privacyguides/privacyguides.org
1
1
Fork 0
mirror of https://github.com/privacyguides/privacyguides.org.git synced 2026-05-28 14:19:26 +00:00
Code Issues Activity

style!: Remove all mkdocs-material icon references

Browse Source
This commit is contained in:
Jonah Aragon
2026-05-18 17:55:18 -05:00
parent 52d2965b0b
commit 26607bf4dd
68 changed files with 575 additions and 614 deletions
Download Patch File Download Diff File Expand all files Collapse all files
content/wiki/basics/common-misconceptions/index.md
+1 -1
View File
@@ -8,7 +8,7 @@ description: Privacy isn't a straightforward topic, and it's easy to get caught
These myths stem from a number of prejudices, but whether the source code is available and how software is licensed does not inherently affect its security in any way. <mark>Open-source software has the *potential* to be more secure than proprietary software, but there is absolutely no guarantee this is the case.</mark> When you evaluate software, you should look at the reputation and security of each tool on an individual basis.
Open-source software *can* be audited by third-parties, and is often more transparent about potential vulnerabilities than proprietary counterparts. It also allows you to review the code and disable any suspicious functionality you find yourself. However, *unless you do so*, there is no guarantee that code has ever been evaluated, especially with smaller software projects. The open development process has also sometimes been exploited to introduce new vulnerabilities known as [:material-package-variant-closed-remove: Supply Chain Attacks](../common-threats/index.md#attacks-against-certain-organizations){ .pg-viridian }, which are discussed further in our [Common Threats](../common-threats/index.md) page.[^1]
Open-source software *can* be audited by third-parties, and is often more transparent about potential vulnerabilities than proprietary counterparts. It also allows you to review the code and disable any suspicious functionality you find yourself. However, *unless you do so*, there is no guarantee that code has ever been evaluated, especially with smaller software projects. The open development process has also sometimes been exploited to introduce new vulnerabilities known as [Supply Chain Attacks](../common-threats/index.md#attacks-against-certain-organizations){ .pg-viridian }, which are discussed further in our [Common Threats](../common-threats/index.md) page.[^1]
On the flip side, proprietary software is less transparent, but that doesn't imply that it's not secure. Major proprietary software projects can be audited internally and by third-party agencies, and independent security researchers can still find vulnerabilities with techniques like reverse engineering.
content/wiki/basics/common-threats/index.md
+30 -33
View File
@@ -6,47 +6,47 @@ description: Your threat model is personal to you, but these are some of the thi
Broadly speaking, we categorize our recommendations into the [threats](../threat-modeling/index.md) or goals that apply to most people. <mark>You may be concerned with none, one, a few, or all of these possibilities</mark>, and the tools and services you use depend on what your goals are. You may have specific threats outside these categories as well, which is perfectly fine! The important part is developing an understanding of the benefits and shortcomings of the tools you choose to use, because virtually none of them will protect you from every threat.
<span class="pg-purple">:material-incognito: **Anonymity**</span>
<span class="pg-purple">**Anonymity**</span>
: Shielding your online activity from your real identity, protecting you from people who are trying to uncover *your* identity specifically.
: Shielding your online activity from your real identity, protecting you from people who are trying to uncover *your* identity specifically.
<span class="pg-red">:material-target-account: **Targeted Attacks**</span>
<span class="pg-red">**Targeted Attacks**</span>
: Being protected from hackers or other malicious actors who are trying to gain access to *your* data or devices specifically.
: Being protected from hackers or other malicious actors who are trying to gain access to *your* data or devices specifically.
<span class="pg-viridian">:material-package-variant-closed-remove: **Supply Chain Attacks**</span>
<span class="pg-viridian">**Supply Chain Attacks**</span>
: Typically, a form of <span class="pg-red">:material-target-account: Targeted Attack</span> that centers around a vulnerability or exploit introduced into otherwise good software either directly or through a dependency from a third party.
: Typically, a form of <span class="pg-red">Targeted Attack</span> that centers around a vulnerability or exploit introduced into otherwise good software either directly or through a dependency from a third party.
<span class="pg-orange">:material-bug-outline: **Passive Attacks**</span>
<span class="pg-orange">**Passive Attacks**</span>
: Being protected from things like malware, data breaches, and other attacks that are made against many people at once.
: Being protected from things like malware, data breaches, and other attacks that are made against many people at once.
<span class="pg-teal">:material-server-network: **Service Providers**</span>
<span class="pg-teal">**Service Providers**</span>
: Protecting your data from service providers (e.g. with E2EE, which renders your data unreadable to the server).
: Protecting your data from service providers (e.g. with E2EE, which renders your data unreadable to the server).
<span class="pg-blue">:material-eye-outline: **Mass Surveillance**</span>
<span class="pg-blue">**Mass Surveillance**</span>
: Protection from government agencies, organizations, websites, and services which work together to track your activities.
: Protection from government agencies, organizations, websites, and services which work together to track your activities.
<span class="pg-brown">:material-account-cash: **Surveillance Capitalism**</span>
<span class="pg-brown">**Surveillance Capitalism**</span>
: Protecting yourself from big advertising networks, like Google and Facebook, as well as a myriad of other third-party data collectors.
: Protecting yourself from big advertising networks, like Google and Facebook, as well as a myriad of other third-party data collectors.
<span class="pg-green">:material-account-search: **Public Exposure**</span>
<span class="pg-green">**Public Exposure**</span>
: Limiting the information about you that is accessible online—to search engines or the public.
: Limiting the information about you that is accessible online—to search engines or the public.
<span class="pg-blue-gray">:material-close-outline: **Censorship**</span>
<span class="pg-blue-gray">**Censorship**</span>
: Avoiding censored access to information or being censored yourself when speaking online.
: Avoiding censored access to information or being censored yourself when speaking online.
Some of these threats may be more important to you than others, depending on your specific concerns. For example, a software developer with access to valuable or critical data may be primarily concerned with <span class="pg-viridian">:material-package-variant-closed-remove: Supply Chain Attacks</span> and <span class="pg-red">:material-target-account: Targeted Attacks</span>. They will likely still want to protect their personal data from being swept up in <span class="pg-blue">:material-eye-outline: Mass Surveillance</span> programs. Similarly, many people may be primarily concerned with <span class="pg-green">:material-account-search: Public Exposure</span> of their personal data, but they should still be wary of security-focused issues, such as <span class="pg-orange">:material-bug-outline: Passive Attacks</span>—like malware affecting their devices.
Some of these threats may be more important to you than others, depending on your specific concerns. For example, a software developer with access to valuable or critical data may be primarily concerned with <span class="pg-viridian">Supply Chain Attacks</span> and <span class="pg-red">Targeted Attacks</span>. They will likely still want to protect their personal data from being swept up in <span class="pg-blue">Mass Surveillance</span> programs. Similarly, many people may be primarily concerned with <span class="pg-green">Public Exposure</span> of their personal data, but they should still be wary of security-focused issues, such as <span class="pg-orange">Passive Attacks</span>—like malware affecting their devices.
## Anonymity vs. Privacy
<span class="pg-purple">:material-incognito: Anonymity</span>
<span class="pg-purple">Anonymity</span>
Anonymity is often confused with privacy, but they're distinct concepts. While privacy is a set of choices you make about how your data is used and shared, anonymity is the complete disassociation of your online activities from your real identity.
@@ -54,7 +54,7 @@ Whistleblowers and journalists, for example, can have a much more extreme threat
## Security and Privacy
<span class="pg-orange">:material-bug-outline: Passive Attacks</span>
<span class="pg-orange">Passive Attacks</span>
Security and privacy are also often confused, because you need security to obtain any semblance of privacy: Using tools—even if they're private by design—is futile if they could be easily exploited by attackers who later release your data. However, the inverse isn't necessarily true: The most secure service in the world *isn't necessarily* private. The best example of this is trusting data to Google who, given their scale, have had few security incidents by employing industry-leading security experts to secure their infrastructure. Even though Google provides very secure services, very few people would consider their data private in Google's free consumer products (Gmail, YouTube, etc.)
@@ -67,24 +67,22 @@ To minimize the damage that a malicious piece of software *could* do, you should
>
> Desktop operating systems generally lag behind on proper sandboxing. ChromeOS has similar sandboxing capabilities to Android, and macOS has full system permission control (and developers can opt in to sandboxing for applications). However, these operating systems do transmit identifying information to their respective OEMs. Linux tends to not submit information to system vendors, but it has poor protection against exploits and malicious apps. This can be mitigated somewhat with specialized distributions which make significant use of virtual machines or containers, such as [Qubes OS](../../../tools/os/desktop/index.md#qubes-os).
## Attacks against Specific Individuals
<span class="pg-red">:material-target-account: Targeted Attacks</span>
<span class="pg-red">Targeted Attacks</span>
Targeted attacks against a specific person are more problematic to deal with. Common attacks include sending malicious documents via email, exploiting vulnerabilities (e.g. in browsers and operating systems), and physical attacks. If this is a concern for you, you should employ more advanced threat mitigation strategies.
> [!TIP]
> By design, **web browsers**, **email clients**, and **office applications** typically run untrusted code, sent to you from third parties. Running multiple virtual machines—to separate applications like these from your host system, as well as each other—is one technique you can use to mitigate the chance of an exploit in these applications compromising the rest of your system. For example, technologies like Qubes OS or Microsoft Defender Application Guard on Windows provide convenient methods to do this.
If you are concerned about **physical attacks** you should use an operating system with a secure verified boot implementation, such as Android, iOS, macOS, or [Windows (with TPM)](https://learn.microsoft.com/windows/security/information-protection/secure-the-windows-10-boot-process). You should also make sure that your drive is encrypted, and that the operating system uses a TPM or Secure [Enclave](https://support.apple.com/guide/security/secure-enclave-sec59b0b31ff/1/web/1) or [Element](https://developers.google.com/android/security/android-ready-se) to rate limit attempts to enter the encryption passphrase. You should avoid sharing your computer with people you don't trust, because most desktop operating systems don't encrypt data separately per-user.
## Attacks against Certain Organizations
<span class="pg-viridian">:material-package-variant-closed-remove: Supply Chain Attacks</span>
<span class="pg-viridian">Supply Chain Attacks</span>
Supply chain attacks are frequently a form of <span class="pg-red">:material-target-account: Targeted Attack</span> towards businesses, governments, and activists, although they can end up compromising the public at large as well.
Supply chain attacks are frequently a form of <span class="pg-red">Targeted Attack</span> towards businesses, governments, and activists, although they can end up compromising the public at large as well.
> [!NOTE]
> A notable example of this occurred in 2017 when M.E.Doc, a popular accounting software in Ukraine, was infected with the *NotPetya* virus, subsequently infecting people who downloaded that software with ransomware. NotPetya itself was a ransomware attack which impacted 2000+ companies in various countries, and was based on the *EternalBlue* exploit developed by the NSA to attack Windows computers over the network.
@@ -105,7 +103,7 @@ These sorts of attacks can require a lot of time and preparation to perform and
## Privacy from Service Providers
<span class="pg-teal">:material-server-network: Service Providers</span>
<span class="pg-teal">Service Providers</span>
We live in a world where almost everything is connected to the internet. Our "private" messages, emails, and social interactions are typically stored on a server, somewhere. Generally, when you send someone a message it's stored on a server, and when your friend wants to read the message the server will show it to them.
@@ -124,7 +122,7 @@ Even with E2EE, service providers can still profile you based on **metadata**, w
## Mass Surveillance Programs
<span class="pg-blue">:material-eye-outline: Mass Surveillance</span>
<span class="pg-blue">Mass Surveillance</span>
Mass surveillance is the intricate effort to monitor the "behavior, many activities, or information" of an entire (or substantial fraction of a) population.[^1] It often refers to government programs, such as the ones [disclosed by Edward Snowden in 2013](https://en.wikipedia.org/wiki/Global_surveillance_disclosures_(2013%E2%80%93present)). However, it can also be carried out by corporations, either on behalf of government agencies or by their own initiative.
@@ -150,7 +148,7 @@ If you're concerned about mass surveillance programs, you can use strategies lik
## Surveillance as a Business Model
<span class="pg-brown">:material-account-cash: Surveillance Capitalism</span>
<span class="pg-brown">Surveillance Capitalism</span>
> Surveillance capitalism is an economic system centered around the capture and commodification of personal data for the core purpose of profit-making.[^3]
@@ -160,11 +158,11 @@ Additionally, even companies outside the *AdTech* or tracking industry can share
## Limiting Public Information
<span class="pg-green">:material-account-search: Public Exposure</span>
<span class="pg-green">Public Exposure</span>
The best way to keep your data private is simply not making it public in the first place. Deleting unwanted information you find about yourself online is one of the best first steps you can take to regain your privacy.
- [View our guide on account deletion :material-arrow-right-drop-circle:](../account-deletion/index.md)
- [View our guide on account deletion](../account-deletion/index.md)
On sites where you do share information, checking the privacy settings of your account to limit how widely that data is spread is very important. For example, enable "private mode" on your accounts if given the option: This ensures that your account isn't being indexed by search engines, and that it can't be viewed without your permission.
@@ -172,7 +170,7 @@ If you've already submitted your real information to sites which shouldn't have
## Avoiding Censorship
<span class="pg-blue-gray">:material-close-outline: Censorship</span>
<span class="pg-blue-gray">Censorship</span>
Censorship online can be carried out (to varying degrees) by actors including totalitarian governments, network administrators, and service providers. These efforts to control communication and restrict access to information will always be incompatible with the human right to Freedom of Expression.[^5]
@@ -185,7 +183,6 @@ People concerned with the threat of censorship can use technologies like [Tor](.
>
> You should consider which aspects of the network your adversary can observe, and whether you have plausible deniability for your actions. For example, using [encrypted DNS](../../advanced/dns-overview/index.md#what-is-encrypted-dns) can help you bypass rudimentary, DNS-based censorship systems, but it can't truly hide what you are visiting from your ISP. A VPN or Tor can help hide what you are visiting from network administrators, but can't hide that you're using those networks in the first place. Pluggable transports (such as Obfs4proxy, Meek, or Shadowsocks) can help you evade firewalls that block common VPN protocols or Tor, but your circumvention attempts can still be detected by methods like probing or [deep packet inspection](https://en.wikipedia.org/wiki/Deep_packet_inspection).
You must always consider the risks of trying to bypass censorship, the potential consequences, and how sophisticated your adversary may be. You should be cautious with your software selection, and have a backup plan in case you are caught.
[^1]: Wikipedia: [*Mass Surveillance*](https://en.wikipedia.org/wiki/Mass_surveillance) and [*Surveillance*](https://en.wikipedia.org/wiki/Surveillance).
content/wiki/basics/hardware/index.md
+2 -6
View File
@@ -40,7 +40,6 @@ Most computers and phones come equipped with a TPM (or a similar secure cryptopr
> [!NOTE]
> Virtual TPMs are susceptible to side-channel attacks and external TPMs, as a result of being separate from the CPU on the motherboard, are vulnerable to [sniffing](https://pulsesecurity.co.nz/articles/TPM-sniffing) when an attacker has access to the hardware. The solution to this problem is to include the secure processor inside the CPU itself, which is the case for Apple's chips and Microsoft's [Pluton](https://microsoft.com/en-us/security/blog/2020/11/17/meet-the-microsoft-pluton-processor-the-security-chip-designed-for-the-future-of-windows-pcs).
### Biometrics
Many devices come equipped with a fingerprint reader or face recognition capabilities. These can be very convenient, but they aren't perfect and sometimes fail. Most devices will fall back to a PIN or password when this happens, meaning that the security of your devices is still only as good as your password.
@@ -52,7 +51,6 @@ Most implementations of face authentication require you to be looking at your ph
> [!WARNING]
> Some devices do not have the proper hardware for secure face authentication. There are two main types of face authentication: 2D and 3D. 3D face authentication makes use of a dot projector that lets the device create a 3D depth map of your face. Make sure that your device has this capability.
Android defines three [security classes](https://source.android.com/docs/security/features/biometric/measure#biometric-classes) for biometrics; you should check that your device is Class 3 before enabling biometrics.
### Device Encryption
@@ -69,8 +67,8 @@ Some threats can't be protected against by your internal components alone. Many
Hardware keys are devices that use strong cryptography to authenticate you to a device or account. The idea is that because they can not be copied, you can use them to secure accounts in such a way that they can only be accessed with physical possession of the key, eliminating many remote attacks.
[Recommended Hardware Keys :material-arrow-right-drop-circle:](../../../tools/hardware/security-keys/index.md)
[Learn More about Hardware Keys :material-arrow-right-drop-circle:](../multi-factor-authentication/index.md#hardware-security-keys)
[Recommended Hardware Keys](../../../tools/hardware/security-keys/index.md)
[Learn More about Hardware Keys](../multi-factor-authentication/index.md#hardware-security-keys)
{ .pg:buttons }
### Camera/Microphone
@@ -80,7 +78,6 @@ If you don't want to trust your OS's permission controls to prevent the camera f
> [!WARNING]
> You should only buy covers that fit your laptop and won't cause damage when you close the lid. Covering the camera will interfere with automatic brightness and face authentication features.
For microphone access, in most cases you will need to trust your OS's built-in permission controls. Alternatively, buy a device that doesn't have a built-in microphone and use an external microphone that you can unplug when you're done using it. Some devices, like a [MacBook or an iPad](https://support.apple.com/guide/security/hardware-microphone-disconnect-secbbd20b00b/web), feature a hardware disconnect for the microphone when you close the lid.
Many computers have a BIOS option to disable the camera and microphone. When disabled there, the hardware won't even appear as a device on a booted system.
@@ -132,7 +129,6 @@ Your router handles all your network traffic and acts as your first line of defe
> [!NOTE]
> A lot of routers come with storage to put your files on so you can access them from any computer on your network. We recommend you don't use networking devices for things other than networking. In the event your router was compromised, your files would also be compromised.
The most important thing to think about with routers is keeping them up-to-date. Many modern routers will automatically install updates, but many others won't. You should check on your router's settings page for this option. That page can usually be accessed by typing `192.168.1.1` or `192.168.0.1` into the URL bar of any browser assuming you're on the same network. You can also check in the network settings of your OS for "router" or "gateway".
If your router does not support automatic updates, you will need to go to the manufacturer's site to download the updates and apply them manually.
content/wiki/basics/passwords-overview/index.md
+6 -6
View File
@@ -78,7 +78,7 @@ One metric to determine the strength of a diceware passphrase is how much entrop
<mn>2</mn>
</msub>
<mo form="prefix" stretchy="false">(</mo>
<mtext>WordsInList</mtext>
<mtext>WordsInList</mtext>
<mo form="postfix" stretchy="false">)</mo>
</mrow>
</math> and the overall entropy of the passphrase is calculated as: <math>
@@ -103,7 +103,7 @@ Therefore, each word in the aforementioned list results in ~12.9 bits of entropy
<mn>2</mn>
</msub>
<mo form="prefix" stretchy="false">(</mo>
<mn>7776</mn>
<mn>7776</mn>
<mo form="postfix" stretchy="false">)</mo>
</mrow>
</math>), and a seven word passphrase derived from it has ~90.47 bits of entropy (<math>
@@ -122,10 +122,10 @@ Therefore, each word in the aforementioned list results in ~12.9 bits of entropy
</math>).
The [EFF's large word list](https://eff.org/files/2016/07/18/eff_large_wordlist.txt) contains 7776 unique words. To calculate the amount of possible passphrases, all we have to do is <math>
<msup>
<mtext>WordsInList</mtext>
<mtext>WordsInPhrase</mtext>
</msup>
<msup>
<mtext>WordsInList</mtext>
<mtext>WordsInPhrase</mtext>
</msup>
</math>, or in our case, <math><msup><mn>7776</mn><mn>7</mn></msup></math>.
Let's put all of this in perspective: A seven word passphrase using [EFF's large word list](https://eff.org/files/2016/07/18/eff_large_wordlist.txt) is one of ~1,719,070,799,748,422,500,000,000,000 possible passphrases.
content/wiki/basics/threat-modeling/index.md
+6 -6
View File
@@ -73,23 +73,23 @@ These questions can apply to a wide variety of situations, online and offline. A
**What do you want to protect? (Or, *what do you have that is worth protecting?*)**
: Your assets might include jewelry, electronics, important documents, or photos.
: Your assets might include jewelry, electronics, important documents, or photos.
**Who do you want to protect it from?**
: Your adversaries might include burglars, roommates, or guests.
: Your adversaries might include burglars, roommates, or guests.
**How likely is it that you will need to protect it?**
: Does your neighborhood have a history of burglaries? How trustworthy are your roommates or guests? What are the capabilities of your adversaries? What are the risks you should consider?
: Does your neighborhood have a history of burglaries? How trustworthy are your roommates or guests? What are the capabilities of your adversaries? What are the risks you should consider?
**How bad are the consequences if you fail?**
: Do you have anything in your house that you cannot replace? Do you have the time or money to replace those things? Do you have insurance that covers goods stolen from your home?
: Do you have anything in your house that you cannot replace? Do you have the time or money to replace those things? Do you have insurance that covers goods stolen from your home?
**How much trouble are you willing to go through to prevent these consequences?**
: Are you willing to buy a safe for sensitive documents? Can you afford to buy a high-quality lock? Do you have time to open a security box at your local bank and keep your valuables there?
: Are you willing to buy a safe for sensitive documents? Can you afford to buy a high-quality lock? Do you have time to open a security box at your local bank and keep your valuables there?
Only once you have asked yourself these questions will you be in a position to assess what measures to take. If your possessions are valuable, but the probability of a break-in is low, then you may not want to invest too much money in a lock. But, if the probability of a break-in is high, you'll want to get the best lock on the market and consider adding a security system.
@@ -99,7 +99,7 @@ Making a security plan will help you to understand the threats that are unique t
For people looking to increase their privacy and security online, we've compiled a list of common threats our visitors face or goals our visitors have, to give you some inspiration and demonstrate the basis of our recommendations.
- [Common Goals and Threats :material-arrow-right-drop-circle:](../common-threats/index.md)
- [Common Goals and Threats](../common-threats/index.md)
## Sources
content/wiki/basics/vpn-overview/index.md
+1 -2
View File
@@ -7,7 +7,7 @@ description: Virtual Private Networks shift risk away from your ISP to a third-p
Virtual Private Networks are a way of extending the end of your network to exit somewhere else in the world.
[:material-movie-open-play-outline: Video: Do you need a VPN?](https://www.privacyguides.org/videos/2024/12/12/do-you-need-a-vpn)
[Video: Do you need a VPN?](https://www.privacyguides.org/videos/2024/12/12/do-you-need-a-vpn)
{ .pg:buttons }
Normally, an ISP can see the flow of internet traffic entering and exiting your network termination device (i.e. modem). Encryption protocols such as HTTPS are commonly used on the internet, so they may not be able to see exactly what you're posting or reading, but they can get an idea of the [domains you request](../../advanced/dns-overview/index.md#why-shouldnt-i-use-encrypted-dns).
@@ -17,7 +17,6 @@ Using a VPN hides even this information from your ISP, by shifting the trust you
> [!NOTE]
> When we refer to "Virtual Private Networks" on this website, we are usually referring to **commercial** [VPN providers](../../../tools/services/vpn/index.md), who you pay a monthly fee to in exchange for routing your internet traffic securely through their public servers. There are many other forms of VPN, such as ones you host yourself or ones operated by workplaces which allow you to securely connect to internal/employee network resources, however, these VPNs are usually designed for accessing remote networks securely, rather than protecting the privacy of your internet connection.
## How does a VPN work?
VPNs encrypt your traffic between your device and a server owned by your VPN provider. From the perspective of anyone between you and the VPN server, it looks like you're connecting to the VPN server. From the perspective of anyone between the VPN server and your destination site, all they can see is the VPN server connecting to the website.
content/wiki/basics/why-privacy-matters/index.md
+8 -7
View File
@@ -14,25 +14,25 @@ Many people get the concepts of **privacy**, **security**, and **anonymity** con
<!-- markdownlint-disable-next-line -->
**Privacy**
: <mark>Privacy is the assurance that your data is only seen by the parties you intend to view it.</mark> In the context of an instant messenger, for example, end-to-end encryption provides privacy by keeping your message visible only to yourself and the recipient.
: <mark>Privacy is the assurance that your data is only seen by the parties you intend to view it.</mark> In the context of an instant messenger, for example, end-to-end encryption provides privacy by keeping your message visible only to yourself and the recipient.
<!-- markdownlint-disable-next-line -->
**Security**
: Security is the ability to trust the applications you use—that the parties involved are who they say they are—and keep those applications safe. In the context of browsing the web, for example, security can be provided by HTTPS certificates.
: Security is the ability to trust the applications you use—that the parties involved are who they say they are—and keep those applications safe. In the context of browsing the web, for example, security can be provided by HTTPS certificates.
: Certificates prove you are talking directly to the website you're visiting, and keep attackers on your network from reading or modifying the data sent to or from the website.
: Certificates prove you are talking directly to the website you're visiting, and keep attackers on your network from reading or modifying the data sent to or from the website.
<!-- markdownlint-disable-next-line -->
**Anonymity**
: Anonymity is the ability to act without a persistent identifier. You might achieve this online with [Tor](../../../tools/software/tor/index.md), which allows you to browse the internet with a random IP address and network connection instead of your own.
: Anonymity is the ability to act without a persistent identifier. You might achieve this online with [Tor](../../../tools/software/tor/index.md), which allows you to browse the internet with a random IP address and network connection instead of your own.
: **Pseudonymity** is a similar concept, but it allows you to have a persistent identifier without it being tied to your real identity. If everybody knows you as `@GamerGuy12` online, but nobody knows your real name, that is your pseudonym.
: **Pseudonymity** is a similar concept, but it allows you to have a persistent identifier without it being tied to your real identity. If everybody knows you as `@GamerGuy12` online, but nobody knows your real name, that is your pseudonym.
All of these concepts overlap, but it is possible to have any combination of these. The sweet spot for most people is when all three of these concepts overlap. However, it's trickier to achieve than many initially believe. Sometimes, you have to compromise on some of these, and that's okay too. This is where **threat modeling** comes into play, allowing you to make informed decisions about the [software and services](../../../tools/_index.md) you use.
[:material-book-outline: Learn More About Threat Modeling](../threat-modeling/index.md)
[Learn More About Threat Modeling](../threat-modeling/index.md)
{ .pg:buttons }
## Privacy vs. Secrecy
@@ -51,7 +51,8 @@ Take cookie consent forms, for example. You may encounter these dozens of times
Privacy is something we need to have baked into the [software and services](../../../tools/_index.md) we use by default, you can't bend most apps into being private on your own.
[:material-movie-open-play-outline: Video: 5 Steps to Improve Your Privacy](https://www.privacyguides.org/videos/2025/02/14/5-easy-steps-to-protect-yourself-online){ class="md-button" }
[Video: 5 Steps to Improve Your Privacy](https://www.privacyguides.org/videos/2025/02/14/5-easy-steps-to-protect-yourself-online)
{ .pg:buttons }
## Sources