diff --git a/.markdownlint.yml b/.markdownlint.yml
index 4b5fcc628..a5d31d69a 100644
--- a/.markdownlint.yml
+++ b/.markdownlint.yml
@@ -18,6 +18,7 @@
# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
# IN THE SOFTWARE.
+$schema: https://raw.githubusercontent.com/DavidAnson/markdownlint/v0.40.0/schema/markdownlint-config-schema.json
default: true
line-length: false
ul-indent:
diff --git a/.vscode/ltex.dictionary.en-US.txt b/.vscode/ltex.dictionary.en-US.txt
new file mode 100644
index 000000000..7a48e8743
--- /dev/null
+++ b/.vscode/ltex.dictionary.en-US.txt
@@ -0,0 +1,571 @@
+Kinect
+Scanalytics
+mmWave
+TODO
+MotionScore
+GaitMetrics
+Bayometric
+eSIM
+microSD
+Cellebrite
+GrapheneOS
+Gboard
+IMEs
+Briar
+Meshtastic
+Gizmodo
+Wickr
+Gizmodo
+Arel
+CryptPad
+itemprop
+md-button
+XWiki
+CryptDrive
+scrypt
+Anytype
+PeerTube
+Startpage
+PrivacyTools
+FedResults
+Brøgger
+EasyOptOuts
+Optery
+DeleteMe
+PeopleConnect
+dFPI
+Arkenfox
+LocalCDN
+fingerprintable
+NeatURLs
+ClearURLs
+Bromite
+GeckoView
+Thorin-Oakenpants
+customizability
+DoH
+DNSCrypt
+eSNI
+Mullvad
+CalyxOS
+microG
+DejaVu
+DroidGuard
+NewPipe
+WebView
+linux-hardened
+malloc
+Malloc
+ASLR
+Grindr
+USCCB
+USCCB-owned
+de-anonymize
+MkDocs
+privacyguides
+balenaEtcher
+img
+thumbsup
+KeePassXC
+OnionShare
+Exif
+ExifTool
+zsh
+ImageOptim
+SendTo
+Handoff
+Jailbreaking
+Flatpaks
+ChromeOS
+Flatseal
+dbus
+XWayland
+filesystem
+Firejail
+Whonix
+seccomp
+AppArmor
+MicroOS
+setuid
+Bubblewrap
+Krathalan
+noatsecure
+Seirdy
+Podman
+Kata
+Wonderfall
+Vaultwarden
+LinuxServer
+io
+daemonless
+gVisor
+syscalls
+Portmaster
+OpenSnitch
+firewalld
+Netfilter
+bypassable
+sysctl
+KickSecure
+fepitre
+QubesOS
+COPR
+GRSecurity
+Kicksecure
+umask
+SUID
+Umask
+Qubes-Whonix
+USBGuard
+initramfs
+dracut
+BadUSB
+chronyd
+swdate
+sysfs
+cgroups
+MathML
+WebAuthn
+BlockBlock
+HELLOTUX
+Véliz
+Poitras
+Anonym
+ISRG
+Orbot
+Qubes
+public‑interest
+Warne
+Pham
+material-youtube
+OpenCollective
+Monero
+CoinJoin
+Banxa
+@proton
+CashApp
+Samouri
+Coinjoin
+USDC
+Stablecoins
+stablecoins
+IWAs
+IWA
+Beens
+Techlore
+whitehouse
+ShredOS
+del
+OMEMO
+reglock
+nofollow
+SecureDrop
+Cwtch
+OTF
+SimpleX
+noyb
+darknet
+Surfshark
+ExpressVPN
+PerfectPrivacy
+IPVanish
+CyberGhost
+ibVPN
+SurfShark
+VPNArea
+ThatOnePrivacySite
+fluffily
+Huxleyan
+MPRs
+INVISV
+QUIC
+Fastly
+OHTTP
+Appelbaum
+md-button--primary
+Niek
+openpgp
+material-github
+Tweakers
+fontawesome-brands-creative-commons
+fontawesome-brands-creative-commons-by
+fontawesome-brands-creative-commons-sa
+Attribution-ShareAlike
+ChatGPT
+LLMs
+OLMoE
+MMLU-Pro
+OpenLLM
+GGUF
+Llamafile
+Ollama
+cpp
+fontawesome-brands-windows
+simple-linux
+LLaVA
+fontawesome-solid-desktop
+llamafiles
+simple-torbrowser
+simple-googleplay
+eepsites
+simple-firefoxbrowser
+simple-googlechrome
+fontawesome-brands-edge
+scriptlet
+Adguard
+simple-appstore
+Tuta
+simple-flathub
+Flathub
+Cryptomator
+Securitum
+Tresorit
+Computest
+Peergos
+InterPlanetary
+IPFS
+DocumentsProvider
+Modmail
+CipherTrace
+Monero-only
+Monerujo
+CEX
+RetoSwap
+Haveno-Reto
+Haveno
+Guardarian
+BeenVerified
+CheckPeople
+ClustrMaps
+Dataveria
+InfoTracer
+PeekYou
+PublicDataUSA
+Radaris
+USPhonebook
+Whitepages
+Grauer
+simple-github
+ExifEraser
+permissionless
+Accrescent
+ExtendedXMP
+IPTC
+NoScript
+cryptominers
+non-proxied
+Solana
+PipeWire
+Btrfs
+openQA
+NixOS
+Toolbx
+Nixpkgs
+ProxyVM
+deanonymized
+qubes
+Xen
+pg-viridian
+qube
+KingsPawn
+sysdiagnose
+iMazing
+keystore
+Cleartext
+DoT
+DoQ
+eu
+NextDNS
+RethinkDNS
+dnscrypt-proxy
+anycast
+geo-steering
+QNAME
+PII
+SimpleLogin
+twemoji
+addy
+material-apple-ios
+@addy
+ProxyStore
+@username
+backported
+FairEmail
+Kontact
+Mailvelope
+NeoMutt
+WKD
+BitPay
+paydirekt
+Sofortüberweisung
+YubiCloud
+@mailbox
+@secure
+ActiveSync
+non-Tuta
+SOGo
+Mailcow
+OpenSMTPD
+Rspamd
+Mbox
+JMAP
+Hardenize
+Subresource
+cryptolib
+cryptofs
+siv-mode
+cryptolib-swift
+cryptomator-objc-cryptor
+VeraCrypt
+TrueCrypt
+cryptoprocessor
+non-Bitlocker
+FileVault
+FDE
+udiskie
+Polkit
+Kryptor
+Minisign
+Intevation
+OpenKeychain
+ffsend
+FreedomBox
+Syncthing
+simple-freebsd
+MySudo
+Coincards
+Redlib
+Yattee
+eepsite
+proxying
+LibreTube
+FramaTube
+IVPN
+Cromite
+Adblock
+EasyList
+fontawesome-solid-ellipsis
+adblock
+LineageOS
+NitroPhone
+Nitrokey
+Ente
+Akregator
+NewsFlash
+Inoreader
+Miniflux
+NetNewsWire
+Newsboat
+Newsbeuter
+Notesnook
+Cryptee
+Psono
+KeePassX
+KeePassDX
+gopass
+Pastebins
+PrivateBin
+ZeroBin
+pastebin
+pastebins
+Stingle
+PhotoPrism
+UnifiedPush
+simple-fdroid
+Mollysocket
+Olm
+util-linux
+uClibc
+BusyBox
+OPNsense
+Netgate
+pfSense
+SearXNG
+SearX
+Yubico
+PIV-compatibile
+CCID
+PIV
+HOTP
+YubiKeys
+Nitrokeys
+Obtainium
+deanonymization
+VpnService
+torrenting
+AntiTracker
+VMess
+DAITA
+deanonymize
+OTPs
+SafetyNet
+IDEMIA
+backport
+Silverblue
+Šamalík
+PKGBUILDs
+PPAs
+Linux-libre
+Libre
+ConfinedUsers
+ZRAM
+Linux-libre-based
+Spectre
+SWAPGS
+DEs
+NetworkManager
+systemd-networkd
+rpm-ostree-countme
+countme
+Hackintoshes
+OCSP
+XProtect
+appVM
+inter-qube
+AppVM
+vchan
+qrexec
+Qube
+sys-net
+sys-firewall
+sys-proxyvm
+sys-whonix
+anon-whonix
+ProxyVMs
+NetVM
+Rutkowska
+AutoRun
+PINs
+OnTheHub
+DevContainers
+fullwidth
+Fullwidth
+OptiPNG
+cwebp
+Keyring
+JustDeleteMe
+NotPetya
+EternalBlue
+Technopolice
+Datalogix
+Cryptoprocessor
+TPMs
+Pluton
+Buskill
+BusKill
+diceware
+Diceware
+geo-restrictions
+ECH
+dVPNs
+dVPN
+Pseudonymity
+@Thorin-Oakenpants
+DocumentsUI
+CameraX
+AFWall
+AdAway
+TrackerControl
+loopback
+Aptoide
+APKPure
+simple-gitlab
+IzzyOnDroid
+Gadgetbridge
+tshark
+systemd
+systemd-resolved
+EDNS
+Chainalysis
+BadExit
+HSDir
+deanonymizing
+WebTunnel
+Computerphile
+namazso
+HelloTux
+wordmark
+Bagnard
+sublicensees
+BurungHantu
+privacytoolsIO
+privacytools
+trai
+PrivacyGuides
+@dngray
+simple-youtube
+simple-peertube
+simple-bluesky
+dngray
+bsky
+@freddy
+Memoji
+QuickType
+Freeform
+subprocessors
+Schrems
+Subprocessor
+Subprocessors
+Triplebit
+Fediverse
+Safing
+YubiHSM
+ykman
+material-linux
+yubico
+material-microsoft-windows
+HSMauth
+PUK
+TDES
+ModHex
+OATH-TOTPs
+OATH-HOTP
+OATH-HOTPs
+MODHEX
+HMAC-based
+subkeys
+subkey
+keysize
+Keygrip
+tessera
+Corbató
+NordPass
+Syncable
+fontawesome-solid-glasses
+CommonHealth
+Euki
+sympto-thermal
+OsmAnd
+Paaster
+material-check-decagram
+Bluesky
+Codeberg
+simple-codeberg
+simple-reddit
+fontawesome-brands-linkedin
+simple-keepassxc
+OnlyKey
+fontawesome-solid-unlock-keyhole
+KeeShare
+KeePassium
+MWEB
+Cyd
+Semiphemeral
+Dangerzone
+simple-activitypub
+ActivityPub
+pseudorandom
+Chaum
+unlinkability
+Kagi
+Secureblue
+pseudonymity
+TrueNAS
+Arti
+Tailscale
+allowlisted
+MyMonero
+Monero-LWS
+OkCupid
+Anom
+misgendering
diff --git a/content/activism/toolbox/tip-be-mindful-of-accessibility/index.md b/content/activism/toolbox/tip-be-mindful-of-accessibility/index.md
index d6f826de3..7aed35361 100644
--- a/content/activism/toolbox/tip-be-mindful-of-accessibility/index.md
+++ b/content/activism/toolbox/tip-be-mindful-of-accessibility/index.md
@@ -75,7 +75,7 @@ When organizing events and meetups in person, it's essential to keep in mind phy
- Research if your venue has access to parking and accessible parking spots. Publish this information with your invitation.
-- Verify the venue you select is accessible to people with visual or auditory impairments. For example, check if elevators are marked with Braille or raised letters, and make sure that hosts are informed on how to communicate with guests who are deaf or hard of hearing.
+- Verify the venue you select is accessible to people with visual or auditory impairments. For example, check if elevators are marked with Braille or raised letters, and make sure that hosts are informed on how to communicate with guests who are deaf or hard of hearing.
### Health accessibility
diff --git a/content/activism/toolbox/tip-lift-your-allies-up/index.md b/content/activism/toolbox/tip-lift-your-allies-up/index.md
index cbc0e1096..6ae89711b 100644
--- a/content/activism/toolbox/tip-lift-your-allies-up/index.md
+++ b/content/activism/toolbox/tip-lift-your-allies-up/index.md
@@ -25,7 +25,7 @@ Nevertheless, if we want to [**build a movement**](../tip-start-alliances-not-wa
- Even if you are also working on a similar project, lift them up with you!
-It doesn't matter if you are working on something comparable yourself, or if perhaps you would word their work slightly differently. As long as the message is aligned with your mission and values, spread the words of your allies loud and far!
+It doesn't matter if you are working on something comparable yourself, or if perhaps you would word their work slightly differently. As long as the message is aligned with your mission and values, spread the words of your allies loud and far!
By lifting each other up, we will broaden the reach of the message we share, and ultimately this serves our goals and our community too.
diff --git a/content/tools/all/index.md b/content/tools/all/index.md
index 571479720..ac8f412b7 100644
--- a/content/tools/all/index.md
+++ b/content/tools/all/index.md
@@ -152,6 +152,7 @@ We [**recommend**](../services/dns/index.md#recommended-providers) a number of e
{{< cards >}}
{{< card link="../software/data-redaction/#mat2" title="MAT2" image="../software/data-redaction/mat2.svg" subtitle="MAT2 is free, cross-platform software which allows you to remove metadata from image, audio, torrent, and document file types. It provides both a command line tool and a graphical user interface via an extension for Dolphin, the default file manager of KDE." >}}
+ {{< card link="../software/data-redaction/#metadata-cleaner" title="Metadata Cleaner" image="../software/data-redaction/metadatacleaner.svg" subtitle="Metadata Cleaner is a graphical metadata removal tool for Linux powered by MAT2." >}}
{{< card link="../software/data-redaction/#exiferaser-android" title="ExifEraser" image="../software/data-redaction/exiferaser.svg" subtitle="ExifEraser is a modern, permissionless image metadata erasing application for Android." >}}
{{< card link="../software/data-redaction/#exiftool-cli" title="ExifTool" image="../software/data-redaction/exiftool.png" subtitle="ExifTool is the original Perl library and command-line application for reading, writing, and editing meta information (Exif, IPTC, XMP, and more) in a wide variety of file formats (JPEG, TIFF, PNG, PDF, RAW, and more)." >}}
{{< /cards >}}
@@ -217,7 +218,6 @@ We [**recommend**](../services/dns/index.md#recommended-providers) a number of e
{{< cards >}}
{{< card link="../software/frontends/#redlib" title="Redlib" image="../software/frontends/redlib.svg" subtitle="Redlib is an open-source frontend to the Reddit website that is also self-hostable. You can access Redlib through a number of public instances." >}}
- {{< card link="../software/frontends/#proxitok" title="ProxiTok" image="../software/frontends/proxitok.svg" subtitle="ProxiTok is an open-source frontend to the TikTok website that is also self-hostable." >}}
{{< card link="../software/frontends/#invidious" title="Invidious" image="../software/frontends/invidious.svg" subtitle="Invidious is a free and open-source frontend for YouTube that is also self-hostable." >}}
{{< card link="../software/frontends/#piped" title="Piped" image="../software/frontends/piped.svg" subtitle="Piped is a free and open-source frontend for YouTube that is also self-hostable." >}}
{{< card link="../software/frontends/#freetube" title="FreeTube" image="../software/frontends/freetube.svg" subtitle="FreeTube is a free and open-source desktop application for YouTube. FreeTube extracts data from YouTube using its built-in API based on YouTube.js or the Invidious API." >}}
@@ -265,7 +265,6 @@ We [**recommend**](../services/dns/index.md#recommended-providers) a number of e
{{< cards >}}
{{< card link="../software/mobile-browsers/#brave" title="Brave" image="../software/mobile-browsers/brave.svg" subtitle="Brave Browser includes a built-in content blocker and privacy features, many of which are enabled by default. Brave is built upon the Chromium web browser project, so it should feel familiar and have minimal website compatibility issues." >}}
- {{< card link="../software/mobile-browsers/#cromite-android" title="Cromite" image="../software/mobile-browsers/cromite.svg" subtitle="Cromite is a Chromium-based browser with built-in ad blocking, fingerprinting protections, and other privacy and security enhancements. It is a fork of the discontinued Bromite browser." >}}
{{< card link="../software/mobile-browsers/#safari-ios" title="Safari (iOS)" image="../software/mobile-browsers/safari.svg" subtitle="On iOS, any app that can browse the web is restricted to using an Apple-provided WebKit framework, so a browser like Brave does not use the Blink engine (the core component of Chromium) like its counterparts on other operating systems. Safari is the default browser in iOS." >}}
{{< /cards >}}
diff --git a/content/tools/os/desktop/index.md b/content/tools/os/desktop/index.md
index 3b0d7cfa2..545d19e82 100644
--- a/content/tools/os/desktop/index.md
+++ b/content/tools/os/desktop/index.md
@@ -126,7 +126,7 @@ As an alternative to Flatpaks, there is the option of [Toolbx](https://docs.fedo
NixOS’s package manager keeps every version of every package in a different folder in the **Nix store**. Due to this you can have different versions of the same package installed on your system. After the package contents have been written to the folder, the folder is made read-only.
-NixOS also provides atomic updates. It first downloads (or builds) the packages and files for the new system generation and then switches to it. There are different ways to switch to a new generation: you can tell NixOS to activate it after reboot, or you can switch to it at runtime. You can also *test* the new generation by switching to it at runtime, but not setting it as the current system generation. If something in the update process breaks, you can just reboot and automatically and return to a working version of your system.
+NixOS also provides atomic updates. It first downloads (or builds) the packages and files for the new system generation and then switches to it. There are different ways to switch to a new generation: you can tell NixOS to activate it after reboot, or you can switch to it at runtime. You can also *test* the new generation by switching to it at runtime, but not setting it as the current system generation. If something breaks during the update process, you can just reboot to return to a working version of your system.
The Nix package manager uses a purely functional language—which is also called Nix—to define packages.
diff --git a/content/tools/services/messengers/index.md b/content/tools/services/messengers/index.md
index 019ae4ffd..095c39480 100644
--- a/content/tools/services/messengers/index.md
+++ b/content/tools/services/messengers/index.md
@@ -67,7 +67,7 @@ The protocol was independently [audited](https://eprint.iacr.org/2016/1013.pdf)
### Molly (Android)
-If you use Android and your threat model requires protecting against [Targeted Attacks](../../../wiki/basics/common-threats/index.md#attacks-against-specific-individuals){ .pg-red } you may consider using this alternative app, which features a number of security and usability improvements, to access the Signal network.
+If you use Android and your threat model requires protecting against [Targeted Attacks](../../../wiki/basics/common-threats/index.md#attacks-against-specific-individuals) you may consider using this alternative app, which features a number of security and usability improvements, to access the Signal network.
{{< title-card logo="./molly.svg" >}}
diff --git a/content/tools/services/vpn/index.md b/content/tools/services/vpn/index.md
index 5fa9dd033..ece9556ae 100644
--- a/content/tools/services/vpn/index.md
+++ b/content/tools/services/vpn/index.md
@@ -16,7 +16,7 @@ aliases:
{{< /cards >}}
-If you're looking for additional *privacy* from your ISP, on a public Wi-Fi network, or while torrenting files, a **VPN** may be the solution for you.
+If you're looking for additional *privacy* from your ISP or on a public Wi-Fi network, a **VPN** may be the solution for you.
> [!CAUTION]
> Using a VPN will **not** keep your browsing habits anonymous, nor will it add additional security to non-secure (HTTP) traffic.
diff --git a/content/tools/software/data-redaction/index.md b/content/tools/software/data-redaction/index.md
index bae53b66f..7ae14ceec 100644
--- a/content/tools/software/data-redaction/index.md
+++ b/content/tools/software/data-redaction/index.md
@@ -39,6 +39,22 @@ When sharing files, be sure to remove associated metadata. Image files commonly
[{{< badge content="Windows" color="red" >}}](https://pypi.org/project/mat2)
[{{< badge content="Web" >}}](https://github.com/jvoisin/mat2#web-interface)
+## Metadata Cleaner
+
+{{< title-card logo="./metadatacleaner.svg" >}}
+
+**Metadata Cleaner** is a graphical metadata removal tool for Linux powered by [MAT2](https://github.com/jvoisin/mat2).
+
+{{< cards >}}
+ {{< card link="https://metadatacleaner.gitlab.io/metadatacleaner/" title="Homepage" icon="home" >}}
+ {{< card link="https://gitlab.com/metadatacleaner/metadatacleaner/" title="Source Code" icon="code" >}}
+ {{< card link="https://gitlab.com/metadatacleaner/metadatacleaner/-/blob/main/CONTRIBUTING.md" title="Contribute" icon="heart" >}}
+{{< /cards >}}
+
+{{< /title-card >}}
+
+[{{< badge content="Flathub" >}}](https://flathub.org/en/apps/io.gitlab.metadatacleaner.metadatacleaner)
+
## ExifEraser (Android)
{{< title-card logo="./exiferaser.svg" >}}
diff --git a/content/tools/software/data-redaction/metadatacleaner.svg b/content/tools/software/data-redaction/metadatacleaner.svg
new file mode 100644
index 000000000..c385de5ac
--- /dev/null
+++ b/content/tools/software/data-redaction/metadatacleaner.svg
@@ -0,0 +1,32 @@
+
+
+
diff --git a/content/tools/software/desktop-browsers/index.md b/content/tools/software/desktop-browsers/index.md
index 4f14ba265..69ea5911d 100644
--- a/content/tools/software/desktop-browsers/index.md
+++ b/content/tools/software/desktop-browsers/index.md
@@ -134,12 +134,6 @@ Additionally, the Mozilla Accounts service collects [some technical data](https:
1. Open your [profile settings on accounts.firefox.com](https://accounts.firefox.com/settings#data-collection)
2. Uncheck **Data Collection and Use** > **Help improve Firefox Accounts**
-##### Website Advertising Preferences
-
-- [ ] Uncheck **Allow websites to perform privacy-preserving ad measurement**
-
-With the release of Firefox 128, a new setting for [privacy-preserving attribution](https://support.mozilla.org/kb/privacy-preserving-attribution) (PPA) has been added and [enabled by default](https://blog.privacyguides.org/2024/07/14/mozilla-disappoints-us-yet-again-2). PPA allows advertisers to use your web browser to measure the effectiveness of web campaigns, instead of using traditional JavaScript-based tracking. We consider this behavior to be outside the scope of a user agent's responsibilities, and the fact that it is disabled by default in Arkenfox is an additional indicator for disabling this feature.
-
##### HTTPS-Only Mode
- [x] Select **Enable HTTPS-Only Mode in all windows**
diff --git a/content/tools/software/frontends/index.md b/content/tools/software/frontends/index.md
index 668153cc5..71516bfce 100644
--- a/content/tools/software/frontends/index.md
+++ b/content/tools/software/frontends/index.md
@@ -17,7 +17,6 @@ When you are using an instance run by someone else, make sure to read the privac
{{< cards >}}
{{< card link="#redlib" title="Redlib" image="./redlib.svg" subtitle="Redlib is an open-source frontend to the Reddit website that is also self-hostable. You can access Redlib through a number of public instances." >}}
- {{< card link="#proxitok" title="ProxiTok" image="./proxitok.svg" subtitle="ProxiTok is an open-source frontend to the TikTok website that is also self-hostable." >}}
{{< card link="#invidious" title="Invidious" image="./invidious.svg" subtitle="Invidious is a free and open-source frontend for YouTube that is also self-hostable." >}}
{{< card link="#piped" title="Piped" image="./piped.svg" subtitle="Piped is a free and open-source frontend for YouTube that is also self-hostable." >}}
{{< card link="#freetube" title="FreeTube" image="./freetube.svg" subtitle="FreeTube is a free and open-source desktop application for YouTube. FreeTube extracts data from YouTube using its built-in API based on YouTube.js or the Invidious API." >}}
@@ -48,28 +47,6 @@ When you are using an instance run by someone else, make sure to read the privac
> [!TIP]
> Redlib is useful if you want to disable JavaScript in your browser, such as [Tor Browser](../tor/index.md#tor-browser) on the Safest security level.
-
-## TikTok
-
-### ProxiTok
-
-{{< title-card logo="./proxitok.svg" >}}
-
-**ProxiTok** is an open-source frontend to the [TikTok](https://tiktok.com) website that is also self-hostable.
-
-There are a number of public instances, with some that offer a [Tor](../tor/index.md) onion service or an [I2P](../../advanced/alternative-networks/index.md#i2p-the-invisible-internet-project) eepsite.
-
-{{< cards >}}
- {{< card link="https://github.com/pablouser1/ProxiTok#readme" title="Repository" icon="code" >}}
- {{< card link="https://github.com/pablouser1/ProxiTok/wiki/Public-instances" title="Public Instances" icon="server" >}}
-{{< /cards >}}
-
-{{< /title-card >}}
-
-> [!TIP]
-> ProxiTok is useful if you want to disable JavaScript in your browser, such as [Tor Browser](../tor/index.md#tor-browser) on the Safest security level.
-
-
## YouTube
**Note:** YouTube has gradually rolled out changes to its video player and API that have thwarted some of the methods used by third-party frontends for extracting YouTube data. If you experience reliability issues with one YouTube frontend, consider trying out another that uses a different extraction method.
diff --git a/content/tools/software/frontends/proxitok.svg b/content/tools/software/frontends/proxitok.svg
deleted file mode 100644
index 42dfa519a..000000000
--- a/content/tools/software/frontends/proxitok.svg
+++ /dev/null
@@ -1 +0,0 @@
-
\ No newline at end of file
diff --git a/content/tools/software/mobile-browsers/index.md b/content/tools/software/mobile-browsers/index.md
index 16eb0e355..b98e2d4ad 100644
--- a/content/tools/software/mobile-browsers/index.md
+++ b/content/tools/software/mobile-browsers/index.md
@@ -11,7 +11,6 @@ aliases:
{{< cards >}}
{{< card link="#brave" title="Brave" image="./brave.svg" subtitle="Brave Browser includes a built-in content blocker and privacy features, many of which are enabled by default. Brave is built upon the Chromium web browser project, so it should feel familiar and have minimal website compatibility issues." >}}
- {{< card link="#cromite-android" title="Cromite" image="./cromite.svg" subtitle="Cromite is a Chromium-based browser with built-in ad blocking, fingerprinting protections, and other privacy and security enhancements. It is a fork of the discontinued Bromite browser." >}}
{{< card link="#safari-ios" title="Safari (iOS)" image="./safari.svg" subtitle="On iOS, any app that can browse the web is restricted to using an Apple-provided WebKit framework, so a browser like Brave does not use the Blink engine (the core component of Chromium) like its counterparts on other operating systems. Safari is the default browser in iOS." >}}
{{< /cards >}}
@@ -48,7 +47,7 @@ These options can be found in the menu → **Settings** → **Brave Shields & pr
=== "iOS"
-These options can be found in the menu → **Settings** → **Shields & Privacy**.
+These options can be found in the menu → **All Settings** → **Shields & Privacy**.
#### Brave shields global defaults
@@ -76,7 +75,7 @@ Shields' options can be downgraded on a per-site basis as needed, but by default
- - [x] Select **Forget me when I close this site**
+ - [x] Select **Site Tabs Closed** under *Auto Shred*
@@ -105,24 +104,16 @@ Shields' options can be downgraded on a per-site basis as needed, but by default
1. This option disables JavaScript, which will break a lot of sites. To unbreak them, you can set exceptions on a per-site basis by tapping on the Shield icon in the address bar and unchecking this setting under *Advanced controls*.
-##### Clear browsing data (Android only)
-
-- [x] Select **Clear data on exit**
-
-##### Social Media Blocking (Android only)
-
-- [ ] Uncheck all social media components
-
#### Other privacy settings
=== "Android"
- - [x] Select **Disable non-proxied UDP** under [*WebRTC IP handling policy*](https://support.brave.com/hc/articles/360017989132-How-do-I-change-my-Privacy-Settings#webrtc)
- [x] (Optional) Select **No protection** under *Safe Browsing* (1)
+ - [x] Select **Disable non-proxied UDP** under [*WebRTC IP handling policy*](https://support.brave.com/hc/articles/360017989132-How-do-I-change-my-Privacy-Settings#webrtc)
- [ ] Uncheck **Allow sites to check if you have payment methods saved**
- - [ ] Uncheck **Javascript optimization & security** under the setting with the same name
+ - [x] Select **Do not speed up sites with Brave's V8 engine but make Brave slightly more resistant to attacks**
- [x] Select **Close tabs on exit**
- [ ] Uncheck **Allow privacy-preserving product analytics (P3A)**
- [ ] Uncheck **Automatically send diagnostic reports**
@@ -137,23 +128,35 @@ Shields' options can be downgraded on a per-site basis as needed, but by default
- [ ] Uncheck **Allow Privacy-Preserving Product Analytics (P3A)**
- [ ] Uncheck **Automatically send daily usage ping to Brave**
-#### Leo
+#### Leo AI
-These options can be found in the menu → **Settings** → **Leo**.
+These options can be found in the menu → **Settings** → **Leo AI**.
-1. This option is not present in Brave's iOS app.
+=== "iOS"
+
+ These options can be found in the menu → **All Settings** → **Leo AI**.
+
+ - [ ] Uncheck **Show In Quick Search Engine Bar**
#### Search engines
-These options can be found in the menu → **Settings** → **Search engines**.
+=== "Android"
-- [ ] Uncheck **Show search suggestions**
+ These options can be found in the menu → **Settings** → **Search engines**.
+
+ - [ ] Uncheck **Show search suggestions**
+
+=== "iOS"
+
+ These options can be found in the menu → **All Settings** → **Search engines**.
+
+ - [ ] Uncheck **Show In Quick Search Engine Bar**
#### Brave Sync
diff --git a/content/wiki/basics/vpn-overview/index.md b/content/wiki/basics/vpn-overview/index.md
index 76bfca2ae..450f1a74f 100644
--- a/content/wiki/basics/vpn-overview/index.md
+++ b/content/wiki/basics/vpn-overview/index.md
@@ -36,11 +36,9 @@ Note that a VPN does not add any security or encryption to your traffic between
## Should I use a VPN?
-**Yes**, almost certainly. A VPN has many advantages, including:
-
+**Yes**, almost certainly. The advantages of a VPN include:
1. Hiding your traffic from **only** your Internet Service Provider.
-1. Hiding your downloads (such as torrents) from your ISP and anti-piracy organizations.
-1. Hiding your IP from third-party websites and services, helping you blend in and preventing IP based tracking.
+1. Hiding your IP from third-party websites and services, preventing IP based tracking.
1. Allowing you to bypass geo-restrictions on certain content.
VPNs can provide *some* of the same benefits Tor provides, such as hiding your IP from the websites you visit and geographically shifting your network traffic, and good VPN providers will not cooperate with e.g. legal authorities from oppressive regimes, especially if you choose a VPN provider outside your own jurisdiction.
@@ -59,7 +57,7 @@ You also should not trust a VPN to secure your connection to an unencrypted, HTT
Unless your VPN provider hosts the encrypted DNS servers themselves, **probably not**. Using DOH/DOT (or any other form of encrypted DNS) with third-party servers will simply add more entities to trust. Your VPN provider can still see which websites you visit based on the IP addresses and other methods. All this being said, there may be some advantages to enabling encrypted DNS in order to enable other security features in your browser, such as ECH. Browser technologies which are reliant on in-browser encrypted DNS are relatively new and not yet widespread, so whether they are relevant to you in particular is an exercise we will leave to you to research independently.
-Another common reason encrypted DNS is recommended is that it prevents DNS spoofing. However, your browser should already be checking for [TLS certificates](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) with **HTTPS** and warn you about it. If you are not using **HTTPS**, then an adversary can still just modify anything other than your DNS queries and the end result will be little different.
+Another common reason encrypted DNS is recommended is that it prevents DNS manipulation attacks. However, your browser should already be checking for [TLS certificates](https://en.wikipedia.org/wiki/Transport_Layer_Security#Digital_certificates) with **HTTPS** and warn you about it. If you are not using **HTTPS**, then an adversary can still just modify anything other than your DNS queries and the end result will be little different.
## Should I use Tor *and* a VPN?
diff --git a/content/wiki/os/windows/_index.md b/content/wiki/os/windows/_index.md
index e14ed8196..6a9f4473d 100644
--- a/content/wiki/os/windows/_index.md
+++ b/content/wiki/os/windows/_index.md
@@ -25,7 +25,7 @@ You can enhance your privacy and security on Windows without downloading any thi
## Privacy Notes
-Microsoft Windows, particularly those versions aimed at consumers like the **Home** version often don't prioritize privacy-friendly features by [default](https://theguardian.com/technology/2015/jul/31/windows-10-microsoft-faces-criticism-over-privacy-default-settings). As a result we often see more [data collection](https://en.wikipedia.org/wiki/Criticism_of_Microsoft#Telemetry_and_data_collection) than necessary, without any real warnings that this is the default behavior. In an attempt to compete with Google in the advertising space, [Cortana](https://en.wikipedia.org/wiki/Cortana_(virtual_assistant)) has included unique identifiers such as an "advertising ID" in order to correlate usage and assist advertisers in targeted advertising. At launch, telemetry could not be disabled in non-enterprise editions of Windows 10. It still cannot be disabled, but Microsoft added the ability to [reduce](https://extremetech.com/computing/243079-upcoming-windows-update-reduces-spying-microsoft-still-mum-data-collects) the data that is sent to them.
+Microsoft Windows, particularly those versions aimed at consumers like the **Home** version often don't prioritize privacy-friendly features by [default](https://theguardian.com/technology/2015/jul/31/windows-10-microsoft-faces-criticism-over-privacy-default-settings). As a result we often see more [data collection](https://en.wikipedia.org/wiki/Criticism_of_Microsoft#Telemetry_and_data_collection) than necessary, without any real warnings that this is the default behavior. In an attempt to compete with Google in the advertising space, [Cortana](https://en.wikipedia.org/wiki/Cortana_(virtual_assistant)) has included unique identifiers such as an "advertising ID" in order to correlate usage and assist advertisers in targeted advertising. At launch, telemetry could not be disabled in non-enterprise editions of Windows 10. It still cannot be disabled, but Microsoft added the ability to [reduce](https://extremetech.com/computing/243079-upcoming-windows-update-reduces-spying-microsoft-still-mum-data-collects) the data that is sent to them.
With Windows 11 there are a number of restrictions or defaults such as: