1
0
mirror of https://github.com/privacyguides/privacyguides.org.git synced 2025-02-19 06:30:18 +00:00

feat!: Add blog back to main repository (#2704)

Signed-off-by: kimg45 <138676274+kimg45@users.noreply.github.com>
Signed-off-by: blacklight447 <niek@privacyguides.org>
Signed-off-by: redoomed1 <161974310+redoomed1@users.noreply.github.com>
This commit is contained in:
Jonah Aragon 2024-08-07 22:30:58 -05:00
parent 95d6ec9fd4
commit 1496586617
Signed by: jonah
SSH Key Fingerprint: SHA256:oJSBSFgpWl4g+IwjL96Ya8ocGfI7r6VKnQw+257pZZ0
68 changed files with 2986 additions and 112 deletions

88
.github/workflows/build-blog.yml vendored Normal file
View File

@ -0,0 +1,88 @@
name: 🛠️ Build Blog
on:
workflow_call:
inputs:
ref:
required: true
type: string
repo:
required: true
type: string
context:
type: string
default: deploy-preview
continue-on-error:
type: boolean
default: true
privileged:
type: boolean
default: true
permissions:
contents: read
jobs:
build:
runs-on: ubuntu-latest
continue-on-error: ${{ inputs.continue-on-error }}
permissions:
contents: read
steps:
- name: Add GitHub Token to Environment
run: |
echo "GH_TOKEN=${{ secrets.GITHUB_TOKEN }}" >> "$GITHUB_ENV"
- name: Download Repository
uses: actions/checkout@v4
with:
repository: ${{ inputs.repo }}
ref: ${{ inputs.ref }}
persist-credentials: "false"
fetch-depth: 0
- name: Download Submodules
uses: actions/download-artifact@v4
with:
pattern: repo-*
path: modules
- name: Move mkdocs-material-insiders to mkdocs-material
if: inputs.privileged
run: |
rmdir modules/mkdocs-material
mv modules/repo-mkdocs-material-insiders modules/mkdocs-material
- name: Move brand submodule to theme/assets/brand
run: |
rmdir theme/assets/brand
mv modules/repo-brand theme/assets/brand
- name: Install Python (pipenv)
if: inputs.privileged
uses: actions/setup-python@v5
with:
cache: "pipenv"
- name: Install Python Dependencies
if: inputs.privileged
run: |
pip install pipenv
pipenv install
sudo apt install pngquant
- name: Build Website
run: |
pipenv run mkdocs build --config-file mkdocs.blog.yml
- name: Package Website
run: |
tar -czf site-build-blog.tar.gz site
- name: Upload Site
uses: actions/upload-artifact@v4
with:
name: site-build-blog.tar.gz
path: site-build-blog.tar.gz
retention-days: 1

View File

@ -87,12 +87,23 @@ jobs:
privileged: ${{ fromJSON(needs.metadata.outputs.privileged) }}
strict: true
build_blog:
if: ${{ contains(github.event.pull_request.labels.*.name, 'ci:build blog') }}
needs: [submodule, metadata]
uses: ./.github/workflows/build-blog.yml
with:
ref: ${{github.event.pull_request.head.ref}}
repo: ${{github.event.pull_request.head.repo.full_name}}
continue-on-error: true
privileged: ${{ fromJSON(needs.metadata.outputs.privileged) }}
combine_build:
needs: [build_english, build_i18n]
needs: [build_english, build_i18n, build_blog]
if: |
(always() && !cancelled() && !failure()) &&
needs.build_english.result == 'success' &&
(needs.build_i18n.result == 'success' || needs.build_i18n.result == 'skipped')
(needs.build_i18n.result == 'success' || needs.build_i18n.result == 'skipped') &&
(needs.build_blog.result == 'success' || needs.build_blog.result == 'skipped')
runs-on: ubuntu-latest
steps:
@ -114,5 +125,5 @@ jobs:
cleanup:
if: ${{ always() }}
needs: [build_english, build_i18n]
needs: [build_english, build_i18n, build_blog]
uses: privacyguides/.github/.github/workflows/cleanup.yml@main

View File

@ -29,6 +29,7 @@ mkdocs-git-revision-date-localized-plugin = "~=1.2"
mkdocs-git-authors-plugin = "~=0.8"
mkdocs-macros-plugin = "~=1.0"
jieba = "~=0.42"
mkdocs-rss-plugin = "*"
[dev-packages]
scour = "~=0.38"

320
Pipfile.lock generated
View File

@ -1,7 +1,7 @@
{
"_meta": {
"hash": {
"sha256": "ea18b0cfbbad56281087e2422684e4943753ad503e1319ef1f2f054b7a05f608"
"sha256": "0d44b05fce332feadac5f751987ba261ffa2aa8c851364ef94fc1bd91c6feb77"
},
"pipfile-spec": 6,
"requires": {
@ -24,6 +24,17 @@
"markers": "python_version >= '3.8'",
"version": "==2.15.0"
},
"cachecontrol": {
"extras": [
"filecache"
],
"hashes": [
"sha256:7db1195b41c81f8274a7bbd97c956f44e8348265a1bc7641c37dfebc39f0c938",
"sha256:f5bf3f0620c38db2e5122c0726bdebb0d16869de966ea6a2befe92470b740ea0"
],
"markers": "python_version >= '3.7'",
"version": "==0.14.0"
},
"cairocffi": {
"hashes": [
"sha256:2e48ee864884ec4a3a34bfa8c9ab9999f688286eb714a15a43ec9d068c36557b",
@ -49,61 +60,76 @@
},
"cffi": {
"hashes": [
"sha256:0c9ef6ff37e974b73c25eecc13952c55bceed9112be2d9d938ded8e856138bcc",
"sha256:131fd094d1065b19540c3d72594260f118b231090295d8c34e19a7bbcf2e860a",
"sha256:1b8ebc27c014c59692bb2664c7d13ce7a6e9a629be20e54e7271fa696ff2b417",
"sha256:2c56b361916f390cd758a57f2e16233eb4f64bcbeee88a4881ea90fca14dc6ab",
"sha256:2d92b25dbf6cae33f65005baf472d2c245c050b1ce709cc4588cdcdd5495b520",
"sha256:31d13b0f99e0836b7ff893d37af07366ebc90b678b6664c955b54561fc36ef36",
"sha256:32c68ef735dbe5857c810328cb2481e24722a59a2003018885514d4c09af9743",
"sha256:3686dffb02459559c74dd3d81748269ffb0eb027c39a6fc99502de37d501faa8",
"sha256:582215a0e9adbe0e379761260553ba11c58943e4bbe9c36430c4ca6ac74b15ed",
"sha256:5b50bf3f55561dac5438f8e70bfcdfd74543fd60df5fa5f62d94e5867deca684",
"sha256:5bf44d66cdf9e893637896c7faa22298baebcd18d1ddb6d2626a6e39793a1d56",
"sha256:6602bc8dc6f3a9e02b6c22c4fc1e47aa50f8f8e6d3f78a5e16ac33ef5fefa324",
"sha256:673739cb539f8cdaa07d92d02efa93c9ccf87e345b9a0b556e3ecc666718468d",
"sha256:68678abf380b42ce21a5f2abde8efee05c114c2fdb2e9eef2efdb0257fba1235",
"sha256:68e7c44931cc171c54ccb702482e9fc723192e88d25a0e133edd7aff8fcd1f6e",
"sha256:6b3d6606d369fc1da4fd8c357d026317fbb9c9b75d36dc16e90e84c26854b088",
"sha256:748dcd1e3d3d7cd5443ef03ce8685043294ad6bd7c02a38d1bd367cfd968e000",
"sha256:7651c50c8c5ef7bdb41108b7b8c5a83013bfaa8a935590c5d74627c047a583c7",
"sha256:7b78010e7b97fef4bee1e896df8a4bbb6712b7f05b7ef630f9d1da00f6444d2e",
"sha256:7e61e3e4fa664a8588aa25c883eab612a188c725755afff6289454d6362b9673",
"sha256:80876338e19c951fdfed6198e70bc88f1c9758b94578d5a7c4c91a87af3cf31c",
"sha256:8895613bcc094d4a1b2dbe179d88d7fb4a15cee43c052e8885783fac397d91fe",
"sha256:88e2b3c14bdb32e440be531ade29d3c50a1a59cd4e51b1dd8b0865c54ea5d2e2",
"sha256:8f8e709127c6c77446a8c0a8c8bf3c8ee706a06cd44b1e827c3e6a2ee6b8c098",
"sha256:9cb4a35b3642fc5c005a6755a5d17c6c8b6bcb6981baf81cea8bfbc8903e8ba8",
"sha256:9f90389693731ff1f659e55c7d1640e2ec43ff725cc61b04b2f9c6d8d017df6a",
"sha256:a09582f178759ee8128d9270cd1344154fd473bb77d94ce0aeb2a93ebf0feaf0",
"sha256:a6a14b17d7e17fa0d207ac08642c8820f84f25ce17a442fd15e27ea18d67c59b",
"sha256:a72e8961a86d19bdb45851d8f1f08b041ea37d2bd8d4fd19903bc3083d80c896",
"sha256:abd808f9c129ba2beda4cfc53bde801e5bcf9d6e0f22f095e45327c038bfe68e",
"sha256:ac0f5edd2360eea2f1daa9e26a41db02dd4b0451b48f7c318e217ee092a213e9",
"sha256:b29ebffcf550f9da55bec9e02ad430c992a87e5f512cd63388abb76f1036d8d2",
"sha256:b2ca4e77f9f47c55c194982e10f058db063937845bb2b7a86c84a6cfe0aefa8b",
"sha256:b7be2d771cdba2942e13215c4e340bfd76398e9227ad10402a8767ab1865d2e6",
"sha256:b84834d0cf97e7d27dd5b7f3aca7b6e9263c56308ab9dc8aae9784abb774d404",
"sha256:b86851a328eedc692acf81fb05444bdf1891747c25af7529e39ddafaf68a4f3f",
"sha256:bcb3ef43e58665bbda2fb198698fcae6776483e0c4a631aa5647806c25e02cc0",
"sha256:c0f31130ebc2d37cdd8e44605fb5fa7ad59049298b3f745c74fa74c62fbfcfc4",
"sha256:c6a164aa47843fb1b01e941d385aab7215563bb8816d80ff3a363a9f8448a8dc",
"sha256:d8a9d3ebe49f084ad71f9269834ceccbf398253c9fac910c4fd7053ff1386936",
"sha256:db8e577c19c0fda0beb7e0d4e09e0ba74b1e4c092e0e40bfa12fe05b6f6d75ba",
"sha256:dc9b18bf40cc75f66f40a7379f6a9513244fe33c0e8aa72e2d56b0196a7ef872",
"sha256:e09f3ff613345df5e8c3667da1d918f9149bd623cd9070c983c013792a9a62eb",
"sha256:e4108df7fe9b707191e55f33efbcb2d81928e10cea45527879a4749cbe472614",
"sha256:e6024675e67af929088fda399b2094574609396b1decb609c55fa58b028a32a1",
"sha256:e70f54f1796669ef691ca07d046cd81a29cb4deb1e5f942003f401c0c4a2695d",
"sha256:e715596e683d2ce000574bae5d07bd522c781a822866c20495e52520564f0969",
"sha256:e760191dd42581e023a68b758769e2da259b5d52e3103c6060ddc02c9edb8d7b",
"sha256:ed86a35631f7bfbb28e108dd96773b9d5a6ce4811cf6ea468bb6a359b256b1e4",
"sha256:ee07e47c12890ef248766a6e55bd38ebfb2bb8edd4142d56db91b21ea68b7627",
"sha256:fa3a0128b152627161ce47201262d3140edb5a5c3da88d73a1b790a959126956",
"sha256:fcc8eb6d5902bb1cf6dc4f187ee3ea80a1eba0a89aba40a5cb20a5087d961357"
"sha256:011aff3524d578a9412c8b3cfaa50f2c0bd78e03eb7af7aa5e0df59b158efb2f",
"sha256:0a048d4f6630113e54bb4b77e315e1ba32a5a31512c31a273807d0027a7e69ab",
"sha256:0bb15e7acf8ab35ca8b24b90af52c8b391690ef5c4aec3d31f38f0d37d2cc499",
"sha256:0d46ee4764b88b91f16661a8befc6bfb24806d885e27436fdc292ed7e6f6d058",
"sha256:0e60821d312f99d3e1569202518dddf10ae547e799d75aef3bca3a2d9e8ee693",
"sha256:0fdacad9e0d9fc23e519efd5ea24a70348305e8d7d85ecbb1a5fa66dc834e7fb",
"sha256:14b9cbc8f7ac98a739558eb86fabc283d4d564dafed50216e7f7ee62d0d25377",
"sha256:17c6d6d3260c7f2d94f657e6872591fe8733872a86ed1345bda872cfc8c74885",
"sha256:1a2ddbac59dc3716bc79f27906c010406155031a1c801410f1bafff17ea304d2",
"sha256:2404f3de742f47cb62d023f0ba7c5a916c9c653d5b368cc966382ae4e57da401",
"sha256:24658baf6224d8f280e827f0a50c46ad819ec8ba380a42448e24459daf809cf4",
"sha256:24aa705a5f5bd3a8bcfa4d123f03413de5d86e497435693b638cbffb7d5d8a1b",
"sha256:2770bb0d5e3cc0e31e7318db06efcbcdb7b31bcb1a70086d3177692a02256f59",
"sha256:331ad15c39c9fe9186ceaf87203a9ecf5ae0ba2538c9e898e3a6967e8ad3db6f",
"sha256:3aa9d43b02a0c681f0bfbc12d476d47b2b2b6a3f9287f11ee42989a268a1833c",
"sha256:41f4915e09218744d8bae14759f983e466ab69b178de38066f7579892ff2a555",
"sha256:4304d4416ff032ed50ad6bb87416d802e67139e31c0bde4628f36a47a3164bfa",
"sha256:435a22d00ec7d7ea533db494da8581b05977f9c37338c80bc86314bec2619424",
"sha256:45f7cd36186db767d803b1473b3c659d57a23b5fa491ad83c6d40f2af58e4dbb",
"sha256:48b389b1fd5144603d61d752afd7167dfd205973a43151ae5045b35793232aa2",
"sha256:4e67d26532bfd8b7f7c05d5a766d6f437b362c1bf203a3a5ce3593a645e870b8",
"sha256:516a405f174fd3b88829eabfe4bb296ac602d6a0f68e0d64d5ac9456194a5b7e",
"sha256:5ba5c243f4004c750836f81606a9fcb7841f8874ad8f3bf204ff5e56332b72b9",
"sha256:5bdc0f1f610d067c70aa3737ed06e2726fd9d6f7bfee4a351f4c40b6831f4e82",
"sha256:6107e445faf057c118d5050560695e46d272e5301feffda3c41849641222a828",
"sha256:6327b572f5770293fc062a7ec04160e89741e8552bf1c358d1a23eba68166759",
"sha256:669b29a9eca6146465cc574659058ed949748f0809a2582d1f1a324eb91054dc",
"sha256:6ce01337d23884b21c03869d2f68c5523d43174d4fc405490eb0091057943118",
"sha256:6d872186c1617d143969defeadac5a904e6e374183e07977eedef9c07c8953bf",
"sha256:6f76a90c345796c01d85e6332e81cab6d70de83b829cf1d9762d0a3da59c7932",
"sha256:70d2aa9fb00cf52034feac4b913181a6e10356019b18ef89bc7c12a283bf5f5a",
"sha256:7cbc78dc018596315d4e7841c8c3a7ae31cc4d638c9b627f87d52e8abaaf2d29",
"sha256:856bf0924d24e7f93b8aee12a3a1095c34085600aa805693fb7f5d1962393206",
"sha256:8a98748ed1a1df4ee1d6f927e151ed6c1a09d5ec21684de879c7ea6aa96f58f2",
"sha256:93a7350f6706b31f457c1457d3a3259ff9071a66f312ae64dc024f049055f72c",
"sha256:964823b2fc77b55355999ade496c54dde161c621cb1f6eac61dc30ed1b63cd4c",
"sha256:a003ac9edc22d99ae1286b0875c460351f4e101f8c9d9d2576e78d7e048f64e0",
"sha256:a0ce71725cacc9ebf839630772b07eeec220cbb5f03be1399e0457a1464f8e1a",
"sha256:a47eef975d2b8b721775a0fa286f50eab535b9d56c70a6e62842134cf7841195",
"sha256:a8b5b9712783415695663bd463990e2f00c6750562e6ad1d28e072a611c5f2a6",
"sha256:a9015f5b8af1bb6837a3fcb0cdf3b874fe3385ff6274e8b7925d81ccaec3c5c9",
"sha256:aec510255ce690d240f7cb23d7114f6b351c733a74c279a84def763660a2c3bc",
"sha256:b00e7bcd71caa0282cbe3c90966f738e2db91e64092a877c3ff7f19a1628fdcb",
"sha256:b50aaac7d05c2c26dfd50c3321199f019ba76bb650e346a6ef3616306eed67b0",
"sha256:b7b6ea9e36d32582cda3465f54c4b454f62f23cb083ebc7a94e2ca6ef011c3a7",
"sha256:bb9333f58fc3a2296fb1d54576138d4cf5d496a2cc118422bd77835e6ae0b9cb",
"sha256:c1c13185b90bbd3f8b5963cd8ce7ad4ff441924c31e23c975cb150e27c2bf67a",
"sha256:c3b8bd3133cd50f6b637bb4322822c94c5ce4bf0d724ed5ae70afce62187c492",
"sha256:c5d97162c196ce54af6700949ddf9409e9833ef1003b4741c2b39ef46f1d9720",
"sha256:c815270206f983309915a6844fe994b2fa47e5d05c4c4cef267c3b30e34dbe42",
"sha256:cab2eba3830bf4f6d91e2d6718e0e1c14a2f5ad1af68a89d24ace0c6b17cced7",
"sha256:d1df34588123fcc88c872f5acb6f74ae59e9d182a2707097f9e28275ec26a12d",
"sha256:d6bdcd415ba87846fd317bee0774e412e8792832e7805938987e4ede1d13046d",
"sha256:db9a30ec064129d605d0f1aedc93e00894b9334ec74ba9c6bdd08147434b33eb",
"sha256:dbc183e7bef690c9abe5ea67b7b60fdbca81aa8da43468287dae7b5c046107d4",
"sha256:dca802c8db0720ce1c49cce1149ff7b06e91ba15fa84b1d59144fef1a1bc7ac2",
"sha256:dec6b307ce928e8e112a6bb9921a1cb00a0e14979bf28b98e084a4b8a742bd9b",
"sha256:df8bb0010fdd0a743b7542589223a2816bdde4d94bb5ad67884348fa2c1c67e8",
"sha256:e4094c7b464cf0a858e75cd14b03509e84789abf7b79f8537e6a72152109c76e",
"sha256:e4760a68cab57bfaa628938e9c2971137e05ce48e762a9cb53b76c9b569f1204",
"sha256:eb09b82377233b902d4c3fbeeb7ad731cdab579c6c6fda1f763cd779139e47c3",
"sha256:eb862356ee9391dc5a0b3cbc00f416b48c1b9a52d252d898e5b7696a5f9fe150",
"sha256:ef9528915df81b8f4c7612b19b8628214c65c9b7f74db2e34a646a0a2a0da2d4",
"sha256:f3157624b7558b914cb039fd1af735e5e8049a87c817cc215109ad1c8779df76",
"sha256:f3e0992f23bbb0be00a921eae5363329253c3b86287db27092461c887b791e5e",
"sha256:f9338cc05451f1942d0d8203ec2c346c830f8e86469903d5126c1f0a13a2bcbb",
"sha256:ffef8fd58a36fb5f1196919638f73dd3ae0db1a878982b27a9a5a176ede4ba91"
],
"markers": "python_version >= '3.8'",
"version": "==1.16.0"
"version": "==1.17.0"
},
"charset-normalizer": {
"hashes": [
@ -233,6 +259,13 @@
"markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'",
"version": "==0.7.1"
},
"filelock": {
"hashes": [
"sha256:2207938cbc1844345cb01a5a95524dae30f0ce089eba5b00378295a17e3e90cb",
"sha256:6ca1fffae96225dab4c6eaf1c4f4f28cd2568d3ec2a44e15a08520504de468e7"
],
"version": "==3.15.4"
},
"ghp-import": {
"hashes": [
"sha256:8337dd7b50877f163d4c0289bc1f1c7f127550241988d568c1db512c4324a619",
@ -419,6 +452,77 @@
"markers": "python_version >= '3.8'",
"version": "==1.3.1"
},
"mkdocs-rss-plugin": {
"hashes": [
"sha256:7308ac13f0976c0479db5a62cb7ef9b10fdd74b6521e459bb66a13e2cfe69d4b",
"sha256:92995ed6c77b2ae1f5f2913e62282c27e50c35d618c4291b5b939e50badd7504"
],
"index": "pypi",
"markers": "python_version >= '3.8' and python_version < '4'",
"version": "==1.15.0"
},
"msgpack": {
"hashes": [
"sha256:00e073efcba9ea99db5acef3959efa45b52bc67b61b00823d2a1a6944bf45982",
"sha256:0726c282d188e204281ebd8de31724b7d749adebc086873a59efb8cf7ae27df3",
"sha256:0ceea77719d45c839fd73abcb190b8390412a890df2f83fb8cf49b2a4b5c2f40",
"sha256:114be227f5213ef8b215c22dde19532f5da9652e56e8ce969bf0a26d7c419fee",
"sha256:13577ec9e247f8741c84d06b9ece5f654920d8365a4b636ce0e44f15e07ec693",
"sha256:1876b0b653a808fcd50123b953af170c535027bf1d053b59790eebb0aeb38950",
"sha256:1ab0bbcd4d1f7b6991ee7c753655b481c50084294218de69365f8f1970d4c151",
"sha256:1cce488457370ffd1f953846f82323cb6b2ad2190987cd4d70b2713e17268d24",
"sha256:26ee97a8261e6e35885c2ecd2fd4a6d38252246f94a2aec23665a4e66d066305",
"sha256:3528807cbbb7f315bb81959d5961855e7ba52aa60a3097151cb21956fbc7502b",
"sha256:374a8e88ddab84b9ada695d255679fb99c53513c0a51778796fcf0944d6c789c",
"sha256:376081f471a2ef24828b83a641a02c575d6103a3ad7fd7dade5486cad10ea659",
"sha256:3923a1778f7e5ef31865893fdca12a8d7dc03a44b33e2a5f3295416314c09f5d",
"sha256:4916727e31c28be8beaf11cf117d6f6f188dcc36daae4e851fee88646f5b6b18",
"sha256:493c5c5e44b06d6c9268ce21b302c9ca055c1fd3484c25ba41d34476c76ee746",
"sha256:505fe3d03856ac7d215dbe005414bc28505d26f0c128906037e66d98c4e95868",
"sha256:5845fdf5e5d5b78a49b826fcdc0eb2e2aa7191980e3d2cfd2a30303a74f212e2",
"sha256:5c330eace3dd100bdb54b5653b966de7f51c26ec4a7d4e87132d9b4f738220ba",
"sha256:5dbf059fb4b7c240c873c1245ee112505be27497e90f7c6591261c7d3c3a8228",
"sha256:5e390971d082dba073c05dbd56322427d3280b7cc8b53484c9377adfbae67dc2",
"sha256:5fbb160554e319f7b22ecf530a80a3ff496d38e8e07ae763b9e82fadfe96f273",
"sha256:64d0fcd436c5683fdd7c907eeae5e2cbb5eb872fafbc03a43609d7941840995c",
"sha256:69284049d07fce531c17404fcba2bb1df472bc2dcdac642ae71a2d079d950653",
"sha256:6a0e76621f6e1f908ae52860bdcb58e1ca85231a9b0545e64509c931dd34275a",
"sha256:73ee792784d48aa338bba28063e19a27e8d989344f34aad14ea6e1b9bd83f596",
"sha256:74398a4cf19de42e1498368c36eed45d9528f5fd0155241e82c4082b7e16cffd",
"sha256:7938111ed1358f536daf311be244f34df7bf3cdedb3ed883787aca97778b28d8",
"sha256:82d92c773fbc6942a7a8b520d22c11cfc8fd83bba86116bfcf962c2f5c2ecdaa",
"sha256:83b5c044f3eff2a6534768ccfd50425939e7a8b5cf9a7261c385de1e20dcfc85",
"sha256:8db8e423192303ed77cff4dce3a4b88dbfaf43979d280181558af5e2c3c71afc",
"sha256:9517004e21664f2b5a5fd6333b0731b9cf0817403a941b393d89a2f1dc2bd836",
"sha256:95c02b0e27e706e48d0e5426d1710ca78e0f0628d6e89d5b5a5b91a5f12274f3",
"sha256:99881222f4a8c2f641f25703963a5cefb076adffd959e0558dc9f803a52d6a58",
"sha256:9ee32dcb8e531adae1f1ca568822e9b3a738369b3b686d1477cbc643c4a9c128",
"sha256:a22e47578b30a3e199ab067a4d43d790249b3c0587d9a771921f86250c8435db",
"sha256:b5505774ea2a73a86ea176e8a9a4a7c8bf5d521050f0f6f8426afe798689243f",
"sha256:bd739c9251d01e0279ce729e37b39d49a08c0420d3fee7f2a4968c0576678f77",
"sha256:d16a786905034e7e34098634b184a7d81f91d4c3d246edc6bd7aefb2fd8ea6ad",
"sha256:d3420522057ebab1728b21ad473aa950026d07cb09da41103f8e597dfbfaeb13",
"sha256:d56fd9f1f1cdc8227d7b7918f55091349741904d9520c65f0139a9755952c9e8",
"sha256:d661dc4785affa9d0edfdd1e59ec056a58b3dbb9f196fa43587f3ddac654ac7b",
"sha256:dfe1f0f0ed5785c187144c46a292b8c34c1295c01da12e10ccddfc16def4448a",
"sha256:e1dd7839443592d00e96db831eddb4111a2a81a46b028f0facd60a09ebbdd543",
"sha256:e2872993e209f7ed04d963e4b4fbae72d034844ec66bc4ca403329db2074377b",
"sha256:e2f879ab92ce502a1e65fce390eab619774dda6a6ff719718069ac94084098ce",
"sha256:e3aa7e51d738e0ec0afbed661261513b38b3014754c9459508399baf14ae0c9d",
"sha256:e532dbd6ddfe13946de050d7474e3f5fb6ec774fbb1a188aaf469b08cf04189a",
"sha256:e6b7842518a63a9f17107eb176320960ec095a8ee3b4420b5f688e24bf50c53c",
"sha256:e75753aeda0ddc4c28dce4c32ba2f6ec30b1b02f6c0b14e547841ba5b24f753f",
"sha256:eadb9f826c138e6cf3c49d6f8de88225a3c0ab181a9b4ba792e006e5292d150e",
"sha256:ed59dd52075f8fc91da6053b12e8c89e37aa043f8986efd89e61fae69dc1b011",
"sha256:ef254a06bcea461e65ff0373d8a0dd1ed3aa004af48839f002a0c994a6f72d04",
"sha256:f3709997b228685fe53e8c433e2df9f0cdb5f4542bd5114ed17ac3c0129b0480",
"sha256:f51bab98d52739c50c56658cc303f190785f9a2cd97b823357e7aeae54c8f68a",
"sha256:f9904e24646570539a8950400602d66d2b2c492b9010ea7e965025cb71d0c86d",
"sha256:f9af38a89b6a5c04b7d18c492c8ccf2aee7048aff1ce8437c4683bb5a1df893d"
],
"markers": "python_version >= '3.8'",
"version": "==1.0.8"
},
"packaging": {
"hashes": [
"sha256:026ed72c8ed3fcce5bf8950572258698927fd1dbda10a5e981cdf0ac37f4f002",
@ -576,60 +680,62 @@
},
"pyyaml": {
"hashes": [
"sha256:04ac92ad1925b2cff1db0cfebffb6ffc43457495c9b3c39d3fcae417d7125dc5",
"sha256:062582fca9fabdd2c8b54a3ef1c978d786e0f6b3a1510e0ac93ef59e0ddae2bc",
"sha256:0d3304d8c0adc42be59c5f8a4d9e3d7379e6955ad754aa9d6ab7a398b59dd1df",
"sha256:1635fd110e8d85d55237ab316b5b011de701ea0f29d07611174a1b42f1444741",
"sha256:184c5108a2aca3c5b3d3bf9395d50893a7ab82a38004c8f61c258d4428e80206",
"sha256:18aeb1bf9a78867dc38b259769503436b7c72f7a1f1f4c93ff9a17de54319b27",
"sha256:1d4c7e777c441b20e32f52bd377e0c409713e8bb1386e1099c2415f26e479595",
"sha256:1e2722cc9fbb45d9b87631ac70924c11d3a401b2d7f410cc0e3bbf249f2dca62",
"sha256:1fe35611261b29bd1de0070f0b2f47cb6ff71fa6595c077e42bd0c419fa27b98",
"sha256:28c119d996beec18c05208a8bd78cbe4007878c6dd15091efb73a30e90539696",
"sha256:326c013efe8048858a6d312ddd31d56e468118ad4cdeda36c719bf5bb6192290",
"sha256:40df9b996c2b73138957fe23a16a4f0ba614f4c0efce1e9406a184b6d07fa3a9",
"sha256:42f8152b8dbc4fe7d96729ec2b99c7097d656dc1213a3229ca5383f973a5ed6d",
"sha256:49a183be227561de579b4a36efbb21b3eab9651dd81b1858589f796549873dd6",
"sha256:4fb147e7a67ef577a588a0e2c17b6db51dda102c71de36f8549b6816a96e1867",
"sha256:50550eb667afee136e9a77d6dc71ae76a44df8b3e51e41b77f6de2932bfe0f47",
"sha256:510c9deebc5c0225e8c96813043e62b680ba2f9c50a08d3724c7f28a747d1486",
"sha256:5773183b6446b2c99bb77e77595dd486303b4faab2b086e7b17bc6bef28865f6",
"sha256:596106435fa6ad000c2991a98fa58eeb8656ef2325d7e158344fb33864ed87e3",
"sha256:6965a7bc3cf88e5a1c3bd2e0b5c22f8d677dc88a455344035f03399034eb3007",
"sha256:69b023b2b4daa7548bcfbd4aa3da05b3a74b772db9e23b982788168117739938",
"sha256:6c22bec3fbe2524cde73d7ada88f6566758a8f7227bfbf93a408a9d86bcc12a0",
"sha256:704219a11b772aea0d8ecd7058d0082713c3562b4e271b849ad7dc4a5c90c13c",
"sha256:7e07cbde391ba96ab58e532ff4803f79c4129397514e1413a7dc761ccd755735",
"sha256:81e0b275a9ecc9c0c0c07b4b90ba548307583c125f54d5b6946cfee6360c733d",
"sha256:855fb52b0dc35af121542a76b9a84f8d1cd886ea97c84703eaa6d88e37a2ad28",
"sha256:8d4e9c88387b0f5c7d5f281e55304de64cf7f9c0021a3525bd3b1c542da3b0e4",
"sha256:9046c58c4395dff28dd494285c82ba00b546adfc7ef001486fbf0324bc174fba",
"sha256:9eb6caa9a297fc2c2fb8862bc5370d0303ddba53ba97e71f08023b6cd73d16a8",
"sha256:a08c6f0fe150303c1c6b71ebcd7213c2858041a7e01975da3a99aed1e7a378ef",
"sha256:a0cd17c15d3bb3fa06978b4e8958dcdc6e0174ccea823003a106c7d4d7899ac5",
"sha256:afd7e57eddb1a54f0f1a974bc4391af8bcce0b444685d936840f125cf046d5bd",
"sha256:b1275ad35a5d18c62a7220633c913e1b42d44b46ee12554e5fd39c70a243d6a3",
"sha256:b786eecbdf8499b9ca1d697215862083bd6d2a99965554781d0d8d1ad31e13a0",
"sha256:ba336e390cd8e4d1739f42dfe9bb83a3cc2e80f567d8805e11b46f4a943f5515",
"sha256:baa90d3f661d43131ca170712d903e6295d1f7a0f595074f151c0aed377c9b9c",
"sha256:bc1bf2925a1ecd43da378f4db9e4f799775d6367bdb94671027b73b393a7c42c",
"sha256:bd4af7373a854424dabd882decdc5579653d7868b8fb26dc7d0e99f823aa5924",
"sha256:bf07ee2fef7014951eeb99f56f39c9bb4af143d8aa3c21b1677805985307da34",
"sha256:bfdf460b1736c775f2ba9f6a92bca30bc2095067b8a9d77876d1fad6cc3b4a43",
"sha256:c8098ddcc2a85b61647b2590f825f3db38891662cfc2fc776415143f599bb859",
"sha256:d2b04aac4d386b172d5b9692e2d2da8de7bfb6c387fa4f801fbf6fb2e6ba4673",
"sha256:d483d2cdf104e7c9fa60c544d92981f12ad66a457afae824d146093b8c294c54",
"sha256:d858aa552c999bc8a8d57426ed01e40bef403cd8ccdd0fc5f6f04a00414cac2a",
"sha256:e7d73685e87afe9f3b36c799222440d6cf362062f78be1013661b00c5c6f678b",
"sha256:f003ed9ad21d6a4713f0a9b5a7a0a79e08dd0f221aff4525a2be4c346ee60aab",
"sha256:f22ac1c3cac4dbc50079e965eba2c1058622631e526bd9afd45fedd49ba781fa",
"sha256:faca3bdcf85b2fc05d06ff3fbc1f83e1391b3e724afa3feba7d13eeab355484c",
"sha256:fca0e3a251908a499833aa292323f32437106001d436eca0e6e7833256674585",
"sha256:fd1592b3fdf65fff2ad0004b5e363300ef59ced41c2e6b3a99d4089fa8c5435d",
"sha256:fd66fc5d0da6d9815ba2cebeb4205f95818ff4b79c3ebe268e75d961704af52f"
"sha256:01179a4a8559ab5de078078f37e5c1a30d76bb88519906844fd7bdea1b7729ff",
"sha256:0833f8694549e586547b576dcfaba4a6b55b9e96098b36cdc7ebefe667dfed48",
"sha256:0a9a2848a5b7feac301353437eb7d5957887edbf81d56e903999a75a3d743086",
"sha256:0b69e4ce7a131fe56b7e4d770c67429700908fc0752af059838b1cfb41960e4e",
"sha256:0ffe8360bab4910ef1b9e87fb812d8bc0a308b0d0eef8c8f44e0254ab3b07133",
"sha256:11d8f3dd2b9c1207dcaf2ee0bbbfd5991f571186ec9cc78427ba5bd32afae4b5",
"sha256:17e311b6c678207928d649faa7cb0d7b4c26a0ba73d41e99c4fff6b6c3276484",
"sha256:1e2120ef853f59c7419231f3bf4e7021f1b936f6ebd222406c3b60212205d2ee",
"sha256:1f71ea527786de97d1a0cc0eacd1defc0985dcf6b3f17bb77dcfc8c34bec4dc5",
"sha256:23502f431948090f597378482b4812b0caae32c22213aecf3b55325e049a6c68",
"sha256:24471b829b3bf607e04e88d79542a9d48bb037c2267d7927a874e6c205ca7e9a",
"sha256:29717114e51c84ddfba879543fb232a6ed60086602313ca38cce623c1d62cfbf",
"sha256:2e99c6826ffa974fe6e27cdb5ed0021786b03fc98e5ee3c5bfe1fd5015f42b99",
"sha256:39693e1f8320ae4f43943590b49779ffb98acb81f788220ea932a6b6c51004d8",
"sha256:3ad2a3decf9aaba3d29c8f537ac4b243e36bef957511b4766cb0057d32b0be85",
"sha256:3b1fdb9dc17f5a7677423d508ab4f243a726dea51fa5e70992e59a7411c89d19",
"sha256:41e4e3953a79407c794916fa277a82531dd93aad34e29c2a514c2c0c5fe971cc",
"sha256:43fa96a3ca0d6b1812e01ced1044a003533c47f6ee8aca31724f78e93ccc089a",
"sha256:50187695423ffe49e2deacb8cd10510bc361faac997de9efef88badc3bb9e2d1",
"sha256:5ac9328ec4831237bec75defaf839f7d4564be1e6b25ac710bd1a96321cc8317",
"sha256:5d225db5a45f21e78dd9358e58a98702a0302f2659a3c6cd320564b75b86f47c",
"sha256:6395c297d42274772abc367baaa79683958044e5d3835486c16da75d2a694631",
"sha256:688ba32a1cffef67fd2e9398a2efebaea461578b0923624778664cc1c914db5d",
"sha256:68ccc6023a3400877818152ad9a1033e3db8625d899c72eacb5a668902e4d652",
"sha256:70b189594dbe54f75ab3a1acec5f1e3faa7e8cf2f1e08d9b561cb41b845f69d5",
"sha256:797b4f722ffa07cc8d62053e4cff1486fa6dc094105d13fea7b1de7d8bf71c9e",
"sha256:7c36280e6fb8385e520936c3cb3b8042851904eba0e58d277dca80a5cfed590b",
"sha256:7e7401d0de89a9a855c839bc697c079a4af81cf878373abd7dc625847d25cbd8",
"sha256:80bab7bfc629882493af4aa31a4cfa43a4c57c83813253626916b8c7ada83476",
"sha256:82d09873e40955485746739bcb8b4586983670466c23382c19cffecbf1fd8706",
"sha256:8388ee1976c416731879ac16da0aff3f63b286ffdd57cdeb95f3f2e085687563",
"sha256:8824b5a04a04a047e72eea5cec3bc266db09e35de6bdfe34c9436ac5ee27d237",
"sha256:8b9c7197f7cb2738065c481a0461e50ad02f18c78cd75775628afb4d7137fb3b",
"sha256:9056c1ecd25795207ad294bcf39f2db3d845767be0ea6e6a34d856f006006083",
"sha256:936d68689298c36b53b29f23c6dbb74de12b4ac12ca6cfe0e047bedceea56180",
"sha256:9b22676e8097e9e22e36d6b7bda33190d0d400f345f23d4065d48f4ca7ae0425",
"sha256:a4d3091415f010369ae4ed1fc6b79def9416358877534caf6a0fdd2146c87a3e",
"sha256:a8786accb172bd8afb8be14490a16625cbc387036876ab6ba70912730faf8e1f",
"sha256:a9f8c2e67970f13b16084e04f134610fd1d374bf477b17ec1599185cf611d725",
"sha256:bc2fa7c6b47d6bc618dd7fb02ef6fdedb1090ec036abab80d4681424b84c1183",
"sha256:c70c95198c015b85feafc136515252a261a84561b7b1d51e3384e0655ddf25ab",
"sha256:cc1c1159b3d456576af7a3e4d1ba7e6924cb39de8f67111c735f6fc832082774",
"sha256:ce826d6ef20b1bc864f0a68340c8b3287705cae2f8b4b1d932177dcc76721725",
"sha256:d584d9ec91ad65861cc08d42e834324ef890a082e591037abe114850ff7bbc3e",
"sha256:d7fded462629cfa4b685c5416b949ebad6cec74af5e2d42905d41e257e0869f5",
"sha256:d84a1718ee396f54f3a086ea0a66d8e552b2ab2017ef8b420e92edbc841c352d",
"sha256:d8e03406cac8513435335dbab54c0d385e4a49e4945d2909a581c83647ca0290",
"sha256:e10ce637b18caea04431ce14fabcf5c64a1c61ec9c56b071a4b7ca131ca52d44",
"sha256:ec031d5d2feb36d1d1a24380e4db6d43695f3748343d99434e6f5f9156aaa2ed",
"sha256:ef6107725bd54b262d6dedcc2af448a266975032bc85ef0172c5f059da6325b4",
"sha256:efdca5630322a10774e8e98e1af481aad470dd62c3170801852d752aa7a783ba",
"sha256:f753120cb8181e736c57ef7636e83f31b9c0d1722c516f7e86cf15b7aa57ff12",
"sha256:ff3824dc5261f50c9b0dfb3be22b4567a6f938ccce4587b38952d85fd9e9afe4"
],
"markers": "python_version >= '3.6'",
"version": "==6.0.1"
"markers": "python_version >= '3.8'",
"version": "==6.0.2"
},
"pyyaml-env-tag": {
"hashes": [

51
blog/.authors.yml Normal file
View File

@ -0,0 +1,51 @@
authors:
contributors:
type: Organization
name: Privacy Guides
description: Various Authors
avatar: https://github.com/privacyguides.png
danarel:
name: Dan Arel
description: Former Team Member
avatar: https://github.com/danarel.png
niek-de-wilde:
name: Niek de Wilde
description: Team Member
avatar: https://github.com/blacklight447.png
dngray:
name: Daniel Gray
description: Team Member
avatar: https://github.com/dngray.png
freddy-m:
name: Freddy
description: Team Member
avatar: https://github.com/freddy-m.png
description_long: |
<a href="https://freddy.lol">Freddy</a> is a founding member of Privacy Guides and the editor of its blog. He writes in American English reluctantly.
jonah:
name: Jonah Aragon
description: Team Member
avatar: https://github.com/jonaharagon.png
description_long: |
<a href="https://www.jonaharagon.com">Jonah Aragon</a> is creating educational resources for average people to understand the importance of privacy and security on the internet, and take back control over their digital lives.
He is known for his work on the Techlore YouTube channel, including the Techlore Talks podcast he co-hosts, and the Privacy Guides non-profit website.
kaitebay:
name: Kai Tebay
description: Former Team Member
avatar: https://github.com/kaitebay.png
matchboxbananasynergy:
name: mbananasynergy
description: Former Team Member
avatar: https://github.com/matchboxbananasynergy.png
mfwmyfacewhen:
name: mfwmyfacewhen
description: Former Team Member
avatar: https://github.com/ghost.png
natebartram:
name: Nate Bartram
description: Guest Contributor
avatar: https://gitlab.com/uploads/-/system/user/avatar/8993331/avatar.png
sam-howell:
name: Sam Howell
description: Guest Contributor
avatar: https://gitlab.com/uploads/-/system/user/avatar/5349522/avatar.png

3
blog/archive/2019.md Normal file
View File

@ -0,0 +1,3 @@
!!! danger "Old Content"
These posts are 5 years old. They may not accurately reflect the current opinion of our team.

3
blog/archive/2020.md Normal file
View File

@ -0,0 +1,3 @@
!!! danger "Old Content"
These posts are 4 years old. They may not accurately reflect the current opinion of our team.

3
blog/archive/2021.md Normal file
View File

@ -0,0 +1,3 @@
!!! danger "Old Content"
These posts are 3 years old. They may not accurately reflect the current opinion of our team.

3
blog/archive/2022.md Normal file
View File

@ -0,0 +1,3 @@
!!! danger "Old Content"
These posts are 2 years old. They may not accurately reflect the current opinion of our team.

Binary file not shown.

After

Width:  |  Height:  |  Size: 1011 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 3.9 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 607 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 415 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 955 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 3.0 MiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 488 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 135 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 590 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 70 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 114 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 93 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 96 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 240 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 49 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 2.4 MiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 144 KiB

View File

@ -0,0 +1,2 @@
<?xml version="1.0" encoding="UTF-8"?>
<svg width="127.99" height="128" version="1.1" viewBox="0 0 33.864 33.867" xmlns="http://www.w3.org/2000/svg"><g transform="translate(-48.383 -89.279)"><g transform="matrix(.083544 0 0 .083551 36.799 77.694)"><path d="m220.51 504.06 120.82 39.937 1.2e-4 4e-5 -143.92-5e-5zm323.49-162.73c0 111.93-90.737 202.67-202.67 202.67-111.93-1e-5 -202.67-90.737-202.67-202.67s90.737-202.67 202.67-202.67c111.93 0 202.67 90.737 202.67 202.67z" fill="#7663f0"/><g transform="translate(-5.1601e-6,-4.0973)"><circle cx="341" cy="433.47" r="23.536" fill="#f9f8fe" stroke-width=".64448"/><circle cx="439.19" cy="375.64" r="23.536" fill="#aaa4ce" stroke-width=".64448"/><circle cx="242.81" cy="375.64" r="23.536" fill="#cba1fe" stroke-width=".64447"/><g stroke-width=".64448"><circle cx="439.19" cy="433.47" r="23.536" fill="#f9f8fe"/><circle cx="439.19" cy="317.82" r="23.536" fill="#aacdf4"/><circle cx="242.81" cy="260" r="23.536" fill="#4b0f9f"/></g><circle cx="242.81" cy="317.82" r="23.536" fill="#aaa4ce" stroke-width=".64447"/><g stroke-width=".64448"><circle cx="242.81" cy="433.47" r="23.536" fill="#f9f8fe"/><circle cx="341" cy="317.82" r="23.536" fill="#4b0f9f"/><circle cx="341" cy="375.64" r="23.536" fill="#aacdf4"/></g><circle cx="439.19" cy="260" r="23.536" fill="#4b0f9f" stroke-width=".64447"/></g></g></g></svg>

After

Width:  |  Height:  |  Size: 1.3 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 785 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 202 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 1.2 MiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 557 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 369 KiB

5
blog/index.md Normal file
View File

@ -0,0 +1,5 @@
---
title: Latest Articles
hide:
- footer
---

1
blog/posts/.meta.yml Normal file
View File

@ -0,0 +1 @@
comments: true

View File

@ -0,0 +1,115 @@
---
date:
created: 2019-11-27
categories:
- Opinion
authors:
- danarel
links:
- Real Time Communication: https://www.privacyguides.org/real-time-communication/
- Types of Communication Networks: https://www.privacyguides.org/real-time-communication/communication-network-types/
tags:
- Instant Messengers
license: BY-SA
---
# Choosing the Right Messenger
!["Choosing The Right Messenger" cover image](../assets/images/choosing-the-right-messenger/cover.png)
One of the most common questions users have when it comes to privacy is about messaging services. It seems almost all of them mention some level of privacy or encryption to entice the user to sign up for their service, but how can you be sure youre using the most secure, privacy respecting platform?<!-- more -->
The answer actually lies in ones [threat model](https://www.privacyguides.org/basics/threat-modeling/), which is often an ignored step in choosing all privacy related apps and services, meaning a lot of users limit their internet and communication experience because they believe they need Edward Snowden level privacy settings.
The truth is, each user needs to decide what their privacy goals are. Is your goal to stop corporations from tracking you, targeting you, and profiting from your data? Or, are you are trying to hide communications from the government or law enforcement, which is common for journalists and activists who want to protect their sources or communications from government eyes?
Once you understand your goals you can start to look at messengers and their upsides and downsides, and its important to remember, there is no perfect solution. Each service, no matter how secure can be compromised, because at the end of the day, youre dealing with other humans who can screenshot, copy, or forward your messages to parties you did not intend to see them. So, its also important to know who you are messaging, verifying their keys, and ensuring that you place the utmost trust in them with the content you are sending.
If your goal is to simply avoid corporate tracking and the harvesting of your data from your communications, you can eliminate apps such as Facebook Messenger and WhatsApp, both services owned by Facebook and while offering encrypted messaging (optional in Messenger), Facebook [reads your non-encrypted messages](https://web.archive.org/web/20210729190737/https://www.digitaltrends.com/social-media/facebook-reads-messenger-messages/), and WhatsApp has [fallen victim](https://web.archive.org/web/20210729190737/https://www.forbes.com/sites/zakdoffman/2019/05/14/whatsapps-cybersecurity-breach-phones-hit-with-israeli-spyware-over-voice-calls/#734cec155549) to security breaches.
For this type of user, your options are much more wide as you may be more willing to share your email address or phone number at signup and can be less concerned with metadata (we will get to that shortly), and you want to look for a messenger that simply isnt scanning your content or behavior to sell it.
If your goal is to evade more massive state-sponsored surveillance programs, the aforementioned apps are out of the question, but so are many others.
This is because when it comes to these apps, and other like it, you dont own the encryption keys, the service does, so they are able to decrypt your messages, for their own use, or for the use of government officials who request it. This is something important youll want to remember as you choose the messenger that is right for you.
Even Apples iMessage, which is encrypted, while more secure than Facebooks offerings, still control the keys and can access your messages if necessary. Apple does also collect data based on your behavior, so while using iMessage isnt the same as handing your data over to Facebook, youre still messaging with a variety of privacy vulnerabilities. On Android, youre using SMS messages which are even less secure and can be [easily hijacked](https://web.archive.org/web/20210729190737/https://www.theverge.com/2017/9/18/16328172/sms-two-factor-authentication-hack-password-bitcoin) by someone with just enough know-how.
## Metadata
One important aspect of messaging apps you need to be sure of is what kind of [metadata](https://ssd.eff.org/en/glossary/metadata) it exposes, what is encrypted and what isnt.
Wire, a popular encrypted messenger app has always been criticized for its decision not to encrypt user metadata, such as the date and time of registration, IP geographical coordinates, and the date and time of creation, creator, name, and list of participants in a conversation.
Metadata can be used to place you in a certain location, speaking to a certain person and can be used against you by law enforcement, even if they have no idea and no access to what the conversation was about.
Apps such as Signal, or Wickr encrypt metadata, making the conversations between two or more parties more secure and harder to track individual users with.
When it comes to avoiding corporate data mining, your metadata wont be as useful, especially if youre using a service that is not profiting from your data to begin with. For those avoiding state-sponsored surveillance, [metadata can be a killer](https://web.archive.org/web/20210729190737/https://theintercept.com/2019/08/04/whistleblowers-surveillance-fbi-trump/).
## Encryption
This article will not get into the complexities of the best kinds of end-to-end encryption (E2EE), but ensuring your messenger has it, that must be discussed.
The popular messaging app Telegram has come under fire the most for this. Telegram says on their homepage that, “Telegram messages are heavily encrypted and can self-destruct.” Yet, this statement is only partially true. Yes, you can set your messages to self-destruct, a great privacy feature for some, and yes, they do offer encryption, but what they dont tell users is that encryption isnt turned on by default.
In an [interview](https://web.archive.org/web/20210729190737/https://gizmodo.com/why-you-should-stop-using-telegram-right-now-1782557415) with Gizmodo, Christopher Soghoian, Principal Technologist and Senior Policy Analyst at the American Civil Liberties Union said that, "There are many Telegram users who think they are communicating in an [end-to-end] encrypted way, when theyre not because they dont realize that they have to turn on an additional setting,” he continued to say that while hes happy they offer the encryption, its not useful if its turned off.
Apps such as Signal, Keybase, and Wickr offer E2EE by default. Less popular but quickly growing apps such as Element, offer E2EE but like Telegram, have not made it a default setting, though the Matrix.org team has [said](https://web.archive.org/web/20210729190737/https://github.com/vector-im/element-web/issues/6779) that default encryption is on their road map.
Ensuring your conversations and metadata are E2EE is one of the best practices you can have when choosing a messenger.
## Registration Process
When it comes to your goals and threat model, you will need to decide how much, if any, information youre willing to give this company on signup. Do they require a phone number and or SIM card? Do they require an email address, or do they allow completely anonymous signups, and how anonymous is anonymous? Are they storing that info (remember the metadata) unencrypted?
Giving up your phone number or email wont be a big deal for many, as any good privacy policy will state they wont use it for any purpose other than those youve granted permission for. Yet, for those avoiding state-sponsored surveillance, you may have a regularly changing number, no number, or would rather not risk giving that information up. Same goes for email.
So, you will want to find a service that fits this need. While Signal is currently testing signup without a phone number, currently youre unable to do so. Element, Wickr, many XMPP services, dont require anything but choosing a username.
## Source Code
Open source may be the most used phrase in all of privacy and security, and for good reason. Its really helpful to be able to review the source code of the product youre trusting. Experts can look for backdoors, leaks, and other bugs. Organizations that opt to open source their code are showing good faith effort to increase trust between them and the user.
Yet, open source can also limit your options, again, depending on your threat model and goals. Signal, Wire, and Keybase all offer open source repositories of their applications, and sometimes even the server software itself.
Open source also doesnt mean secure. This is often misunderstood, and people hear open source and assume it must be good. Look at the apps code you want to use, you dont need to be able to check it, but are others? An open source app that no one follows, or contributes to is no more or less secure than a closed source app.
Wickr, Threema, and others are closed source. They dont offer the ability to check the source, but that doesnt immediately rule them out either. When the Electronic Frontier Foundation (EFF) had a comparison chart for messenger apps, it gave Wickr 5-stars. This doesnt mean its perfect for someone like Snowden, but for those avoiding Facebook and Google, it could be a usable option.
Its also important to remember theres no way to check that someone is always using the source code in their repository in the app or server youre downloading from the Apple Store or Google Play. When it comes to this, reputation becomes a key player in your decision, as does trust, which we will get to next.
If youre unsure what to do here, its always a safe bet to stick with open source that has a large contributor base and strong reputation. Its always best to use open source options when they are available and only recommend closed source when there isnt a usable open source option. This is generally a good way to pick a messenger app as well.
## Ownership & Trust
An often overlooked, but increasingly important part of choosing a secure messenger is, who owns the company thats providing your service? What would the gain or lose from selling your data and who does the company answer to?
Wire [recently lost](https://web.archive.org/web/20210729190737/https://blog.privacytools.io/delisting-wire/) a great deal of trust and standing in the privacy world because they quietly sold their company and moved it to the US. They also changed parts of their privacy policy making it harder for users to tell when Wire would share customer data. They did all of this while never updating their current users of such changes, either to the change of the privacy policy, or the move to the US.
Wire also took in more than $8 million in venture capital funding. So now, users wanted to know more about who owned their data and what jurisdictional rights were changing with the move from Europe to the United States?
These are questions we must ask of all services. Wire now has investors to answer to who will want a return on their millions of dollars.
Signal on the other hand is a [non-profit](https://signal.org/blog/signal-foundation/) which does not rely on investors and instead relies on donations, sponsorships, and grants. Because of their non-profit status in the US, they must also be highly transparent about not only where the money comes from, but how they spend it. So, users can see where this money goes, and who its going to.
Matrix.org (the service Element uses) runs a similar business model as Signal, located in the UK instead of the US, they reply on donations, partnerships, and grants. Matrix.org is heavily supported by New Vector, a venture capital backed company, however, Matrix.org as a non-profit is transparent about its spending, income, and influences.
Not all services are non-profit, and that should not rule them out immediately. You can also follow their funding goals. Wire lost credibility because instead of simply relying on user signups, they wanted to be the next Skype for Business and wanted to build a larger enough user base to get the attention of investors. Meanwhile apps such as Wickr, while for-profit, is transparent about taking limited investors to become sustainable on subscriptions.
This can take some time, because its important to know who the investors are, and what the organizational goals are. Will they eventually need to resort to data harvesting to sustain itself, if they do, and you decide to leave the platform, will you leave behind data you dont want them to get their hands on?
## Making Your Choice
Now its time to choose a messenger and no one can do that for you. Popularity will need to play a role here, theres no point in joining the new up and coming messenger service if you dont have a single contact using it as well. One reason Telegram has been so popular is they have managed to convince more than 100 million people to sign up. If you sign in today, youll likely see a group of your friends in there. Signal isnt as far behind, and others are catching up.
Youll need to decide who you trust, and who your other contacts trust, and then compare all of that with your goals and your threat model. How much information are you willing to give on signup, does metadata matter to your threat model, and is the service youre choosing likely to sell itself to the highest bidder once enough people sign up?
The important thing to remember is there is no one size fits all for messengers, and that each user must decide what is best for them. If someone is an avid WhatsApp or Facebook Messenger user, even Telegram is a step in the right direction. Yet, if that user is concerned with more than just giving data over to Facebook, they may need to look at more secure options.
Ensure you keep your messenger apps up to date. You dont want to discover youve been compromised because a bug found in version 1 was fixed in version 2 but you didnt bother upgrading your apps.
One last piece of advice is that users need to be diligent and never become complacent in their decision. You must be willing to change services if the goals and values of your messenger of choice change in a way that no longer match yours. Look for news of sales, mergers, or acquisitions that could compromise the organization.
---
*Dan Arel is a journalist, author, and privacy advocate. This article was originally published to [Hacker Noon](https://hackernoon.com/choosing-the-right-messenger-mm3x2z47) on November 27th, 2019.*

View File

@ -0,0 +1,43 @@
---
date:
created: 2019-11-12
categories:
- Announcements
authors:
- niek-de-wilde
links:
- posts/relisting-startpage.md
- Search Engines: https://www.privacyguides.org/en/search-engines/
tags:
- Search Engines
---
# Delisting Startpage From Privacy Guides
!["Delisting Startpage" cover image](../assets/images/delisting-startpage/cover.png)
Dear *Privacy Guides* Community,
On the 15th of October, it was [brought to our attention](https://web.archive.org/web/20201127034309/https://www.reddit.com/r/privacy/comments/di5rn3/startpage_is_now_owned_by_an_advertising_company/) that Startpage.com was reportedly (partially?) taken over by a company called the Privacy One Group, which is in turn owned by a company called System1. We found this quite remarkable as the two companies seem to have conflicting business models.<!-- more --> Startpage has been known for basing their advertisements on what their users enter in their search bar. System1 on the other hand, is a pay-per-click advertising company that "[has developed a pre-targeting platform that identifies and unlocks consumer intent across channels including social, native, email, search, market research and lead generation rather than relying solely on what consumers enter into search boxes.](https://web.archive.org/web/20201127034309/https://www.bizjournals.com/losangeles/news/2017/09/20/system1-raises-270-million-for-consumer-intent.html)"
We reached out to System1 CEO [Ian Weingarten](https://web.archive.org/web/20201127034309/https://finance.yahoo.com/news/system1-appoints-ian-weingarten-ceo-185700741.html) for an explanation. We received a very general response that did not address key questions.
Seemingly prompted by our ongoing concerns, Startpage released a public letter addressed to us from their CEO, and hosted a [Q&A](https://web.archive.org/web/20201127034309/https://www.reddit.com/r/StartpageSearch/comments/djshn3/hello_reddit_startpage_mod_team/) on their Subreddit to try and explain the situation. While some of our questions were answered, we noted that the company seemed to be evasive, essentially restating information from a previously published [blog post](https://web.archive.org/web/20201127034309/https://www.startpage.com/blog/company-updates/startpage-and-privacy-one-group/) or posting the same response to different questions. People had to really dig to get answers and puzzle all information together, instead of getting a clearly explained and comprehensive answer from the start. Requests for clarification to some important questions went ignored.
Because of the conflicting business model and the unusual way the company reacted, claiming to be fully transparent but being evasive at the same time, we have no choice but to de-list Startpage from our recommendations until it is fully transparent about its new ownership and data processing. Remaining questions include:
- The % of Startpage and Surfboard Holding B.V. (the Startpage holding company) System1 acquired in December 2018.
- The current % ownership by System1 at the time of the audit (and any other major owners).
- Information about Privacy One Group Ltd. Where is it registered and in what city, state and country does it operate? (We have not been able to verify registration information.)
- A diagram of data flows, including flows to outside organizations, like System1, Privacy One etc.
This de-listing does not necessarily mean Startpage is violating its privacy policy. We have no evidence of that. But because there are still so many unanswered questions, we can no longer recommend the service with good confidence. If Startpage aims to be re-considered, they will have to answer the questions above, preferably along with an explanation of why it took them so long to get proper answers out to the public.
Sincerely,
Blacklight447
*Privacy Guides*
---
**2020-05-03:** Startpage has answered all of our questions for them and has clarified their policies. We have decided to recommend their service again, and you can read our latest [announcement](relisting-startpage.md) for more details.
**2023-10-23:** This post has been edited to reflect the team's move from [PrivacyTools](https://www.privacyguides.org/en/about/privacytools/) to Privacy Guides.

View File

@ -0,0 +1,40 @@
---
date:
created: 2019-11-19
categories:
- Announcements
authors:
- danarel
links:
- Real Time Communication: https://www.privacyguides.org/en/real-time-communication/
- Types of Communication Networks: https://www.privacyguides.org/en/advanced/communication-network-types/
tags:
- Instant Messengers
---
# Delisting Wire From Privacy Guides
!["Delisting Wire" cover image](../assets/images/delisting-wire/cover.png)
It has recently come to the attention of the *Privacy Guides* team that **Wire**, the popular end-to-end encryption messaging platform [has been sold or moved to a US company](https://web.archive.org/web/20201128215737/https://forum.privacytools.io/t/wire-swiss-gmbh-is-now-owned-by-a-usa-holding-company/1932). After a week of questioning, Wire finally confirmed they had changed holding companies and would now be a US based company in a move they called “simple and pragmatic,” as they worked to expand their foothold in the enterprise market. This also came alongside the news that Wire had accepted more than $8 million in Venture Capital (VC) funding from Morpheus Ventures, as well as other investors.<!-- more -->
Morpheus Ventures holds a [portfolio](https://web.archive.org/web/20201128215737/https://morpheus.com/portfolio/) including companies in healthcare, voice AI, life insurance, and retail customer data analytics: All sectors that have historically used invasive data collection methods to survive. Why would a VC with a portfolio centered on consumer data want to invest in a company whose mission claims to protect that very same information?
Earlier this year, Wire announced they had entered a partnership with [FedResults](https://web.archive.org/web/20201128215737/https://www.globenewswire.com/news-release/2019/07/10/1880912/0/en/Wire-and-FedResults-Partner-to-Offer-End-to-End-Encrypted-Collaboration-Platform-to-Government-Agencies.html), in a move that would bring Wire's secure messaging platform to US federal agencies. This raised a few eyebrows, but did not alarm the privacy community as Wire remained Swiss based and beholden to Switzerland's strict privacy laws. Today however, while much of Wire's business will continue to be run out of their Swiss offices, with new US-based ownership it is not entirely clear how much jurisdiction the United States will have over Wire data.
This is alarming because it is well known that Wire [stores unencrypted metadata](https://web.archive.org/web/20201128215737/https://www.vice.com/en_us/article/gvzw5x/secure-messaging-app-wire-stores-everyone-youve-ever-contacted-in-plain-text) for every user.
In an interview with [TechCrunch](https://web.archive.org/web/20201128215737/https://techcrunch.com/2019/11/13/messaging-app-wire-confirms-8-2m-raise-responds-to-privacy-concerns-after-moving-holding-company-to-the-us/), Wire CEO Morten Brøgger said of privacy laws: “We are in Switzerland, which has the best privacy laws in the world” — its subject to Europes General Data Protection Regulation framework (GDPR) on top of its own local laws — “and Wire now belongs to a new group holding, but there no change in control.” [sic]
Even if he is correct, the move and statement do bring up further questions. With Wire now being a US company with contracts partnering it with US federal authorities, will those authorities now have leverage to compel Wire to give up metadata on users? Wire has investors to answer to and will not be able to risk losing large deals with clients like the US federal government. This is of course a hypothetical situation, but one to be considered nonetheless as we decide which services to recommend on [*Privacy Guides*](https://www.privacyguides.org/en/tools/).
Wire also quietly made an adjustment to its own privacy policy. A [previous version](https://web.archive.org/web/20180324221043/https://wire.com/en/legal/#privacy-7) of the policy (July 18, 2017) stated it would only share user data when required by law. Now (Updated September 1, 2018), it reads they will share user data when "necessary." What does necessary mean, and necessary to whom? Necessary to law enforcement, shareholders, or advertisers? The word "necessary" is an alarming change because "necessary" is purposefully vague terminology that could conceivably be used as a tool to justify any action. This change doesn't leave the user with much confidence as to when the company may share your data.
Yet another red flag, and one of the more important ones to us, was is that Wire decided not to disclose this policy change to its users, and when asked why, Brøgger was flippant in his response, stating: “Our evaluation was that this was not necessary. Was it right or wrong? I dont know.”
We feel we do know, and the answer was that it was wrong. Privacy and security are not built solely on strong technology, but on trust. Yes, we can review Wire's open source code on GitHub, but we can't ever be sure that code is the same exact code that runs on their servers in practice. Yet, we have trusted them in the past because Wire had built a trustworthy reputation for themselves. We now feel that Wire has lost this reputation. By deciding to withhold information regarding its ownership and policies from its users, Wire has broken the trust our community has placed in it, and worse yet sounds almost dismissive of the worries voiced by the privacy community that had long held them in high regard.
Because of these ongoing concerns, and this break in trust in Wire's organization, *Privacy Guides* has made the decision to remove Wire from its recommendations. It is worth noting that does not necessarily mean Wire is unsafe, but we believe it is our duty to recommend products that we as a team feel comfortable standing behind. We need to believe in the security, privacy, and integrity of our recommendations, and we no longer feel we can do that with Wire at this time.
---
**2023-10-23:** This post has been edited to reflect the team's move from [PrivacyTools](https://www.privacyguides.org/en/about/privacytools/) to Privacy Guides.

View File

@ -0,0 +1,71 @@
---
date:
created: 2021-12-01
categories:
- Reviews
authors:
- dngray
links:
- 'Desktop Browsers<br><small>Firefox</small>': https://www.privacyguides.org/desktop-browsers/#firefox
tags:
- Browsers
- Firefox
license: CC0
---
# Firefox Privacy: 2021 Update
![Firefox Privacy cover](../assets/images/firefox-privacy/cover.png)
A lot changed between 2019 and now, not least in regards to Firefox. Since our last post, Mozilla has [improved](https://blog.mozilla.org/en/products/firefox/latest-firefox-rolls-out-enhanced-tracking-protection-2-0-blocking-redirect-trackers-by-default/) privacy with [Enhanced Tracking Protection (ETP)](https://blog.mozilla.org/en/products/firefox/firefox-now-available-with-enhanced-tracking-protection-by-default/). Earlier this year Mozilla introduced [Total Cookie Protection](https://blog.mozilla.org/security/2021/02/23/total-cookie-protection/) (Dynamic First Party Isolation dFPI). This was then further tightened with [Enhanced Cookie Clearing](https://blog.mozilla.org/security/2021/08/10/firefox-91-introduces-enhanced-cookie-clearing/). Were also looking very forward to [Site Isolation](https://blog.mozilla.org/security/2021/05/18/introducing-site-isolation-in-firefox/) (code named Fission) being enabled by default in the coming releases.<!-- more -->
Now that so many privacy features are built into the browser, there is little need for extensions made by third-party developers. Accordingly, we have updated our very outdated [browser](https://www.privacyguides.org/desktop-browsers/) section. If youve got an old browser profile we suggest **creating a new one**. Some of the old advice may make your browser *more* unique.
## Privacy Tweaks “about:config”
Were no longer recommending that users set `about:config` switches manually. Those switches need to be up to date and continuously maintained. They should be studied before blindly making modifications. Sometimes their behaviour changes in between Firefox releases, is superseded by other keys or they are removed entirely. We do not see any point in duplicating the efforts of the community [Arkenfox](https://github.com/arkenfox/user.js) project. Arkenfox has very good documentation in their [wiki](https://github.com/arkenfox/user.js/wiki) and we use it ourselves.
## LocalCDN and Decentraleyes
These extensions arent required with Total Cookie Protection (TCP), which is enabled if youve set Enhanced Tracking Protection (ETP) to **Strict**.
Replacing scripts on CDNs with local versions is not a comprehensive solution and is a form of [enumeration of badness](https://www.ranum.com/security/computer_security/editorials/dumb/). While it may work with some scripts that are included it doesnt help with most other third-party connections.
CDN extensions never really improved privacy as far as sharing your IP address was concerned and their usage is fingerprintable as this Tor Project developer [points out](https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/22089#note_2639603). They are the wrong tool for the job and are not a substitute for a good VPN or Tor. Its worth noting the [resources](https://git.synz.io/Synzvato/decentraleyes/-/tree/master/resources) for Decentraleyes are hugely out of date and would not be likely used anyway.
## NeatURLs and ClearURLS
Previously we recommended ClearURLs to remove tracking parameters from URLs you might visit. These extensions are no longer needed with uBlock Origins [`removeparam`](https://github.com/gorhill/uBlock/wiki/Static-filter-syntax#removeparam) feature.
## HTTPS Everywhere
The EFF announced back in September they were [deprecating HTTPS-Everywhere](https://www.eff.org/deeplinks/2021/09/https-actually-everywhere) as most browsers now have an HTTPS-Only feature. We are pleased to see privacy features built into the browser and Firefox 91 introduced [HTTPS by Default in Private Browsing](https://blog.mozilla.org/security/2021/08/10/firefox-91-introduces-https-by-default-in-private-browsing/).
## Multi Account Containers and Temporary Containers
Container extensions arent as important as they used to be for privacy now that we have [Total Cookie Protection](https://blog.mozilla.org/security/2021/02/23/total-cookie-protection/).
Multi Account Container will still have some use if you use [Mozilla VPN](https://en.wikipedia.org/wiki/Mozilla_VPN) as it is going to be [integrated](https://github.com/mozilla/multi-account-containers/issues/2210) allowing you to configure specified containers to use a particular VPN server. Another use might be if you want to login to multiple accounts on the same domain.
## Just-In-Time Compilation (JIT)
What is “Disable JIT” in Bromite? This option disables the JavaScript performance feature [JIT](https://en.wikipedia.org/wiki/Just-in-time_compilation). It can increase security but at the cost of performance. Those trade-offs vary wildly and are explored in [this](https://microsoftedge.github.io/edgevr/posts/Super-Duper-Secure-Mode/) publication by Johnathan Norman from the Microsoft Edge team. This option is very much a security vs performance option.
## Mozilla browsers on Android
We dont recommend any Mozilla based browsers on Android. This is because we dont feel that [GeckoView](https://mozilla.github.io/geckoview) is quite as secure as it could be as it doesnt support [site isolation](https://hacks.mozilla.org/2021/05/introducing-firefox-new-site-isolation-security-architecture), soon to be coming in desktop browsers or [isolated processes](https://bugzilla.mozilla.org/show_bug.cgi?id=1565196).
We also noticed that there isnt an option for [HTTPS-Only mode](https://github.com/mozilla-mobile/fenix/issues/16952#issuecomment-907960218). The only way to get something similar is to install the [deprecated](https://www.eff.org/deeplinks/2021/09/https-actually-everywhere) extension [HTTPS Everywhere](https://www.eff.org/https-everywhere).
There are places which Firefox on Android shines for example browsing news websites where you may want to *partially* load some JavaScript (but not all) using medium or hard [blocking mode](https://github.com/gorhill/uBlock/wiki/Blocking-mode). The [reader view](https://support.mozilla.org/en-US/kb/view-articles-reader-view-firefox-android) is also pretty cool. We expect things will change in the future, so were keeping a close eye on this.
## Fingerprinting
Firefox has the ability to block known third party [fingerprinting resources](https://blog.mozilla.org/security/2020/01/07/firefox-72-fingerprinting/). Mozilla has [advanced protection](https://support.mozilla.org/kb/firefox-protection-against-fingerprinting) against fingerprinting (RFP is enabled with Arkenfox).
We do not recommend extensions that promise to change your [browser fingerprint](https://blog.torproject.org/browser-fingerprinting-introduction-and-challenges-ahead/). Some of those extensions [are detectable](https://www.cse.chalmers.se/~andrei/codaspy17.pdf) by websites through JavaScript and [CSS](https://hal.archives-ouvertes.fr/hal-03152176/file/style-fingerprinting-usenix.pdf) methods, particularly those which inject anything into the web content.
This includes **all** extensions that try to change the user agent or other browser behaviour to prevent fingerprinting. We see these often recommended on Reddit and would like to say that they will likely make you more unique and can be circumvented. Arkenfox has [a good list](https://github.com/arkenfox/user.js/wiki/4.1-Extensions) of extensions you could use, and a list of ones you [needn't bother with](https://github.com/arkenfox/user.js/wiki/4.1-Extensions#-dont-bother). We also like to say testing sites which show you how unique you are in a set of users are often using hugely tainted results that are not indicative of real-world usage.
----------
*Special thanks to [Thorin-Oakenpants](https://github.com/Thorin-Oakenpants) and [Tommy](https://tommytran.io) for their help with providing advice and further documentation during the research phase.*

View File

@ -0,0 +1,153 @@
---
date:
created: 2019-11-09
categories:
- Reviews
authors:
- jonah
links:
- posts/firefox-privacy-2021-update.md
tags:
- Browsers
- Firefox
license: BY-SA
---
# Firefox Privacy: Tips and Tricks for Better Browsing
!["Firefox Privacy" cover image](../assets/images/firefox-privacy/cover.png)
Mozilla Firefox is one of the most popular web browsers around, and for good reason. It's fast, secure, open-source, and it's backed by an organization that actually respects your privacy. Unlike many other Chrome alternatives and forks, it has a massive development team behind it that publishes new updates on a constant, regular basis. Regular updates doesn't only mean shiny new features, it means you'll also receive security updates that will keep you protected as you browse the web.<!-- more -->
Because of all of this, [we recommend Firefox](https://www.privacyguides.org/desktop-browsers/#firefox) as our general-purpose browser for most users. It's the best alternative to Chrome and Edge for privacy conscious individuals.
Firefox is fantastic out of the box, but where it really shines is customizability. By adjusting Firefox privacy settings and using helpful add-ons, you can increase your privacy and security even further. Making those changes is what we're going to go over in this Firefox privacy guide.
Before we get started, there's a couple things that should be noted that are not only applicable to this guide, but privacy in general:
## Considerations
Protecting your privacy online is a tricky proposition, there are so many factors to take into consideration on an individual basis for any one guide or site to cover comprehensively. You will need to take into account things like threat modeling and your general preferences before making any changes or following any recommendations.
### Threat Modeling
What is [threat modeling](https://www.privacyguides.org/basics/threat-modeling/)? Consider who you're trying to keep your data hidden from. Do you need to keep your information hidden from the government, or just the average stranger? Maybe you are just looking to alternatives to Big Tech like Google and Facebook. You'll also want to consider how much time and resources you want to spend hiding your data from those "threats". Some solutions might not be feasible from a financial or time standpoint and you'll have to make compromises. Taking all those questions into account creates a basic threat model for you to work with.
We want to publish a more complete guide on threat modeling in the future, so stay tuned to this blog for further updates. But for now, just keep those thoughts in the back of your mind as we go through this article. Not every solution might be for you, or conversely you may need to pay more attention to certain areas we aren't able to cover completely.
### Browser Fingerprinting
Another consideration is your browser's fingerprint. When you visit a web page, your browser voluntarily sends information about its configuration, such as available fonts, browser type, and add-ons. If this combination of information is unique, it may be possible to identify and track you without using more common tracking tools, like cookies.
That's right, add-ons contribute to your fingerprint. Another thing a lot of people miss when they are setting up their browser is that more is not always the best solution to their problems. You don't need to use every add-on and tweak we recommend installed, and the more you configure the greater chance there is that your browser will appear more unique to websites. Think about your specific situation and pick and choose the add-ons and tweaks we recommend only if you think they will help you.
## Firefox Privacy Settings
We'll start off with the easy solutions. Firefox has a number of privacy settings built in, no add-ons necessary! Open your Options page (Preferences on macOS) and we'll go through them one at a time.
### DNS over HTTPS
DNS (or the Domain Name System) is what your browser uses to turn domain names like `privacyguides.org` into IP addresses like `65.109.20.157`. Because computers can only make connections to IP addresses, it's necessary to use DNS every time you visit a new domain. But DNS is unencrypted by default, that means everyone on your network (including your ISP) can view what domains you're looking up, and in some situations even change the IP answers to redirect you to their own websites! Encrypting your DNS traffic can shield your queries and add some additional protection to your browsing.
Encrypted DNS takes many forms: DNS over HTTPS (DoH), DNS over TLS, DNSCrypt, etc., but they all accomplish the same thing. They keep your DNS queries private from your ISP, and they make sure they aren't tampered with in transit between your DNS provider. Fortunately, Firefox recently added native DoH support to the browser. On the **General** page of your preferences, scroll down to and open **Network Settings**. At the bottom of the window you will be able to select "Enable DNS over HTTPS" and choose a provider.
Keep in mind that by using DoH you're sending all your queries to a single provider, probably Cloudflare unless you choose [another provider](https://www.privacyguides.org/dns/) that supports DNS over HTTPS. While it may add some privacy protection from your ISP, you're only shifting that trust to the DoH provider. Make sure that's something you want to do.
It should also be noted that even with DoH, your ISP will still be able to see what domain you're connecting to because of a technology called Server Name Indication (SNI). Until SNI is encrypted as well, there's no getting around it. Encrypted SNI (eSNI) is in the works — and can actually be [enabled on Firefox](https://blog.cloudflare.com/encrypt-that-sni-firefox-edition/) today — but it only works with a small number of servers, mainly ones operated by Cloudflare, so its use is limited currently. Therefore, while DoH provides some additional privacy and integrity protections, its use as a privacy tool is limited until other supplemental tools like eSNI and [DNSSEC](https://www.icann.org/resources/pages/dnssec-what-is-it-why-important-2019-03-05-en) are finalized and implemented.
### Change Your Search Engine
This is an easy one. In the **Search** tab, change your **Default Search Engine** to something other than Google. Out of the built-in options, DuckDuckGo is the most privacy respecting service, but there's a number of [search engines we would recommend](https://www.privacyguides.org/search-engines/) that can be easily installed as well.
### Enhanced Tracking Protection
Now we'll delve into the biggest set of options for people like us, Firefox's **Privacy & Security** tab. First up is their **Enhanced Tracking Protection**. This set of filters is set to Standard by default, but we'll want to change it to Strict for more comprehensive coverage.
In rare occasions, Strict browsing protections might cause some of the websites you visit to not function properly. But there's no need to worry! If you suspect the Strict browsing protection is breaking a website you visit frequently, you can disable it on a site by site basis with the shield icon in the address bar.
Disabling Enhanced Tracking Protection will of course decrease your privacy on that site, so you will have consider whether that's something you are willing to compromise on, on a site-by-site basis.
Another benefit of Firefox's Enhanced Tracking Protection is that it can actually speed up your browsing! Advertising networks and social media embeds can sometimes make your browser download huge files just to show an ad or a like button, and blocking those out trims the fat, in a sense.
### Disabling Telemetrics
When you use Firefox, Mozilla collects information about what you do, what kind of extensions you have installed, and various other aspects of your browser. While they claim to do this in a privacy-respecting way, sending as little data as possible is always preferred from a privacy standpoint, so we would go ahead and uncheck all the boxes under **Firefox Data Collection and Use** just to be safe.
### Clearing Cookies and Site Data
This one is for more advanced users, so if you don't understand what this is doing you can skip this section. Firefox provides the option to delete all your cookies and site data every time Firefox is closed. Cookies and site data are little pieces of information sites store in your browser, and they have a myriad of uses. They are used for things like keeping you logged in and saving your website preferences, but they also can be used to track you across different websites. By deleting your cookies regularly, your browser will appear clean to websites, making you harder to track.
This will likely log you out of websites quite often, so make sure that's an inconvenience you're willing to put up with for enhanced privacy.
## Firefox Privacy Add-Ons
Of course, just the browser settings alone won't go quite far enough to protect your privacy. Mozilla has made a lot of compromises in order to provide a more functional browsing experience for the average user, which is completely understandable. But, we can take it even further with some browser add-ons that prevent tracking and make your experience more private and secure.
[We recommend a number of fantastic add-ons](https://www.privacyguides.org/desktop-browsers/#ublock-origin) for Firefox, nine at the time of writing, but they aren't all necessary for everyone. Some of them provide redundant functionality to each other, and some of them accomplish similar tasks to the settings we've enabled above.
When you are installing add-ons for Firefox, consider whether you actually need them for your personal browsing. Remember that fingerprinting warning from earlier? Adding as many extensions as possible might make you stand out more, which is not the goal.
Keeping all that in mind, there are three add-ons I would consider necessary for virtually every user:
- uBlock Origin
- HTTPS Everywhere
- Decentraleyes
Out of the box, these add-ons only complement the settings we've described in this article already, and they have sane defaults that won't break the sites you visit.
### uBlock Origin
[**uBlock Origin**](https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/) is an efficient ad- and tracker-blocker that is easy on memory, and yet can load and enforce thousands more filters than competing blockers. We trust it because it is completely open-source. Additionally, unlike its competitors it has no monetization strategy: There's no "Acceptable" ads program or a similar whitelist like many other adblockers feature.
### HTTPS Everywhere
HTTPS is the secure, encrypted version of HTTP. When you see an address starting with `https://` along with the padlock in your browser's address bar, you know that your connection to the website is completely secure. This is of course important when you're logging into websites and sending your passwords and emails in a form. But it also prevents people on your network and your ISP from snooping in on what you're reading, or changing the contents of an unencrypted webpage to whatever they want.
Therefore, [**HTTPS Everywhere**](https://www.eff.org/https-everywhere) is a must-have extension, all it does is upgrade your HTTP connections to HTTPS wherever possible. And because it works silently in the background, you probably will never notice it! We trust HTTPS Everywhere because it is completely open-source, and is developed by the Electronic Frontier Foundation, a non-profit dedicated to private and secure technologies.
Of course, it only works with sites that support HTTPS on the server's side, so you'll still need to keep an eye on your address bar to make sure you're securely connected. But fortunately more and more websites have implemented HTTPS thanks to the advent of free certificates from organizations like Let's Encrypt.
### Decentraleyes
When you connect to many websites, your browser is most likely making connections to a myriad of "Content Delivery Networks" like Google Fonts, Akamai, and Cloudflare, to download fonts and Javascript that make the website run. This generally makes websites look and feel better, but it means you're constantly making connections to these servers, allowing them to build a fairly accurate tracking profile of you.
[**Decentraleyes**](https://addons.mozilla.org/en-US/firefox/addon/decentraleyes) works by impersonating those CDNs locally in your browser. When a website wants to download a program like jQuery, instead of connecting to a remote CDN Decentraleyes will serve the file from its own cache of files. This means that you'll won't have to make remote CDN connections for the files that Decentraleyes supports, and therefore the remote CDNs can't track your browser. Because everything is stored locally instead of on a far away server, Decentraleyes has the added benefit of speeding up your browsing as well. Everything happens instantly, and you won't see a difference in the websites you visit.
### Additional Privacy Add-Ons
There is of course more functionality that can be achieved at the expense of more time spent configuring your browser and reduced website functionality. If you're looking for the most privacy options possible however, they may be for you. Check out our [desktop browsers recommendations page](https://www.privacyguides.org/desktop-browsers/) for further information and additional resources.
## More Privacy Functionality
Firefox has developed a number of other privacy tools that can be used to enhance your privacy or security. They may be worth looking into, but they have some drawbacks that would prevent me from recommending them outright.
### Firefox Private Network
Firefox Private Network is a new extension developed by Mozilla that serves as a [Virtual Private Network](https://www.privacyguides.org/basics/vpn-overview/) (VPN), securing you on public WiFi networks and other situations where you might trust Mozilla more than the ISP or network administrator. It is free in beta, but will likely be available at some subscription pricing once the test pilot ends.
Firefox Private Network is still just a VPN, and there are a number of drawbacks you would want to consider before using it. We wrote an entire article on [choosing a VPN provider](https://www.jonaharagon.com/posts/choosing-a-vpn/) that is worth a read, but it boils down to the fact that your VPN provider will be able to see your web traffic. All you are accomplishing is shifting the trust from your network to the VPN provider, in this case *Cloudflare*, the operators behind this service.
Additionally, unlike a traditional VPN, only data through the Firefox browser is protected, not every app on your machine. This means that it won't adequately protect you from many of the threats people typically want to protect against when they use a VPN, like IP leaks.
And finally, Cloudflare and Mozilla are both US companies. There are a number of concerns with entrusting internet traffic to the US and other fourteen eyes countries that should not be overlooked.
If you require a Virtual Private Network, we would look elsewhere. There are a number of [recommended providers](https://www.privacyguides.org/vpn/) like Mullvad that will provide a better experience at a low cost.
### Multi-Account Containers
Mozilla has an in-house add-on called [Multi-Account Containers](https://support.mozilla.org/en-US/kb/containers) that allows you to isolate websites from each other. For example, you could have Facebook in a container separate from your other browsing. In this situation, Facebook would only be able to set cookies with your profile on sites within the container, keeping your other browsing protected.
A containers setup may be a good alternative to techniques like regularly deleting cookies, but requires a lot of manual intervention to setup and maintain. If you want complete control of what websites can do in your browser, it's definitely worth looking into, but we wouldn't call it a necessary addition by any means.
## Additional Resources
[Desktop Browsers (Privacy Guides)](https://www.privacyguides.org/desktop-browsers/) — Our comprehensive set of recommendations for browsers and tweaks you can make to enhance your privacy is a great next step for more advanced users looking to protect their privacy online.
[arkenfox user.js](https://github.com/arkenfox/user.js) — For more advanced users, the arkenfox user.js is a "configuration file that can control hundreds of Firefox settings [...] which aims to provide as much privacy and enhanced security as possible, and to reduce tracking and fingerprinting as much as possible - while minimizing any loss of functionality and breakage".
[Mozilla's Privacy Policy](https://www.mozilla.org/en-US/privacy/) — Of course, we always recommend reading through the privacy statement of any organization you deal with, and Mozilla is no exception.
## Firefox Privacy Summary
In conclusion, we believe that Firefox is the most promising browser for privacy-conscious individuals. The non-profit behind it seems truly dedicated to promoting user control and privacy, and the good defaults coupled with the sheer customizability of the browser allow you to truly protect your information when you browse the web.
For more Firefox privacy-related information, or for recommendations for non-desktop platforms, give our full page on [web browsers](https://www.privacyguides.org/desktop-browsers/) a read.

View File

@ -0,0 +1,79 @@
---
date:
created: 2022-04-21
authors:
- contributors
categories:
- Opinion
tags:
- GrapheneOS
- CalyxOS
links:
- General Android Overview: https://www.privacyguides.org/android/overview/
- Android Recommendations: https://www.privacyguides.org/android/
license: BY-SA
---
# Should You Use GrapheneOS or CalyxOS?
GrapheneOS and CalyxOS are often compared as similar options for people looking for an alternative Android OS for their Pixel devices. Below are some of the reasons why we recommend GrapheneOS over CalyxOS.<!-- more -->
## Update Frequency
CalyxOS has a track record of being slower to apply security and feature updates to its OS and core applications than other custom Android operating systems. Timely security updates are one of the most important factors to consider when determining whether an OS is secure enough for regular use, which is a requirement for privacy.
In contrast to that, GrapheneOS manages to stay close to upstream and in some cases even [deliver updates before the stock OS does](https://grapheneos.org/features#more-complete-patching).
As an example, [GrapheneOS's first Android 12 release](https://grapheneos.org/releases#2021102020) was in October 2021, whereas [CalyxOS moved to Android 12](https://calyxos.org/news/2022/01/19/android-12-changelog/) in January 2022.
## Sandboxed Google Play vs Privileged microG
When Google Play Services are used on GrapheneOS, they are confined using the highly restrictive, default [`untrusted_app`](https://source.android.com/security/selinux/concepts) [SELinux](https://en.wikipedia.org/wiki/Security-Enhanced_Linux) domain. As a result, you have full control as to what these apps can access via permissions, just like any other app you install. Additionally, you can selectively choose which profile(s) to install the Sandboxed Google Play in.
microG is a partially open-source re-implementation of Google Play Services.[^1] On CalyxOS, it runs in the highly privileged [`system_app`](https://source.android.com/security/selinux/concepts) SELinux domain like regular Google Play Services, and it uses [signature spoofing](https://github.com/microg/GmsCore/wiki/Signature-Spoofing) to masquerade as Google Play Services. This is less secure than Sandboxed Google Play's approach, which does not need access to sensitive system APIs.
When using Sandboxed Google Play, you have the option to reroute location requests to the Play Services API back to the OS location API, which uses satellite based location services. With microG, you have the option to choose between different backend location providers, including *shifting trust* to another location backend, like Mozilla; using [DejaVu](https://github.com/n76/DejaVu), a location backend that locally collects and saves RF-based location data to an offline database which can be used when GPS is not available; or to simply not use a network location backend at all.
Network location providers like Play Services or Mozilla rely the on the MAC addresses of surrounding WiFi access points and Bluetooth devices being submitted for location approximation. Choosing a network location like Mozilla to use with microG provides little to no privacy benefit over Google because you are still submitting the same data and trusting them to not profile you.
Local RF location backends like DejaVu require that the phone has a working GPS first for the local RF data collected to be useful. This makes them less effective as location providers, as the job of a location provider is to assist location approximation when satellite based services are not working.
If your [threat model](https://www.privacyguides.org/basics/threat-modeling/) requires protecting your location or the MAC addresses of nearby devices, rerouting location requests to the OS location API is probably the best option. The benefit brought by microG's custom location backend is minimal at best when compared to Sandboxed Google Play.
In terms of application compatibility, ==Sandboxed Google Play on GrapheneOS is always going to be more compatible== as it is the same code as what is released by Google. microG is a reimplementation of these services. As a result, it only supports the various parts that have been reimplemented, meaning some things such as [Google Play Games](https://play.google.com/googleplaygames) and [In-app Billing API](https://developer.android.com/google/play/billing) are not yet supported.
Larger apps, especially games, require [Play Asset Delivery](https://android-developers.googleblog.com/2020/06/introducing-google-play-asset-delivery.html) to be installed, which is currently not implemented in microG. Authentication using [FIDO](https://www.privacyguides.org/basics/multi-factor-authentication#fido-fast-identity-online) with online services on Android also relies on Play Services, and does not currently work with microG.
[^1]: It should be noted that microG still uses proprietary Google binaries for some of its components such as DroidGuard. Push notifications, if enabled, still go through Google's servers just like with Play Services. Outside of default microG setups like on CalyxOS, it is possible to run microG in the unprivileged [`untrusted app`](https://source.android.com/security/selinux/concepts) SELinux domain and without the signature spoofing patch. However, microG's functionality and compatibility, which is already not nearly as broad as Sandboxed Google Play, will greatly diminish.
## Privileged eSIM Activation Application
Currently, eSIM activation is tied to a privileged proprietary application by Google. The app has the `READ_PRIVILEGED_PHONE_STATE` permission, giving Google access to your hardware identifiers such as the IMEI.
On GrapheneOS, the app comes disabled and you can *optionally* enable it after installing Sandboxed Google Play.
On CalyxOS, the app comes installed by default (regardless of whether you choose to have microG or not) and you cannot opt-out. This means that Google still has access to your hardware identifiers regardless of whether or not you need eSIM activation and they can be accessed persistently.
## Privileged App Extensions
Android 12 comes with special support for seamless app updates with [third-party app stores](https://android-developers.googleblog.com/2020/09/listening-to-developer-feedback-to.html). The popular Free and Open-Source Software (FOSS) repository [F-Droid](https://f-droid.org) doesn't implement this feature and requires a [privileged extension](https://f-droid.org/en/packages/org.fdroid.fdroid.privileged) to be included with the Android distribution in order to have unattended app updates.
CalyxOS includes the [privileged extension](https://f-droid.org/en/packages/org.fdroid.fdroid.privileged), which may lower device security.
On the other hand, GrapheneOS officially recommends [Sandboxed Google Play](https://grapheneos.org/usage#sandboxed-google-play) instead. Many FOSS Android apps are also in Google's Play Store but sometimes they are not (like [NewPipe](https://www.privacyguides.org/frontends#newpipe-android)). In those cases, you can [keep up with updates using RSS](https://www.privacyguides.org/android/#manually-with-rss-notifications).
## Profiles
GrapheneOS significantly improves [user profiles](https://www.privacyguides.org/android/overview#user-profiles) in [multiple ways](https://grapheneos.org/features#improved-user-profiles), such as increasing the limit of how many profiles you can create (32 instead of the standard 4), allowing you to log out of user profiles, disabling app installation, and notification forwarding. All of these improvements make it so user profiles can be daily driven without sacrificing too much usability.
CalyxOS doesn't feature any improvements to user profiles over AOSP, and instead includes a device controller app so that the [work profile](https://www.privacyguides.org/android/overview#work-profile) can be used without needing to download a third party app such as [Shelter](https://www.privacyguides.org/android/#shelter). However, work profiles are not nearly as flexible (as you're limited to only one) and don't provide the same amount of isolation and security.
## Additional Hardening
GrapheneOS improves upon [AOSP](https://source.android.com/) security with:
- **Hardened WebView:** Vanadium WebView requires [64-bit](https://en.wikipedia.org/wiki/64-bit_computing) processes on the [WebView](https://developer.android.com/reference/android/webkit/WebView) process and disables legacy [32-bit](https://en.wikipedia.org/wiki/32-bit_computing) processes. It uses hardened compiler options such as [`-fwrapv`](https://gcc.gnu.org/onlinedocs/gcc/Code-Gen-Options.html) and [`-fstack-protector-strong`](https://gcc.gnu.org/onlinedocs/gcc-4.9.3/gcc/Optimize-Options.html), which can help protect against [stack buffer overflows](https://en.wikipedia.org/wiki/Stack_buffer_overflow). [API](https://en.wikipedia.org/wiki/API)s such as the [battery status API](https://chromestatus.com/feature/4537134732017664) are disabled for privacy reasons. All system apps on GrapheneOS use the Vanadium WebView which means that apps which use WebView will also benefit from Vanadium's hardening. The [Vanadium patch set](https://github.com/GrapheneOS/Vanadium) is a lot more comprehensive than CalyxOS's [Chromium patch set](https://gitlab.com/CalyxOS/chromium-patches) which is derived from it.
- **Hardened Kernel:** GrapheneOS kernel includes some hardening from the [linux-hardened](https://github.com/GrapheneOS/linux-hardened) project and the [Kernel Self Protection Project (KSPP)](https://kernsec.org/wiki/index.php/Kernel_Self_Protection_Project). CalyxOS uses the [same kernel](https://calyxos.org/docs/development/build/kernel/) as regular Android with some minor modifications.
- **Hardened Memory Allocator:** GrapheneOS uses the [hardened malloc](https://github.com/GrapheneOS/hardened_malloc) subproject as its memory allocator. This focuses on hardening against [memory heap corruption](https://en.wikipedia.org/wiki/Memory_corruption). CalyxOS uses the default AOSP [Scudo Malloc](https://source.android.com/devices/tech/debug/scudo), which is generally [less effective](https://twitter.com/danielmicay/status/1033671709197398016). Hardened Malloc has uncovered vulnerabilities in AOSP which have been [fixed](https://github.com/GrapheneOS/platform_system_core/commit/be11b59725aa6118b0e1f0712572e835c3d50746) by GrapheneOS such as [CVE-2021-0703](https://nvd.nist.gov/vuln/detail/CVE-2021-0703).
- **Secure Exec Spawning:** GrapheneOS [spawns](https://en.wikipedia.org/wiki/Spawn_(computing)) fresh processes as opposed to using the [Zygote model](https://ayusch.com/android-internals-the-android-os-boot-process) used by AOSP and CalyxOS. The Zygote model weakens [Address Space Layout Randomization](https://en.wikipedia.org/wiki/Address_space_layout_randomization) (ASLR) and is considered [less secure](https://wenke.gtisc.gatech.edu/papers/morula.pdf). Creating [fresh processes](https://grapheneos.org/usage#exec-spawning) is safer but will have some performance penalty when launching a new application. These penalties are not really noticeable unless you have an [old device](https://support.google.com/nexus/answer/4457705) with slow storage such as the Pixel 3a/3a XL as it has [eMMC](https://en.wikipedia.org/wiki/MultiMediaCard#eMMC).
**Please note that these are just a few examples and are not an extensive list of GrapheneOS's hardening**. For a more complete list, please read GrapheneOS' [official documentation](https://grapheneos.org/features).

View File

@ -0,0 +1,51 @@
---
date:
created: 2022-06-09
categories:
- Opinion
authors:
- danarel
links:
- posts/move-fast-and-break-things.md
- posts/choosing-the-right-messenger.md
tags:
- Government
license: BY-SA
---
# Hide Nothing
In the wake of the September 11, 2001, attack on the United States, the US government enacted laws that weakened citizen privacy in the name of national emergency. This sent up many red flags for human rights and privacy advocates.<!-- more -->
These concerns were met with “if you have nothing to hide, you have nothing to fear.” The argument goes that if you're not doing anything illegal, then these violations of your privacy shouldn't bother you. If you care about privacy, you clearly can't be up to anything good.
On the surface, this seems true to many people but the reality is very different. We may not have had anything to hide in the immediate aftermath of 9/11, but that was not the only information being sought after by governments. Indeed, following the passage of the Patriot Act in the US, the FBI issued 192,499 [National Security Letters](https://www.aclu.org/other/national-security-letters), meaning they collected the records and online activity of nearly 200,000 people.
In the end it only convicted one person.
Now, many have argued that stopping one terrorist might be worth giving up some security for, but [according](https://www.aclu.org/issues/national-security/privacy-and-surveillance/surveillance-under-patriot-act) to the ACLU, the conviction would have occurred without the Patriot Act.
Many legal actions you take today could be deemed illegal by future laws or future government. In the US today there is discussion around the possibility of Roe v. Wade being overturned, allowing states to outlaw abortions. You may not currently feel the need to hide internet searches, menstrual cycle apps, or donations to women's health clinics today because it's not illegal, but tomorrow that information could be used against you.
In countries were organizing around political dissent is legal, that doesn't mean the government is tracking those taking part and using that information to create informants or infiltrate such groups. Or worse, when or if laws change, using that surveillance to punish those involved.
And even if you break away from the legal aspects, we all have something to hide. You may not be ready to reveal your sexual or gender identity, but your internet usage could potentially do that for you. You don't want to make your bank account public; you have that information to hide. And you can continue to list things about your life you'd just rather not make public, regardless of potential legality.
In July of 2021, a Catholic priest by the name of Jeffrey Burrill lost his job and was forced to resign after data collected through his cell phone showed that he was active on the gay dating app Grindr, and that he had visited multiple gay bars in the area. [According](https://www.washingtonpost.com/religion/2021/07/20/bishop-misconduct-resign-burrill/) to the *Washington Post*:
> “A mobile device correlated to Burrill emitted app data signals from the location-based hookup app Grindr on a near-daily basis during parts of 2018, 2019, and 2020 —– at both his USCCB office and his USCCB-owned residence, as well as during USCCB meetings and events in other cities,” the Pillar reported.
>
> “The data obtained and analyzed by The Pillar conveys mobile app date signals during two 26-week periods, the first in 2018 and the second in 2019 and 2020. The data was obtained from a data vendor and authenticated by an independent data consulting firm contracted by The Pillar,” the site reported. It did not identify who the vendor was or if the site bought the information or got it from a third party.
>
> The Pillar story says app data “correlated” to Burrill's phone shows the priest visited gay bars, including while traveling for the USCCB.
While it was not clear who was tracking Burrill's device, the Post went on to say that:
> Privacy experts have long raised concerns about “anonymized” data collected by apps and sold to or shared with aggregators and marketing companies. While the information is typically stripped of obviously identifying fields, like a user's name or phone number, it can contain everything from age and gender to a device ID. It's possible for experts to de-anonymize some of this data and connect it to real people.
While Burrill was without a doubt in violation of his work's own code of conduct, he did decide on his own to be a priest. However, his personal life was not harming others and was just that, his personal life. While the question looms about who was tracking him to begin with and why, the fact it was so easy to do is alarming.
What if Burrill wasn't a priest, but just happened to work for someone who held anti-homosexual views who used this data to out him, humiliate him, and fire him under false pretenses? This data, which should be private could (and likely did in the real-life circumstance) ruin his life.
That is what makes internet privacy so important. It's not hiding nefarious activity, it's that we all have an innate right to our privacy.
You might not feel today that you have anything to hide, but you might not feel that way tomorrow and once something is public, it cannot be made private again.

View File

@ -0,0 +1,79 @@
---
date:
created: 2023-02-26
categories:
- Announcements
authors:
- freddy-m
- dngray
- niek-de-wilde
tags:
- Privacy Guides
license: BY-SA
---
# Privacy Guides Is Now Multilingual
It's finally here. After countless requests, Privacy Guides now has translations.
People have always asked us for translations to other languages because our team and community produces high quality, reliable, honest, and researched content. Our [previous site](https://blog.privacyguides.org/2021/09/14/welcome-to-privacy-guides) never had a system for this. All translations were done manually, and translators would quickly lose interest. Translated sites would be outdated and lay unmaintained on domains that we didn't own. Privacy Guides now has a proper system.<!-- more -->
Our site runs [Material for MkDocs](https://squidfunk.github.io/mkdocs-material/), which supports [internationalization](https://squidfunk.github.io/mkdocs-material/setup/changing-the-language/). This allows us to provide language specific content without the mammoth effort previously required.
## What we're planning
You can expect translations of this blog and lots more content. We will add languages to the site when they near completion. That way they can be checked to make sure they maintain the high quality that people have come to expect from the rest of Privacy Guides.
### Translators
We'd also like to remind everyone you can stay up to date with the main site by looking at [our release page](https://github.com/privacyguides/privacyguides.org/releases), this will show major changes to the main content. You can subscribe with a [News Aggregator](https://www.privacyguides.org/news-aggregators):
- [privacyguides.org (Releases)](https://github.com/privacyguides/privacyguides.org/releases.atom).
- [privacyguides.org (Commit log)](https://github.com/privacyguides/privacyguides.org/commits/main.atom)
- [blog.privacyguides.org](https://blog.privacyguides.org/feed_rss_created.xml)
- [blog.privacyguides.org (Commit log)](https://github.com/privacyguides/blog.privacyguides.org/commits/main.atom)
The blog doesn't have releases, but articles are generally published in a complete state and only updated with minor changes.
Feel free to check out our localization room on Matrix [#pg-i18n:aragon.sh](https://matrix.to/#/%23pg-i18n:aragon.sh) if you have any questions on getting started. You can [find us on Crowdin](https://crowdin.com/project/privacyguides).
Please note that the English version of the site is the primary version, meaning changes occur there first. This means it is still possible that specific languages may be behind. If you notice such an instance please help out. We cannot guarantee the accuracy of all our translations. If you have a suggestion about content specific to your region, please open an issue or pull request to our [main repository](https://github.com/privacyguides/privacyguides.org).
#### Some tips for translators
Crowdin has good documentation and we suggest looking at their [Getting Started](https://support.crowdin.com/crowdin-intro/) guide. Our site is in [Markdown](https://en.wikipedia.org/wiki/Markdown), so it should be easy to chip in.
#### Admonitions
Throughout the site we use MkDocs's [admonitions](https://squidfunk.github.io/mkdocs-material/reference/admonitions/#usage), to show information to readers about the products such as `example`, `warning`, `tip`, etc.
By default when admonitions are used they will have an English string on the site. This can be [customized](https://squidfunk.github.io/mkdocs-material/reference/admonitions/#changing-the-title), without too much effort. For example if you were translating and admonition of type [warning](https://squidfunk.github.io/mkdocs-material/reference/admonitions/#type:warning) to Dutch, this is how you would write it:
```text
!!! warning "Waarschuwing"
```
Downloads are a [custom admonition](https://squidfunk.github.io/mkdocs-material/reference/admonitions/#custom-admonitions) that we use and you would write that like:
```text
??? downloads "Downloaden"
```
The same goes for other types, such as `tip`, `example` etc. Recommendations are also admonitions, but they do not need overriding, because the default has no text, so they are always:
```text
!!! recommendation
```
#### Translation software
Translation software gets the translation quite reliable. We've found [DeepL](https://www.deepl.com/en/translator) works well however, attention does need to be given that the translated string is correct.
For example:
```text
![Software logo](assets/img/path/to/image.svg){ align=right }
```
We have sometimes found that the syntax for inserting an image like above was missing the `![` or an extra space was placed between the text and the path, eg `](`. If a translation string is clearly not correct, we encourage you to **delete** it by pressing the trash icon [or vote](https://support.crowdin.com/enterprise/getting-started-for-volunteers/#voting-view) which one you think sounds best. When invalid strings are deleted they are removed from the organization's [translation memory](https://support.crowdin.com/enterprise/translation-memory), meaning that when the source string is seen again, it won't suggest the incorrect translation.
We'd like to thank the [translation team](