt-proxy/wiki){ .card-link title=Documentation}
|
||||
@@ -216,6 +216,6 @@ Additionally, all public providers:
|
||||
[^1]: AdGuard stores aggregated performance metrics of their DNS servers, namely the number of complete requests to a particular server, the number of blocked requests, and the speed of processing requests. They also keep and store the database of domains requested in within last 24 hours. "We need this information to identify and block new trackers and threats." "We also log how many times this or that tracker has been blocked. We need this information to remove outdated rules from our filters." [https://adguard-dns.io/en/privacy.html](https://adguard-dns.io/en/privacy.html)
|
||||
[^2]: Cloudflare collects and stores only the limited DNS query data that is sent to the 1.1.1.1 resolver. The 1.1.1.1 resolver service does not log personal data, and the bulk of the limited non-personally identifiable query data is stored only for 25 hours. [https://developers.cloudflare.com/1.1.1.1/privacy/public-dns-resolver/](https://developers.cloudflare.com/1.1.1.1/privacy/public-dns-resolver)
|
||||
[^3]: Control D only logs for Premium resolvers with custom DNS profiles. Free resolvers do not log data. [https://controld.com/privacy](https://controld.com/privacy)
|
||||
[^4]: dns0.eu collects some data for their threat intelligence feeds, to monitor for newly registered/observed/active domains and other bulk data. That data is shared with some [partners](https://docs.dns0.eu/data-feeds/introduction) for e.g. security research. They do not collect any Personally Identifiable Information. [https://dns0.eu/privacy](https://dns0.eu/privacy)
|
||||
[^4]: DNS0.eu collects some data for their threat intelligence feeds, to monitor for newly registered/observed/active domains and other bulk data. That data is shared with some [partners](https://docs.dns0.eu/data-feeds/introduction) for e.g. security research. They do not collect any Personally Identifiable Information. [https://dns0.eu/privacy](https://dns0.eu/privacy)
|
||||
[^5]: Mullvad's DNS service is available to both subscribers and non-subscribers of Mullvad VPN. Their privacy policy explicitly claims they do not log DNS requests in any way. [https://mullvad.net/en/help/no-logging-data-policy/](https://mullvad.net/en/help/no-logging-data-policy)
|
||||
[^6]: Quad9 collects some data for the purposes of threat monitoring and response. That data may then be remixed and shared, such as for the purpose of security research. Quad9 does not collect or record IP addresses or other data they deem personally identifiable. [https://quad9.net/privacy/policy](https://quad9.net/privacy/policy)
|
||||
|
||||
@@ -14,7 +14,7 @@ An **email aliasing service** allows you to easily generate a new email address
|
||||
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji } [addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji } [Addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji } [SimpleLogin](email-aliasing.md#simplelogin)
|
||||
|
||||
</div>
|
||||
@@ -36,13 +36,13 @@ Our email aliasing recommendations are providers that allow you to create aliase
|
||||
|
||||
Using an aliasing service requires trusting both your email provider and your aliasing provider with your unencrypted messages. Some providers mitigate this slightly with automatic PGP encryption[^1], which reduces the number of parties you need to trust from two to one by encrypting incoming emails before they are delivered to your final mailbox provider.
|
||||
|
||||
### addy.io
|
||||
### Addy.io
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**addy.io** lets you create 10 domain aliases on a shared domain for free, or unlimited "standard" aliases.
|
||||
**Addy.io** lets you create 10 domain aliases on a shared domain for free, or unlimited "standard" aliases.
|
||||
|
||||
[:octicons-home-16: Homepage](https://addy.io){ .md-button .md-button--primary }
|
||||
[:octicons-eye-16:](https://addy.io/privacy){ .card-link title="Privacy Policy" }
|
||||
@@ -62,9 +62,9 @@ Using an aliasing service requires trusting both your email provider and your al
|
||||
|
||||
</div>
|
||||
|
||||
The number of shared aliases (which end in a shared domain like @addy.io) that you can create is limited to 10 on addy.io's free plan, 50 on their $1/month plan and unlimited on the $4/month plan (billed $3 for a year). You can pay for these plans using [cryptocurrency](https://addy.io/help/subscribing-with-cryptocurrency) or purchase a voucher code from [ProxyStore](https://addy.io/help/voucher-codes), addy.io's official reseller.
|
||||
The number of shared aliases (which end in a shared domain like @addy.io) that you can create is limited to 10 on Addy.io's free plan, 50 on their $1/month plan and unlimited on the $4/month plan (billed $3 for a year). You can pay for these plans using [cryptocurrency](https://addy.io/help/subscribing-with-cryptocurrency) or purchase a voucher code from [ProxyStore](https://addy.io/help/voucher-codes), Addy.io's official reseller.
|
||||
|
||||
You can create unlimited standard aliases which end in a domain like @[username].addy.io or a custom domain on paid plans. However, as previously mentioned, this can be detrimental to privacy because people can trivially tie your standard aliases together based on the domain name alone. They are useful where a shared domain might be blocked by a service. Securitum [audited](https://addy.io/blog/addy-io-passes-independent-security-audit) addy.io in September 2023 and no significant vulnerabilities [were identified](https://addy.io/addy-io-security-audit.pdf).
|
||||
You can create unlimited standard aliases which end in a domain like @[username].addy.io or a custom domain on paid plans. However, as previously mentioned, this can be detrimental to privacy because people can trivially tie your standard aliases together based on the domain name alone. They are useful where a shared domain might be blocked by a service. Securitum [audited](https://addy.io/blog/addy-io-passes-independent-security-audit) Addy.io in September 2023 and no significant vulnerabilities [were identified](https://addy.io/addy-io-security-audit.pdf).
|
||||
|
||||
Notable free features:
|
||||
|
||||
|
||||
@@ -16,13 +16,13 @@ Keep track of your health and fitness-related goals with these apps. Unlike thei
|
||||
|
||||
Popular menstrual trackers like [Flo](https://techcrunch.com/2021/01/13/flo-gets-ftc-slap-for-sharing-user-data-when-it-promised-privacy) are notorious for collecting and sharing your user data. Depending on your jurisdiction, this may lead to [legal consequences](https://forbes.com/sites/abigaildubiniecki/2024/11/14/post-roe-your-period-app-data-could-be-used-against-you) affecting your reproductive autonomy.
|
||||
|
||||
### drip.
|
||||
### Drip
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**drip.** is a gender-inclusive and open source menstrual cycle tracker available on all mobile platforms. It relies on the "sympto-thermal method" to predict ovulation. All user data is stored locally on your device and can be protected with a password.
|
||||
**Drip** is a gender-inclusive and open source menstrual cycle tracker available on all mobile platforms. It relies on the "sympto-thermal method" to predict ovulation. All user data is stored locally on your device and can be protected with a password.
|
||||
|
||||
[:octicons-home-16: Homepage](https://bloodyhealth.gitlab.io){ .md-button .md-button--primary }
|
||||
[:octicons-eye-16:](https://bloodyhealth.gitlab.io/privacy-policy.html){ .card-link title="Privacy Policy" }
|
||||
|
||||
@@ -105,7 +105,7 @@ schema:
|
||||
-
|
||||
"@context": http://schema.org
|
||||
"@type": SoftwareApplication
|
||||
name: gopass
|
||||
name: Gopass
|
||||
image: /assets/img/password-management/gopass.svg
|
||||
url: https://gopass.pw
|
||||
applicationCategory: Password Manager
|
||||
@@ -363,13 +363,13 @@ KeePassXC stores its export data as [CSV](https://en.wikipedia.org/wiki/Comma-se
|
||||
|
||||
</div>
|
||||
|
||||
### gopass (CLI)
|
||||
### Gopass (CLI)
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**gopass** is a minimal password manager for the command line written in Go. It can be used within scripting applications and works on all major desktop and server operating systems.
|
||||
**Gopass** is a minimal password manager for the command line written in Go. It can be used within scripting applications and works on all major desktop and server operating systems.
|
||||
|
||||
[:octicons-home-16: Homepage](https://gopass.pw){ .md-button .md-button--primary }
|
||||
[:octicons-info-16:](https://github.com/gopasspw/gopass/tree/master/docs){ .card-link title="Documentation" }
|
||||
|
||||
+4
-4
@@ -209,7 +209,7 @@ If you're looking for added **security**, you should always ensure you're connec
|
||||
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji loading=lazy } [addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji loading=lazy } [Addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji loading=lazy } [SimpleLogin](email-aliasing.md#simplelogin)
|
||||
|
||||
</div>
|
||||
@@ -284,7 +284,7 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji loading=lazy }{ .twemoji loading=lazy } [RethinkDNS](dns.md#rethinkdns)
|
||||
- { .twemoji loading=lazy } [dnscrypt-proxy](dns.md#dnscrypt-proxy)
|
||||
- { .twemoji loading=lazy } [DNSCrypt-Proxy](dns.md#dnscrypt-proxy)
|
||||
|
||||
</div>
|
||||
|
||||
@@ -480,7 +480,7 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
|
||||
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji loading=lazy } [drip.](health-and-wellness.md#drip)
|
||||
- { .twemoji loading=lazy } [Drip](health-and-wellness.md#drip)
|
||||
- { .twemoji loading=lazy } [Euki](health-and-wellness.md#euki)
|
||||
- { .twemoji loading=lazy } { .twemoji loading=lazy }[Apple Health](health-and-wellness.md#apple-health)
|
||||
- { .twemoji loading=lazy }{ .twemoji loading=lazy } [Gadgetbridge](health-and-wellness.md#gadgetbridge)
|
||||
@@ -575,7 +575,7 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
|
||||
- { .twemoji loading=lazy } [Psono](passwords.md#psono)
|
||||
- { .twemoji loading=lazy } [KeePassXC](passwords.md#keepassxc)
|
||||
- { .twemoji loading=lazy } [KeePassDX (Android)](passwords.md#keepassdx-android)
|
||||
- { .twemoji loading=lazy } [gopass (CLI)](passwords.md#gopass-cli)
|
||||
- { .twemoji loading=lazy } [Gopass (CLI)](passwords.md#gopass-cli)
|
||||
|
||||
</div>
|
||||
|
||||
|
||||
@@ -51,7 +51,7 @@ VPNs cannot encrypt data outside the connection between your device and the VPN
|
||||
|
||||
Using a VPN in cases where you're using your [real-life or well-known identity](common-misconceptions.md#complicated-is-better) online is unlikely to be useful. Doing so may trigger spam and fraud detection systems, such as if you were to log into your bank's website.
|
||||
|
||||
It's important to remember that a VPN will not provide you with absolute anonymity, because the VPN provider itself will still see your real IP address, destination website information, and often has a money trail that can be linked directly back to you. You can't rely on "no logging" policies to protect your data from anyone who is able to protect. If you need complete safety from the network itself, consider using [Tor](../advanced/tor-overview.md) in addition to or instead of a VPN.
|
||||
It's important to remember that a VPN will not provide you with absolute anonymity because the VPN provider itself will still have access to your real IP address, destination website information, and often a money trail that can be linked directly back to you. "No logging" policies are merely a promise; if you need complete safety from the network itself, consider using [Tor](../advanced/tor-overview.md) in addition to or instead of a VPN.
|
||||
|
||||
You also should not trust a VPN to secure your connection to an unencrypted, HTTP destination. In order to keep what you actually do on the websites you visit private and secure, you must use HTTPS. This will keep your passwords, session tokens, and queries safe from the VPN provider and other potential adversaries in between the VPN server and your destination. You should enable HTTPS-only mode in your browser (if it's supported) to mitigate attacks which try to downgrade your connection from HTTPS to HTTP.
|
||||
|
||||
|
||||
+5
-5
@@ -26,7 +26,7 @@ These are our favorite public DNS resolvers based on their privacy and security
|
||||
| [**AdGuard Public DNS**](https://adguard-dns.io/en/public-dns.html) | Cleartext DoH/3 DoT DoQ DNSCrypt | Anonymized[^1] | Anonymized | Based on server choice. A használt szűrőlista itt található. [:octicons-link-external-24:](https://github.com/AdguardTeam/AdGuardDNS) | Yes [:octicons-link-external-24:](https://adguard-dns.io/en/blog/encrypted-dns-ios-14.html) |
|
||||
| [**Cloudflare**](https://developers.cloudflare.com/1.1.1.1/setup) | Cleartext DoH/3 DoT | Anonymized[^2] | Nem | Based on server choice. | No [:octicons-link-external-24:](https://community.cloudflare.com/t/requesting-1-1-1-1-signed-profiles-for-apple/571846) |
|
||||
| [**Control D Free DNS**](https://controld.com/free-dns) | Cleartext DoH/3 DoT DoQ | No[^3] | Nem | Based on server choice. | Yes [:octicons-link-external-24:](https://docs.controld.com/docs/macos-platform) |
|
||||
| [**dns0.eu**](https://dns0.eu) | Cleartext DoH/3 DoH DoT DoQ | Anonymized[^4] | Anonymized | Based on server choice. | Yes [:octicons-link-external-24:](https://dns0.eu/zero.dns0.eu.mobileconfig) |
|
||||
| [**DNS0.eu**](https://dns0.eu) | Cleartext DoH/3 DoH DoT DoQ | Anonymized[^4] | Anonymized | Based on server choice. | Yes [:octicons-link-external-24:](https://dns0.eu/zero.dns0.eu.mobileconfig) |
|
||||
| [**Mullvad**](https://mullvad.net/en/help/dns-over-https-and-dns-over-tls) | DoH DoT | No[^5] | Nem | Based on server choice. A használt szűrőlista itt található. [:octicons-link-external-24:](https://github.com/mullvad/dns-adblock) | Yes [:octicons-link-external-24:](https://mullvad.net/en/blog/profiles-to-configure-our-encrypted-dns-on-apple-devices) |
|
||||
| [**Quad9**](https://quad9.net) | Cleartext DoH DoT DNSCrypt | Anonymized[^6] | Választható | Based on server choice, malware blocking by default. | Yes [:octicons-link-external-24:](https://quad9.net/news/blog/ios-mobile-provisioning-profiles) |
|
||||
|
||||
@@ -166,13 +166,13 @@ Egy titkosított DNS proxy szoftver helyi proxy-t biztosít a [titkosítatlan DN
|
||||
|
||||
While RethinkDNS takes up the Android VPN slot, you can still use a VPN or Orbot with the app by [adding a WireGuard configuration](https://docs.rethinkdns.com/proxy/wireguard) or [manually configuring Orbot as a Proxy server](https://docs.rethinkdns.com/firewall/orbot), respectively.
|
||||
|
||||
### dnscrypt-proxy
|
||||
### DNSCrypt-Proxy
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**dnscrypt-proxy** is a DNS proxy with support for [DNSCrypt](advanced/dns-overview.md#dnscrypt), [DNS-over-HTTPS](advanced/dns-overview.md#dns-over-https-doh), and [Anonymized DNS](https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Anonymized-DNS).
|
||||
**DNSCrypt-Proxy** is a DNS proxy with support for [DNSCrypt](advanced/dns-overview.md#dnscrypt), [DNS-over-HTTPS](advanced/dns-overview.md#dns-over-https-doh), and [Anonymized DNS](https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Anonymized-DNS).
|
||||
|
||||
[:octicons-repo-16: Repository](https://github.com/DNSCrypt/dnscrypt-proxy){ .md-button .md-button--primary }
|
||||
[:octicons-info-16:](https://github.com/DNSCrypt/dnscrypt-proxy/wiki){ .card-link title=Documentation}
|
||||
@@ -216,6 +216,6 @@ Additionally, all public providers:
|
||||
[^1]: Az AdGuard tárolja a DNS szervereik összesített teljesítményméréseit, nevezetesen az adott szerverhez érkező teljes kérések számát, a blokkolt kérések számát és a kérések feldolgozásának sebességét. Az elmúlt 24 órában igényelt domainek adatbázisát is eltárolják. "We need this information to identify and block new trackers and threats." "We also log how many times this or that tracker has been blocked. We need this information to remove outdated rules from our filters." [https://adguard-dns.io/en/privacy.html](https://adguard-dns.io/en/privacy.html)
|
||||
[^2]: A Cloudflare csak azokat a korlátozott DNS-lekérdezési adatokat gyűjti és tárolja ami az 1.1.1.1 resolverhez érkezik. Az 1.1.1.1 resolver szolgáltatás nem naplóz személyes adatokat, és a korlátozott, személyazonosításra nem alkalmas lekérdezési adatok nagy részét csak 25 órán keresztül tárolja. [https://developers.cloudflare.com/1.1.1.1/privacy/public-dns-resolver/](https://developers.cloudflare.com/1.1.1.1/privacy/public-dns-resolver)
|
||||
[^3]: A Control D csak az egyedi DNS-profilokkal rendelkező Premium resolverek esetében naplóz. Az ingyenes resolverek nem naplóznak adatokat. [https://controld.com/privacy](https://controld.com/privacy)
|
||||
[^4]: dns0.eu collects some data for their threat intelligence feeds, to monitor for newly registered/observed/active domains and other bulk data. That data is shared with some [partners](https://docs.dns0.eu/data-feeds/introduction) for e.g. security research. They do not collect any Personally Identifiable Information. [https://dns0.eu/privacy](https://dns0.eu/privacy)
|
||||
[^4]: DNS0.eu collects some data for their threat intelligence feeds, to monitor for newly registered/observed/active domains and other bulk data. That data is shared with some [partners](https://docs.dns0.eu/data-feeds/introduction) for e.g. security research. They do not collect any Personally Identifiable Information. [https://dns0.eu/privacy](https://dns0.eu/privacy)
|
||||
[^5]: A Mullvad DNS szolgáltatása a Mullvad VPN előfizetői és nem előfizetői számára egyaránt elérhető. Az adatvédelmi irányelvük kifejezetten azt állítja, hogy semmilyen módon nem naplóznak DNS-kéréseket. [https://mullvad.net/en/help/no-logging-data-policy/](https://mullvad.net/en/help/no-logging-data-policy)
|
||||
[^6]: A Quad9 bizonyos adatokat a fenyegetések megfigyelése és elhárítása céljából gyűjt. Ezek az adatok ezután összekeverhetők és megoszthatók, például biztonsági kutatások céljából. A Quad9 nem gyűjt vagy rögzít IP-címeket vagy más, személyazonosításra alkalmasnak ítélt adatokat. [https://quad9.net/privacy/policy](https://quad9.net/privacy/policy)
|
||||
|
||||
@@ -14,7 +14,7 @@ An **email aliasing service** allows you to easily generate a new email address
|
||||
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji } [addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji } [Addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji } [SimpleLogin](email-aliasing.md#simplelogin)
|
||||
|
||||
</div>
|
||||
@@ -36,13 +36,13 @@ Our email aliasing recommendations are providers that allow you to create aliase
|
||||
|
||||
Using an aliasing service requires trusting both your email provider and your aliasing provider with your unencrypted messages. Some providers mitigate this slightly with automatic PGP encryption[^1], which reduces the number of parties you need to trust from two to one by encrypting incoming emails before they are delivered to your final mailbox provider.
|
||||
|
||||
### addy.io
|
||||
### Addy.io
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**addy.io** lets you create 10 domain aliases on a shared domain for free, or unlimited "standard" aliases.
|
||||
**Addy.io** lets you create 10 domain aliases on a shared domain for free, or unlimited "standard" aliases.
|
||||
|
||||
[:octicons-home-16: Homepage](https://addy.io){ .md-button .md-button--primary }
|
||||
[:octicons-eye-16:](https://addy.io/privacy){ .card-link title="Privacy Policy" }
|
||||
@@ -62,9 +62,9 @@ Using an aliasing service requires trusting both your email provider and your al
|
||||
|
||||
</div>
|
||||
|
||||
The number of shared aliases (which end in a shared domain like @addy.io) that you can create is limited to 10 on addy.io's free plan, 50 on their $1/month plan and unlimited on the $4/month plan (billed $3 for a year). You can pay for these plans using [cryptocurrency](https://addy.io/help/subscribing-with-cryptocurrency) or purchase a voucher code from [ProxyStore](https://addy.io/help/voucher-codes), addy.io's official reseller.
|
||||
The number of shared aliases (which end in a shared domain like @addy.io) that you can create is limited to 10 on Addy.io's free plan, 50 on their $1/month plan and unlimited on the $4/month plan (billed $3 for a year). You can pay for these plans using [cryptocurrency](https://addy.io/help/subscribing-with-cryptocurrency) or purchase a voucher code from [ProxyStore](https://addy.io/help/voucher-codes), Addy.io's official reseller.
|
||||
|
||||
You can create unlimited standard aliases which end in a domain like @[username].addy.io or a custom domain on paid plans. However, as previously mentioned, this can be detrimental to privacy because people can trivially tie your standard aliases together based on the domain name alone. They are useful where a shared domain might be blocked by a service. Securitum [audited](https://addy.io/blog/addy-io-passes-independent-security-audit) addy.io in September 2023 and no significant vulnerabilities [were identified](https://addy.io/addy-io-security-audit.pdf).
|
||||
You can create unlimited standard aliases which end in a domain like @[username].addy.io or a custom domain on paid plans. However, as previously mentioned, this can be detrimental to privacy because people can trivially tie your standard aliases together based on the domain name alone. They are useful where a shared domain might be blocked by a service. Securitum [audited](https://addy.io/blog/addy-io-passes-independent-security-audit) Addy.io in September 2023 and no significant vulnerabilities [were identified](https://addy.io/addy-io-security-audit.pdf).
|
||||
|
||||
Notable free features:
|
||||
|
||||
|
||||
@@ -16,13 +16,13 @@ Keep track of your health and fitness-related goals with these apps. Unlike thei
|
||||
|
||||
Popular menstrual trackers like [Flo](https://techcrunch.com/2021/01/13/flo-gets-ftc-slap-for-sharing-user-data-when-it-promised-privacy) are notorious for collecting and sharing your user data. Depending on your jurisdiction, this may lead to [legal consequences](https://forbes.com/sites/abigaildubiniecki/2024/11/14/post-roe-your-period-app-data-could-be-used-against-you) affecting your reproductive autonomy.
|
||||
|
||||
### drip.
|
||||
### Drip
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**drip.** is a gender-inclusive and open source menstrual cycle tracker available on all mobile platforms. It relies on the "sympto-thermal method" to predict ovulation. All user data is stored locally on your device and can be protected with a password.
|
||||
**Drip** is a gender-inclusive and open source menstrual cycle tracker available on all mobile platforms. It relies on the "sympto-thermal method" to predict ovulation. All user data is stored locally on your device and can be protected with a password.
|
||||
|
||||
[:octicons-home-16: Homepage](https://bloodyhealth.gitlab.io){ .md-button .md-button--primary }
|
||||
[:octicons-eye-16:](https://bloodyhealth.gitlab.io/privacy-policy.html){ .card-link title="Privacy Policy" }
|
||||
|
||||
@@ -105,7 +105,7 @@ schema:
|
||||
-
|
||||
"@context": http://schema.org
|
||||
"@type": SoftwareApplication
|
||||
name: gopass
|
||||
name: Gopass
|
||||
image: /assets/img/password-management/gopass.svg
|
||||
url: https://gopass.pw
|
||||
applicationCategory: Password Manager
|
||||
@@ -363,13 +363,13 @@ KeePassXC stores its export data as [CSV](https://en.wikipedia.org/wiki/Comma-se
|
||||
|
||||
</div>
|
||||
|
||||
### gopass (CLI)
|
||||
### Gopass (CLI)
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**gopass** is a minimal password manager for the command line written in Go. It can be used within scripting applications and works on all major desktop and server operating systems.
|
||||
**Gopass** is a minimal password manager for the command line written in Go. It can be used within scripting applications and works on all major desktop and server operating systems.
|
||||
|
||||
[:octicons-home-16: Homepage](https://gopass.pw){ .md-button .md-button--primary }
|
||||
[:octicons-info-16:](https://github.com/gopasspw/gopass/tree/master/docs){ .card-link title="Documentation" }
|
||||
|
||||
+4
-4
@@ -209,7 +209,7 @@ If you're looking for added **security**, you should always ensure you're connec
|
||||
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji loading=lazy } [addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji loading=lazy } [Addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji loading=lazy } [SimpleLogin](email-aliasing.md#simplelogin)
|
||||
|
||||
</div>
|
||||
@@ -284,7 +284,7 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji loading=lazy }{ .twemoji loading=lazy } [RethinkDNS](dns.md#rethinkdns)
|
||||
- { .twemoji loading=lazy } [dnscrypt-proxy](dns.md#dnscrypt-proxy)
|
||||
- { .twemoji loading=lazy } [DNSCrypt-Proxy](dns.md#dnscrypt-proxy)
|
||||
|
||||
</div>
|
||||
|
||||
@@ -480,7 +480,7 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
|
||||
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji loading=lazy } [drip.](health-and-wellness.md#drip)
|
||||
- { .twemoji loading=lazy } [Drip](health-and-wellness.md#drip)
|
||||
- { .twemoji loading=lazy } [Euki](health-and-wellness.md#euki)
|
||||
- { .twemoji loading=lazy } { .twemoji loading=lazy }[Apple Health](health-and-wellness.md#apple-health)
|
||||
- { .twemoji loading=lazy }{ .twemoji loading=lazy } [Gadgetbridge](health-and-wellness.md#gadgetbridge)
|
||||
@@ -575,7 +575,7 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
|
||||
- { .twemoji loading=lazy } [Psono](passwords.md#psono)
|
||||
- { .twemoji loading=lazy } [KeePassXC](passwords.md#keepassxc)
|
||||
- { .twemoji loading=lazy } [KeePassDX (Android)](passwords.md#keepassdx-android)
|
||||
- { .twemoji loading=lazy } [gopass (CLI)](passwords.md#gopass-cli)
|
||||
- { .twemoji loading=lazy } [Gopass (CLI)](passwords.md#gopass-cli)
|
||||
|
||||
</div>
|
||||
|
||||
|
||||
@@ -51,7 +51,7 @@ VPNs cannot encrypt data outside the connection between your device and the VPN
|
||||
|
||||
Using a VPN in cases where you're using your [real-life or well-known identity](common-misconceptions.md#complicated-is-better) online is unlikely to be useful. Melakukan hal itu dapat memicu sistem deteksi spam dan penipuan, seperti jika Anda masuk ke situs web bank Anda.
|
||||
|
||||
It's important to remember that a VPN will not provide you with absolute anonymity, because the VPN provider itself will still see your real IP address, destination website information, and often has a money trail that can be linked directly back to you. You can't rely on "no logging" policies to protect your data from anyone who is able to protect. If you need complete safety from the network itself, consider using [Tor](../advanced/tor-overview.md) in addition to or instead of a VPN.
|
||||
It's important to remember that a VPN will not provide you with absolute anonymity because the VPN provider itself will still have access to your real IP address, destination website information, and often a money trail that can be linked directly back to you. "No logging" policies are merely a promise; if you need complete safety from the network itself, consider using [Tor](../advanced/tor-overview.md) in addition to or instead of a VPN.
|
||||
|
||||
You also should not trust a VPN to secure your connection to an unencrypted, HTTP destination. Untuk menjaga agar apa yang Anda lakukan di situs web yang Anda kunjungi tetap privat dan aman, Anda harus menggunakan HTTPS. This will keep your passwords, session tokens, and queries safe from the VPN provider and other potential adversaries in between the VPN server and your destination. You should enable HTTPS-only mode in your browser (if it's supported) to mitigate attacks which try to downgrade your connection from HTTPS to HTTP.
|
||||
|
||||
|
||||
+5
-5
@@ -26,7 +26,7 @@ These are our favorite public DNS resolvers based on their privacy and security
|
||||
| [**AdGuard Public DNS**](https://adguard-dns.io/en/public-dns.html) | Cleartext DoH/3 DoT DoQ DNSCrypt | Anonymized[^1] | Anonymized | Based on server choice. Daftar filter yang digunakan dapat ditemukan di sini. [:octicons-link-external-24:](https://github.com/AdguardTeam/AdGuardDNS) | Yes [:octicons-link-external-24:](https://adguard-dns.io/en/blog/encrypted-dns-ios-14.html) |
|
||||
| [**Cloudflare**](https://developers.cloudflare.com/1.1.1.1/setup) | Cleartext DoH/3 DoT | Anonymized[^2] | Tidak | Based on server choice. | No [:octicons-link-external-24:](https://community.cloudflare.com/t/requesting-1-1-1-1-signed-profiles-for-apple/571846) |
|
||||
| [**Control D Free DNS**](https://controld.com/free-dns) | Cleartext DoH/3 DoT DoQ | No[^3] | Tidak | Based on server choice. | Yes [:octicons-link-external-24:](https://docs.controld.com/docs/macos-platform) |
|
||||
| [**dns0.eu**](https://dns0.eu) | Cleartext DoH/3 DoH DoT DoQ | Anonymized[^4] | Anonymized | Based on server choice. | Yes [:octicons-link-external-24:](https://dns0.eu/zero.dns0.eu.mobileconfig) |
|
||||
| [**DNS0.eu**](https://dns0.eu) | Cleartext DoH/3 DoH DoT DoQ | Anonymized[^4] | Anonymized | Based on server choice. | Yes [:octicons-link-external-24:](https://dns0.eu/zero.dns0.eu.mobileconfig) |
|
||||
| [**Mullvad**](https://mullvad.net/en/help/dns-over-https-and-dns-over-tls) | DoH DoT | No[^5] | Tidak | Based on server choice. Daftar filter yang digunakan dapat ditemukan di sini. [:octicons-link-external-24:](https://github.com/mullvad/dns-adblock) | Yes [:octicons-link-external-24:](https://mullvad.net/en/blog/profiles-to-configure-our-encrypted-dns-on-apple-devices) |
|
||||
| [**Quad9**](https://quad9.net) | Cleartext DoH DoT DNSCrypt | Anonymized[^6] | Opsional | Based on server choice, malware blocking by default. | Yes [:octicons-link-external-24:](https://quad9.net/news/blog/ios-mobile-provisioning-profiles) |
|
||||
|
||||
@@ -166,13 +166,13 @@ Perangkat lunak proxy DNS terenkripsi menyediakan proxy lokal untuk [DNS tidak t
|
||||
|
||||
While RethinkDNS takes up the Android VPN slot, you can still use a VPN or Orbot with the app by [adding a WireGuard configuration](https://docs.rethinkdns.com/proxy/wireguard) or [manually configuring Orbot as a Proxy server](https://docs.rethinkdns.com/firewall/orbot), respectively.
|
||||
|
||||
### dnscrypt-proxy
|
||||
### DNSCrypt-Proxy
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**dnscrypt-proxy** is a DNS proxy with support for [DNSCrypt](advanced/dns-overview.md#dnscrypt), [DNS-over-HTTPS](advanced/dns-overview.md#dns-over-https-doh), and [Anonymized DNS](https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Anonymized-DNS).
|
||||
**DNSCrypt-Proxy** is a DNS proxy with support for [DNSCrypt](advanced/dns-overview.md#dnscrypt), [DNS-over-HTTPS](advanced/dns-overview.md#dns-over-https-doh), and [Anonymized DNS](https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Anonymized-DNS).
|
||||
|
||||
[:octicons-repo-16: Repository](https://github.com/DNSCrypt/dnscrypt-proxy){ .md-button .md-button--primary }
|
||||
[:octicons-info-16:](https://github.com/DNSCrypt/dnscrypt-proxy/wiki){ .card-link title=Documentation}
|
||||
@@ -216,6 +216,6 @@ Additionally, all public providers:
|
||||
[^1]: AdGuard menyimpan informasi kinerja dari server DNS mereka, seperti informasi request kepada server tertentu, jumlah request yang terblokir dan informasi mengenai kecepatan request ketika sedang diproses. Mereka juga menyimpan database domain yang diminta dalam waktu 24 jam terakhir. "Kami membutuhkan informasi ini untuk mengidentifikasi dan memblokir pelacak dan ancaman baru." "Kami juga mencatat berapa kali pelacak telah diblokir. Kami membutuhkan informasi ini untuk menghapus aturan lama dari filter kami." [https://adguard-dns.io/en/privacy.html](https://adguard-dns.io/en/privacy.html)
|
||||
[^2]: Cloudflare hanya mengumpulkan dan menyimpan data permintaan DNS terbatas yang dikirim ke resolver 1.1.1.1. Layanan resolver 1.1.1.1 tidak mencatat data pribadi, dan sebagian besar data yang tidak dapat diidentifikasi secara pribadi hanya disimpan selama 25 jam. [https://developers.cloudflare.com/1.1.1.1/privacy/public-dns-resolver/](https://developers.cloudflare.com/1.1.1.1/privacy/public-dns-resolver)
|
||||
[^3]: Control D hanya mencatat untuk resolver Premium dengan profil DNS khusus. Resolver gratis tidak mencatat data. [https://controld.com/privacy](https://controld.com/privacy)
|
||||
[^4]: dns0.eu collects some data for their threat intelligence feeds, to monitor for newly registered/observed/active domains and other bulk data. That data is shared with some [partners](https://docs.dns0.eu/data-feeds/introduction) for e.g. security research. They do not collect any Personally Identifiable Information. [https://dns0.eu/privacy](https://dns0.eu/privacy)
|
||||
[^4]: DNS0.eu collects some data for their threat intelligence feeds, to monitor for newly registered/observed/active domains and other bulk data. That data is shared with some [partners](https://docs.dns0.eu/data-feeds/introduction) for e.g. security research. They do not collect any Personally Identifiable Information. [https://dns0.eu/privacy](https://dns0.eu/privacy)
|
||||
[^5]: Layanan DNS Mullvad tersedia untuk pelanggan dan non-pelanggan Mullvad VPN. Kebijakan privasi mereka secara eksplisit mengklaim bahwa mereka tidak mencatat permintaan DNS dengan cara apa pun. [https://mullvad.net/en/help/no-logging-data-policy/](https://mullvad.net/en/help/no-logging-data-policy)
|
||||
[^6]: Quad9 mengumpulkan beberapa data untuk tujuan pemantauan dan tanggapan ancaman. Data nantinya diacak dan dibagikan untuk tujuan penelitian keamanan. Quad9 tidak mengumpulkan atau mencatat alamat IP atau data lain yang mereka anggap dapat diidentifikasi secara pribadi. [https://quad9.net/privacy/policy](https://quad9.net/privacy/policy)
|
||||
|
||||
@@ -14,7 +14,7 @@ An **email aliasing service** allows you to easily generate a new email address
|
||||
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji } [addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji } [Addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji } [SimpleLogin](email-aliasing.md#simplelogin)
|
||||
|
||||
</div>
|
||||
@@ -36,13 +36,13 @@ Our email aliasing recommendations are providers that allow you to create aliase
|
||||
|
||||
Using an aliasing service requires trusting both your email provider and your aliasing provider with your unencrypted messages. Some providers mitigate this slightly with automatic PGP encryption[^1], which reduces the number of parties you need to trust from two to one by encrypting incoming emails before they are delivered to your final mailbox provider.
|
||||
|
||||
### addy.io
|
||||
### Addy.io
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**addy.io** lets you create 10 domain aliases on a shared domain for free, or unlimited "standard" aliases.
|
||||
**Addy.io** lets you create 10 domain aliases on a shared domain for free, or unlimited "standard" aliases.
|
||||
|
||||
[:octicons-home-16: Homepage](https://addy.io){ .md-button .md-button--primary }
|
||||
[:octicons-eye-16:](https://addy.io/privacy){ .card-link title="Privacy Policy" }
|
||||
@@ -62,9 +62,9 @@ Using an aliasing service requires trusting both your email provider and your al
|
||||
|
||||
</div>
|
||||
|
||||
The number of shared aliases (which end in a shared domain like @addy.io) that you can create is limited to 10 on addy.io's free plan, 50 on their $1/month plan and unlimited on the $4/month plan (billed $3 for a year). You can pay for these plans using [cryptocurrency](https://addy.io/help/subscribing-with-cryptocurrency) or purchase a voucher code from [ProxyStore](https://addy.io/help/voucher-codes), addy.io's official reseller.
|
||||
The number of shared aliases (which end in a shared domain like @addy.io) that you can create is limited to 10 on Addy.io's free plan, 50 on their $1/month plan and unlimited on the $4/month plan (billed $3 for a year). You can pay for these plans using [cryptocurrency](https://addy.io/help/subscribing-with-cryptocurrency) or purchase a voucher code from [ProxyStore](https://addy.io/help/voucher-codes), Addy.io's official reseller.
|
||||
|
||||
You can create unlimited standard aliases which end in a domain like @[username].addy.io or a custom domain on paid plans. However, as previously mentioned, this can be detrimental to privacy because people can trivially tie your standard aliases together based on the domain name alone. They are useful where a shared domain might be blocked by a service. Securitum [audited](https://addy.io/blog/addy-io-passes-independent-security-audit) addy.io in September 2023 and no significant vulnerabilities [were identified](https://addy.io/addy-io-security-audit.pdf).
|
||||
You can create unlimited standard aliases which end in a domain like @[username].addy.io or a custom domain on paid plans. However, as previously mentioned, this can be detrimental to privacy because people can trivially tie your standard aliases together based on the domain name alone. They are useful where a shared domain might be blocked by a service. Securitum [audited](https://addy.io/blog/addy-io-passes-independent-security-audit) Addy.io in September 2023 and no significant vulnerabilities [were identified](https://addy.io/addy-io-security-audit.pdf).
|
||||
|
||||
Notable free features:
|
||||
|
||||
|
||||
@@ -16,13 +16,13 @@ Keep track of your health and fitness-related goals with these apps. Unlike thei
|
||||
|
||||
Popular menstrual trackers like [Flo](https://techcrunch.com/2021/01/13/flo-gets-ftc-slap-for-sharing-user-data-when-it-promised-privacy) are notorious for collecting and sharing your user data. Depending on your jurisdiction, this may lead to [legal consequences](https://forbes.com/sites/abigaildubiniecki/2024/11/14/post-roe-your-period-app-data-could-be-used-against-you) affecting your reproductive autonomy.
|
||||
|
||||
### drip.
|
||||
### Drip
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**drip.** is a gender-inclusive and open source menstrual cycle tracker available on all mobile platforms. It relies on the "sympto-thermal method" to predict ovulation. All user data is stored locally on your device and can be protected with a password.
|
||||
**Drip** is a gender-inclusive and open source menstrual cycle tracker available on all mobile platforms. It relies on the "sympto-thermal method" to predict ovulation. All user data is stored locally on your device and can be protected with a password.
|
||||
|
||||
[:octicons-home-16: Homepage](https://bloodyhealth.gitlab.io){ .md-button .md-button--primary }
|
||||
[:octicons-eye-16:](https://bloodyhealth.gitlab.io/privacy-policy.html){ .card-link title="Privacy Policy" }
|
||||
|
||||
@@ -105,7 +105,7 @@ schema:
|
||||
-
|
||||
"@context": http://schema.org
|
||||
"@type": SoftwareApplication
|
||||
name: gopass
|
||||
name: Gopass
|
||||
image: /assets/img/password-management/gopass.svg
|
||||
url: https://gopass.pw
|
||||
applicationCategory: Pengelola Kata Sandi
|
||||
@@ -363,13 +363,13 @@ KeePassXC menyimpan data ekspornya sebagai file [CSV](https://en.wikipedia.org/w
|
||||
|
||||
</div>
|
||||
|
||||
### gopass (CLI)
|
||||
### Gopass (CLI)
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**gopass** is a minimal password manager for the command line written in Go. It can be used within scripting applications and works on all major desktop and server operating systems.
|
||||
**Gopass** is a minimal password manager for the command line written in Go. It can be used within scripting applications and works on all major desktop and server operating systems.
|
||||
|
||||
[:octicons-home-16: Homepage](https://gopass.pw){ .md-button .md-button--primary }
|
||||
[:octicons-info-16:](https://github.com/gopasspw/gopass/tree/master/docs){ .card-link title="Documentation" }
|
||||
|
||||
+4
-4
@@ -209,7 +209,7 @@ If you're looking for added **security**, you should always ensure you're connec
|
||||
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji loading=lazy } [addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji loading=lazy } [Addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji loading=lazy } [SimpleLogin](email-aliasing.md#simplelogin)
|
||||
|
||||
</div>
|
||||
@@ -284,7 +284,7 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji loading=lazy }{ .twemoji loading=lazy } [RethinkDNS](dns.md#rethinkdns)
|
||||
- { .twemoji loading=lazy } [dnscrypt-proxy](dns.md#dnscrypt-proxy)
|
||||
- { .twemoji loading=lazy } [DNSCrypt-Proxy](dns.md#dnscrypt-proxy)
|
||||
|
||||
</div>
|
||||
|
||||
@@ -480,7 +480,7 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
|
||||
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji loading=lazy } [drip.](health-and-wellness.md#drip)
|
||||
- { .twemoji loading=lazy } [Drip](health-and-wellness.md#drip)
|
||||
- { .twemoji loading=lazy } [Euki](health-and-wellness.md#euki)
|
||||
- { .twemoji loading=lazy } { .twemoji loading=lazy }[Apple Health](health-and-wellness.md#apple-health)
|
||||
- { .twemoji loading=lazy }{ .twemoji loading=lazy } [Gadgetbridge](health-and-wellness.md#gadgetbridge)
|
||||
@@ -575,7 +575,7 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
|
||||
- { .twemoji loading=lazy } [Psono](passwords.md#psono)
|
||||
- { .twemoji loading=lazy } [KeePassXC](passwords.md#keepassxc)
|
||||
- { .twemoji loading=lazy } [KeePassDX (Android)](passwords.md#keepassdx-android)
|
||||
- { .twemoji loading=lazy } [gopass (CLI)](passwords.md#gopass-cli)
|
||||
- { .twemoji loading=lazy } [Gopass (CLI)](passwords.md#gopass-cli)
|
||||
|
||||
</div>
|
||||
|
||||
|
||||
@@ -51,7 +51,7 @@ Le VPN non possono criptare i dati al di fuori della connessione tra il tuo disp
|
||||
|
||||
Using a VPN in cases where you're using your [real-life or well-known identity](common-misconceptions.md#complicated-is-better) online is unlikely to be useful. In questo modo si possono attivare sistemi di spam e di rilevamento delle frodi, come nel caso in cui si acceda al sito web della propria banca.
|
||||
|
||||
È importante ricordare che una VPN non ti fornirà l'anonimato assoluto, poiché il provider VPN stesso vedrà comunque il tuo indirizzo IP reale, le informazioni sul sito web di destinazione e spesso ha una traccia di denaro che può essere collegata direttamente a te. Non puoi fare affidamento sulle politiche di "nessuna registrazione" per proteggere i tuoi dati da chiunque sia in grado di farlo. Se hai bisogno di una sicurezza totale dalla rete stessa, considera l'utilizzo di [Tor](../advanced/tor-overview.md) in aggiunta o al posto di una VPN.
|
||||
It's important to remember that a VPN will not provide you with absolute anonymity because the VPN provider itself will still have access to your real IP address, destination website information, and often a money trail that can be linked directly back to you. "No logging" policies are merely a promise; if you need complete safety from the network itself, consider using [Tor](../advanced/tor-overview.md) in addition to or instead of a VPN.
|
||||
|
||||
Inoltre, non dovresti fidarti di una VPN per proteggere la connessione a una destinazione HTTP non criptata. Per garantire la riservatezza e la sicurezza di ciò che fai sui siti web che visiti, devi utilizzare il protocollo HTTPS. In questo modo le tue password, i token di sessione e le query saranno al sicuro dal provider VPN e da altri potenziali avversari tra il server VPN e la tua destinazione. Dovresti attivare la modalità solo HTTPS nel tuo browser (se è supportata) per mitigare gli attacchi che tentano di declassare la tua connessione da HTTPS a HTTP.
|
||||
|
||||
|
||||
+5
-5
@@ -26,7 +26,7 @@ These are our favorite public DNS resolvers based on their privacy and security
|
||||
| [**AdGuard Public DNS**](https://adguard-dns.io/en/public-dns.html) | Cleartext DoH/3 DoT DoQ DNSCrypt | Anonymized[^1] | Anonymized | Based on server choice. L'elenco dei filtri utilizzati è disponibile qui. [:octicons-link-external-24:](https://github.com/AdguardTeam/AdGuardDNS) | Yes [:octicons-link-external-24:](https://adguard-dns.io/en/blog/encrypted-dns-ios-14.html) |
|
||||
| [**Cloudflare**](https://developers.cloudflare.com/1.1.1.1/setup) | Cleartext DoH/3 DoT | Anonymized[^2] | No | Based on server choice. | No [:octicons-link-external-24:](https://community.cloudflare.com/t/requesting-1-1-1-1-signed-profiles-for-apple/571846) |
|
||||
| [**Control D Free DNS**](https://controld.com/free-dns) | Cleartext DoH/3 DoT DoQ | No[^3] | No | Based on server choice. | Yes [:octicons-link-external-24:](https://docs.controld.com/docs/macos-platform) |
|
||||
| [**dns0.eu**](https://dns0.eu) | Cleartext DoH/3 DoH DoT DoQ | Anonymized[^4] | Anonymized | Based on server choice. | Yes [:octicons-link-external-24:](https://dns0.eu/zero.dns0.eu.mobileconfig) |
|
||||
| [**DNS0.eu**](https://dns0.eu) | Cleartext DoH/3 DoH DoT DoQ | Anonymized[^4] | Anonymized | Based on server choice. | Yes [:octicons-link-external-24:](https://dns0.eu/zero.dns0.eu.mobileconfig) |
|
||||
| [**Mullvad**](https://mullvad.net/en/help/dns-over-https-and-dns-over-tls) | DoH DoT | No[^5] | No | Based on server choice. L'elenco dei filtri utilizzati è disponibile qui. [:octicons-link-external-24:](https://github.com/mullvad/dns-adblock) | Yes [:octicons-link-external-24:](https://mullvad.net/en/blog/profiles-to-configure-our-encrypted-dns-on-apple-devices) |
|
||||
| [**Quad9**](https://quad9.net) | Cleartext DoH DoT DNSCrypt | Anonymized[^6] | Facoltativa | Based on server choice, malware blocking by default. | Yes [:octicons-link-external-24:](https://quad9.net/news/blog/ios-mobile-provisioning-profiles) |
|
||||
|
||||
@@ -166,13 +166,13 @@ I software proxy per il DNS crittografato forniscono un proxy locale a cui inolt
|
||||
|
||||
While RethinkDNS takes up the Android VPN slot, you can still use a VPN or Orbot with the app by [adding a WireGuard configuration](https://docs.rethinkdns.com/proxy/wireguard) or [manually configuring Orbot as a Proxy server](https://docs.rethinkdns.com/firewall/orbot), respectively.
|
||||
|
||||
### dnscrypt-proxy
|
||||
### DNSCrypt-Proxy
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**dnscrypt-proxy** is a DNS proxy with support for [DNSCrypt](advanced/dns-overview.md#dnscrypt), [DNS-over-HTTPS](advanced/dns-overview.md#dns-over-https-doh), and [Anonymized DNS](https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Anonymized-DNS).
|
||||
**DNSCrypt-Proxy** is a DNS proxy with support for [DNSCrypt](advanced/dns-overview.md#dnscrypt), [DNS-over-HTTPS](advanced/dns-overview.md#dns-over-https-doh), and [Anonymized DNS](https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Anonymized-DNS).
|
||||
|
||||
[:octicons-repo-16: Repository](https://github.com/DNSCrypt/dnscrypt-proxy){ .md-button .md-button--primary }
|
||||
[:octicons-info-16:](https://github.com/DNSCrypt/dnscrypt-proxy/wiki){ .card-link title=Documentazione}
|
||||
@@ -216,6 +216,6 @@ Additionally, all public providers:
|
||||
[^1]: AdGuard memorizza le statistiche aggregate sulle prestazioni dei propri server DNS, ossia il numero di richieste complete a un server in particolare, il numero di richieste bloccate e la velocità d'elaborazione delle richieste. Inoltre, conserva e memorizza il database dei domini richiesti nelle ultime 24 ore. "Necessitiamo di queste informazioni per identificare e bloccare i nuovi tracciatori e minacce." "Inoltre, registriamo quante volte un tracciatore è stato bloccato. Necessitiamo di queste informazioni per rimuovere le regole obsolete dai nostri filtri." [https://adguard-dns.io/en/privacy.html](https://adguard-dns.io/en/privacy.html)
|
||||
[^2]: Cloudflare raccoglie e memorizza soltanto i dati limitati delle richieste DNS inviate al risolutore 1.1.1.1. Il servizio del risolutore 1.1.1.1 non registra i dati personali e, gran parte dei dati delle richieste limitate e non personalmente identificabili, sono memorizzati soltanto per 25 ore. [https://developers.cloudflare.com/1.1.1.1/privacy/public-dns-resolver/](https://developers.cloudflare.com/1.1.1.1/privacy/public-dns-resolver)
|
||||
[^3]: Control D registra soltanto i risolutori Premium con profili DNS personalizzati. I risolutori gratuiti non registrano dati. [https://controld.com/privacy](https://controld.com/privacy)
|
||||
[^4]: dns0.eu collects some data for their threat intelligence feeds, to monitor for newly registered/observed/active domains and other bulk data. That data is shared with some [partners](https://docs.dns0.eu/data-feeds/introduction) for e.g. security research. They do not collect any Personally Identifiable Information. [https://dns0.eu/privacy](https://dns0.eu/privacy)
|
||||
[^4]: DNS0.eu collects some data for their threat intelligence feeds, to monitor for newly registered/observed/active domains and other bulk data. That data is shared with some [partners](https://docs.dns0.eu/data-feeds/introduction) for e.g. security research. They do not collect any Personally Identifiable Information. [https://dns0.eu/privacy](https://dns0.eu/privacy)
|
||||
[^5]: Il servizio DNS di Mullvad è disponibile per tutti, abbonati a Mullvad VPN e non. La loro politica sulla privacy dichiara esplicitamente che non registrano in alcun modo le richieste DNS. [https://mullvad.net/en/help/no-logging-data-policy/](https://mullvad.net/en/help/no-logging-data-policy)
|
||||
[^6]: Quad9 raccoglie alcuni dati per monitorare e rispondere a eventuali minacce. Tali dati potrebbero essere poi rimescolati e condivisi, ad esempio ai fini della ricerca sulla sicurezza. Quad9 non raccoglie o registra gli indirizzi IP o qualsiasi altro dato ritenuto personalmente identificabile. [https://quad9.net/privacy/policy](https://quad9.net/privacy/policy)
|
||||
|
||||
@@ -14,7 +14,7 @@ An **email aliasing service** allows you to easily generate a new email address
|
||||
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji } [addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji } [Addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji } [SimpleLogin](email-aliasing.md#simplelogin)
|
||||
|
||||
</div>
|
||||
@@ -36,13 +36,13 @@ Our email aliasing recommendations are providers that allow you to create aliase
|
||||
|
||||
Using an aliasing service requires trusting both your email provider and your aliasing provider with your unencrypted messages. Some providers mitigate this slightly with automatic PGP encryption[^1], which reduces the number of parties you need to trust from two to one by encrypting incoming emails before they are delivered to your final mailbox provider.
|
||||
|
||||
### addy.io
|
||||
### Addy.io
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**addy.io** lets you create 10 domain aliases on a shared domain for free, or unlimited "standard" aliases.
|
||||
**Addy.io** lets you create 10 domain aliases on a shared domain for free, or unlimited "standard" aliases.
|
||||
|
||||
[:octicons-home-16: Homepage](https://addy.io){ .md-button .md-button--primary }
|
||||
[:octicons-eye-16:](https://addy.io/privacy){ .card-link title="Privacy Policy" }
|
||||
@@ -62,9 +62,9 @@ Using an aliasing service requires trusting both your email provider and your al
|
||||
|
||||
</div>
|
||||
|
||||
The number of shared aliases (which end in a shared domain like @addy.io) that you can create is limited to 10 on addy.io's free plan, 50 on their $1/month plan and unlimited on the $4/month plan (billed $3 for a year). You can pay for these plans using [cryptocurrency](https://addy.io/help/subscribing-with-cryptocurrency) or purchase a voucher code from [ProxyStore](https://addy.io/help/voucher-codes), addy.io's official reseller.
|
||||
The number of shared aliases (which end in a shared domain like @addy.io) that you can create is limited to 10 on Addy.io's free plan, 50 on their $1/month plan and unlimited on the $4/month plan (billed $3 for a year). You can pay for these plans using [cryptocurrency](https://addy.io/help/subscribing-with-cryptocurrency) or purchase a voucher code from [ProxyStore](https://addy.io/help/voucher-codes), Addy.io's official reseller.
|
||||
|
||||
You can create unlimited standard aliases which end in a domain like @[username].addy.io or a custom domain on paid plans. However, as previously mentioned, this can be detrimental to privacy because people can trivially tie your standard aliases together based on the domain name alone. They are useful where a shared domain might be blocked by a service. Securitum [audited](https://addy.io/blog/addy-io-passes-independent-security-audit) addy.io in September 2023 and no significant vulnerabilities [were identified](https://addy.io/addy-io-security-audit.pdf).
|
||||
You can create unlimited standard aliases which end in a domain like @[username].addy.io or a custom domain on paid plans. However, as previously mentioned, this can be detrimental to privacy because people can trivially tie your standard aliases together based on the domain name alone. They are useful where a shared domain might be blocked by a service. Securitum [audited](https://addy.io/blog/addy-io-passes-independent-security-audit) Addy.io in September 2023 and no significant vulnerabilities [were identified](https://addy.io/addy-io-security-audit.pdf).
|
||||
|
||||
Notable free features:
|
||||
|
||||
|
||||
@@ -16,13 +16,13 @@ Keep track of your health and fitness-related goals with these apps. Unlike thei
|
||||
|
||||
Popular menstrual trackers like [Flo](https://techcrunch.com/2021/01/13/flo-gets-ftc-slap-for-sharing-user-data-when-it-promised-privacy) are notorious for collecting and sharing your user data. Depending on your jurisdiction, this may lead to [legal consequences](https://forbes.com/sites/abigaildubiniecki/2024/11/14/post-roe-your-period-app-data-could-be-used-against-you) affecting your reproductive autonomy.
|
||||
|
||||
### drip.
|
||||
### Drip
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**drip.** is a gender-inclusive and open source menstrual cycle tracker available on all mobile platforms. It relies on the "sympto-thermal method" to predict ovulation. All user data is stored locally on your device and can be protected with a password.
|
||||
**Drip** is a gender-inclusive and open source menstrual cycle tracker available on all mobile platforms. It relies on the "sympto-thermal method" to predict ovulation. All user data is stored locally on your device and can be protected with a password.
|
||||
|
||||
[:octicons-home-16: Homepage](https://bloodyhealth.gitlab.io){ .md-button .md-button--primary }
|
||||
[:octicons-eye-16:](https://bloodyhealth.gitlab.io/privacy-policy.html){ .card-link title="Privacy Policy" }
|
||||
|
||||
@@ -105,7 +105,7 @@ schema:
|
||||
-
|
||||
"@context": http://schema.org
|
||||
"@type": SoftwareApplication
|
||||
name: gopass
|
||||
name: Gopass
|
||||
image: /assets/img/password-management/gopass.svg
|
||||
url: https://gopass.pw
|
||||
applicationCategory: Gestore di password
|
||||
@@ -363,13 +363,13 @@ KeePassXC memorizza i suoi dati di esportazione come file [CSV](https://en.wikip
|
||||
|
||||
</div>
|
||||
|
||||
### gopass (CLI)
|
||||
### Gopass (CLI)
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**gopass** è un gestore di password minimale per la riga di comando scritto in Go. It can be used within scripting applications and works on all major desktop and server operating systems.
|
||||
**Gopass** is a minimal password manager for the command line written in Go. It can be used within scripting applications and works on all major desktop and server operating systems.
|
||||
|
||||
[:octicons-home-16: Homepage](https://gopass.pw){ .md-button .md-button--primary }
|
||||
[:octicons-info-16:](https://github.com/gopasspw/gopass/tree/master/docs){ .card-link title="Documentation" }
|
||||
|
||||
+6
-6
@@ -209,8 +209,8 @@ Se stai cercando maggiore **sicurezza**, dovresti sempre assicurarti di connette
|
||||
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji loading=lazy } [addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji loading=lazy } [SimpleLogin](email-aliasing.md#simplelogin)
|
||||
- { .twemoji loading=lazy } [Addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji loading=lazy } [SimpleLogin](email-aliasing.md#simplelogin)
|
||||
|
||||
</div>
|
||||
</div>
|
||||
@@ -283,8 +283,8 @@ Se stai cercando maggiore **sicurezza**, dovresti sempre assicurarti di connette
|
||||
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji loading=lazy }{ .twemoji loading=lazy } [RethinkDNS](dns.md#rethinkdns)
|
||||
- { .twemoji loading=lazy } [dnscrypt-proxy](dns.md#dnscrypt-proxy)
|
||||
- { .twemoji loading=lazy }{ .twemoji loading=lazy } [RethinkDNS](dns.md#rethinkdns)
|
||||
- { .twemoji loading=lazy } [DNSCrypt-Proxy](dns.md#dnscrypt-proxy)
|
||||
|
||||
</div>
|
||||
|
||||
@@ -480,7 +480,7 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
|
||||
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji loading=lazy } [drip.](health-and-wellness.md#drip)
|
||||
- { .twemoji loading=lazy } [Drip](health-and-wellness.md#drip)
|
||||
- { .twemoji loading=lazy } [Euki](health-and-wellness.md#euki)
|
||||
- { .twemoji loading=lazy } { .twemoji loading=lazy }[Apple Health](health-and-wellness.md#apple-health)
|
||||
- { .twemoji loading=lazy }{ .twemoji loading=lazy } [Gadgetbridge](health-and-wellness.md#gadgetbridge)
|
||||
@@ -575,7 +575,7 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
|
||||
- { .twemoji loading=lazy } [Psono](passwords.md#psono)
|
||||
- { .twemoji loading=lazy } [KeePassXC](passwords.md#keepassxc)
|
||||
- { .twemoji loading=lazy } [KeePassDX (Android)](passwords.md#keepassdx-android)
|
||||
- { .twemoji loading=lazy } [gopass (CLI)](passwords.md#gopass-cli)
|
||||
- { .twemoji loading=lazy } [Gopass (CLI)](passwords.md#gopass-cli)
|
||||
|
||||
</div>
|
||||
|
||||
|
||||
@@ -51,7 +51,7 @@ VPNs cannot encrypt data outside the connection between your device and the VPN
|
||||
|
||||
Using a VPN in cases where you're using your [real-life or well-known identity](common-misconceptions.md#complicated-is-better) online is unlikely to be useful. Doing so may trigger spam and fraud detection systems, such as if you were to log into your bank's website.
|
||||
|
||||
It's important to remember that a VPN will not provide you with absolute anonymity, because the VPN provider itself will still see your real IP address, destination website information, and often has a money trail that can be linked directly back to you. You can't rely on "no logging" policies to protect your data from anyone who is able to protect. If you need complete safety from the network itself, consider using [Tor](../advanced/tor-overview.md) in addition to or instead of a VPN.
|
||||
It's important to remember that a VPN will not provide you with absolute anonymity because the VPN provider itself will still have access to your real IP address, destination website information, and often a money trail that can be linked directly back to you. "No logging" policies are merely a promise; if you need complete safety from the network itself, consider using [Tor](../advanced/tor-overview.md) in addition to or instead of a VPN.
|
||||
|
||||
You also should not trust a VPN to secure your connection to an unencrypted, HTTP destination. In order to keep what you actually do on the websites you visit private and secure, you must use HTTPS. This will keep your passwords, session tokens, and queries safe from the VPN provider and other potential adversaries in between the VPN server and your destination. 対応している場合、ブラウザのHTTPS-Onlyモードを有効にすることで、接続をHTTPSからHTTPにダウングレードしようとする攻撃を緩和できます。
|
||||
|
||||
|
||||
+5
-5
@@ -26,7 +26,7 @@ These are our favorite public DNS resolvers based on their privacy and security
|
||||
| [**AdGuard Public DNS**](https://adguard-dns.io/en/public-dns.html) | Cleartext DoH/3 DoT DoQ DNSCrypt | Anonymized[^1] | Anonymized | Based on server choice. Filter list being used can be found here. [:octicons-link-external-24:](https://github.com/AdguardTeam/AdGuardDNS) | Yes [:octicons-link-external-24:](https://adguard-dns.io/en/blog/encrypted-dns-ios-14.html) |
|
||||
| [**Cloudflare**](https://developers.cloudflare.com/1.1.1.1/setup) | Cleartext DoH/3 DoT | Anonymized[^2] | いいえ | Based on server choice. | No [:octicons-link-external-24:](https://community.cloudflare.com/t/requesting-1-1-1-1-signed-profiles-for-apple/571846) |
|
||||
| [**Control D Free DNS**](https://controld.com/free-dns) | Cleartext DoH/3 DoT DoQ | No[^3] | いいえ | Based on server choice. | Yes [:octicons-link-external-24:](https://docs.controld.com/docs/macos-platform) |
|
||||
| [**dns0.eu**](https://dns0.eu) | Cleartext DoH/3 DoH DoT DoQ | Anonymized[^4] | Anonymized | Based on server choice. | Yes [:octicons-link-external-24:](https://dns0.eu/zero.dns0.eu.mobileconfig) |
|
||||
| [**DNS0.eu**](https://dns0.eu) | Cleartext DoH/3 DoH DoT DoQ | Anonymized[^4] | Anonymized | Based on server choice. | Yes [:octicons-link-external-24:](https://dns0.eu/zero.dns0.eu.mobileconfig) |
|
||||
| [**Mullvad**](https://mullvad.net/en/help/dns-over-https-and-dns-over-tls) | DoH DoT | No[^5] | いいえ | Based on server choice. Filter list being used can be found here. [:octicons-link-external-24:](https://github.com/mullvad/dns-adblock) | Yes [:octicons-link-external-24:](https://mullvad.net/en/blog/profiles-to-configure-our-encrypted-dns-on-apple-devices) |
|
||||
| [**Quad9**](https://quad9.net) | Cleartext DoH DoT DNSCrypt | Anonymized[^6] | 任意 | Based on server choice, malware blocking by default. | Yes [:octicons-link-external-24:](https://quad9.net/news/blog/ios-mobile-provisioning-profiles) |
|
||||
|
||||
@@ -166,13 +166,13 @@ Encrypted DNS proxy software provides a local proxy for the [unencrypted DNS](ad
|
||||
|
||||
While RethinkDNS takes up the Android VPN slot, you can still use a VPN or Orbot with the app by [adding a WireGuard configuration](https://docs.rethinkdns.com/proxy/wireguard) or [manually configuring Orbot as a Proxy server](https://docs.rethinkdns.com/firewall/orbot), respectively.
|
||||
|
||||
### dnscrypt-proxy
|
||||
### DNSCrypt-Proxy
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**dnscrypt-proxy** is a DNS proxy with support for [DNSCrypt](advanced/dns-overview.md#dnscrypt), [DNS-over-HTTPS](advanced/dns-overview.md#dns-over-https-doh), and [Anonymized DNS](https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Anonymized-DNS).
|
||||
**DNSCrypt-Proxy** is a DNS proxy with support for [DNSCrypt](advanced/dns-overview.md#dnscrypt), [DNS-over-HTTPS](advanced/dns-overview.md#dns-over-https-doh), and [Anonymized DNS](https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Anonymized-DNS).
|
||||
|
||||
[:octicons-repo-16: Repository](https://github.com/DNSCrypt/dnscrypt-proxy){ .md-button .md-button--primary }
|
||||
[:octicons-info-16:](https://github.com/DNSCrypt/dnscrypt-proxy/wiki){ .card-link title=Documentation}
|
||||
@@ -216,6 +216,6 @@ Additionally, all public providers:
|
||||
[^1]: AdGuard stores aggregated performance metrics of their DNS servers, namely the number of complete requests to a particular server, the number of blocked requests, and the speed of processing requests. They also keep and store the database of domains requested in within last 24 hours. "We need this information to identify and block new trackers and threats." "We also log how many times this or that tracker has been blocked. We need this information to remove outdated rules from our filters." [https://adguard-dns.io/en/privacy.html](https://adguard-dns.io/en/privacy.html)
|
||||
[^2]: Cloudflare collects and stores only the limited DNS query data that is sent to the 1.1.1.1 resolver. The 1.1.1.1 resolver service does not log personal data, and the bulk of the limited non-personally identifiable query data is stored only for 25 hours. [https://developers.cloudflare.com/1.1.1.1/privacy/public-dns-resolver/](https://developers.cloudflare.com/1.1.1.1/privacy/public-dns-resolver)
|
||||
[^3]: Control D only logs for Premium resolvers with custom DNS profiles. Free resolvers do not log data. [https://controld.com/privacy](https://controld.com/privacy)
|
||||
[^4]: dns0.eu collects some data for their threat intelligence feeds, to monitor for newly registered/observed/active domains and other bulk data. That data is shared with some [partners](https://docs.dns0.eu/data-feeds/introduction) for e.g. security research. They do not collect any Personally Identifiable Information. [https://dns0.eu/privacy](https://dns0.eu/privacy)
|
||||
[^4]: DNS0.eu collects some data for their threat intelligence feeds, to monitor for newly registered/observed/active domains and other bulk data. That data is shared with some [partners](https://docs.dns0.eu/data-feeds/introduction) for e.g. security research. They do not collect any Personally Identifiable Information. [https://dns0.eu/privacy](https://dns0.eu/privacy)
|
||||
[^5]: Mullvad's DNS service is available to both subscribers and non-subscribers of Mullvad VPN. Their privacy policy explicitly claims they do not log DNS requests in any way. [https://mullvad.net/en/help/no-logging-data-policy/](https://mullvad.net/en/help/no-logging-data-policy)
|
||||
[^6]: Quad9 collects some data for the purposes of threat monitoring and response. That data may then be remixed and shared, such as for the purpose of security research. Quad9 does not collect or record IP addresses or other data they deem personally identifiable. [https://quad9.net/privacy/policy](https://quad9.net/privacy/policy)
|
||||
|
||||
@@ -14,7 +14,7 @@ An **email aliasing service** allows you to easily generate a new email address
|
||||
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji } [addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji } [Addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji } [SimpleLogin](email-aliasing.md#simplelogin)
|
||||
|
||||
</div>
|
||||
@@ -36,13 +36,13 @@ Our email aliasing recommendations are providers that allow you to create aliase
|
||||
|
||||
Using an aliasing service requires trusting both your email provider and your aliasing provider with your unencrypted messages. Some providers mitigate this slightly with automatic PGP encryption[^1], which reduces the number of parties you need to trust from two to one by encrypting incoming emails before they are delivered to your final mailbox provider.
|
||||
|
||||
### addy.io
|
||||
### Addy.io
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**addy.io** lets you create 10 domain aliases on a shared domain for free, or unlimited "standard" aliases.
|
||||
**Addy.io** lets you create 10 domain aliases on a shared domain for free, or unlimited "standard" aliases.
|
||||
|
||||
[:octicons-home-16: Homepage](https://addy.io){ .md-button .md-button--primary }
|
||||
[:octicons-eye-16:](https://addy.io/privacy){ .card-link title="Privacy Policy" }
|
||||
@@ -62,9 +62,9 @@ Using an aliasing service requires trusting both your email provider and your al
|
||||
|
||||
</div>
|
||||
|
||||
The number of shared aliases (which end in a shared domain like @addy.io) that you can create is limited to 10 on addy.io's free plan, 50 on their $1/month plan and unlimited on the $4/month plan (billed $3 for a year). You can pay for these plans using [cryptocurrency](https://addy.io/help/subscribing-with-cryptocurrency) or purchase a voucher code from [ProxyStore](https://addy.io/help/voucher-codes), addy.io's official reseller.
|
||||
The number of shared aliases (which end in a shared domain like @addy.io) that you can create is limited to 10 on Addy.io's free plan, 50 on their $1/month plan and unlimited on the $4/month plan (billed $3 for a year). You can pay for these plans using [cryptocurrency](https://addy.io/help/subscribing-with-cryptocurrency) or purchase a voucher code from [ProxyStore](https://addy.io/help/voucher-codes), Addy.io's official reseller.
|
||||
|
||||
You can create unlimited standard aliases which end in a domain like @[username].addy.io or a custom domain on paid plans. However, as previously mentioned, this can be detrimental to privacy because people can trivially tie your standard aliases together based on the domain name alone. They are useful where a shared domain might be blocked by a service. Securitum [audited](https://addy.io/blog/addy-io-passes-independent-security-audit) addy.io in September 2023 and no significant vulnerabilities [were identified](https://addy.io/addy-io-security-audit.pdf).
|
||||
You can create unlimited standard aliases which end in a domain like @[username].addy.io or a custom domain on paid plans. However, as previously mentioned, this can be detrimental to privacy because people can trivially tie your standard aliases together based on the domain name alone. They are useful where a shared domain might be blocked by a service. Securitum [audited](https://addy.io/blog/addy-io-passes-independent-security-audit) Addy.io in September 2023 and no significant vulnerabilities [were identified](https://addy.io/addy-io-security-audit.pdf).
|
||||
|
||||
Notable free features:
|
||||
|
||||
|
||||
@@ -16,13 +16,13 @@ Keep track of your health and fitness-related goals with these apps. Unlike thei
|
||||
|
||||
Popular menstrual trackers like [Flo](https://techcrunch.com/2021/01/13/flo-gets-ftc-slap-for-sharing-user-data-when-it-promised-privacy) are notorious for collecting and sharing your user data. Depending on your jurisdiction, this may lead to [legal consequences](https://forbes.com/sites/abigaildubiniecki/2024/11/14/post-roe-your-period-app-data-could-be-used-against-you) affecting your reproductive autonomy.
|
||||
|
||||
### drip.
|
||||
### Drip
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**drip.** is a gender-inclusive and open source menstrual cycle tracker available on all mobile platforms. It relies on the "sympto-thermal method" to predict ovulation. All user data is stored locally on your device and can be protected with a password.
|
||||
**Drip** is a gender-inclusive and open source menstrual cycle tracker available on all mobile platforms. It relies on the "sympto-thermal method" to predict ovulation. All user data is stored locally on your device and can be protected with a password.
|
||||
|
||||
[:octicons-home-16: Homepage](https://bloodyhealth.gitlab.io){ .md-button .md-button--primary }
|
||||
[:octicons-eye-16:](https://bloodyhealth.gitlab.io/privacy-policy.html){ .card-link title="Privacy Policy" }
|
||||
|
||||
@@ -105,7 +105,7 @@ schema:
|
||||
-
|
||||
"@context": http://schema.org
|
||||
"@type": SoftwareApplication
|
||||
name: gopass
|
||||
name: Gopass
|
||||
image: /assets/img/password-management/gopass.svg
|
||||
url: https://gopass.pw
|
||||
applicationCategory: パスワードマネージャー
|
||||
@@ -363,13 +363,13 @@ KeePassXC stores its export data as [CSV](https://en.wikipedia.org/wiki/Comma-se
|
||||
|
||||
</div>
|
||||
|
||||
### gopass (CLI)
|
||||
### Gopass (CLI)
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**gopass** is a minimal password manager for the command line written in Go. It can be used within scripting applications and works on all major desktop and server operating systems.
|
||||
**Gopass** is a minimal password manager for the command line written in Go. It can be used within scripting applications and works on all major desktop and server operating systems.
|
||||
|
||||
[:octicons-home-16: Homepage](https://gopass.pw){ .md-button .md-button--primary }
|
||||
[:octicons-info-16:](https://github.com/gopasspw/gopass/tree/master/docs){ .card-link title="Documentation" }
|
||||
|
||||
+4
-4
@@ -209,7 +209,7 @@ If you're looking for added **security**, you should always ensure you're connec
|
||||
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji loading=lazy } [addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji loading=lazy } [Addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji loading=lazy } [SimpleLogin](email-aliasing.md#simplelogin)
|
||||
|
||||
</div>
|
||||
@@ -284,7 +284,7 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji loading=lazy }{ .twemoji loading=lazy } [RethinkDNS](dns.md#rethinkdns)
|
||||
- { .twemoji loading=lazy } [dnscrypt-proxy](dns.md#dnscrypt-proxy)
|
||||
- { .twemoji loading=lazy } [DNSCrypt-Proxy](dns.md#dnscrypt-proxy)
|
||||
|
||||
</div>
|
||||
|
||||
@@ -480,7 +480,7 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
|
||||
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji loading=lazy } [drip.](health-and-wellness.md#drip)
|
||||
- { .twemoji loading=lazy } [Drip](health-and-wellness.md#drip)
|
||||
- { .twemoji loading=lazy } [Euki](health-and-wellness.md#euki)
|
||||
- { .twemoji loading=lazy } { .twemoji loading=lazy }[Apple Health](health-and-wellness.md#apple-health)
|
||||
- { .twemoji loading=lazy }{ .twemoji loading=lazy } [Gadgetbridge](health-and-wellness.md#gadgetbridge)
|
||||
@@ -575,7 +575,7 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
|
||||
- { .twemoji loading=lazy } [Psono](passwords.md#psono)
|
||||
- { .twemoji loading=lazy } [KeePassXC](passwords.md#keepassxc)
|
||||
- { .twemoji loading=lazy } [KeePassDX (Android)](passwords.md#keepassdx-android)
|
||||
- { .twemoji loading=lazy } [gopass (CLI)](passwords.md#gopass-cli)
|
||||
- { .twemoji loading=lazy } [Gopass (CLI)](passwords.md#gopass-cli)
|
||||
|
||||
</div>
|
||||
|
||||
|
||||
@@ -51,7 +51,7 @@ VPNs cannot encrypt data outside the connection between your device and the VPN
|
||||
|
||||
Using a VPN in cases where you're using your [real-life or well-known identity](common-misconceptions.md#complicated-is-better) online is unlikely to be useful. Doing so may trigger spam and fraud detection systems, such as if you were to log into your bank's website.
|
||||
|
||||
It's important to remember that a VPN will not provide you with absolute anonymity, because the VPN provider itself will still see your real IP address, destination website information, and often has a money trail that can be linked directly back to you. You can't rely on "no logging" policies to protect your data from anyone who is able to protect. If you need complete safety from the network itself, consider using [Tor](../advanced/tor-overview.md) in addition to or instead of a VPN.
|
||||
It's important to remember that a VPN will not provide you with absolute anonymity because the VPN provider itself will still have access to your real IP address, destination website information, and often a money trail that can be linked directly back to you. "No logging" policies are merely a promise; if you need complete safety from the network itself, consider using [Tor](../advanced/tor-overview.md) in addition to or instead of a VPN.
|
||||
|
||||
You also should not trust a VPN to secure your connection to an unencrypted, HTTP destination. In order to keep what you actually do on the websites you visit private and secure, you must use HTTPS. This will keep your passwords, session tokens, and queries safe from the VPN provider and other potential adversaries in between the VPN server and your destination. You should enable HTTPS-only mode in your browser (if it's supported) to mitigate attacks which try to downgrade your connection from HTTPS to HTTP.
|
||||
|
||||
|
||||
+5
-5
@@ -26,7 +26,7 @@ These are our favorite public DNS resolvers based on their privacy and security
|
||||
| [**AdGuard Public DNS**](https://adguard-dns.io/en/public-dns.html) | Cleartext DoH/3 DoT DoQ DNSCrypt | Anonymized[^1] | Anonymized | Based on server choice. 필터 목록은 여기에서 확인할 수 있습니다. [:octicons-link-external-24:](https://github.com/AdguardTeam/AdGuardDNS) | Yes [:octicons-link-external-24:](https://adguard-dns.io/en/blog/encrypted-dns-ios-14.html) |
|
||||
| [**Cloudflare**](https://developers.cloudflare.com/1.1.1.1/setup) | Cleartext DoH/3 DoT | Anonymized[^2] | 비활성화 | Based on server choice. | No [:octicons-link-external-24:](https://community.cloudflare.com/t/requesting-1-1-1-1-signed-profiles-for-apple/571846) |
|
||||
| [**Control D Free DNS**](https://controld.com/free-dns) | Cleartext DoH/3 DoT DoQ | No[^3] | 비활성화 | Based on server choice. | Yes [:octicons-link-external-24:](https://docs.controld.com/docs/macos-platform) |
|
||||
| [**dns0.eu**](https://dns0.eu) | Cleartext DoH/3 DoH DoT DoQ | Anonymized[^4] | Anonymized | Based on server choice. | Yes [:octicons-link-external-24:](https://dns0.eu/zero.dns0.eu.mobileconfig) |
|
||||
| [**DNS0.eu**](https://dns0.eu) | Cleartext DoH/3 DoH DoT DoQ | Anonymized[^4] | Anonymized | Based on server choice. | Yes [:octicons-link-external-24:](https://dns0.eu/zero.dns0.eu.mobileconfig) |
|
||||
| [**Mullvad**](https://mullvad.net/en/help/dns-over-https-and-dns-over-tls) | DoH DoT | No[^5] | 비활성화 | Based on server choice. 필터 목록은 여기에서 확인할 수 있습니다. [:octicons-link-external-24:](https://github.com/mullvad/dns-adblock) | Yes [:octicons-link-external-24:](https://mullvad.net/en/blog/profiles-to-configure-our-encrypted-dns-on-apple-devices) |
|
||||
| [**Quad9**](https://quad9.net) | Cleartext DoH DoT DNSCrypt | Anonymized[^6] | 선택 사항 | Based on server choice, malware blocking by default. | Yes [:octicons-link-external-24:](https://quad9.net/news/blog/ios-mobile-provisioning-profiles) |
|
||||
|
||||
@@ -166,13 +166,13 @@ NextDNS also offers public DNS-over-HTTPS service at `https://dns.nextdns.io` an
|
||||
|
||||
While RethinkDNS takes up the Android VPN slot, you can still use a VPN or Orbot with the app by [adding a WireGuard configuration](https://docs.rethinkdns.com/proxy/wireguard) or [manually configuring Orbot as a Proxy server](https://docs.rethinkdns.com/firewall/orbot), respectively.
|
||||
|
||||
### dnscrypt-proxy
|
||||
### DNSCrypt-Proxy
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**dnscrypt-proxy** is a DNS proxy with support for [DNSCrypt](advanced/dns-overview.md#dnscrypt), [DNS-over-HTTPS](advanced/dns-overview.md#dns-over-https-doh), and [Anonymized DNS](https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Anonymized-DNS).
|
||||
**DNSCrypt-Proxy** is a DNS proxy with support for [DNSCrypt](advanced/dns-overview.md#dnscrypt), [DNS-over-HTTPS](advanced/dns-overview.md#dns-over-https-doh), and [Anonymized DNS](https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Anonymized-DNS).
|
||||
|
||||
[:octicons-repo-16: Repository](https://github.com/DNSCrypt/dnscrypt-proxy){ .md-button .md-button--primary }
|
||||
[:octicons-info-16:](https://github.com/DNSCrypt/dnscrypt-proxy/wiki){ .card-link title=Documentation}
|
||||
@@ -216,6 +216,6 @@ Additionally, all public providers:
|
||||
[^1]: AdGuard는 특정 서버의 완료된 요청 수, 차단된 요청 수, 요청 처리 속도 등 DNS 서버의 집계 성능 지표를 저장합니다. 또한, 지난 24시간 이내의 도메인 요청 데이터베이스를 보관 및 저장합니다. "해당 정보는 새로운 추적기 및 위협을 식별하고 차단하기 위해 필요합니다." "각 추적기가 차단된 횟수 또한 기록합니다. 이는 오래되어 불필요한 규칙을 필터에서 제거하기 위해 필요합니다." [https://adguard-dns.io/en/privacy.html](https://adguard-dns.io/en/privacy.html)
|
||||
[^2]: Cloudflare는 1.1.1.1 리졸버로 전송되는 DNS 쿼리의 제한된 데이터만 수집 및 저장합니다. 1.1.1.1 리졸버는 개인 데이터를 기록하지 않으며, 개인 식별이 불가능하도록 제한된 쿼리 데이터는 대부분 25시간 동안만 저장됩니다. [https://developers.cloudflare.com/1.1.1.1/privacy/public-dns-resolver/](https://developers.cloudflare.com/1.1.1.1/privacy/public-dns-resolver)
|
||||
[^3]: Control D는 사용자 정의 프로필이 있는 프리미엄 리졸버에 대해서만 로그를 기록합니다. 무료 리졸버는 데이터를 기록하지 않습니다. [https://controld.com/privacy](https://controld.com/privacy)
|
||||
[^4]: dns0.eu collects some data for their threat intelligence feeds, to monitor for newly registered/observed/active domains and other bulk data. That data is shared with some [partners](https://docs.dns0.eu/data-feeds/introduction) for e.g. security research. They do not collect any Personally Identifiable Information. [https://dns0.eu/privacy](https://dns0.eu/privacy)
|
||||
[^4]: DNS0.eu collects some data for their threat intelligence feeds, to monitor for newly registered/observed/active domains and other bulk data. That data is shared with some [partners](https://docs.dns0.eu/data-feeds/introduction) for e.g. security research. They do not collect any Personally Identifiable Information. [https://dns0.eu/privacy](https://dns0.eu/privacy)
|
||||
[^5]: Mullvad DNS 서비스는 Mullvad VPN 가입자/비가입자 모두 이용 가능합니다. 프라이버시 정책 상, 어떤 방식으로든 DNS 요청을 기록하지 않는다고 명시되어 있습니다. [https://mullvad.net/en/help/no-logging-data-policy/](https://mullvad.net/en/help/no-logging-data-policy)
|
||||
[^6]: Quad9은 위협 모니터링 및 대응 목적으로 일부 데이터를 수집합니다. 해당 데이터는 보안 연구 등의 목적으로 변형 후 공유될 수 있습니다. Quad9은 개인 식별 용도로 쓰일 수 있다고 판단되는 IP 주소 및 기타 데이터를 수집하거나 기록하지 않습니다. [https://quad9.net/privacy/policy](https://quad9.net/privacy/policy)
|
||||
|
||||
@@ -14,7 +14,7 @@ An **email aliasing service** allows you to easily generate a new email address
|
||||
|
||||
<div class="grid cards" markdown>
|
||||
|
||||
- { .twemoji } [addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji } [Addy.io](email-aliasing.md#addyio)
|
||||
- { .twemoji } [SimpleLogin](email-aliasing.md#simplelogin)
|
||||
|
||||
</div>
|
||||
@@ -36,13 +36,13 @@ Our email aliasing recommendations are providers that allow you to create aliase
|
||||
|
||||
Using an aliasing service requires trusting both your email provider and your aliasing provider with your unencrypted messages. Some providers mitigate this slightly with automatic PGP encryption[^1], which reduces the number of parties you need to trust from two to one by encrypting incoming emails before they are delivered to your final mailbox provider.
|
||||
|
||||
### addy.io
|
||||
### Addy.io
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**addy.io** lets you create 10 domain aliases on a shared domain for free, or unlimited "standard" aliases.
|
||||
**Addy.io** lets you create 10 domain aliases on a shared domain for free, or unlimited "standard" aliases.
|
||||
|
||||
[:octicons-home-16: Homepage](https://addy.io){ .md-button .md-button--primary }
|
||||
[:octicons-eye-16:](https://addy.io/privacy){ .card-link title="Privacy Policy" }
|
||||
@@ -62,9 +62,9 @@ Using an aliasing service requires trusting both your email provider and your al
|
||||
|
||||
</div>
|
||||
|
||||
The number of shared aliases (which end in a shared domain like @addy.io) that you can create is limited to 10 on addy.io's free plan, 50 on their $1/month plan and unlimited on the $4/month plan (billed $3 for a year). You can pay for these plans using [cryptocurrency](https://addy.io/help/subscribing-with-cryptocurrency) or purchase a voucher code from [ProxyStore](https://addy.io/help/voucher-codes), addy.io's official reseller.
|
||||
The number of shared aliases (which end in a shared domain like @addy.io) that you can create is limited to 10 on Addy.io's free plan, 50 on their $1/month plan and unlimited on the $4/month plan (billed $3 for a year). You can pay for these plans using [cryptocurrency](https://addy.io/help/subscribing-with-cryptocurrency) or purchase a voucher code from [ProxyStore](https://addy.io/help/voucher-codes), Addy.io's official reseller.
|
||||
|
||||
You can create unlimited standard aliases which end in a domain like @[username].addy.io or a custom domain on paid plans. However, as previously mentioned, this can be detrimental to privacy because people can trivially tie your standard aliases together based on the domain name alone. They are useful where a shared domain might be blocked by a service. Securitum [audited](https://addy.io/blog/addy-io-passes-independent-security-audit) addy.io in September 2023 and no significant vulnerabilities [were identified](https://addy.io/addy-io-security-audit.pdf).
|
||||
You can create unlimited standard aliases which end in a domain like @[username].addy.io or a custom domain on paid plans. However, as previously mentioned, this can be detrimental to privacy because people can trivially tie your standard aliases together based on the domain name alone. They are useful where a shared domain might be blocked by a service. Securitum [audited](https://addy.io/blog/addy-io-passes-independent-security-audit) Addy.io in September 2023 and no significant vulnerabilities [were identified](https://addy.io/addy-io-security-audit.pdf).
|
||||
|
||||
Notable free features:
|
||||
|
||||
|
||||
@@ -16,13 +16,13 @@ Keep track of your health and fitness-related goals with these apps. Unlike thei
|
||||
|
||||
Popular menstrual trackers like [Flo](https://techcrunch.com/2021/01/13/flo-gets-ftc-slap-for-sharing-user-data-when-it-promised-privacy) are notorious for collecting and sharing your user data. Depending on your jurisdiction, this may lead to [legal consequences](https://forbes.com/sites/abigaildubiniecki/2024/11/14/post-roe-your-period-app-data-could-be-used-against-you) affecting your reproductive autonomy.
|
||||
|
||||
### drip.
|
||||
### Drip
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
{ align=right }
|
||||
{ align=right }
|
||||
|
||||
**drip.** is a gender-inclusive and open source menstrual cycle tracker available on all mobile platforms. It relies on the "sympto-thermal method" to predict ovulation. All user data is stored locally on your device and can be protected with a password.
|
||||
**Drip** is a gender-inclusive and open source menstrual cycle tracker available on all mobile platforms. It relies on the "sympto-thermal method" to predict ovulation. All user data is stored locally on your device and can be protected with a password.
|
||||
|
||||
[:octicons-home-16: Homepage](https://bloodyhealth.gitlab.io){ .md-button .md-button--primary }
|
||||
[:octicons-eye-16:](https://bloodyhealth.gitlab.io/privacy-policy.html){ .card-link title="Privacy Policy" }
|
||||
|
||||
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user